NETWORK SERVICES AGREEMENT
THIS NETWORK SERVICES AGREEMENT (this “Agreement”) is entered into as of
___________, 2011 (the “Effective Date”) by and between National LambdaRail, Inc., a Delaware nonprofit corporation authorized to do business in California, with offices at [STREET ADDRESS], [CITY],
CA [ZIP] (“Supplier”), and the Regents of the University of California on behalf of itself and its Santa
Cruz campus, a public trust organized under the Constitution of the State of California, with offices at
1156 High Street, Santa Cruz, CA 95064 (“Customer”). Capitalized terms not otherwise defined herein
shall have the meaning set forth in Section 12.
WHEREAS, Customer has entered and intends to enter into an agreement or agreements with the
National Institutes of Health (“NIH”), National Center for Biotechnology Information (“NCBI”), National
Cancer Institute (“NCI”), other NIH institutes, and/or certain contractors thereof, including, without
limitation, SAIC-Frederick, Inc. (“SAIC”) (collectively, “Agency Partners”) pursuant to which Customer
shall be responsible for developing, deploying and operating a system (“CGHub”) to support The Cancer
Genome Atlas (“TCGA”), the Therapeutically Applicable Research to Generate Effective Treatments
(“TARGET”), the Cancer Genome Anatomy Project/Cancer Genome Characterization Initiative
(“CGAP/CGCI”), and similar programs (collectively the “Cancer Genomics Projects”) to collect, store,
retrieve and analyze genomic data (the “CGHub Project”);
WHEREAS, in connection with the foregoing, Customer requires use of an advanced, high
capacity, high bandwidth data transfer network to facilitate the secure acquisition, storage, and sharing of
genome sequence, phenotype metadata, and other Project Data via CGHub and support associated
multiple simultaneous high-capacity data transfers across 10 gigabits per second (“Gbps”) links, and
eventually 40 or 100 Gbps links;
WHEREAS, Supplier is, as of the time of execution of this Agreement, the sole entity that owns
or otherwise has the rights to use a nationwide network services infrastructure that provides stable,
production-quality, non-interruptable private internet protocol service with traffic, routing, and policy
separation, and that as of the Effective Date is already linked to each of the Primary Sites; and
WHEREAS, Supplier is otherwise qualified and desires to provide the services described above
and below, on behalf of the Agency Partners through this Agreement, and Customer desires to retain the
assistance and services of Supplier in such capacity.
NOW, THEREFORE, in consideration of the mutual agreements contained herein and other
good and valuable consideration, and intending to be legally bound hereby, Supplier and Customer hereby
agree to all of the following terms and conditions.
1.
Scope of Services. The services to be provided by Supplier hereunder (“Network Services”)
include, without limitation, network capacity, connectivity, and related operations and maintenance as set
forth herein. The parties acknowledge and agree that the Network Services comprise an essential
component of CGHub.
(a)
General Standard. The Network Services shall be substantially superior to equivalent
services provided by the Agency Partners to the Cancer Genomics Projects prior to August 1, 2011. In
particular, the Network Services shall provide stable, production-quality, non-interruptable private
internet protocol service with traffic, routing, and policy separation, to support the secure transmission of
Project Data at 10 Gbps and, before the end of the Term, 40 or 100 Gbps.
CGHub Network Services Agreement
Page 1 of 23
(b)
CGHub and Specifications Development. Supplier acknowledges that, as of the
Effective Date, CGHub remains under development. Accordingly, precise specifications for the Network
Services (the “Specifications”) have not yet been fully defined and are subject to review and written
acceptance by the Agency Partners, which acceptance may be withheld or delayed by the Agency Partners
(“Acceptance”). Supplier shall cooperate with Customer in developing mutually agreeable plans for
implementing the Network Services, which may include proposed Specifications (the “Implementation
Plans”), and in seeking Acceptance of any proposed Specifications. The Implementation Plans and any
Specifications for which Acceptance is secured shall be, and hereby are, included in the Network Services
and incorporated herein by reference. Customer’s payment of fees for the Network Services under this
Agreement shall not constitute Acceptance of any Specifications. Until Acceptance for all required
Specifications has been secured and all deliverables and milestones described in the Implementation Plans
have been fully completed, Supplier shall participate in weekly meetings or teleconferences with
Customer’s Project Manager to provide detailed reports on progress against the Implementation Plans and
to discuss plans for the following week.
(c)
Electronic and Information Technology Standards. In providing the Network
Services, Supplier shall comply with Section 508 of the Rehabilitation Act of 1973 (29 U.S.C. 794d ) as
amended by P.L. 105-220 under Title IV (Rehabilitation Act Amendments of 1998). Electronic and
Information Technology developed, procured, maintained, and/or used under this Agreement shall be in
compliance with the “Electronic and Information Technology Accessibility Standards” set forth by the
Architectural and Transportation Barriers Compliance Board (also referred to as the “Access Board”) in
36 CFR Part 1194. The complete text of Section 508 Final Standards can be accessed at
http://www.section508.gov/index.cfm?FuseAction=content&ID=12. Applicable standards to this
requirement are set forth in 36 CFR Part 1194.21 through 26. Supplier further agrees to include this
provision in any subcontract awarded pursuant to this Agreement. Failure to comply with these
requirements shall constitute a material breach of this Agreement and may result in termination.
(d)
Notice of Delay. Supplier shall immediately notify Customer’s Project Manager in
writing of any actual or potential delay in Supplier’s performance under the Implementation Plans or
otherwise under this Agreement. Such notice shall, at a minimum, describe the cause, effect, duration,
and corrective action proposed by Supplier to address the problem. Supplier shall give prompt written
notice to Customer’s Project Manager of all changes to such conditions. This notification shall be
informational only, and compliance with this provision shall not be construed as a waiver by Customer of
any delivery schedule or date or of any rights or remedies provided by law or under this Agreement.
2.
Services.
(a)
Basic Services. Supplier shall provide the Network Services and, at no additional cost to
Customer, cooperate with and, to the extent relevant to the Network Services, otherwise assist Customer
in performing the work required under the Statement of Work (“SOW”) attached to the SAIC Letter
Agreement of July 29, 2011, as it may be amended from time to time, and under other SOWs issued by
the Agency Partners from time to time pursuant to the Agency Partner Agreement, which is attached at
Exhibit A and incorporated as part of this Agreement.
(b)
Capacity and Connectivity. Without limiting the scope of the Network Services or the
Acceptance provisions set forth in Section 1, Supplier shall provide infrastructure capacity and
connectivity to the Service Recipients, as further provided below.
i.
Supplier shall provide a dedicated version of Supplier’s PacketNet service, as
generally described at http://www.nlr.net/services.php (subject to such modifications as may be agreed to
in writing by Customer and Supplier and subject to Acceptance) for use by Service Recipients in
CGHub Network Services Agreement
Page 2 of 23
connection with the CGHub Project. This service shall include, without limitation, 10 Gbps connectivity
for all Service Recipients across Supplier’s entire network as described at http://www.nlr.net/servicesmap.php as of the Effective Date and as it may be expanded from time to time thereafter (the “Network”);
internet protocol (“IP”) transit services to provide connectivity between CGHub and the Internet; and a
routable block of at least thirty-two (32) IP addresses and control of the reverse domain name service for
those addresses. Customer acknowledges that, as between Customer and Supplier, the Network is and
shall remain at all times throughout the Term the property of Supplier.
ii.
Supplier shall provide one 10 Gbps link to the Network for each Service
Recipient beginning with the Primary Sites; provided, however, that if Customer notifies Supplier that
certain Service Recipients require a specified level of connectivity less than 10 Gbps, Supplier shall be
obligated to provide only such lesser level of connectivity for such Service Recipients, and Customer
shall receive usage credits as specified in Exhibit E (“Usage Credits”).
iii.
Supplier shall connect each Service Recipient to the Network in accordance with
the connection specifications provided by such Service Recipient to Supplier, which connection
specifications shall be reasonably acceptable to Supplier. Such connection specifications may include
physical connectivity to the Service Recipient’s applicable regional provider (“Regional Provider”) and
BGP peering with the Service Recipient or Regional Provider; provided, however, the parties
acknowledge that connection specifications may vary among Service Recipients depending on each
Service Recipient’s needs, existing facilities and Regional Provider arrangements. If Supplier objects to
the connection specifications provided by any Service Recipient, Supplier shall promptly notify such
Service Recipient and Customer of its objection and cooperate in good faith with such Service Recipient
and Customer to develop reasonably acceptable alternative specifications as promptly as possible.
