Skip to Content

A Guide to IT Contracting

Checklists, Tools, and Techniques

By Michael R. Overly, Matthew A. Karlyn

Auerbach Publications – 2012 – 448 pages

Purchasing Options:

  • Add to CartHardback: $79.95
    978-1-43-987657-2
    December 18th 2012

Description

Even leading organizations with sophisticated IT infrastructures and teams of lawyers can find themselves unprepared to deal with the range of issues that can arise in IT contracting. Written by two seasoned attorneys, A Guide to IT Contracting: Checklists, Tools, and Techniques distills the most critical business and legal lessons learned through the authors’ decades of experience drafting and negotiating IT-related agreements.

In a single volume, readers can quickly access information on virtually every type of technology agreement. Structured to focus on a particular type of IT agreement, each chapter includes a checklist of essential terms, a brief summary of what the agreement is intended to do, and a complete review of the legal and business issues that are addressed in that particular agreement. Providing non-legal professionals with the tools to address IT contracting issues, the book:

  • Contains checklists to help readers organize key concepts for ready reference
  • Supplies references to helpful online resources and aids for contract drafting
  • Includes a CD-ROM with reusable checklists and complete glossary that defines key legal, business, and technical terms

Costly mistakes can be avoided, risk can be averted, and better contracts can be drafted if you have access to the right information. Filled with reader-friendly checklists, this accessible reference will set you down that path. Warning you of the most common pitfalls, it arms you with little-known tips and best practices to help you negotiate the key terms of your IT agreements with confidence and ensure you come out on top in your next contract negotiation.

Reviews

Overly and Karlyn have been top-rated speakers at many of our CIO magazine events, and expert sources for our stories, as well. They truly understand the world of senior IT leaders and the legal complexities of technology vendor management. A Guide to IT Contracting: Checklists, Tools and Techniques, delivers the kind of practical, actionable advice that CIOs crave.

—Maryfran Johnson, Editor-in-Chief, CIO Magazine & Events

A Guide to IT Contracting: Checklists, Tools and Techniques, is a practical, well-organized, and informative guide that highlights the issues that every lawyer and senior IT executive should use when negotiating various types of IT contracts. This is the book that should be on every lawyer and CIO's desk. Overly and Karlyn have written the 'IT' book for IT contracting.

—Arlene Feldman, Vice President and Assistant General Counsel, BJ's Wholesale Club, Inc.

—Susan Codner, Assistant Vice President, Senior Counsel, BJ's Wholesale Club, Inc.

A Guide to IT Contracting: Checklists, Tools and Techniques is an expert resource to help business leaders navigate the complex waters of IT contracting. Presented in an easy-to-follow format, every reader will benefit from Overly and Karlyn’s depth and breadth of knowledge of information technology and outsourcing law.

—Kari Murphy, Managing Director, Hengtian Services LLC

Practical and readable, A Guide to IT Contracting: Checklists, Tools and Techniques will become the definitive guide on IT contracting. Overly and Karlyn present actionable techniques for constructing and negotiating virtually every type of IT contract.

—Danielle Sheer, General Counsel and Secretary, Carbonite, Inc.

In today’s dynamic business world, Overly and Karlyn have created an essential tool for lawyers and non-lawyers alike. A Guide to IT Contracting: Checklists, Tools and Techniques is a concise and useable resource to help navigate the intricacies of information technology agreements; a must-have.

—David M. Strauss, General Counsel, EyeLock, Inc.

