Presentation is loading. Please wait.

Presentation is loading. Please wait.

Topics Changes Risk Assessments Cloud Data Security / Data Protection Licenses, Copies, Instances Limits of Liability and Indemnification Requests for.

Published byAlexander Sant Modified over 9 years ago

Similar presentations

Presentation on theme: "Topics Changes Risk Assessments Cloud Data Security / Data Protection Licenses, Copies, Instances Limits of Liability and Indemnification Requests for."— Presentation transcript:

1

2 Topics Changes Risk Assessments Cloud Data Security / Data Protection Licenses, Copies, Instances Limits of Liability and Indemnification Requests for Proposals Good Practice Trends Resources

3 Changes Increased use of agreements required to extend service periods Increased use of software as a service (no longer buying a commodity) Increasingly complex agreements Increased litigation and risk exposures Increased drive to limit liability Audits

4 Risk Assessments What is the software use Is data collected, used, or transmitted Define the data and the classification level Identify any financial transactions (PCI) Describe Installation and Support requirements Define if software is self-hosted or web-hosted

5 Where is my data?

6 Cloud There is no ‘cloud’. Data is collected and stored somewhere. Where is the data center How secure is the data and the center If outside US, how risky is the data exposure How will data be returned

7 Data Security and Protection

8 Data Security & Protection Campus Chief Information Security Officer Safeguards Access, Transmission, Storage Movement and co-location Can the vendor aggregate, slice and dice, or compile Can the vendor have co-location, failovers, etc. How does system safeguard protected data: HIPAA, PCI, FERPA, Personal Information

9 License / Copy / Instance What does your license cover? What is a ‘copy’, ‘instance’, or ‘impermissible copy’ Does your license transfer from hardware to hardware? Storage box to storage box. “unfettered right to ‘move, migrate, transfer’ license without it being deemed an impermissible copy Use, Access, and Benefit / Authorized Users “install, execute, use, have access to, benefit from, copy, test, display, and perform and make back up and archival copies. Audit

10 Liability and Indemnification Limits of Liability “Vendor’s liability for damages to customer will not exceed fees paid under this agreement for 36 months preceding date of claim.” Consider Adding: “Except as set forth in paragraphs (list sections pertaining to copyright/intellectual property, indemnification provision, and confidentiality / data breach section).” Indemnification Indemnify, defend, and hold harmless Copyright Infringement costs, data breach costs

11 Liability and Indemnification EXAMPLE FROM VENDOR AGREEMENT 6.2. Disclaimer. EXCEPT AS EXPRESSLY STATED IN THIS AGREEMENT, THE PROGRAM AND DOCUMENTATION ARE PROVIDED “AS IS” AND“WITH ALL FAULTS,” AND VENDOR MAKES NO REPRESENTATIONS OR WARRANTIES, AND DISCLAIMS ALL REPRESENTATIONS AND WARRANTIES, EXPRESS OR IMPLIED, WRITTEN OR ORAL, ARISING FROM COURSE OF DEALING, COURSE OF PERFORMANCE, USAGE OF TRADE, OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF NON-INTERFERENCE, ACCURACY, MERCHANTABILITY, SYSTEMS INTEGRATION, QUALITY, AND FITNESS FOR A PARTICULAR PURPOSE.

12 Liability and Indemnification EXAMPLE Monetary Liability. THE AGGREGATE TOTAL LIABILITY OF VENDOR UNDER OR IN CONNECTION WITH THE PROGRAM, THE DOCUMENTATION, OR THIS AGREEMENT TO LICENSEE OR ANY OTHER PERSON OR PERSONS SHALL UNDER NO CIRCUMSTANCES EXCEED THE AMOUNTS PAID BY LICENSEE UNDER THIS AGREEMENT.

13 Request for Proposals (“RFP”) The RFP is a team effort and requires collaboration Conflict of Interest & Confidentiality Develop RFP with the end in mind The RFP Response should be an Exhibit to agreement Detailed project plan and/or statement of work is obtained prior to contract execution. Maintenance and Support detailed including service levels

14 Request for Proposals (“RFP”) Consider additional items: Service Level Provisions as part of RFP Intellectual Property Rights for co-development Contract Close out plans State in RFP that the CSU General Provisions for IT will be required Security Questionnaire and Requirements as part of RFP All functionality for license is contained in implementation – no future release solutions

15 Downtime chart

16 Good Practice Templates Eliminate hyperlinks in your agreements Ensure that no disabling devices are in the software Collaborate with IT: meet, discuss, cross educate Collaborate with other campuses

17 Interesting Trends Migration to Tablets and Devices – BYOD and Apps Social Media as daily communications Big Data Cloud Computing Software as a Service, Platform as a Service, and Infrastructure as a Service.

18 Resources Accessible Technology Initiative http://www.calstate.edu/accessibility/ ICSUAM Information Security Policy http://www.calstate.edu/icsuam/sections/8000/ ISCUAM Contracts & Procurement http://www.calstate.edu/icsuam/sections/5000/ ICSUAM ITR Policy http://www.calstate.edu/icsuam/sections/5000/5500.0CSPIC SUAMCSU.shtml http://www.calstate.edu/icsuam/sections/5000/5500.0CSPIC SUAMCSU.shtml Conflict of Interest http://www.calstate.edu/csp/crl/forms/CRL057.pdf

Download ppt "Topics Changes Risk Assessments Cloud Data Security / Data Protection Licenses, Copies, Instances Limits of Liability and Indemnification Requests for."