Supplier shall ensure that connectivity as specified herein is fully operational and available to a Service
Recipient no later than five (5) business days after Supplier receives reasonably acceptable connection
specifications from that Service Recipient. If a Service Recipient requests a change to its connection
specifications, Supplier shall implement such change (subject to the acceptance provisions described
above) as promptly as practicable; provided, however, that if the change is material such that Supplier is
required to charge a fee for the service, such fee shall be limited to Supplier’s actual cost of supplying the
service and shall be payable only if approved in advance in writing by Customer.
Supplier shall install a 40 Gbps uplink from the Network to Customer’s primary
data center located at I/O Phoenix (the “Data Center”). This uplink shall be fully installed on or before
October 3, 2011 and fully tested and operational for use by the Service Recipients no later than October 7,
2011. Supplier shall install a second 40 Gbps uplink from its Network to the Data Center, which shall be
redundant and completely physically diverse from the first. The second uplink shall be fully installed,
tested, and operational for use by Service Recipients no later than October 1, 2012. When both uplinks
are fully operational, both shall be active simultaneously (not in active/standby configuration).
iv.
v.
Supplier expressly acknowledges that there shall be no limit on the number of
Service Recipients or traffic volume across the Network related to the CGHub Project.
vi.
Supplier shall provide Customer with a monthly report on Network utilization in
a form that is satisfactory to Customer.
vii.
Supplier may, to the extent consistent with the above provisions, the
Specifications, and the Agency Partner Agreement, provide the Network Services in accord with
Supplier’s own technical specifications.
CGHub Network Services Agreement
Page 3 of 23
viii. Supplier may provide the connectivity as contemplated herein via affiliates listed
on Exhibit B, which exhibit Supplier may update from time to time upon notice to Customer, subject to
Customer’s approval (not to be unreasonably withheld); provided, however, that Supplier shall require
such affiliates to comply with the terms and conditions of the Agency Partner Agreement, and Supplier
shall be solely liable for the acts and omissions of such affiliates and their Personnel.
ix.
At any time (and from time to time) during the Term, Customer shall have the
option of upgrading some or all Service Recipients to 40 Gbps connectivity or, if available at such time,
100 Gbps connectivity. In the event such an upgrade is requested, Customer and Supplier shall negotiate
in good faith the terms and conditions of such upgrade (including the Specifications, financial terms,
implementation activities and any appropriate additions or revisions to the Service Level Agreements and
Service Level Credits (as defined below)), provided that such terms and conditions shall be at least as
favorable to Customer as those generally available to Supplier’s other customers. Supplier shall effect
such upgrade as promptly as practical following the parties’ agreement on the applicable terms and
conditions.
(c)
Supplier Equipment. Customer acknowledges that the Network Services may include
the use of certain equipment owned by Supplier (“Supplier Equipment”) and acknowledges that title to
such Supplier Equipment is and shall remain vested with Supplier. If and to the extent the Supplier
Equipment is housed within collocation or other facilities owned, leased, or licensed by Customer,
Customer shall be responsible for providing electric power for the Supplier Equipment and shall, solely to
the extent within Customer’s control: (i) keep the Supplier Equipment physically secure and free from all
liens and encumbrances; and (ii) bear the risk of loss or damage to the Supplier Equipment not caused by
Supplier or Supplier’s Personnel. Under no circumstances shall Customer be held responsible for the acts
or omissions of Supplier or Supplier’s Personnel or other actions, omissions or events beyond Customer’s
control.
(d)
Supplier Access; Repairs. Customer shall reasonably cooperate with Supplier’s efforts
to access property and equipment necessary for Supplier to provide the Network Services. Such access
shall be used by Supplier solely for this purpose and may include, without limitation, conduits, holes,
wireways, wiring, plans, equipment, space, and other items reasonably necessary to provide capacity, and
may be utilized by Supplier to construct, install, repair, maintain, replace, and remove access lines and
network facilities, and otherwise to provide the Network Services, but in each case subject to any
reasonable restrictions imposed by the owner or operator of such property and equipment. Supplier may
take such actions as may be necessary to maintain and repair the Network upon reasonable advance notice
or, in the event of an emergency, without prior notice (but in such case with prompt notice after the fact);
provided, however, that such actions shall at all times be in accord with the Specifications,
Implementation Plans, and Agency Partner Agreement, as well as Supplier’s obligations under Exhibit C.
(e)
No Resale. Supplier acknowledges that the Network Services shall be provided to the
Service Recipients as part of CGHub. Customer shall not resell capacity to third parties for purposes
unrelated to CGHub without Supplier’s prior written consent.
(f)
Support. Supplier shall provide the Network Services support described at Exhibit C.
(g) Service Level Commitments; Service Level Credits. Supplier shall be responsible for
assuring the service level commitments specified at Exhibit D, addressing availability, transmission
quality, maintenance response, technical support, and other commitments and associated credits (the
“Service Level Agreement” or “SLA”). If Supplier fails to meet any Service Level Agreement, Supplier
shall pay Customer the credits specified on such Exhibit (“Service Level Credits”), which Service Level
Credits shall be deemed to be price reductions reflecting the diminished value of the Network Services as
CGHub Network Services Agreement
Page 4 of 23
a result of the failure and are not a penalty. Without limiting any other remedy available to Customer
hereunder, in the event Supplier fails to meet any Service Level Agreement, Supplier shall promptly
perform and provide to Customer a root cause analysis and, in consultation with Customer, take
appropriate remedial actions and institute appropriate preventive measures to ensure that such failure does
not recur, in each case at Supplier’s own cost.
(h)
Steering Committee. Supplier shall facilitate a technical infrastructure improvement
steering committee (the “Steering Committee”) comprising representatives of all CGHub participating
institutions in addition to Customer and Supplier, which shall meet (in person or by video or
teleconference) quarterly or with such other frequency as may be determined by the Steering Committee.
The purpose of the Steering Committee shall be to monitor Supplier’s performance against the SLA and
to consider and evaluate potential and ongoing Network Services improvements relevant to CGHub.
Supplier shall provide a written performance report, in a form acceptable to Customer and with such
reasonable supporting documentation as may be requested by Customer, reasonably in advance of each
Steering Committee meeting.
3.
Additional Terms and Conditions Relevant to Services.
(a)
Accounts, Records and Audits. Supplier and Supplier’s respective affiliates and
subcontractors shall maintain accounts, books, papers, records, documents and other evidence
(“Records”) detailing all elements of their proposal costs, work performed and charges made by them
under this Agreement or otherwise directly pertinent to this Agreement. The Records shall be retained by
Supplier and such Personnel for a period of five (5) years from the date of the expiration or termination of
this Agreement or such longer time as may be required by an Agency Partner. The system of accounts
employed by the Supplier and such Personnel hereunder shall be satisfactory to the Customer, shall be in
accordance with Agency Partner requirements and generally accepted accounting principles consistently
applied. The Records shall be subject to inspection and audit by the Customer, the Agency Partners, the
Comptroller General of the United States, and any of their duly authorized representatives at all
reasonable times and places.
(b)
Reports. All reporting requirements imposed on Customer pursuant to the Specifications
or otherwise by the Agency Partners (under the Agency Partner Agreement or otherwise) are adopted and
incorporated by reference as a part of this Agreement, to the extent they relate to the Network Services.
In addition, if Supplier has cause to believe that Customer or any Customer Personnel have acted
improperly or unethically under this Agreement, Supplier shall report such behavior to Customer’s UCSC
Compliance Officer (http://www.universityofcalifornia.edu/compaudit/campuscontacts.html) or to
Customer’s Compliance Hotline at (800) 403-4744. Copies of Customer’s Standards of Ethical Conduct
and contacts for such reports are available online at
https://secure.ethicspoint.com/domain/media/en/gui/23531/index.html.
(c)
Conflict of Interest. Supplier hereby certifies that no Customer employee (or near
relative of any Customer employee) is employed by or owns or controls any interest in Supplier’s
business, nor has received any gift or gratuity from Supplier, unless this information was previously
disclosed to Customer and Customer’s Chancellor or Executive Vice Chancellor expressly provided
written authorization to proceed with the transactions contemplated under this Agreement. In the event
Supplier later becomes aware of a Customer employee (or near relative of a Customer employee) the
Supplier has employed or who owns or controls any interest in Supplier’s business, or who has received a
gift or gratuity from Supplier, Supplier shall disclose this information to the Customer signatory below
and describe the employment or financial interest in Supplier’s firm. For purposes of this Section 3(c),
“Supplier” includes Supplier and its directors, officers, partners, members, and affiliates.