Contents

Nondisclosure Agreements

Checklist

Overview

Key Considerations

Essential Terms

Additional Considerations

Summary

Professional Services Agreements

Checklist

Overview

Preliminary Considerations

Key Provision

Term and Termination

Acceptance Testing

Personnel

Subcontracting

Warranties

Indemnification

Limitation of Liability

Intellectual Property Ownership

Change Order

Confidentiality and Information Security

Force Majeure

Nonsolicitation

Insurance

Fees and Costs

Relationship to Other Agreements

Summary

Statements of Work

Checklist

Overview

Scope of Work and Business Requirements

Technical Environment

Acceptance Testing

Deliverables

Documentation

Roles and Responsibilities of the Parties

Project Management Processes

Issue Resolution and Escalation Procedures

Risks

Pricing and Cost

Service Level Agreements

Change Orders

Summary

Idea Submission Agreements

Checklist

Overview

Key Risks of Submissions

Key Provisions for Idea Submission Agreements

Beware Reverse Submissions

Summary

Cloud Computing Agreements

Checklist

Key Considerations

Service Levels

Uptime Service Level

Response Time Service Level

Problem Resolution Service Level

Remedies for Service Level Failure

Data

Data Security

Disaster Recovery and Business Continuity

Data Redundancy

Use of Customer Information, Data Conversion, and Transition

Insurance

Indemnification

Limitation of Liability

The Limitation of Liability Should Apply to Both Parties

License/Access Grant and Fees

Term

Warranties

Publicity and Use of the Customer Trademarks

Notification for Security Issues

Assignment

Pre-Agreement Vendor Due Diligence

Conclusion

Joint Marketing Agreements

Checklist

Overview

Key Issues and Guiding Principles

Determine the Scope of the Engagement

Marketing Obligations

Referral Arrangements

Confidentiality

Intellectual Property Issues

Warranties and Disclaimers

Term and Termination

Summary

Software Development Kit (SDK) Agreements

Checklist

Overview

Key Issues and Guiding Principles

Determine What Should Be Included in the SDK

Scope of License

Ownership

Confidentiality

Compatibility Testing

Support

Warranty Disclaimers

Limitations on Liability

Indemnification

Export/Import

Acquisition by Federal Government

Term and Termination

Summary

Original Equipment Manufacturer (OEM) Development Agreements

Checklist

Overview

Key Issues and Guiding Principles

Joint Development Agreements

Development and Professional Services Agreements

Exchange of IP

Confidentiality

Compensation/Fees/Revenue Share

Change of Control

Assumptions/OEM Customer Obligations

Marketing

End User License Agreement

Audit Rights

Warranties

Support and Maintenance

Limitations of Liability

Indemnification

Termination

Contract Negotiations

Summary

Health Insurance Portability and Accountability Act (HIPAA) Compliance

Checklist

Overview

Key Issues and Guiding Principles

Who Are BAs?

What Can Happen to BAs That Fail to Comply with HIPAA?

BA Requirements Under the New Security Breach Notification Requirements

BA Requirements for Compliance with HIPAA Security Rule

Statutory Liability for Business Associate Agreement Terms

BAA Compliance with HITECH Act Requirements

Other New HIPAA Requirements

Steps for Compliance for Breach Notification

Steps for Compliance with HIPAA Security Rule

Amendment of BAAs

Considerations for Inventory HIPAA-Related Policies

Summary

Key Issues and Guiding Principles for Negotiating a Software License or OEM Agreement

Checklist

Key Issues and Guiding Principles

Initial Matters

Scope of License/Ownership

Pricing

Audit Rights

Limitations of Liability

Warranties

Support and Maintenance; Professional Service Rates

Payment

Term and Termination

Infringement Indemnification

Summary

Drafting OEM Agreements (When the Company is the OEM)

Checklist

Key Issues and Guiding Principles

Determine the Scope of the Engagement

Customer Terms

Territory

Hardware Products

Exclusivity

Supplier Product Changes

Support and Training

Confidentiality

Intellectual Property Issues

Warranties and Disclaimers

Limitations of Liability

Indemnification

Term and Termination

Summary

Collecting Basic Deal Information

Checklist

Overview

Key Considerations

Performance

Intellectual Property Issues

Personal Information Privacy and Security

Information Security

Other Unique Issues

Summary

Reducing Security Risks in Information Technology Contracts

Checklist

Best Practices and Guiding Principles

Trade Secret Considerations

Copyright Considerations

Joint IP Considerations

Policy on Embedded Open Source

Internal Procedures

Policies Following Infringement

Employees

Employee Training and Communication

Contractual Protections

Nonemployees and Subcontractors

Software Distribution

Object Code vs. Source Code

Language for License Agreements

Nondisclosure Agreements

Audit Rights

Foreign Jurisdictions

Source Code Licenses

Escrow the Source Code

Language for Source Code License Agreements

Summary

Website Assessment Audits

Checklist

Overview

Key Issues and Guiding Principles

Evaluate Your Website

Domain Names

Use of Third Party Trademarks

Hyperlinks

Content

Visitor Uploads?

