The document discusses contracting with healthcare cloud service providers. It covers topics like selecting a vendor, negotiating key contract terms, and dealing with vendor non-performance. When selecting a vendor, organizations should perform due diligence, document requirements, and check references. Key contract terms to negotiate include security, pricing, support, intellectual property, and termination. If a project fails, the buyer should document problems and potentially withhold payment while allowing the vendor to cure issues. Due diligence is critical to choosing a secure and transparent cloud vendor.
A presentation in which we explore the influences pushing cloud adoption, potential barriers to adoption, how to overcome these, SharePoint in the cloud, and what the road map to the cloud might look like.
IT Equipment and Services Agreements: Contractual Pitfalls and How to Avoid ThemMeyers Nave
Information technology equipment and services are rapidly becoming critical to every aspect of a public entity’s daily operation, from providing free Wi-Fi in downtown areas to upgrading a police department’s dispatch system, as well as creating large scale systems for public records data retention and enhancing a city’s fiber-optic network to provide ultra-high speed internet use for businesses.
Public scrutiny of an agency’s purchase and implementation of IT equipment and services is very high because of the costs and public interest, and members of the community often directly use the equipment and services (such as on-line communications with municipal entities) or it directly affects their health and safety (such as in-vehicle communications systems for fire protection services).
This presentation is designed to help public entities avoid the potential pitfalls in IT agreements and incorporate best practices when negotiating and managing IT contracts. Meyers Nave Principal Richard Pio Roda provides real-life examples of a variety of IT equipment and services agreements that he has negotiated on behalf of cities and special districts. He explains the primary areas of contractual risk and share advice on best practices for addressing each one. Topics he covers include:
- Key contractual differences and risks between purchasing, leasing and licensing
- Special considerations for Software as a Service (SaaS) and Infrastructure as a Service (IaaS)
- Long-term service agreements – performance guarantees, prolonged start-up risks, warranties vs. scheduled maintenance vs. extra work, termination damages
- New terms and conditions in software procurement and computer system integration services contracts that improve the security and protection of the public entity
A novel approach to allow multiple resales of DRM protected contents - icces2...Tarek Gaber
A Novel Approach to Allow Multiple Resales of DRM-Protected Contents
Tarek Gaber
Dept. of Computer Science,
Faculty of Computers and Informatics,
Suez Canal University
Member of the Scientific Research Group in Egypt (SRGE)
http://www.egyptscience.net
Prof.Aboul Ella’s Group
Agenda
Introduction
Research Problem
Existing Solutions
Drawbacks of the existing solutions
Our vision
Proposed approach
Contributions
Future work
Introduction I
Cryptographic Techniques could help but not enough
Introduction II
DRM (Digital Rights Management):
Content owners
Persistent protection
Prevent unauthorized access
Managing usage rights (i.e. license)
E.g. expiration date, device restriction, etc.
Protect their monetary interests
Consumers
Purchase licenses (from a License issuer (LI)) to access corresponding digital contents.
But can NOT resell their licenses
DRM System
Research Problem
Existing Solutions
Hardware-based solutions
Trusted devices are used
Fair reselling addressed using offline TTP-based approach
Software-based solutions
Online service is used
Fair reselling is NOT addressed using
Did not address multiple resales of one license
Problems in Existing Solutions
Our Vision
Designing a license reselling solution such that:
Supporting reselling
No additional hardware
Play/view content offline
Not compromising content owners’ rights
Secure
Non-repudiation
Fairness
Abuse-free
Additional attractive features
Support market power
Proposed Approach
LI Verifications
Re-salablity Check
Contributions
Novel approach allowing resale of a DRM-Protected content multiple times.
The underlying security mechanism already built into existing DRM systems.
The approach enables a buyer to make sure that a license he is about to purchase is indeed resalable and has not yet resold.
Contributions
The analysis of the approach has shown that it satisfies the specified security requirements.
The approach also can thwart potential threats and attacks that could be mounted by either a buyer or a reseller.
Future Work
Doing a prototype for this approach to assess its performance
Thanks
Introduction for Embedding Infobright for OEMsInfobright
A short overview of the benefits of embedding Infobright's analytic database platform, Infobright Enterprise Edition, for delivering advanced analytics capabilities in Internet of Things and enterprise applications and solutions
A presentation in which we explore the influences pushing cloud adoption, potential barriers to adoption, how to overcome these, SharePoint in the cloud, and what the road map to the cloud might look like.
