IT contracts: Getting it right at the outset
Details
Getting things right when entering into an IT contract is important but can also be difficult to know if you are actually doing it correctly. Here are our top hints and tips on how to get things right at the outset:
Key elements
Every IT contract is different. They cover a wide spectrum including provision of IT services, SaaS, PaaS, IaaS, cloud services, software licensing, system development, supply of IT hardware and outsourcing, for example.
However, there are a number of key elements which we believe both customers and suppliers should consider when negotiating terms. These include:
Service levels
Service levels and credits are increasingly important, especially in IT service agreements. There should be clarity on both sides as to what service levels need to be met during the life of the contract, how performance against them is to be monitored and assessed, and, if service credits are to be used in the event of a breach, exactly how they will be applied in practice.
Payment provisions
Payment provisions are arguably the most important element of an IT contract, so it is crucial to fully understand these at the outset. Consider what type of payment provision will fit your project and whether, for example, milestone payments are appropriate and what these should look like. In order to avoid disputes in the future, the payment provisions (including triggers for payment) should be clear and unambiguous.
Termination/exit
Think about what will happen if things go wrong during the life of the contract and what rights the parties will have to terminate or exit the contract. Carefully consider what events will trigger termination/exit rights and make provision in advance for the practicalities of exiting the contract. Consider, for example, what will happen to any data held by the parties and whether (and to what extent) the existing supplier will be contractually required to assist the customer’s migration to a new provider. Think also about intellectual property rights post termination/on exit.
Use the contract
It is important to stay familiar with and use the contract and avoid filing it away in a drawer until it all goes wrong! Consider the obligations on the parties from the outset, ensure those operating or dealing with the subject matter of the contract are familiar with it, and police compliance. So often in our experience advising on disputes, parties have acted inconsistently with the terms of the contract. This can muddy the water and create risk for your organisation which would be best avoided.
There are a number of useful ‘boilerplate’ clauses you should include in every IT contract such as an entire agreement clause and a governing law and jurisdiction clause. These may look innocuous but can be invaluable in the event of a dispute.
Future proofing
With the pending introduction of the GDPR in the UK and the uncertainty surrounding Brexit, it is more important than ever to future proof your IT contracts. Some mechanisms to consider are:
Change control
It is often said that there are two certainties with IT/tech contracts; (1) they will end and (2) they will change. You should ensure that your contract provides the ability to deal with a variety of changes during the life of the contract, such as changes in the law, changes in control of the parties, and changes in available technology and associated price points. The contract must also have a clear and defined process for agreeing any changes.
Benchmarking
In the world of big data and the cloud, benchmarking is becoming more complex and common. Whilst helpful for customers in ensuring that services continue to be provided at a high standard and at good value, if this is not given careful consideration it can be disastrous for suppliers in particular. The benchmarking clause and the comparables must be clear, flexible and well thought out and the timescales/frequency considered.
GDPR
GDPR comes into effect in the UK from 25 May 2018. Future proof contracts currently under negotiation by making provision for this significant change to data protection regulation. You may insert GDPR clauses to take effect immediately or clauses which will become active on 25 May 2018. As a starting point, consider whether you are (or you are dealing with) a data controller or a data processor and clearly draft additional clauses accordingly. Whilst changes under GDPR may be covered by a change of law clause, parties to IT contracts should apply their minds to GDPR wording now given the need to ensure organisational readiness before the GDPR comes into force.
Top negotiating tips
The scope of negotiation available to you will depend on who you are purchasing an IT service from or providing it to. Major blue chip suppliers, for example, are unlikely to negotiate any of their standard terms. In contrast, on a smaller SaaS contract, for example, all or many of the operational clauses will be open to some form of negotiation. Prepare thoroughly before entering any negotiation.
Our three top negotiating tips are:
Identify in advance exactly what your objectives are in any negotiation. Prepare minimum requirements and ‘desirable’ objectives. It is vital that the person(s) negotiating fully understand what it is they are purchasing/supplying and what the commercial objectives of the business are.
You should assess what risks the contract could feasibly pose to your business and what protections or remedies you wish to include in the contract. Armed with this assessment, you can then consider what warranties/indemnities should be included, what exclusions are required and what an appropriate liability cap might be. Again, perhaps identify minimum ‘must have’ requirements and more aspirational ‘ideal’ outcomes.
It is essential to obtain input from a wide range of people when preparing for the negotiation. If you have separate departments in your business, you should involve the commercial team, IT department and legal team as well as any other departments who may be involved in providing/using the service.
This article originally featured on itproportal.com
