Washington IT service contract template

Washington IT Service Contract

This Washington IT Service Contract ("Agreement") is made and entered into as of this [Date], by and between:

[IT Service Provider Legal Name], a [State of Incorporation] [Business Entity Type], with its principal place of business at [IT Service Provider Address] ("Provider"), and

[Client Legal Name], a [State of Incorporation] [Business Entity Type], with its principal place of business at [Client Address] ("Client").

Provider and Client are sometimes referred to individually as a "Party" and collectively as the "Parties."

1. Scope of Services

Provider agrees to provide the following IT services to Client:

Option A: Software Development:

• Development of [Software Name] software application, including requirements gathering, design, coding, testing, and deployment, as further described in [Exhibit A: Statement of Work].
• Platforms: [List platforms, e.g., iOS, Android, Web]
• Technologies: [List technologies, e.g., Java, Python, React]

Option B: Hardware Support:

• Maintenance and support of Client's hardware infrastructure, including servers, workstations, and network devices, as detailed in [Exhibit B: Hardware Inventory].
• Service Levels: [Define response times, resolution times, and uptime guarantees].
• Hours of Operation: [Specify support hours, e.g., 24/7, business hours].

Option C: Cloud Management:

• Management of Client's cloud infrastructure on [Cloud Provider Name], including provisioning, monitoring, and optimization.
• Platforms: [List cloud platforms, e.g., AWS, Azure, GCP]
• Service Levels: [Define performance metrics and availability guarantees].

Option D: Cybersecurity Services:

• Provision of cybersecurity services, including vulnerability assessments, penetration testing, and incident response.
• Technologies: [List security tools, e.g., SIEM, firewall, antivirus]
• Service Levels: [Define incident response times and security audit frequency].

Option E: System Integration:

• Integration of existing systems with new hardware or software.

Option F: Data Migration:

• Migration of data between systems or locations.

Option G: IT Consulting:

• Provide IT consulting services based on an hourly rate.

Option H: Helpdesk/Managed Services:

• Helpdesk Support: Tier 1, Tier 2, Tier 3 support as needed.
  • Supported Devices: [List devices covered by helpdesk support].
  • Ticketing Systems: [Name of ticketing system used].
  • Escalation Procedures: [Description of escalation procedures].

2. Service Level Agreements (SLAs)

The following SLAs apply to the services provided under this Agreement:

Option A: Uptime Guarantee:

• Provider guarantees [Percentage]% uptime for the [System Name] system.
• Downtime Definition: [Define what constitutes downtime].

Option B: Response and Resolution Times:

• Priority 1 Incidents: Response time of [Time Frame], Resolution time of [Time Frame].
• Priority 2 Incidents: Response time of [Time Frame], Resolution time of [Time Frame].
• Priority 3 Incidents: Response time of [Time Frame], Resolution time of [Time Frame].

Option C: Backup and Disaster Recovery:

• Backup Routines: [Describe backup schedule and procedures].
• Disaster Recovery: [Describe disaster recovery plan and RTO/RPO].

Option D: System Monitoring and Patch Management:

• System Monitoring: [Describe monitoring tools and processes].
• Patch Management: [Describe patch schedule and procedures].

Option E: Reporting Frequency:

• Provider will provide reports on service performance [Frequency], including [List of metrics].

3. Hardware, Software, and Licenses

• The following hardware, software, and licenses are required for the provision of services: [List all hardware, software, licenses, and APIs].
• Client Responsibilities: [Specify if Client must provide access to systems, facilities, or procurement of specific components].
• Responsibility Matrix: [Detail responsibilities for each item].

4. Data Privacy and Cybersecurity (Washington Specific)

• Compliance: Provider shall comply with all applicable Washington and federal data privacy and cybersecurity laws, including RCW 19.255 (Washington State Data Breach Law), HIPAA (if applicable), and PCI DSS (if applicable).
• Data Access and Storage: [Describe how data access, storage, protection, and transfer will be handled, including encryption, logging].
• Employee Background Checks: [Specify requirements for employee background checks].
• Breach Notification: In the event of a security breach, Provider shall notify Client in accordance with RCW 19.255 and any other applicable laws.

5. Intellectual Property

• Ownership: [Specify ownership of software code, documentation, deliverables, and data].
• Work for Hire: All work product created by Provider under this Agreement shall be considered "work for hire" under Washington law.
• Licensing: [Describe licensing terms for any software or deliverables].
• Open Source: [Address the use of open source software and any associated obligations].