CGHub Network Services Agreement
Page 5 of 23
(d)
Certification and Disclosure Regarding Payments to Influence Certain Federal
Transactions. In accordance with 31 USC 1352, and FAR 52.203-11 and FAR 52.203-12, Supplier
certifies, by virtue of execution of this Agreement and by accepting payments hereunder, that to the best
of its knowledge and belief: no Federal appropriated funds have been/shall be paid, by or on behalf of
Supplier (or any subcontractors), to any person for influencing/attempting to influence an officer or
employee of Congress, or an employee of a Member of Congress in connection with the awarding of any
Federal contract, the making of any Federal grant, the making of any Federal loan, the entering into of
any making of any cooperative agreement, and the extension, continuation, renewal, amendment, or
modification of any Federal contract, grant, loan, or cooperative agreement. If any funds other than
Federal appropriated funds have been paid or shall be paid to any person for influencing or attempting to
influence an officer or employee of any agency, a Member of Congress, an officer or employee of
Congress, or an employee of a Member of Congress in connection with this Agreement, Supplier shall
complete and submit to Customer OMB Standard Form-III, “Disclosure Form to Report Lobbying”.
(e)
Prohibition on Involvement with Terrorist Activities. Supplier acknowledges that
U.S. Executive Orders and Laws, including but not limited to E.O. 13224 and P.L. 107-56, prohibit
transactions with and the provision of resources and support to individuals and organizations associated
with terrorism. It is the legal responsibility of Supplier to ensure compliance with these Executive Orders
and Laws. This clause must be included in any subcontracts issued by Supplier in connection with this
Agreement.
(f)
Export Controls. Supplier shall not, nor shall Supplier authorize or permit its Personnel
to disclose, export, or re-export any SAIC information, or any process, product, or services produced
under this Agreement, without prior notification to Customer and SAIC and complying with all applicable
Federal, State, and local laws, regulations, and ordinances, including the regulations of the U.S.
Department of Commerce and/or the U.S. Department of State. In addition, Supplier agrees to
immediately notify Customer if the Supplier is listed on any of the Department of State, Treasury, or
Commerce proscribed persons or destinations lists, or if the Supplier’s export privileges are otherwise
denied, suspended, or revoked in whole or in part. Supplier shall include in any subcontract and related
documents, notice to third parties that the export of any process, goods, and/or technical data from the
United States may require an export control license from the U.S. Government and that failure to obtain
such export control license may result in termination of agreement and/or criminal liability under U.S.
laws.
(g)
ARRA Obligations. Supplier expressly acknowledges that this Agreement is funded in
whole or in part with funding provided under the American Recovery and Reinvestment Act of 2009 (the
“Recovery Act”), which imposes specific reporting and other obligations. In particular, Supplier must
segregate the obligations and expenditures related to funding under the Recovery Act. Financial and
accounting systems should be revised as necessary to segregate, track, and maintain these funds apart and
separate from other revenue streams. No part of the funds from the Recovery Act shall be commingled
with any other funds or used for a purpose other than that of making payments for costs allowable for
Recovery Act projects. Recovery Act funds can be used in conjunction with other funding as necessary to
complete projects, but tracking and reporting must be separate to meet the reporting requirements of the
Recovery Act and OMB Guidance. This provision must be flowed down to any subcontract over $25,000
that is funded, in whole or in part, by the Recovery Act unless the Agreement is with an individual.
(h)
Debarred or Suspended Parties. Supplier certifies, to the best of its knowledge and
belief, that Supplier and its Principals: (i) are not presently debarred, suspended, proposed for debarment,
or declared ineligible for the award of contracts by any Federal agency; (ii) have not within a three (3)
year period preceding this award been convicted of or had a civil judgment rendered against them for:
commission of a fraud or a criminal offense in connection with obtaining, attempting to obtain, or
CGHub Network Services Agreement
Page 6 of 23
performing a public (Federal, state or local) contract or subcontract; violation of Federal or state antitrust
statutes relating to this submission of offers; or commission of embezzlement, theft, forgery, bribery,
falsifications or destruction of records, making false statements, or receiving stolen property; and (iii) are
not presently indicted for, or otherwise criminally or civilly charged by a government entity with,
commission of any of the offenses enumerated herein. Supplier certifies that neither it nor its Principals
have, within a three (3) year period preceding this Agreement, had one or more contracts terminated for
default by any federal agency. “Principals” for the purposes of this certification, means officers,
directors, owners, partners, and persons having primary management or supervisory responsibilities
within a business entity (e.g., general manager, plant manager, head of a subsidiary, division or business
segments, and similar positions). This certification concerns a matter within the jurisdiction of an agency
of the United States and the making of a false, fictitious, or fraudulent certification may render the maker
subject to prosecution under Section 1001, Title 18, United States Code. Certification of this provision is
a material representation of fact upon which reliance was placed when entering into this Agreement. If it
is later determined that Supplier knowingly rendered an erroneous certification, in addition to other
remedies available to Customer, Customer may terminate the Agreement immediately. Supplier hereby
certifies these conditions and does so by entering this Agreement or by providing the goods/services
purchased hereunder.
(i)
Equal Opportunity and Affirmative Action. Supplier shall not maintain or provide
racially segregated facilities for employees at any establishment under its control. Supplier shall adhere
to the requirements set forth in Executive Orders 11246 and 11375, and with respect to activities
occurring in the State of California, to the California Fair Employment and Housing Act (Government
Code section 12900 et seq.). Expressly, Supplier shall not discriminate against any employee or applicant
for employment because of race, color, religion, sex, national origin, ancestry, medical condition (as
defined by California Code section 12925f), marital status, age, physical and mental handicap in regard to
any position for which the employee or applicant for employment is qualified, or because he or she is a
disabled veteran or veteran of the Vietnam era. Supplier shall further specifically undertake affirmative
action regarding the hiring, promotion and treatment of minority group persons, women, the handicapped,
and disabled veterans and veterans of the Vietnam era. Supplier shall communicate this policy in both
English and Spanish to all persons concerned within its company, with outside recruiting services, and the
minority community at large. Supplier shall provide Customer on request a breakdown of its labor force
by groups, specifying the above characteristics within job categories, and shall discuss with Customer its
policies and practices relating to affirmative action programs.
(j)
Purchase of American-Made Equipment and Products. It continues to be the sense of
Congress that, to the greatest extent practicable, all equipment and products purchased with grant,
cooperative agreement, or contract funds should be American-made, and Supplier agrees to comply with
the foregoing to the extent practicable.
4. Fees and Payments.
(a)
Fees. Customer shall pay to Supplier the applicable fees for the Network Services in
accordance with the payment schedule set forth on Exhibit E (“Fees”).
(b)
Expenses. Customer also shall reimburse Supplier for reasonable, documented out of
pocket travel, lodging, meal and other expenses incurred by Supplier Personnel in the course of
performing the Network Services; provided, however, and only to the extent that: (i) such expenses shall
be reasonable, allocable to the Agency Partner Agreement, and allowable pursuant to the Agency Partner
Agreement and applicable Agency Partner requirements including without limitation those specified in
Federal Acquisition Regulation (“FAR”) Part 31 Cost Principles and Procedures and with OMB Circular
A-21; (ii) any expenses in excess of $1,000 individually or $10,000 in the aggregate shall require the prior
CGHub Network Services Agreement
Page 7 of 23
written approval of Customer; and (iii) all documentation required by Customer pursuant to its standard
reimbursement policies or the Agency Partner Agreement is timely, accurately, and completely submitted
together with any invoice.
(c)
Taxes. The compensation stated in this Agreement includes all applicable taxes and shall
not be changed hereafter as the result of Supplier’s failure to include any applicable tax, or as the result of
any changes in the Supplier’s tax liabilities. Customer shall withhold from the compensation described
above the full amount of any and all taxes required to be withheld by the laws of the State of California.
Customer shall remit such amount directly to the State of California Franchise Tax Board, settlement of
which must be made by Supplier with the State of California through: Franchise Tax Board, PO
Box942867, Sacramento, CA 94267-0001. All Network Services are to be performed in California unless
specifically indicated otherwise in the attached exhibits or schedules.
(d)
Payments. Subject to Exhibit E, payments due under this Agreement shall be payable by
Customer within sixty (60) calendar days after receipt by Customer of a written invoice from Supplier;
provided, however, that all payments hereunder are contingent upon Agency Partner funding. Under no
circumstances shall Customer be liable for payments not fully funded by the Agency Partners.
5.
Confidentiality.