IT Equipment and Services Agreements: Contractual Pitfalls and How to Avoid ThemMeyers Nave
Information technology equipment and services are rapidly becoming critical to every aspect of a public entity’s daily operation, from providing free Wi-Fi in downtown areas to upgrading a police department’s dispatch system, as well as creating large scale systems for public records data retention and enhancing a city’s fiber-optic network to provide ultra-high speed internet use for businesses.
Public scrutiny of an agency’s purchase and implementation of IT equipment and services is very high because of the costs and public interest, and members of the community often directly use the equipment and services (such as on-line communications with municipal entities) or it directly affects their health and safety (such as in-vehicle communications systems for fire protection services).
This presentation is designed to help public entities avoid the potential pitfalls in IT agreements and incorporate best practices when negotiating and managing IT contracts. Meyers Nave Principal Richard Pio Roda provides real-life examples of a variety of IT equipment and services agreements that he has negotiated on behalf of cities and special districts. He explains the primary areas of contractual risk and share advice on best practices for addressing each one. Topics he covers include:
- Key contractual differences and risks between purchasing, leasing and licensing
- Special considerations for Software as a Service (SaaS) and Infrastructure as a Service (IaaS)
- Long-term service agreements – performance guarantees, prolonged start-up risks, warranties vs. scheduled maintenance vs. extra work, termination damages
- New terms and conditions in software procurement and computer system integration services contracts that improve the security and protection of the public entity
A novel approach to allow multiple resales of DRM protected contents - icces2...Tarek Gaber
A Novel Approach to Allow Multiple Resales of DRM-Protected Contents
Tarek Gaber
Dept. of Computer Science,
Faculty of Computers and Informatics,
Suez Canal University
Member of the Scientific Research Group in Egypt (SRGE)
http://www.egyptscience.net
Prof.Aboul Ella’s Group
Agenda
Introduction
Research Problem
Existing Solutions
Drawbacks of the existing solutions
Our vision
Proposed approach
Contributions
Future work
Introduction I
Cryptographic Techniques could help but not enough
Introduction II
DRM (Digital Rights Management):
Content owners
Persistent protection
Prevent unauthorized access
Managing usage rights (i.e. license)
E.g. expiration date, device restriction, etc.
Protect their monetary interests
Consumers
Purchase licenses (from a License issuer (LI)) to access corresponding digital contents.
But can NOT resell their licenses
DRM System
Research Problem
Existing Solutions
Hardware-based solutions
Trusted devices are used
Fair reselling addressed using offline TTP-based approach
Software-based solutions
Online service is used
Fair reselling is NOT addressed using
Did not address multiple resales of one license
Problems in Existing Solutions
Our Vision
Designing a license reselling solution such that:
Supporting reselling
No additional hardware
Play/view content offline
Not compromising content owners’ rights
Secure
Non-repudiation
Fairness
Abuse-free
Additional attractive features
Support market power
Proposed Approach
LI Verifications
Re-salablity Check
Contributions
Novel approach allowing resale of a DRM-Protected content multiple times.
The underlying security mechanism already built into existing DRM systems.
The approach enables a buyer to make sure that a license he is about to purchase is indeed resalable and has not yet resold.
Contributions
The analysis of the approach has shown that it satisfies the specified security requirements.
The approach also can thwart potential threats and attacks that could be mounted by either a buyer or a reseller.
Future Work
Doing a prototype for this approach to assess its performance
Thanks
Introduction for Embedding Infobright for OEMsInfobright
A short overview of the benefits of embedding Infobright's analytic database platform, Infobright Enterprise Edition, for delivering advanced analytics capabilities in Internet of Things and enterprise applications and solutions
Winning the Cage-Match: How to Successfully Navigate Open Source Software iss...Black Duck by Synopsys
A blow-by-blow discussion of key open source software-related issues and deal points from the point of view of buyer/investor vs. seller/investee. Understanding the key legal and technical risks, as well as strategies for mitigating them, will help you to speed and smooth negotiations, avoid protracted due diligence and get better deal terms, increasing overall value.
Proactive sell side due diligence to identify, inventory, assess, and, when necessary, remediate open source risks helps ensure the target company receives the best value for its products in an M&A event (and avoid lawsuits). Discovering these problems late in the game can dramatically affect the final purchase price, trigger the need for additional/longer/enhanced escrows, delay closing or even cause an acquisition to be called off altogether.
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Black Duck by Synopsys
Anthony Decicco, shareholder, GTC Law Group presented at FLIGHT West 2018. His session description included:
A buyer and investor focused discussion of key open source software-related issues and deal points. Understanding the key legal and technical risks, as well as strategies for mitigating them, will help you to focus due diligence, speed and smooth negotiations and get better deal terms, increasing overall value and avoiding post-transaction surprises.