Similar presentations

Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Oracle Proprietary and Confidential. 1.

Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Oracle Proprietary and Confidential. 1.
© 2008 Oracle Corporation – Proprietary and Confidential.

© 2008 Oracle Corporation – Proprietary and Confidential.
Office Of Purchasing and Contracts Procurement Outreach Training Level II - Module C Specialized Agreements.

Office Of Purchasing and Contracts Procurement Outreach Training Level II - Module C Specialized Agreements.
Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
…delivery models. “ASC-HS” - The official hosting services for ARCHIBUS, the number one Software Solution for Real Estate, Infrastructure, and Facilities.

…delivery models. “ASC-HS” - The official hosting services for ARCHIBUS, the number one Software Solution for Real Estate, Infrastructure, and Facilities.
SERVICE LEVEL AGREEMENTS The Technical Contract Within the Master Agreement.

SERVICE LEVEL AGREEMENTS The Technical Contract Within the Master Agreement.
A LITIGATOR’S ADVICE ON LITIGATION AVOIDANCE Alan N. Greenspan Jackson Walker LLP © 2004 by Alan N. Greenspan. All rights reserved.

A LITIGATOR’S ADVICE ON LITIGATION AVOIDANCE Alan N. Greenspan Jackson Walker LLP © 2004 by Alan N. Greenspan. All rights reserved.
© 2013 Sri U-Thong Limited. All rights reserved. This presentation has been prepared by Sri U-Thong Limited and its holding company (collectively, “Sri.

© 2013 Sri U-Thong Limited. All rights reserved. This presentation has been prepared by Sri U-Thong Limited and its holding company (collectively, “Sri.
Pension Fund Trustees Liability Ncedi Mbongwe. Introduction to Camargue Underwriting Managers Established in 2001 Underwriters: Mutual and Federal and.

Pension Fund Trustees Liability Ncedi Mbongwe. Introduction to Camargue Underwriting Managers Established in 2001 Underwriters: Mutual and Federal and.
© 2014 Microsoft Corporation. All rights reserved.

© 2014 Microsoft Corporation. All rights reserved.
IMPORTANT READ CAREFULLY BEFORE USING THIS PRODUCT LICENSE AGREEMENT AND LIMITED WARRANTY BY INSTALLING OR USING THE SOFTWARE, FILES OR OTHER ELECTRONIC.

IMPORTANT READ CAREFULLY BEFORE USING THIS PRODUCT LICENSE AGREEMENT AND LIMITED WARRANTY BY INSTALLING OR USING THE SOFTWARE, FILES OR OTHER ELECTRONIC.
St. Hugh Catholic School Student iPad Use Liability Agreement.

St. Hugh Catholic School Student iPad Use Liability Agreement.
Drafting and Reviewing Confidentiality Agreements West LegalEdcenter 2012.

Drafting and Reviewing Confidentiality Agreements West LegalEdcenter 2012.
Managing Risk in Academic Placement Agreements Joseph C. Risser, CPCU, ARM-P Director, Risk Management California Polytechnic State University.

Managing Risk in Academic Placement Agreements Joseph C. Risser, CPCU, ARM-P Director, Risk Management California Polytechnic State University.
Fosterswift.com PROTECTING AGAINST THE UNKNOWN : How to Successfully Review IT Contracts to Increase Your Rights and Avoid Potential Liability Samuel Frederick.

Fosterswift.com PROTECTING AGAINST THE UNKNOWN : How to Successfully Review IT Contracts to Increase Your Rights and Avoid Potential Liability Samuel Frederick.
. Software Licenses T HE T EXAS A&M U NIVERSITY S YSTEM Nicholas E. Chremos, TAMUS Office of General Counsel November 8, 2012 O FFICE OF T ECHNOLOGY C.

. Software Licenses T HE T EXAS A&M U NIVERSITY S YSTEM Nicholas E. Chremos, TAMUS Office of General Counsel November 8, 2012 O FFICE OF T ECHNOLOGY C.
Research Development for Android Coopman Tom. What is Android?  Smartphone operating system  Google  Popular  ‘Easy to develop’  Open-Source  Linux.

Research Development for Android Coopman Tom. What is Android?  Smartphone operating system  Google  Popular  ‘Easy to develop’  Open-Source  Linux.
Burnslev.com © 2013 Burns & Levinson LLP Allocating and Mitigating Contractual Risk ACC – NE Corporate Counsel Institute June 12, 2013 Alan M. Block, John.

Burnslev.com © 2013 Burns & Levinson LLP Allocating and Mitigating Contractual Risk ACC – NE Corporate Counsel Institute June 12, 2013 Alan M. Block, John.
Jul 2006 1The New Geant4 License J. Perl The New Geant4 License Makes clear the user’s wide- ranging freedom to use, extend or redistribute Geant4, even.

Jul The New Geant4 License J. Perl The New Geant4 License Makes clear the user’s wide- ranging freedom to use, extend or redistribute Geant4, even.
Intel® Education Learning in Context: Science Journal Intel Solutions Summit 2015, Dallas, TX.

Intel® Education Learning in Context: Science Journal Intel Solutions Summit 2015, Dallas, TX.

Similar presentations

Ads by Google