(a) Confidential Information. Each party shall: (i) hold in strict confidence all Confidential
Information of the other party using the same safeguards as it uses to protect its own Confidential
Information of comparable value or sensitivity, but in any event, using safeguards that meet or exceed the
Security Best Practices; (ii) use the Confidential Information solely to perform its obligations or exercise
its rights under this Agreement; (iii) not transfer, display or otherwise disclose or make available such
Confidential Information to any third party, other than the receiving party’s directors, officers, employees
or agents (or, in the case of Customer, the Service Recipients or their Personnel) to the extent such
persons are bound by equivalent confidentiality obligations and use restrictions and have a legitimate
need to know the Confidential Information in order for the receiving party to perform its obligations or
exercise its rights under this Agreement.
(b) Disclosure in Compliance with Law. The receiving party may disclose the Confidential
Information of the other party in response to a valid court order, law, rule, regulation or other
governmental action, provided, however, that: (i) the disclosing party is notified in writing reasonably in
advance of the disclosure of the information; and (ii) the receiving party assists the disclosing party, at the
disclosing party’s expense, in any lawful attempt by the disclosing party to limit or prevent the disclosure
of the Confidential Information. In the event that the disclosure relates to Personal Identifying
Information within Project Data, Supplier agrees to immediately notify Customer of any action or
communication that may lead to Supplier being required to disclose such Project Data and to the greatest
extent possible Supplier shall allow Customer (or an Agency Partner) to control and manage any such
response. Each party (in addition to any legal or other remedies available to such party) may seek
injunctive or other equitable relief to prevent or remedy a breach or threatened breach of this Section 5
and each party agrees not to object or defend against such action on the basis that monetary damages
would provide an adequate remedy. Notwithstanding the above, Supplier acknowledges that in the event
a disclosure is mandated pursuant to the California Public Records Act, Customer may cooperate with
Supplier in seeking to limit or prevent disclosure only if and to the extent Customer independently
determines in good faith that the information sought to be protected is not in fact subject to disclosure
under that law.
(c) Customer Confidential Information. As between Customer and Supplier, Confidential
Information of Customer is and shall remain the sole property of Customer. Without limitation to Section
CGHub Network Services Agreement
Page 8 of 23
5(a), Customer Confidential Information shall not be used by Supplier for any purpose other than the
performance of its obligations under this Agreement, and shall not be sold, assigned, leased or otherwise
transferred, disposed of or provided to third parties by Supplier (other than to Service Recipients
consistent with the Specifications) or commercially exploited by or on behalf of Supplier or any of its
Personnel. Supplier shall keep all Project Data confidential, even if it is in the public domain due to a
breach by the receiving party or any other person or entity of a contractual commitment or other legal or
contractual obligation. Supplier shall segregate Customer Confidential Information from its own data and
that of its other clients. Failure to implement appropriate procedures to segregate Customer Confidential
Information shall be considered a material breach of this Agreement and a Security Incident. In addition,
the unauthorized Processing of Customer Confidential Information shall be considered a material breach
of this Agreement and a Security Incident.
(d) Safeguards. In addition to Supplier’s other obligations under this Section 5, Supplier shall
establish and maintain safeguards against the unauthorized access, destruction, loss or alteration of
Customer Confidential Information in the possession of Supplier and other Project Data which may be
transmitted, stored, or shared using the Network Services, which safeguards are no less rigorous than:
(i) the most rigorous practices of Customer or Supplier as of the Effective Date including; (ii) IT security
best practices as defined by ISO 27001; (iii) all privacy and security obligations, standards and safeguards
required by the Agency Partner Agreement or specified in any security plan approved by the Agency
Partners or otherwise necessary for Customer to achieve Trusted Partner Status; (iv) the Data Security and
Privacy Terms set forth at http://purchasing.ucsc.edu/forms/datasecurityappendix.pdf; and (v) any
additional security requirements, standards, obligations, specifications and/or event reporting procedures
required by any applicable Law (collectively, together with Supplier’s obligations under Section 5(c), the
“Security Best Practices”). The Security Best Practices shall include, at a minimum, using firewalls,
password protection and virus protection software, and performing periodic, but in any event at least
quarterly, comprehensive internal security audits of the Network Services. Supplier shall provide
Customer with written reports detailing the results of such security audits and tests, and shall take
appropriate and adequate measures to resolve issues thereby identified. Customer shall have the right to
establish backup security for Customer Confidential Information and to keep backup and files for such
data in its possession if it so chooses. Additionally, Supplier shall contractually require any Supplier
Personnel with access to Customer Confidential Information to comply with the Security Best Practices
and other confidentiality restrictions contained in this Agreement. Supplier expressly acknowledges that,
as of the Effective Date: (i) the Agency Partners anticipate that CGHub Project shall be operated in
conformance with the Federal Information Security Management Act (“FISMA”) and “low impact”
standards adopted by the National Institute for Standards and Technology (“NIST”) with select moderate
enhancements; but (ii) laws and regulations that may govern components of the CGHub Project during
the Term, including, without limitation, the Federal Policy for the Protection of Human Subjects, are
currently in a state of flux and may impose additional requirements prior to expiration or termination of
this Agreement. Supplier shall comply with all such requirements in performing the Network Services at
no additional cost to Customer.
(e) Security Reviews. Customer (or its designated representatives) may, on an annual basis or
more frequently as reasonably requested by Customer or otherwise required by an Agency Partner,
conduct an audit to verify that Supplier is operating in accordance with Security Best Practices. The audit
may include a review of all aspects of Supplier’s performance including, without limitation: (i) systems,
software development practices and procedures; (ii) network, operating system, database and application
configuration controls; (iii) general controls and security practices and procedures; (iv) disaster recovery
and back-up procedures; (v) change and problem management processes and procedures; and
(vi) network and system vulnerability and risk analysis. Supplier shall, and shall cause its Personnel to,
cooperate with Customer in conducting any such audit, and shall allow Customer reasonable access to all
pertinent records, documentation, computer systems, data, personnel and processing areas as Customer
CGHub Network Services Agreement
Page 9 of 23
reasonably requests to complete the audit. Supplier shall provide satisfactory assurances that it has
corrected any deviations from Security Best Practices that are identified in any security audit as soon as
practicable, but in no event more than five (5) days after receiving notice from Customer outlining any
deviations. Each Party shall bear its own costs in connection with such an audit. Nothing herein shall be
interpreted to limit in any way the rights of Agency Partners or the Comptroller General of the United
States to conduct any audit. Customer shall not be responsible for any Supplier fees, costs, or expenses
incurred in connection with such Federal security reviews.
(f) Security Breaches and Remediation. In the event Supplier discovers or is notified of an
actual or potential Security Incident, Supplier shall promptly notify Customer, and Supplier and Customer
shall consult in good faith regarding Remediation Efforts that may be necessary and reasonable. In
addition to its obligations under Section 8, Supplier shall: (i) at Customer’s sole discretion either
undertake Remediation Efforts for a Security Incident, at Supplier’s sole expense and in line with Security
Best Practices, and/or reimburse Customer for Customer’s reasonable costs and expenses in connection
with taking Remediation Efforts for a Security Incident; and (ii) provide assurances satisfactory to
Customer and the Agency Partners that no Security Incident shall recur.
(g) Additional Data Privacy and Security Terms. The terms and conditions of Customer’s
Data Security and Privacy Appendix, online at
http://purchasing.ucsc.edu/forms/datasecurityappendix.pdf, as well as any additional data privacy and
security terms imposed by the Agency Partners, are incorporated herein by reference. In the event of any
inconsistency among this Agreement and such additional privacy and security terms and conditions such
that Supplier cannot reasonably comply with both (or all), the following priority shall apply: (i) terms and
conditions specified by any Agency Partner; (ii) Customer’s Data Security and Privacy Appendix; (iii) the
provisions of this Section 5. Supplier expressly agrees to comply with the Information Technology (“IT”)
systems security and/or privacy specifications set forth in the Agency Partner Agreement and as further
defined by FISMA, and to include this requirement in any subcontract awarded pursuant to this
Agreement.
6.
Term and Termination.
(a) Term. The initial term of this Agreement shall commence as of the Effective Date and
continue for a period of four (4) years (the “Term”), unless earlier terminated pursuant to this Section 6.
(b) Termination for Breach. Either party may terminate this Agreement immediately upon
delivery of written notice of such termination to the other party in the event that the other party breaches
any material provision of this Agreement (or commits a series of non-material breaches that, collectively,
are material) and fails to cure such breach(es) within thirty (30) days after the non-breaching party
delivers notice of such breach(es) to the breaching party.