Applicable Internet Specific Laws

Terms and Conditions

Data Security and Privacy

Insurance

General Considerations

Summary

Critical Considerations for Protecting IP in a Software Development Environment

Checklist

Overview

Key Issues and Guiding Principles

Vendor Due Diligence

Treatment of Data

Physical Security

Administrative Security

Technical Security

Personnel Security

Subcontractors

Scan for Threats

Back-up and Disaster Recovery

Confidentiality

Security Audits

Warranties

Limitation of Liability

Destruction of Data

Additional Considerations

Summary

Click-Wrap, Shrink-Wrap, and Web-Wrap Agreements

Checklist

Overview

What Is a "Shrink-Wrap" License?

Products Purchased Under Shrink-Wrap Agreements—Common Elements

Methods of Purchasing Shrink-Wrap Products

Typical Shrink-Wrap Terms and Conditions

Key Risks of Shrink-Wrap Products

Mitigating Risk

Conclusion

Transactions Involving Financial Services Companies as the Customer

Checklist

Overview

Three Tools for Better Contracts

Key Considerations

Summary

Maintenance and Support Agreements

Checklist

Overview

Scope of Support and Maintenance

Predictability of Fees

Support Not to be Withheld

Term

Partial Termination/Termination and Resumption of Support

Specifications

Availability

Support Escalation

Service Levels

Summary

Source Code Escrow Agreements

Checklist

Overview

What Does It Mean to Escrow Source Code?

Types of Escrow Agreements

Release Conditions

Key Issues for Escrow Agreements

Conclusion

Integrating Information Security into the Contracting Life Cycle

Checklist

Overview

Due Diligence: The First Tool

Key Contractual Protections: The Second Tool

Information Security Requirements Exhibit: The Third Tool

Conclusion

Software Development Kit (DSDK) Agreements

Checklist

Overview

Key Contracting Concerns From the Perspectives of Both Parties

Licensor Concerns

Licensee Concerns

Conclusion

Distribution Agreements

Checklist

Overview

Key Issues for Distribution Agreements

License Grant

End User License Agreement

Development of the Product

End User Data

Obligations of the Parties

Product Pricing

Additional Considerations

Summary

Data Agreements

Checklist

Overview

Key Contractual Protections

Conclusion

Service Level Agreements

Checklist

Overview

Service Level Provisions Commonly Found in the Terms and Conditions

Root Cause Analysis, Corrective Actions Plans, and Resolution

Cost and Efficiency Reviews

Continuous Improvements to Service Levels

Termination for Failure to Meet Service Levels

Cooperation

Service Level Provisions Commonly Found in a Service Level Agreement or Attachment

Measurement Window and Reporting Requirements

Maximum Monthly at-Risk Amount

Performance Credits

Presumptive Service Levels

Exceptions to Service Levels

Supplier Responsibilities with Respect to Service Levels

Additions, Deletions, and Modifications to Service Levels

Earn-back

Form of Service Levels

Conclusion

Critical Considerations for Records Management and Retention Checklist

Introduction

Avoiding Spoliation Claims

Impact on Litigation/Discovery Costs

Developing the Policy

Litigation Discovery Procedures

Developing The Retention Schedule

The E-Mail Problem

Authorized Storage Locations

Confidentiality and Security

Third-party Vendors

Proper Destruction

Website Development Agreements

Checklist

Overview

Initial Issues to Think About

What Are the Basic Objectives of the Website and the Development Agreement?