For more information, please visit us at www.blackducksoftware.com
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealBlack Duck by Synopsys
Flight Amsterdam presentation by Anthony Decicco, Shareholder, GTC Law Group
Open source software is increasingly centric to transactions, whether licensing, mergers, acquisitions, financing, insurance, offerings or loans, and the deal landscape is changing with the prevalence of representation and warranty insurance, heightened focus on security vulnerabilities and increasing litigation. As such, it is important to understand and re-visit key open source software-related issues and deal points to accelerate your deal, avoid unnecessary due diligence and realize the most value from your open source software-related compliance efforts.
A presentation on cloud computing and its impact in the boardroom. Presented to the Australian Institute of Company Directors , this presentation covers:
1. What legal contracts and provisions should be put in place for IT?
2. Liability issues – what insurance do you need?
3. Privacy obligations and protecting data – key legislation and its application
Brendon Noney
Cloud computing in Australia - Separating hype from realityRussell_Kennedy
The growth of cloud computing in Australia has been exponential and analysts forecast that cloud computing will dominate the Australian IT landscape within the next decade.
It has a reputation for delivering economies of scale, reducing overheads and driving increased efficiencies within organisations. However, the reality is that, like any IT procurement, implementing a cloud computing solution for your business still requires careful planning, effective project management, robust contracts and sound oversight.
Russell Kennedy Lawyers delve into the risks and rewards of adopting Cloud Computing in Australia.
Cloud Computing Legal Risks And Best Practiceslisaabe
Cloud Computing: Legal Risks and Best Practices
1. Security and Data Privacy.
2. Recent OPC Guidelines.
3. Compliance Issues.
4. Negotiating Contracts with Cloud Providers.
5. New Trends and Challenges.
6. Practical Tips
Managing outsource IT contracts - FundamentalsRonald Bartels
- What is a contract?
- Understand the concepts of outsourcing relationships
- To explain some of the different contract types involved in outsourcing
- Typical reasons for outsourcing
- Contracting parties
- Key aspects to clarify when outsourcing
- Commercial aspects
- General principles
- Checklist
Tony Decicco, Shareholder and Leon Schwartz, Associate both from GTC Law Group & Affiliates presented "You've got your open source audit report, now what? Best practices for companies of all sizes." For more information, please visit our website at www.blackducksoftware.com
A lossless summary of Frank Bott book, Professional Issues in IT, chapter 12 "Software Contract and Liability".
Contents:
1. Contract
2. Fixed Price Contracts for Bespoke Systems
3. Consultancy and Contract Hire
4. Time and Materials
5. Outsourcing
6. License Agreements
7. Liability for Defective Software
8. Health and Safety
What are IT pros looking for in a cloud server provider? This report explores in detail the cloud servers purchase criteria that today's buyers care about most, providing data and descriptions that shed some light on a cloudy marketplace. It also examines the product research habits of these same buyers, revealing the information sources behind their most important IT purchase decisions.
Winning the Cage-Match: How to Successfully Navigate Open Source Software iss...Black Duck by Synopsys
A blow-by-blow discussion of key open source software-related issues and deal points from the point of view of buyer/investor vs. seller/investee. Understanding the key legal and technical risks, as well as strategies for mitigating them, will help you to speed and smooth negotiations, avoid protracted due diligence and get better deal terms, increasing overall value.
Proactive sell side due diligence to identify, inventory, assess, and, when necessary, remediate open source risks helps ensure the target company receives the best value for its products in an M&A event (and avoid lawsuits). Discovering these problems late in the game can dramatically affect the final purchase price, trigger the need for additional/longer/enhanced escrows, delay closing or even cause an acquisition to be called off altogether.
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Black Duck by Synopsys
Anthony Decicco, shareholder, GTC Law Group presented at FLIGHT West 2018. His session description included:
A buyer and investor focused discussion of key open source software-related issues and deal points. Understanding the key legal and technical risks, as well as strategies for mitigating them, will help you to focus due diligence, speed and smooth negotiations and get better deal terms, increasing overall value and avoiding post-transaction surprises.
For more information, please visit us at www.blackducksoftware.com
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealBlack Duck by Synopsys
Flight Amsterdam presentation by Anthony Decicco, Shareholder, GTC Law Group
Open source software is increasingly centric to transactions, whether licensing, mergers, acquisitions, financing, insurance, offerings or loans, and the deal landscape is changing with the prevalence of representation and warranty insurance, heightened focus on security vulnerabilities and increasing litigation. As such, it is important to understand and re-visit key open source software-related issues and deal points to accelerate your deal, avoid unnecessary due diligence and realize the most value from your open source software-related compliance efforts.