(c) Additional Termination Rights. Without limitation to the provisions of Section 6(b),
Customer may also terminate this Agreement immediately upon written notice to Supplier in the event of
any of the following: (i) Customer fails to secure or ceases to receive CGHub Project funding from the
Agency Partners (in which case termination shall be concurrent with cessation of funding); (ii) Customer
fails to receive or retain Trusted Partner Status; (iii) Supplier suffers or permits the appointment of a
receiver for its business or assets, becomes subject to involuntary proceedings under any bankruptcy or
insolvency law (which proceedings remain undismissed for thirty [30] days) or is dissolved, wound up or
liquidated; (iv) a Material Service Failure; or (v) the Agency Partner Agreement (or any relevant
agreement with an Agency Partner) is terminated under any circumstances.
CGHub Network Services Agreement
Page 10 of 23
(d) Events Upon Termination. Upon any termination of this Agreement for any reason,
Supplier shall destroy or securely erase all copies of Customer Confidential Information in Supplier’s
possession or under Supplier’s control, including, without limitation, Project Data and Personally
Identifiable Information subject to any applicable Data Laws. Supplier shall not withhold any Customer
Confidential Information, nor access to any Data, as a means of resolving any dispute. Any provisions
which by their terms should be reasonably understood to survive, including without limitation those
addressing confidentiality, security, indemnification, and relevant warranties, shall survive any
termination or expiration of this Agreement.
(e) Payments Upon Termination. Promptly upon any termination of this Agreement, Supplier
shall invoice Customer for all Fees and reimbursable expenses accrued as of the termination date, less any
Service Level Credits, Usage Credits or other amounts owing to Customer hereunder as of such
termination date. Supplier or Customer, as applicable, shall pay to the other any amounts owed within
thirty (30) days of receipt of such invoice (or, in the case of payments from Supplier to Customer, within
thirty (30) days after the effective date of termination).
(f) Termination Assistance. At Customer’s request, commencing (i) any time during the
twelve (12) months prior to the expiration of this Agreement; or (ii) upon any notice of termination of this
Agreement, and continuing for a period of up to twelve (12) months from the effective date of expiration,
or termination, Supplier shall provide to Customer or to its designee (collectively, “Successor”),
assistance, support and other services to allow the Network Services to continue without interruption or
adverse effect and to facilitate the orderly transfer of the Network Services to the Successor
(“Termination Assistance Services”). Such Termination Assistance Services shall be provided to
Customer by Supplier regardless of the reason for termination or expiration and the reasonable fees,
expenses and charges for suchTermination Assistance Services shall be borne by Customer. The
Termination Assistance Services shall be deemed to be “Network Services” for purposes of Supplier’s
obligations hereunder.
7.
Warranties and Disclaimer. The following warranties are effective notwithstanding prior
inspection or acceptance of the Network Services and are in addition to and do not limit the rights
afforded to the parties by any other provision of this Agreement.
(a) Authority. Each party represents and warrants that (i) it has full power and authority to enter
into this Agreement and convey the rights conveyed herein, (ii) it has not entered into nor shall it enter
into any agreements that would conflict with its obligations hereunder or render it incapable of
satisfactorily performing hereunder, (iii) it has obtained all licenses, authorizations, approvals, consents or
permits required to perform its obligations under this Agreement under all applicable Laws, and (iv) the
execution, delivery, and performance of this Agreement shall be in compliance with all applicable Laws
and shall not constitute a violation of any judgment, order, or decree or a material default under any
material contract by which it or any of its material assets are bound or an event that would, with notice or
lapse of time, or both, constitute such a default.
(b) Network Services. Supplier represents and warrants that: (i) the Network Services shall be
rendered with promptness, due care, skill and diligence; (ii) the Network Services shall be executed in a
professional and workmanlike manner, in accordance with the best practices of the information
technology services industry; (iii) Supplier shall use adequate numbers of qualified Personnel with
suitable training, education, experience, know-how, competence and skill to perform the Network
Services; and (iv) Supplier has and shall retain the resources, capacity, expertise and ability to provide the
Network Services.
CGHub Network Services Agreement
Page 11 of 23
(c) Compliance with Law; Noninfringement. Supplier represents and warrants that it shall
comply with all applicable Laws in connection with this Agreement and the performance of its
obligations hereunder, including, without limitation, applicable Data Laws. Supplier further represents
and warrants that it shall comply with any and all obligations imposed on Customer under the Agency
Partner Agreement or otherwise specified by the Agency Partners which may be applicable to the
Network Services or Supplier’s performance hereunder, including, without limitation, obligations with
respect to data security, foreign assets and export control, which provisions are incorporated herein by
this reference. In addition, Supplier represents and warrants that the Network Services shall not infringe
any patent, copyright, trademark, trade secret or other proprietary right of any third party.
(d) Viruses. Supplier represents and warrants that it shall ensure that no forms of harmful
surreptitious code, such as viruses, spyware and worms, or alternative means through which unauthorized
individuals can monitor, copy, access or download Data on or accessed through CGHub, such as robots,
spiders, scrapers or webcrawlers (collectively, “Viruses”) are introduced by any means into CGHub, or
the systems used to provide the Network Services. If a Virus is found to have been introduced, Supplier
shall promptly notify Customer in writing of the introduction and at no additional charge to Customer,
assist Customer in eradicating the Virus and eliminating its effects, and if the Virus causes an interruption
of the use of CGHub or the Network Services, a loss of operational efficiency or loss of Data, Supplier
shall take all necessary steps to repair any damage done by the Virus, including undertaking Remediation
Efforts at no cost or loss to Customer.
(e) Adoption by Reference of Agency Partner Agreement Representations, Warranties, and
Covenants. All representations, warranties, and covenants made by Customer under the Agency Partner
Agreement are hereby incorporated by reference as Supplier representations, warranties, and covenants to
Customer, to the extent applicable to the Network Services.
(f) Disclaimer. OTHER THAN THE FOREGOING, SUPPLIER MAKES NO
REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE NETWORK SERVICES.
WITHOUT LIMITATION TO THE FOREGOING, SUPPLIER SPECIFICALLY DISCLAIMS ALL
EXPRESS WARRANTIES NOT STATED HEREIN AND ALL IMPLIED WARRANTIES,
INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE.
8.
Insurance and Indemnification
(a) Supplier represents and warrants that, during the Term, it shall keep in full force and effect
and maintain at its sole cost and expense (primary and non-contributing) insurance policies from
reputable insurers against such risks and in such amounts as are customary for similarly situated
companies (but in no event less than commercially reasonable levels of insurance and any insurance
required by applicable Law or otherwise specified by the Agency Partners, including without limitation as
provided in the Agency Partner Agreement). Supplier shall provide Customer with Certificates of
Insurance evidencing all policies and coverages prior to the Effective Date and thereafter upon
Customer’s request; and shall provide Customer with at least thirty (30) days’ written notice prior to any
cancellation or restrictive modification of same. [NOTE – SPECIFIC LIMITS WILL BE INCLUDED
SUBJECT TO DISUCSSION.]
(b) Supplier shall indemnify and hold harmless Customer, the Agency Partners, and their
respective officers, employees and agents (collectively with Customer, “Included Indemnitees”) from and
against all claims, losses, damages, liabilities and lawsuits (including reasonable attorneys fees and costs)
(collectively, “Damages”) arising from or relating to (i) any claim that the Network Services infringe any
third party’s patent, copyright, trademark or other proprietary right or constitutes misappropriation of a
CGHub Network Services Agreement
Page 12 of 23
trade secret, (ii) any breach by Supplier of any of its obligations, covenants, representations or warranties
provided in this Agreement, (iii) any Security Incident to the extent attributable to Supplier’s or Supplier
Personnel acts or omissions; or (iv) any other act or omission by Supplier or its Personnel that may cause
liability to Customer pursuant to the Agency Partner Agreement. Without limitation to any other rights or
remedies of Customer, in the event that Customer’s use of the Network Services is enjoined as a result of
a claim of infringement, Supplier shall, at its sole option and expense, either (i) procure for Customer the
rights necessary to continue using the enjoined Network Services or (ii) replace or modify the same so
that they no longer infringe or misappropriate the third party’s rights, while such replaced or modified
Network Services remain in compliance with the Specifications and the warranties provided in Section 7.
If Supplier, in its reasonable discretion, determines that neither of these options is commercially
reasonable, Supplier may terminate this Agreement upon thirty (30) days’ written notice to Customer,
provided that Supplier refunds to Customer any Fees previously paid which are applicable to the period
during which Customer did not receive Network Services (including any period following termination).