Intellectual Property Ownership

Software Requirements

Schedules and Timetables

Term and Termination

Fees and Charges

Project Management

Acceptance Testing

Warranties

Indemnifications

Content of the Website

Linking Issues

Insurance

Reports, Records, and Audits

Training/Education/Troubleshooting

Additional Provisions to Consider

Summary

Social Media Policies

Checklist

Introduction

Policy Scope and Disclaimers

No Expectation of Privacy

Right, But No Duty, to Monitor

Conduct in Social Media

Social Networking and Weblogs

Employee Questions and Signature

Conclusion

Software License Agreements

Checklist

Introduction

Four Critical Questions

License and Restrictions

Acceptance Testing

Third-party Software

Fees

Warranties

Indemnification

Limitation of Liability

Specifications

Confidentiality and Security

Maintenance and Support

Announcements and Publicity

Term and Termination

Additional Contract Terms

Conclusion

Glossary

FFIEC Booklet

Index

Author Bio

Michael R. Overly is a partner in the Information Technology & Outsourcing Practice Group in Foley & Lardner’s Los Angeles office. As an attorney and former electrical engineer, his practice focuses on counseling clients regarding technology licensing, intellectual property development, information security, and electronic commerce. Michael is one of the few practicing lawyers who has satisfied the rigorous requirements necessary to obtain the Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified in Risk and Information Systems Controls (CRISC), and Certified Information Privacy Professional (CIPP) certifications. He is a member of the Computer Security Institute and the Information Systems Security Association. Michael is a frequent writer and speaker in many areas including negotiating and drafting technology transactions and the legal issues of technology in the workplace, e-mail, and electronic evidence. He has written numerous articles and books on these subjects and is a frequent commentator in the national press (e.g., the New York Times, Chicago Tribune, Los Angeles Times, Wall Street Journal, ABCNEWS.com, CNN, and MSNBC). In addition to conducting training seminars in the United States, Norway, Japan, and Malaysia, Michael has testified before the US Congress regarding online issues. Among others, he is the author of the best-selling e-policy: How to Develop Computer, E-mail, and Internet Guidelines to Protect Your Company and Its Assets (AMACOM 1998), Overly on Electronic Evidence (West Publishing 2002), The Open Source Handbook (Pike & Fischer 2003), Document Retention in the Electronic Workplace (Pike & Fischer 2001), and Licensing Line-by-Line (Aspatore Press 2004).

Matthew A. Karlyn is a partner in the Technology Transactions Practice in the Boston office of Cooley LLP. Matt regularly represents companies in technology transactions and outsourcing transactions and has experience in both private practice as well as in-house for two software companies. A sought after writer and speaker in the area of information technology and the law, Matt has published over 40 articles, written chapters in several books, and given more than 60 presentations on topics ranging from the latest developments in information technology to best practices for drafting and negotiating information technology contracts. In addition to his law degree, Matt also earned a MBA from the University of Chicago in economics and strategic management and regularly advises companies on the business aspects of IT including IT strategy, pricing strategies, RFP development, governance, relationship management and reporting structures, and transition planning and implementation. In 2010, 2011, and 2012 Matt was selected for inclusion in the Massachusetts Super Lawyers – Rising Starslist, an honor given to the top 2.5% of Massachusetts lawyers under the age of 40. Matt has served as Chair of the New England Chapter and the Legal Process Outsourcing Chapter of the International Association of Outsourcing Professionals, is currently a member of the Corporate Law Advisory Board for Stafford Publishing, and for several years served on the Board of Directors of the International Technology Law Association. Matt also served for two years as the Co-Chair of the Boston Bar Association’s Intellectual Property Section’s Computer & Internet Law Committee. For the last three years, Matt was named a judge for the CIO-100, an award program published by CIO magazine that recognizes organizations around the world that exemplify the highest level of operational and strategic excellence in information technology.

Name: A Guide to IT Contracting: Checklists, Tools, and Techniques (Hardback)Auerbach Publications 
Description: By Michael R. Overly, Matthew A. Karlyn. Even leading organizations with sophisticated IT infrastructures and teams of lawyers can find themselves unprepared to deal with the range of issues that can arise in IT contracting. Written by two seasoned attorneys, A Guide to IT Contracting:...
Categories: Business, Management and Accounting, Engineering Project Management, Management of IT