A presentation on cloud computing and its impact in the boardroom. Presented to the Australian Institute of Company Directors , this presentation covers:
1. What legal contracts and provisions should be put in place for IT?
2. Liability issues – what insurance do you need?
3. Privacy obligations and protecting data – key legislation and its application
Brendon Noney
Cloud computing in Australia - Separating hype from realityRussell_Kennedy
The growth of cloud computing in Australia has been exponential and analysts forecast that cloud computing will dominate the Australian IT landscape within the next decade.
It has a reputation for delivering economies of scale, reducing overheads and driving increased efficiencies within organisations. However, the reality is that, like any IT procurement, implementing a cloud computing solution for your business still requires careful planning, effective project management, robust contracts and sound oversight.
Russell Kennedy Lawyers delve into the risks and rewards of adopting Cloud Computing in Australia.
Cloud Computing Legal Risks And Best Practiceslisaabe
Cloud Computing: Legal Risks and Best Practices
1. Security and Data Privacy.
2. Recent OPC Guidelines.
3. Compliance Issues.
4. Negotiating Contracts with Cloud Providers.
5. New Trends and Challenges.
6. Practical Tips
Managing outsource IT contracts - FundamentalsRonald Bartels
- What is a contract?
- Understand the concepts of outsourcing relationships
- To explain some of the different contract types involved in outsourcing
- Typical reasons for outsourcing
- Contracting parties
- Key aspects to clarify when outsourcing
- Commercial aspects
- General principles
- Checklist
Tony Decicco, Shareholder and Leon Schwartz, Associate both from GTC Law Group & Affiliates presented "You've got your open source audit report, now what? Best practices for companies of all sizes." For more information, please visit our website at www.blackducksoftware.com
A lossless summary of Frank Bott book, Professional Issues in IT, chapter 12 "Software Contract and Liability".
Contents:
1. Contract
2. Fixed Price Contracts for Bespoke Systems
3. Consultancy and Contract Hire
4. Time and Materials
5. Outsourcing
6. License Agreements
7. Liability for Defective Software
8. Health and Safety
What are IT pros looking for in a cloud server provider? This report explores in detail the cloud servers purchase criteria that today's buyers care about most, providing data and descriptions that shed some light on a cloudy marketplace. It also examines the product research habits of these same buyers, revealing the information sources behind their most important IT purchase decisions.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
NCHICA - Contracts with Healthcare Cloud Computing Vendors
1. Contracting with the Healthcare Cloud
Service Provider
Workshop on Health Information in the Cloud: Business Strategy,
Security and Deployment
NC Healthcare Information and Communications Alliance
March 2011
Randy Whitmeyer
Whitmeyer Tuffin PLLC
www.whit-law.com
2. Topics
• Legal Backdrop
• Cloud Computing v. Traditional IT Structures
• The “Contract Circle”:
• Selecting a Health Care IT Vendor
• Negotiating Key Contract Terms
• Dealing with Vendor Non-Performance
3. Legal Backdrop
• HIPAA/HITECH Privacy and Security Rules
• HITECH Meaningful Use
• NC and other State Identity Theft Rules
• NC Destruction of Personal Information Records Law
• EU Data Protection Directive and Cross-Border Data Flows
• PCI Rules
• Electronic Discovery
7. Cloud Computing Services
• Software as a Service (SaaS)
• Platform as a Service (PaaS)
• Infrastructure as a Service (IaaS)
8. Cloud Computing and Security
Advantages Disadvantages
• Data Dispersal • Lack of Transparency
• Data Fragmentation • Lack of Responsiveness
• “Tier 1” Data Centers • “Trading Market” of
• Multiple Customer Demands Subcontractors
• Vendor Lock-In
• Easier Patching and Updates
• Lack of Security Details
9. Cloud Computing Contract Structures
• Typically service-based, not licensed
• OPEX, not CAPEX
• Often offered via “click and accept” agreements
• Sometimes incorporate by reference other terms of use
and policies
• Sometimes purport to be changeable without notice by the
vendor
11. Keys to Selecting a Cloud Computing Vendor
• Approach project realistically, in light of personnel, time and budget
• Document your requirements
• Obtain consultant as necessary
• Remember the need for training on new systems and new processes
• More realistic to adapt process to system than adapt system to process, in most
cases
• Perform due diligence on vendor. Rigorously check with other
similar users on their experiences. Check certifications
• Last but not least: enter into a good contract!!