(c) Supplier’s indemnification obligations under Section 8(b) with respect to any Damages
arising from third party claims are contingent upon (i) Customer or another Included Indemnitee giving
Supplier prompt written notice of such claim, loss, expense, damage, liability or lawsuit, provided,
however, that absent material prejudice to Supplier, the failure to promptly notify shall not eliminate or
reduce Supplier’s obligations hereunder, (ii) the relevant Included Indemnitees cooperating reasonably
with Supplier in the defense and/or settlement thereof; provided, however, that Supplier may not enter
into any settlements imposing non-monetary obligations on or acknowledging liability or fault on behalf
of the Included Indemnitees without Customer’s prior written consent, and (iii) Supplier having an
opportunity to assume control of such defense; provided, however, that if Supplier assumes such control,
the Included Indemnitees shall have the right to participate reasonably in such defense, including, without
limitation, the right to retain separate counsel at its own expense. Neither party shall be responsible for
any settlement that it does not approve in writing.
(d) Supplier’s indemnification obligations under Section 8(b) shall not apply to the extent the
claim is based on use of the Network Services by Service Recipients other than in accordance with this
Agreement.
9.
Limitation of Liability. Except with respect to the indemnity provided in Section 8, Supplier
shall not be liable to Customer for any consequential, indirect, incidental or special damages arising under
this Agreement, even if Supplier has been advised of the possibility of such damages. Supplier shall not
be liable under this Agreement under any contract, negligence, strict liability or other legal or equitable
theory for any amounts, in the aggregate, in excess of the total amount of Fees actually paid by Customer
to Supplier hereunder; provided, however, that the foregoing limitation on liability shall not apply with
respect to (i) the indemnity provided in Section 8, (ii) any required Remediation Efforts pursuant to
Section 5(f), or (iii) death, personal injury or property damage caused by Supplier or its Personnel.
10.
Publicity; Use of Names. Neither party may use the names or marks of the other, nor of an
Agency Partner, without the applicable party’s express written consent. Supplier expressly acknowledges
that: (i) the Agency Partner Agreement requires that SAIC be provided with thirty (30) days written
notice of any proposed press release describing or otherwise referring to the CGHub Project, the content
of which is subject to SAIC approval; and (ii) California Education Code § 92000 restricts the lawful uses
of Customer’s name and marks.
11.
General.
(a) Assignment. Neither party shall have the right to assign, transfer, or sublicense any
obligations or benefit under this Agreement without the prior written consent of the other party hereto,
CGHub Network Services Agreement
Page 13 of 23
provided, however, that Customer may assign this Agreement without Supplier’s prior written consent to
an Agency Partner or to any successor to Customer as the manager of the CGHub Project. Except as
otherwise provided herein, this Agreement shall be binding on and inure to the benefit of the respective
successors and permitted assigns of the parties.
(b) Notices. All notices under this Agreement shall be in writing, and shall be deemed given
when personally delivered, when mailed by prepaid certified or registered U.S. mail, when sent by
commercial overnight courier service with tracking capabilities or by email or facsimile (if confirmed by
one of the other methods permitted hereunder within 48 hours after such facsimile transmission), to the
respective addressee of each party at the address, email address or facsimile number below, or such other
address, email address or facsimile number as such party last provided to the other party by written
notice.
(c) No Waiver. The failure of either party to enforce its rights under this Agreement at any time
for any period shall not be construed as a waiver of such rights.
(d) Independent Contractors. Notwithstanding any provision hereof, for all purposes of this
Agreement each party shall be and act as an independent contractor and not as partner, joint venturer or
agent of the other party and shall not bind nor attempt to bind the other party to any contract. At no time
shall Supplier or Supplier’s Personnel be considered employees of University for any purpose, including
but not limited to workers’ compensation provisions.
(e) Third-Party Rights. Nothing in this Agreement is intended to make any person or entity
who is not signatory to the agreement – other than the Agency Partners to the extent contemplated in the
Agency Partner Agreement, the Service Recipients to the extent contemplated by the Network Services
and the Included Indemnitees to the extent contemplated by Section 8 – a third-party beneficiary of any
right created by this Agreement or by operation of law.
(f) Modifications. Except for changes or modifications to Exhibit A, which may be made by
notice from Customer to Supplier, no changes or modifications to or waivers of any provision of this
Agreement shall be effective unless evidenced in a written amendment that is signed by both parties.
Supplier expressly acknowledges that contracting authority at Customer is limited to the Chancellor and
specified other officials expressly delegated authority by the Chancellor.
(g) Severability. In the event that any provision of this Agreement shall be determined to be
illegal or unenforceable, such provision shall be limited or eliminated to the minimum extent necessary so
that this Agreement shall otherwise remain in full force and effect and enforceable.
(h) Governing Law; Jurisdiction. This Agreement shall be governed by and construed in
accordance with the Laws of the State of California, without regard to the conflicts of laws provisions
thereof.
(i) Disputes. Any dispute arising regarding the interpretation or implementation of this
Agreement, including any claims for breach of this Agreement, shall be resolved by submitting the claim
for arbitration to the American Arbitration Association in accordance with its rules and procedures
applicable to commercial disputes. The location of any arbitration hearing shall be Santa Cruz, California,
and any enforcement of the arbitrator's decision shall be brought in the Superior Court of Santa Cruz
County, California. The sole jurisdiction and venue for any non-arbitrable actions related to the subject
matter of this Agreement shall be the state and federal courts located in Santa Cruz, California. In any
action brought by a party to enforce the terms of this Agreement, the prevailing party shall be entitled to
reasonable attorney's fees and costs, including the reasonable value of any services provided by in-house
CGHub Network Services Agreement
Page 14 of 23
counsel. The reasonable value of services provided by in-house counsel shall be calculated by applying
an hourly rate commensurate with prevailing market rates charged by attorneys in private practice for
such services.
(j) Remedies Cumulative. Unless expressly stated otherwise in this Agreement, all remedies
provided for in this Agreement shall be cumulative and in addition to, and not in lieu of, any other
remedies available to either party at law, in equity or otherwise.
(k) Headings. Headings herein are for convenience of reference only and shall in no way affect
interpretation of the Agreement.
(l) Acknowledgement. The parties each acknowledge that the terms and conditions of this
Agreement have been the subject of active and complete negotiations, and that such terms and conditions
should not be construed in favor of or against any party by reason of the extent to which any party or its
professional advisors participated in the preparation of this Agreement.
(m) Force Majeure. Neither party shall be liable for any failure of or delay in performance of its
obligations under this Agreement to the extent such failure or delay is due to acts of God, acts of a public
enemy, terrorism, fires, floods, wars, civil disturbances, sabotage, insurrections, blockades, embargoes,
storms, explosions, labor disputes (whether or not the employees' demands are reasonable and/or within
the party's power to satisfy), acts of any governmental body, failure or delay of third parties or
governmental bodies from whom a party is obtaining or must obtain approvals, authorizations, licenses,
franchises, or permits, or inability to obtain labor, materials, power, equipment, or transportation, or other
similar circumstances beyond such party’s reasonable control, in each case except to the extent that such
party is at fault in failing to prevent or causing such default or delay, and provided that such default or
delay cannot reasonably be circumvented by such party through the use of alternate sources, workaround
plans or other means (collectively referred to herein as “Force Majeure”). Each party shall use its
reasonable efforts to minimize the duration and consequences of any failure of or delay in performance
resulting from a Force Majeure event and to promptly notify the other of any actual or potential Force
Majeure event; provided, however, that in the event a condition of Force Majeure continues for more than
sixty (60) days, the party not invoking Force Majeure to excuse its failure to perform (e.g., a party whose
performance is not being delayed a condition of Force Majeure) shall have the right in its discretion to
terminate this Agreement.
(n) Entire Agreement. This Agreement, including all Exhibits hereto, constitutes the entire
agreement between the parties with respect to its subject matter and supersedes all proposals, oral or
written, all negotiations, conversations, discussions or agreements between or among the parties relating
to the subject matter.
(o) Time is of the Essence. Supplier acknowledges and agrees that time is of the essence with
respect to the performance of Supplier’s obligations hereunder.
(p) Counterparts. This Agreement may be executed in counterparts, each of which shall be
deemed an original but all of which together shall constitute one and the same Agreement.
12.
Additional Definitions. As used in this Agreement (including any Exhibits hereto):
(a) “Agency Partner Agreement” shall mean the agreement or agreements referenced in the
Recitals including, without limitation, the Letter Agreement between SAIC and Customer dated July 29,
2011, under which Customer is appointed to act as subcontractor of SAIC, which in turn directly
contracts with the other Agency Partners), and all supplements, amendments, and additional agreements
CGHub Network Services Agreement
Page 15 of 23
related to the CGHub project between any Agency Partner and Customer that Customer attaches to
Exhibit A by notice to Supplier.
