The technology transition - factors to consider
In this article we highlight some of the key issues for universities to consider when procuring IT services in the future
With many universities moving to the online provision of at least part of their teaching, effective procurement of IT services has become a key issue for universities.
Online learning portals and other resources will also assist universities with the larger number of places being made available this year and the recruitment of international students. A number of universities are offering wholly online courses as an alternative to an on-site course.
In this article, Victoria Robertson highlights some of the key issues for universities to consider when procuring IT services.
IT contracts can vary greatly, from resource-based contracts where a university engages a team of developers, to contracts for software as a service (“SaaS”), hardware purchasing and diverse matters such as online peer mentoring, payment systems, and research facilities. Online learning portals can entail access to a number of different types of software and universities will need to ensure that systems interface properly with each other.
Some of the key considerations arising in the procurement and negotiation of software contracts include:
SaaS pricing models normally follow either periodic charging or usage-based charging and it will be important to consider which is more advantageous. Support and maintenance charges should be reviewed at the outset as these are often provided for an additional charge. Periodic increases throughout the contract and discounts for high volumes of purchases should be considered.
Versions and updates
Where software is purchased a university will want to ensure that it is being provided with updates to software and, where possible, new versions to ensure that it has access to the most up-to-date version of each piece of software.
Universities will need to carefully review the security arrangements put in place by a software provider. This will need to cover IT security, personnel, security of servers, and data security, loss and corruption.
Where students’ and staff members’ personal data is being processed externally universities need to ensure that all processing is compliant with relevant law and its information governance policies. A number of student software providers undertake processing abroad and consideration must be given to whether adequate safeguards are in place. This must be kept under review as it is subject to change, as seen with the recent withdrawal of Privacy Shield as a compliant method of processing in the USA.
It is important to ascertain ownership of intellectual property, in particular, project-specific IPR and the ownership of content within software. SaaS contracts are often with re-sellers and involve a separate licence of the underlying software. IPR indemnities should be sought from suppliers.
Service levels and service credits
KPIs for service levels should be properly considered and procedures set out for management of KPIs. KPIs allow for ongoing objective assessments of the performance of software. Redress for KPI failures should be included within the contract. This is normally by way of service credits, which provide a financial incentive for suppliers.
Step-in rights are unpopular with suppliers (in particular in relation to SaaS) but enable universities to appoint a third party to take over the supplier’s duties should the supplier fail to provide the services or goods contracted for.
Business continuity and force majeure
Universities will need to assess suppliers’ continuity plans so that services can continue to be provided during events such as fires, floods and terrorist attacks. The force majeure clause will need to be reviewed to ensure that this does not undermine the continuity plan by allowing a supplier to instead rely on force majeure. Force majeure clauses in general should be reviewed in light of COVID-19 as they can present a risk or an opportunity to exit.
Contract governance and staff
A clear structure should be put in place to set out how the contract is to be managed and governed and the key individuals involved. The application of TUPE will need in some cases to be considered and, if a resource-based service is being provided, how changes to personnel are to be managed.
Where bespoke software is provided an escrow agreement should be considered – this will involve an independent third party escrow agent holding the source code for the software so that the university can access this in the case of supplier insolvency.
As a university will have responsibility for how software is used it will be important to ensure that all students and staff accessing software comply with appropriate terms of usage.
Jurisdiction and governing law
The jurisdiction and governing law clauses need to be reviewed carefully as often an underlying licence may state it is governed by a law different to that cited in the main contract.
Risk and liability
Internal governance procedures should be reviewed for sign-off limits for indemnities, warranties and limitations on liability.
Procurement procedures need to be properly managed to ensure compliance with procurement legislation and to reduce the risk of challenges. Universities will want to consider whether it is appropriate to use a framework and if so how effectively the framework contract covers the points highlighted above.