12. Negotiation Ideas
• Early on in discussions, alert vendor that you want certain key
adjustments to contract terms, identifying the issues
• If possible, use your own form of contract rather than vendor’s
form
• Try to keep multiple vendors in the process as long as possible to
keep competitive pressure on both price and terms
• Consider a formal RFP/response process for larger systems
13. Security and Privacy Terms
• Confidentiality
• Third-Party security audits
• Right to review detailed security/disaster recovery policies
• Obligation to maintain security and security policies
• Right to audit and test security
• Notification in the case of breach
• Indemnification for breaches/payment of costs of required notices to
customers
• Encryption
14. Business Associate Agreement
• Whose form of BAA?
• NCHICA form, of course!
• How much embellished?
• How does it relate to other confidentiality, security and
privacy provisions in contract?
15. Regulatory Issues
• Certification by ONC-ATCB, such as CCHIT
• Meaningful use criteria
• Cooperation with certification and attestation
• Timing of implementation
16. Other Key Data Issues
• Ownership of Data
• Disposition of Data on Termination
• Location of Data
• Legal / Government Request to Access Data
17. Service Level Agreements
• Uptime
• Performance & Response Time
• Error Correction Time
• Infrastructure / Security
• Performance Credits
• Use of Measurement Technology
• Notice/Reporting Obligations
18. Pricing Terms
• Monthly service fees
• Per user or provider, or based on transactions?
• When does it start?
• Implementation fees
• Commitment to start date?
• Add-on pricing
• Payment terms
• Caps on increase in fees
19. Term & Termination
• Length
• Termination Penalties
• Data Rights upon Termination
• Vendor Termination or Suspension
• Automatic Renewal
20. Warranties
• Warranty to specifications and requirements
• Avoid limited warranty to just documentation
• Include key functional specifications as an appendix to the document.
Sometimes can pull these straight from vendor’s web site
• Warranty against noninfringement
• Anti-virus warranty
• Warranty that documentation is complete and gets updated with new
releases in a timely fashion
• Services warranty – vendor should use reasonable skill in
accordance with industry standards, and supply qualified and
experienced personnel
21. Third-Party Software/Services
• Vendor will want to disclaim responsibility (e.g., for performance or
IP issues) for third party software components of solution, especially
open source
• Buyer’s perspective:
• I’m buying a solution, and it shouldn’t matter to me whether vendor
chose to implement parts of the solution with third-party pieces
• Resolution varies and is often fact-specific:
• Well-known, off the shelf components more likely to be excluded
22. Support and Maintenance
• Rights to new versions
• Timeframes for responding to and fixing problems
• Target/efforts versus commitment with financial
repercussions
23. Intellectual Property
• Proprietary software company will jealously guard ownership of its products
• Dispute often arises over ownership of any custom developed IP, such as interfaces
• Buyer’s argument:
• I paid for it, I should own it
• Vendor’s argument:
• You are paying for accelerated development
• I would never be able to have a product if each piece of custom IP was owned by the
buyer
• Possible compromises:
• Exclusive use for a period of time
• Sharing in royalties
24. Other Terms
• Modification of Contract
• Acceptance
Terms/Procedures
• Assignability
• Limitations of Liability
• Choice of Law/Jurisdiction
• Indemnification
• Subcontractor approval
• Insurance
• Source Code escrow
25. Project Failure
(The typical scenario)
• Buyer: The service is late, has not been delivered at all, or
has excessive errors
• Vendor: Buyer unilaterally expanded the scope of the
project, or failed to understand the service and its effect on
the practice.
26. Project Failure
(Buyer’s Perspective)
• Strategies:
• Document problems early and often, and communicate
to Vendor
• Avoid unduly flattering emails; always come back to
haunt in dispute situations
• Send formal notice of breach
• Provide opportunity to cure
• Withholding payment: must be done carefully
27. Project Failure
(Vendor’s Perspective)
• Document changes in scope/obtain agreement
• Document unforeseen technical issues
• Consider when/if to withhold software/services, if unpaid
28. Key Takeaways
• Due Diligence is critical when choosing Cloud Computing
Vendors . This includes not only direct questioning but
also third-party review such as dun and bradstreet reports,
ongoing litigation review, and merger activity.
• Insist on transparency
• Risk can vary depending on type of data involved and type
of cloud
• Form contracts rarely handle key issues satisfactorily
29. Any questions?
Randy Whitmeyer
Whitmeyer - Tuffin PLLC
randy@whit-law.com
919-880-6880