(b) “Authorized Third Party Users” shall mean Cancer Genomics Projects genome sequencing
centers (“GSCs”), data analysis centers (“GDACs”), and data coordinating centers (“DCCs”), and other
research facilities and entities (including their respective Personnel) as may be selected and authorized by
Customer (and/or the Agency Partners), in Customer’s (or the Agency Partners’) sole discretion, to use
the Network Services in connection with the CGHub Project.
(c) “Confidential Information” shall mean any confidential or proprietary information of a party
that is disclosed in any manner and in any media to the other party (or to which such other party gains
access) in connection with or as a result of this Agreement, and which at the time of disclosure either (i) is
marked as being “Confidential” or “Proprietary”, (ii) is otherwise reasonably identifiable as confidential
or proprietary information, or (iii) under the circumstances of disclosure should reasonably be considered
as confidential or proprietary information. Specifically, Confidential Information includes: (A) the
existence of and the terms and conditions of this Agreement; and (B) all types of proprietary technical or
business information, including data, know-how, formulas, algorithms, processes, designs, drawings,
schematics, plans, strategies, specifications, requirements, standards and documentation, reports, pricing,
market, marketing or demographic information, software, trade secrets, research, analyses, inventions,
ideas and other types of nonpublic information, including copies and archival records thereof. For
purposes of this Agreement, Confidential Information of Customer expressly includes Project Data.
Confidential Information does not include information that is: (I) in the public domain other than due to a
breach by the receiving party or any other person or entity of a contractual commitment or other duty to
the disclosing party; (II) known to the receiving party prior to its receipt from the disclosing party or
obtained by the receiving party outside the scope of this Agreement from a third party that has no
obligation of confidentiality to the disclosing party, in each case without breaching this Agreement; or
(III) independently developed by the receiving party without reference to the Confidential Information of
the disclosing party. However, Personal Identifying Information within Project Data shall always be
treated as Confidential Information of Customer and shall not be subject to the exclusions contained in
this definition.
(d) “Data” shall mean any data or information, in any form or format, including interim,
processed, compiled, summarized, or derivative versions of such data or information, that may exist in
any system, database, or record.
(e) “Data Laws” shall mean any Laws restricting collection, use, processing or free movement of
personal data (including, without limitation, otherwise deidentified genomic data), such as the California
Information Practices Act (IPA), Gramm-Leach-Bliley Act of 1999, the Health Insurance Portability and
Accountability Act of 1996 (HIPAA), the Children's Online Privacy Protection Act (COPPA), The Child
Online Protection Act, the Genetic Information Nondiscrimination Act (GINA), the European Union
Directive on the Protection of Personal Data and implementing member state legislation, the Personal
Information Protection and Electronic Documents Act (PIPEDA) of Canada, and the fair information
principles published by the United States Federal Trade Commission. “Data Laws” also includes, as in
effect from time to time, any law, rule, regulation, declaration, decree, directive, statute, or other
enactment, order, mandate, resolution or self-regulatory guideline or standard (including those issued by
organizations such as NIST and the PCI Security Standards Council), which is applicable to an Agency
Partner, a party or to which a party is required to submit or which is voluntarily adopted by a party or
other companies in such party’s industry, issued or enacted by any domestic or foreign, supra-national,
national, state, county, municipal, local, territorial or other government or industry body, bureau, court,
commission, board, authority, or agency, anywhere in the world and which relates to Data.
CGHub Network Services Agreement
Page 16 of 23
(f) “Law” shall mean: (i) any applicable law, statute, regulation, ordinance or subordinate
legislation in force from time to time to which a party (including, without limitation, a party’s Personnel)
is subject; (ii) the common law as applicable to the parties from time to time; (iii) any binding court order,
judgment or decree; and (iv) any applicable directive, policy, rule or order that is binding on a party and
that is made or given by any government or authority, an agency or contractor thereof, or any regulatory
body; of any country, the European Union, or other national, federal, commonwealth, state, provincial or
local jurisdiction and of any exchange or association whose regulations are binding on either party
pursuant to a self-regulating mechanism approved by a governmental entity.
(g) “Material Service Failure” shall mean a single failure or series of failures that, collectively,
materially compromise the Service Recipients’ ability to utilize the Network Services as contemplated in
the Agency Partner Agreement and under this Agreement including, without limitation, a Critical
Disruption (as defined at Exhibit C) or series of Critical Disruptions causing Network outages a total of
more than twenty-one (21) days during any twelve (12) month period, regardless of cause or efforts to
resolve.
(h) “Personal Identifying Information” shall mean any Data that identifies or could be used to
identify a natural person, such as a name, mailing address, phone number, fax number, email address,
frequent flier number, Social Security number, credit card or other payment Data, date of birth, drivers
license number, account number or user ID, PIN, or password. For the avoidance of doubt, Data shall be
deemed Personal Identifying Information if it contains genomic sequence information, SNPs, or similar
information; or if the unauthorized access, use, disclosure, modification, storage, destruction, or loss of
that Data otherwise may trigger the application of any Data Law or any security breach notification under
a Data Law.
(i) “Personnel” shall mean a party’s or other entity’s officers, directors, employees, agents,
affiliates, subcontractors and independent contractors (and their respective Personnel).
(j) The “Primary Sites” include, at the time of execution of this Agreement: (1) the Data Center,
Customer (at its UCSC campus), Baylor University, British Columbia Genome Sciences Centre, Broad
Institute, Lineberger Cancer Center (University of North Carolina), and Washington University, St. Louis
(collectively the “First Priority Sites”); and (2) Customer’s Berkeley, Davis, Los Angeles, and San
Francisco campuses (UC Berkeley, UC Davis, UCLA, and UCSF), Complete Genomics (Mountain View,
CA), Harvard Medical School, Ilumina, Inc. (San Diego, CA), Institute for Systems Biology (Seattle,
Washington), Johns Hopkins University, Lawrence Berkeley National Laboratory, MD Anderson Cancer
Center (Houston, TX), Memorial Sloan-Kettering Cancer Center, National Center for Genome Resources
(Santa Fe, NM), Oregon Health Sciences University, and University of Southern California (collectively
the “Second Priority Sites”).
(k) “Project Data” shall mean all Data: (i) submitted by or on behalf of Customer to Supplier
(including Supplier Personnel); (ii) uploaded or otherwise transferred or provided by Service Recipients
for use or placement on CGHub; or (iii) otherwise owned or held by Service Recipients to which Supplier
has access in connection with this Agreement. For the avoidance of doubt, Project Data shall include,
without limitation: (A) any genome-related Data or other Data regarding individual patients, trial
participants and other individuals providing information for research, use, distribution or study on
CGHub, including, without limitation, Personal Identifying Information for such individuals, and (B)
Data related to Service Recipient Personnel, including Personal Identifying Information. If it is unclear if
any Data constitutes Project Data, then as between Customer and Supplier, and until such matter is
definitively resolved otherwise, such Data shall be deemed to be Project Data under this Agreement.
CGHub Network Services Agreement
Page 17 of 23
(l) “Process” shall mean, with respect to Data, to collect, access, use, process, disclose, transmit,
transfer, store, or retain such Data.
(m) “Remediation Efforts” shall mean activities designed to remedy a Security Incident which
may be required by Law (applicable to Customer, Supplier or both) or by Customer or Agency Partner
policy or procedures pertaining to a Security Incident, or which may otherwise be necessary, reasonable
or appropriate under the circumstances, commensurate with the nature of the Security Incident.
Remediation Efforts may include, without limitation: (i) development and delivery of legal notices to
affected individuals or other third parties as may be required by applicable law or as otherwise
appropriate; (ii) establishment and operation of toll-free telephone numbers (or, where toll-free telephone
numbers are not available, dedicated telephone numbers) for affected individuals to receive specific
information and assistance; (iii) provision of free credit reports, credit monitoring and credit or identity
repair services for affected individuals; (iv) provision of identity theft insurance for affected individuals;
(v) cooperation with and response to regulatory inquiries and other similar actions; (vi) undertaking of
investigations (internal or by a governmental body) of such Security Incident; and (vii) cooperation with
and response to litigation with respect to such Security Incident (including class action suits or similar
proceedings); and in each case including, legal costs and disbursements and the payment of fines,
settlements and damages.
