- Contracts* for software, subscriptions, or services (including software maintenance) that include
- Hosting/processing/transmission of UAB data external to UAB
- PCI (Payment Card Industry) acceptance/processing of credit card transactions
- Design, creation, maintenance, support, and/or hosting of any website/webpage
- Personally identifiable information (PII) or personal health information (PHI) - does not include Health System Agreements which are managed by HSIS
- Audit language
- Custom software development
- Agreements for products whare a similiar product or standard is already available/supported at UAB
- Hardware purchase with embedded software with any of the above
- *NOTE: For agreements that include the type of information listed above, documents/agreements must be executable, meaning they have signature lines for both UAB and the vendor. Printing a 'click-agreement' or printing language from a website and submitting as an 'agreement' for review does not guarantee that the vendor will ever see changes/addendums that UAB may make or add to the agreement.
- Don't base fees/costs on FTE numbers as these numbers can change each year;
- No annual escalators;
- Include vendor service level expectations with remedies if they are not met/maintained;
- Include 'piggyback clauses' where the agreement can be used by other institutions in the UA System;
- Make sure any agreement with professional services clearly defines responsibilities and expectations of each party;
- Limit travel costs for any on-site work to actual costs and to no more than 15% of the actual professional services you pay;
- In most cases agreements should renew annually upon mutual agreement and with issuance of a UAB PO. Agreements should not renew automatically or where you are required to notify the vendor xx days prior to the renewal date.
- Don't agree to pay for services/products up front. Base payment on milestones or completion and UAB written acceptance;
- For contracts that IT intiates a standard agreement review template is used to evaluate risk. You can download a copy of that template here for your own use.
Each ethernet device is assigned a unique hardware address by the manufacturer. Manufacturers are each assigned a range of addresses that they may use in their manufacturing, so that it is not possible for two vendors to assign the same address. These hardware addresses are called MAC Addresses.
You can search by MAC number to find out what vendor's hardware you are looking for. An interactive database is available from the IEEE for this purpose. You can also check Cavebear's list of Vendor Codes