- Contracts* for software, subscriptions, or services (including software maintenance) that include
- Hosting/processing/transmission of UAB data external to UAB
- PCI (Payment Card Industry) acceptance/processing of credit card transactions
- Design, creation, maintenance, support, and/or hosting of any website/webpage
- Personally identifiable information (PII) or personal health information (PHI) - does not include Health System Agreements which are managed by HSIS
- Audit language
- Custom software development
- Hardware purchase with embedded software with any of the above
- *NOTE: For agreements that include the type of information listed above, documents/agreements must be executable, meaning they have signature lines for both UAB and the vendor. Printing a 'click-agreement' or printing language from a website and submitting as an 'agreement' for review does not guarantee that the vendor will ever see changes/addendums that UAB may make or add to the agreement.
What can I provide my vendor in advance so they are aware of the contract requirements?
- For most agreements the following two addendums will be added during the routing process. You can provide those addendums to your vendor in advance for their review and acceptance/signature prior to routing at UAB and include them in the routing packet.
- The general UAB Addendum (found on the Financial Affairs contract website) which covers information related to State, University, and Legal issues/clarifications. Any changes to the UAB addendum must be approved by University Contracts.
- The UAB Information Technology Addendum which covers additional confidentiality, information security, and liability language to mitigate any issues related to the items/concerns above. Portions of the IT Addendum may be applicable to only certain agreements and that applicability is detailed in the various sections of the addendum. Any changes to the IT addendum must be reviewed and approved by UAB IT.
- For agreements that include HIPAA (health related information) a Business Associate Agreement (BAA) may also be required. For information related to the BAA see the UAB HIPAA website.
- For RENEWAL agreements*: please ensure that a copy of the original, underlying, governing agreement that was previously executed between UAB and the vendor is included with the routing packet, including any subsequent addendums. If that original agreement included the IT Addendum and UAB Addendum, no additional language may be necessary as long as the renewal document references the original agreement and not a new document. If the original agreement did not include the IT Addendum, please have it reviewed/executed by your vendor and attach to the renewal agreement when routing.
- For NEW agreements:* please ensure that a copy of the full, underlying, governing agreement (license, EULA, professional services, etc) and any documents referenced in such agreement such as separate maintenance, support, privacy, statement of work, etc. are included with the routing packet. Submission of an order form, quote, schedule, etc. without the full underlying terms/conditions document will cause delays in the review process as those documents will be requested before the review can be completed. In addition, please have your vendor review/execute the UAB Addendum and UAB IT Addendums and attach them to the new agreement when routing.
*NOTE: For agreements that include the type of information listed above, documents/agreements must be executable, meaning they have signature lines for both UAB and the vendor. Printing a 'click-agreement' or printing language from a website and submitting as an 'agreement' for review does not guarantee that the vendor will ever see changes/addendums that UAB may make or add to the agreement.