(n) “Security Incident” shall mean, in connection with the Network Services provided by
Supplier to Customer: (i) the loss or misuse (by any means) of Customer Confidential Information or
Project Data; (ii) the inadvertent, unauthorized, and/or unlawful processing, alteration, corruption, sale,
rental, or destruction of Customer Confidential Information or Project Data; (iii) any other act or omission
that compromises or threatens to compromise the security, confidentiality, or integrity of Customer
Confidential Information or Project Data; or (iv) any breach of Customer’s security policies (as provided
by Customer to Supplier in writing from time to time) or the applicable security requirements of the
Agency Partner Agreement, including, without limitation, any security policies required for “moderate
security” protection under FISMA.
(o) “Service Recipients” include the Primary Sites and other Authorized Third Party Users.
(p) “Trusted Partner Status” shall mean the status accorded to an institution when the Agency
Partners permit the institution to distribute Project Data to Primary Sites and other Authorized ThirdParty Users.
IN WITNESS WHEREOF, the parties hereto have executed this Agreement as of the Effective Date.
SUPPLIER
CUSTOMER
By:
By:
Name:
Name:
(print name)
(print name)
Title:
Title:
Address:
Address:
Facsimile No.:
Facsimile No.:
Email Address:
Email Address:
CGHub Network Services Agreement
Page 18 of 23
EXHIBIT A: AGENCY PARTNER AGREEMENTS
CGHub Network Services Agreement
Page 19 of 23
EXHIBIT B – NETWORK SERVICES AFFILIATES
CENIC
Florida LambdaRail
Front Range GigaPoP / University Corporation for Atmospheric Research
Lonestar Education and Research Network
Mid-Atlantic Terascale Partnership: MATP / Virginia Tech Foundation
North Carolina Light Rail
Oak Ridge National Laboratory
Oklahoma State Regents for Higher Education
Pacific Northwest Gigapop
Pittsburgh Supercomputing Center / University of Pittsburgh
Southeastern Universities Research Association
Southern Light Rail
University of New Mexico (on behalf of the State of New Mexico)
CGHub Network Services Agreement
Page 20 of 23
EXHIBIT C: NETWORK SERVICES SUPPORT
1. Monitoring. Supplier shall be responsible for implementing and operating all measurement and
monitoring tools and procedures required to monitor, measure and report its performance of the
Network Services (and, to the extent applicable, relative to the Service Level Agreements). Such
tools and procedures shall, at a minimum, provide continuous monitoring of all Network components
and real-time alerts of any events that may adversely affect connectivity for any Service Recipient
(“Alerts”).
2. Support. Supplier shall coordinate and track installation of circuit turn-ups and provide oversight of
circuit deployments. Supplier further shall provide trouble ticket creation and general customer,
network operations center and helpdesk support, in each case available 24 hours per day, 7 days per
week, 365 days a year, by phone and email, to (i) the CGHub Project help desk, (ii) each Service
Recipient and (iii) each Regional Provider (collectively, “Support Recipients”). In no event shall
such service and support be inferior to the service or support provided by Supplier to any other
customer of Supplier.
3. Maintenance. Without limiting the foregoing, Supplier shall reasonably notify and consult with
Customer in advance of any maintenance events or field service work that may adversely affect the
Network Services and shall take all reasonable steps to minimize any related disruption or impact on
Service Recipients.
4. Communications. Supplier shall provide on-line access to up-to-date reporting in relation to the
Network Services, including problem management data and other data regarding the status of service
problems, service requests and user inquiries. At Customer’s request, Supplier shall work with other
subcontractors of Customer to build network monitoring capabilities into the dashboard of the
CGHub user software.
5. Additional Obligations Relevant to Critical Disruptions. Without limiting any other remedies set
forth in this Agreement (including Exhibit D), in the event of a significant Network Services
disruption that has a critical impact on the operations of CGHub (“Critical Disruption”), Supplier
shall work continuously, during and after normal business hours, and devote all necessary resources
to resolve the Critical Disruption or develop a reasonable workaround as quickly as possible, but in
no event less than twenty-four (24) hours after notification thereof by Customer (the “Resolution
Period”). Any Critical Disruption that is not resolved, or for which a reasonable workaround is not in
use, within the Resolution Period shall entitle Customer to a credit equal to one hundred dollars
($100.00) for each one (1) hour period (or portion thereof) from the end of the Resolution Period until
such Critical Disruption is resolved or a reasonable workaround is in use.
CGHub Network Services Agreement
Page 21 of 23
EXHIBIT D: SERVICE LEVEL AGREEMENTS AND CREDITS
[SUBJECT TO NEGOTIATION AND AGENCY PARTNER APPROVAL]
Supplier shall perform the Network Services so as to meet or exceed the Service Level Agreements
specified in this Exhibit D. Failure to meet the Service Level Agreements shall entitle Customer to the
Service Level Credits specified herein. Following each calendar month, Supplier shall provide a report,
in a form satisfactory to Customer, describing Supplier’s performance in relation to the Service Level
Agreements and calculating any Service Level Credits for such period. Any outstanding Service Level
Credits shall be reflected on and applied against the Fees in the next invoice for Network Services issued
by Supplier.
1. Transmission Quality
[TBD]
2. Availability.
Supplier shall provide Network connectivity as described in the Agreement to each Service Recipient at a
minimum availability of [NUMBER]%, excluding scheduled outages approved in advance by Customer.
Availability numbers for the Service Recipients individually and collectively shall be averaged over each
calendar month.
In the event Supplier fails to meet this Service Level Agreement for any Service Recipient or the Service
Recipients collectively, Customer shall receive a credit equal to $[AMOUNT] for each [NUMBER]% of
additional downtime for such Service Recipient or the Service Recipients collectively, as applicable, in
the applicable calendar month, subject to a maximum total credit of $[AMOUNT] in any calendar month.
3. Installation.
In the event Supplier fails to meet any of the installation timelines specified in Section 2 or in the
Implementation Plans, Customer shall receive a credit equal to $[AMOUNT] for each one (1) day period
(or portion thereof) from the end of the specified period until the applicable connection is fully installed
and operational.
4. Response and Notification.
In connection with the support services described in Exhibit C, Supplier shall provide an initial response
to any email or voicemail inquiry or network alert or other trouble report within one (1) hour after such
inquiry or report is received by Supplier, however receipt occurs.
In connection with the monitoring services described in Exhibit C, Supplier shall notify Customer and
any affected Service Recipients of any Alerts within one (1) hour after such Alert is provided by
Supplier’s monitoring system.
In the event Supplier fails to meet the foregoing Service Level Agreement for any inquiry, network alert
or other trouble report, or Alert, Customer shall receive a credit equal to $[AMOUNT] for each one (1)
hour period (or portion thereof) from the end of the applicable one (1) hour period until Supplier provides
the required response or notification.
5. [ADDITIONAL SLAs TO BE DETERMINED]
CGHub Network Services Agreement
Page 22 of 23
EXHIBIT E: SCHEDULE OF FEES
1.
Fees payable pursuant to Section 4(a) of the Agreement
$644,323 not less than thirty (30) days after Agency Partner Acceptance of the Implementation
Plan that addresses full operational status of all of the Primary Sites, covering the period from the
Effective Date through September 30, 2012 (the “Initial Project Year”).
$401,181 for each twelve (12) month period following the Initial Project Year (each an
“Applicable Project Year”), in each case payable in quarterly installments during such Applicable
Project Year.
The above Fees cover all Network Services for the Primary Sites. In the event Customer or an
Agency Party requests that Network Services be provided to additional Service Recipients, the
Fees for any period following such addition shall be increased such that the amount of Fees per
Service Recipient for such period remains constant before and after giving affect to such addition.
Notwithstanding anything herein to the contrary, no installment of Fees shall be payable by
Customer until sixty (60) days following receipt by Customer of applicable funding from the
Agency Partners.
In the event of early termination of this Agreement, by either party for any reason, Supplier shall
reimburse to Customer any Fees previously paid which are applicable to the period following
such termination.
2.
Reductions
The Fees owed to Supplier during any Applicable Project Year shall be reduced by the Service
Level Credits and by Usage Credits, which Customer may earn in an amount of $[AMOUNT] per
Applicable Project Year for each Service Recipient that requires Network Services at 1 Gbps
rather than 10 Gbps in such Applicable Project Year. Usage Credits shall be prorated in the event
a Service Recipient requires Network Services at 1 Gpbs for a portion of any Applicable Project
Year.
3.
Invoices
Notwithstanding anything here in the to contrary, no Fees shall be payable hereunder except in
response to Supplier invoices which shall be in a form and contain information reasonably
acceptable to Customer. Supplier shall deliver invoices for Fees at least sixty (60) days prior to
the applicable due date, except that the first invoice may be delivered within thirty (30) days of
the Effective Date.
CGHub Network Services Agreement
Page 23 of 23