CIOs: Understand These Legal Traps

CIOs are technology leaders, not lawyers – but increasingly, there is legal knowledge CIOs must have under their hats. What are the legal essentials every CIO should know? Here are seven areas worth understanding.

1. Contract modification

If you wish to amend a seller contract, all modifications must be in writing, signed and dated by all parties. When you contact a seller with modifications, the seller will often say, “I’m sorry, but we only issue standard contracts. Our legal department will take a long time to rewrite the contract.”

The hope is that companies entering into contracts will accept the amendment and give it up – but you don’t have to settle a seller’s contract without hoping for it to be amended.

Here’s how to modify the seller’s contract:

  • You are drafting a separate addendum containing a contract modification that does not change the language in the original seller contract.
  • Then you write a cover letter with an “integration clause.” The integration clause states that both the original contract and the addendum you added with your modifications constitute the entire agreement between you and the seller; And that in the event of any inconsistencies between what the Supplier Contract states and what your Appendix states, it is the Appendix that will judge.
  • Each page of the supplier’s original contract and your supplement must be initialed and dated by all parties to indicate that everyone has reviewed and signed the entire contract.

2. Service Level Agreements

If you have a supplier who wants to adhere to certain performance, security, and support standards, you will need to submit your Service Level Agreement (SLA) requirements to the vendor in hopes of reaching an agreement. These SLAs must then be documented by you and placed in an appendix to your vendor contract.

3. Terms of Termination

As CIO, I faced a contract with a vendor that had no termination clause! We wanted to terminate the contract, and the legal advice we received at the time was simply to terminate the services and write a letter to the seller to that effect.

The procedure worked, but I was uncomfortable with it.

A better approach is to make sure there is a termination clause in the contract. With cloud vendors, there is usually 30 days prior written notice of termination that you must provide.

Always make sure there is a clear termination clause in any contract before entering into it.

4. Responsibility

What happens if you are using a SaaS vendor who is in turn using another vendor’s cloud platform to host their application and there is a failure in the platform vendor’s datacenter that corrupts your data?

The majority of cloud vendors will state in their contracts that they will do everything they can to protect and restore your data. Unfortunately, there is no contractual relationship (relationship) between you and the vendor of the cloud platform that the SaaS vendor uses. Meanwhile, the two sellers are busy pointing fingers at each other while you worry about your data.

Multiple vendor situations are a sticky area that you’ll want to discuss with your primary cloud vendor, but you should also discuss it with your liability insurance provider to see what types of insurance coverage are available if you find yourself in this situation.

5. Custom code and reports on seller platform

Oftentimes, customers develop innovative applications and reports on seller platforms and the seller wants to share them with other customers.

This is an important intellectual property area for companies to deal with sellers up front.

It is important because companies may not want to share a specific application that is a competitive advantage for them over other competitors.

Sellers usually have a clause in their contracts that addresses this. The clause usually states that the seller can repurpose anything developed on their platform.

The best solution for customers is to amend the contract to state that any product that the customer develops on the seller’s platform belongs to the customer, and that the seller must obtain permission from the customer to use or repurpose it.

In some cases, customers enter into licensing agreements with vendors and earn a good fee.

6. Staff Set Away

It is common for vendors to hire IT staff who are not only proficient in the vendor application but are highly proficient in a particular business segment. Sellers do this because they often lack knowledge of business sectors, so hiring well-known talent in their organizations is very beneficial. Conversely, there are times when client firms also try to hire employees from their vendors.

No party likes these raids of employees, so how do you deal with them?

One way to reduce it is to have a written agreement with the vendor so that neither party will hire talent. Because individuals are allowed to freely explore the market, these agreements cannot be permanent—but they can preside over a certain period of time (for example, “Neither side may assign any employee to the other without the express permission of the original employer and/or not less than one year after the expiration of the agreement between the customer and the seller.”).

7. In the recruitment will

Unlike the private sector, many public sector organizations have what is known as “at will” staffing. This means that the employee is hired (or fired) at the will of the organization, and the organization does not have to show why.

However, even if you are a public sector CIO and have a job at will, it is still wise to document employees systematically so that you can show why they are being fired.

“We pride ourselves on being an employer of will and don’t have to show anything to get rid of an employee,” a public sector HR manager told me. “But at the end of the day, we’re still documenting poor performance and showing why.”

What to read next:

What lawyers want everyone to know about the responsibility of artificial intelligence

Why Rethink Information Technology Liability Insurance

Common Mistakes Companies Make in AI Ethics


Leave a Comment