6. System Updates and Maintenance

• Responsibility: Provider is responsible for software and system updates and maintenance.
• Schedules: [Describe maintenance schedules and patch cycles].
• End-of-Life Transitions: [Describe procedures for end-of-life transitions].
• Continuity Plan: [Outline a continuity plan for ongoing IT operations in case of provider transition or business interruption].

7. Service Location and Remote Access

• Service Location: Services will be performed at [Location(s)].
• Remote Access: Provider may access Client systems remotely using a VPN and adhering to Client's security policies.
  • Restrictions: [List restrictions on data transfer outside the U.S. or Washington].
  • Compliance: Adherence to local security practices, including Washington State Office of Cybersecurity guidance.

8. Client Obligations

• Resource Availability: Client shall provide necessary resources for Provider to perform services.
• Points of Contact: [List Client points of contact].
• System Credentials: Client shall provide system credentials as needed.
• Approvals: Client shall provide timely approvals as required.
• Security Policies: Compliance with reasonable IT security policies.

9. Compliance with Laws (Washington Specific)

Compliance: Provider shall comply with all applicable Washington and federal laws, including the Washington Consumer Protection Act, Uniform Electronic Transactions Act, and employment regulations.

10. Taxes (Washington Specific)

• Sales and Use Tax: [Specify Washington sales and use tax treatment for IT services].
• B&O Tax: [Acknowledge any applicable Business & Occupation (B&O) tax].
• Responsibility: [Assign tax collection responsibility].

11. Payment Terms

Option A: Fixed Fee:

• The total fee for the services is [Dollar Amount].

Option B: Hourly Rate:

• The hourly rate for services is [Dollar Amount].

Option C: Recurring Charges:

• The recurring charge for services is [Dollar Amount] per [Time Period].

Invoicing: [Describe invoicing format and frequency].

Due Dates: Invoices are due [Number] days from the invoice date.

Late Fees: Late fees of [Percentage]% per month will be charged on overdue invoices.

Remittance: Payments shall be remitted to [Payment Address].

12. Deliverables and Milestones

• Schedule: [Provide a schedule of deliverables and project milestones].
• Acceptance Testing: [Describe acceptance testing criteria].
• Client Review: Client review and approval is required for each deliverable.
• Sign-Off: [Describe sign-off procedures].
• Remedies: [Describe steps to remedy or escalate non-conformance].

13. Confidentiality

• Obligations: Provider shall maintain the confidentiality of Client's technical data, business processes, and customer information.
• Survival: These obligations survive termination of this Agreement.
• Exceptions: Carve-outs for compelled disclosure under Washington law.

14. Security Breach Protocol

• Notification: Provider shall notify Client immediately upon discovery of a security breach, data loss, or outage.
• Investigation: Provider shall investigate the incident and provide a report to Client.
• Remediation: Provider shall take steps to remediate the incident and prevent future occurrences.
• Compliance: Comply with all regulatory incident response requirements under Washington law.

15. Quality Assurance

• Processes: [Describe quality assurance processes].
• Knowledge Transfer: [Describe knowledge transfer and documentation requirements].
• Training: [Specify employee training standards].
• Post-Implementation Support: [Describe post-implementation support coverage].

16. Warranty and Limitation of Liability

• Disclaimer: Provider provides the services "as is" and disclaims all warranties, express or implied.
• Limitation of Liability: Provider's liability is limited to the amount paid by Client under this Agreement.
  • Exclusions: Provider is not liable for software bugs, third-party outages, regulatory penalties, indirect damages, or loss of business.
• Washington Law: Comply with Washington's rules on enforceability and consumer protection regarding liability waivers.

17. Insurance

• Requirements: Provider shall maintain commercial general liability, errors and omissions (E&O), and cyber liability insurance with coverage limits of [Dollar Amount].
• Verification: Client has the right to verify Provider's insurance coverage.

18. Acceptable Use and Audit Rights

• Permitted Uses: [Define permitted uses of Client systems and data].
• Restrictions: [List restrictions on reverse engineering or misappropriation of Provider IP].
• Audit Rights: Both parties have audit rights to ensure compliance with this Agreement.

19. Government Approvals and Export Restrictions

• Approvals: [List any required government or regulatory approvals].
• Restrictions: [Describe any applicable export restrictions].
• Licensing: [List special licensing requirements].

20. Change Management

• Process: [Describe the process for submitting change requests].
• Approvals: [Describe the approval process for change requests].
• Impact: [Describe how cost or timeline impacts of change requests are handled].
• Documentation: [Describe documentation requirements for all parties].

21. Force Majeure

• Definition: Force majeure events include cyberattacks, network outages, and third-party service discontinuities.
• Notification: Prompt notification is required in the event of a force majeure event.
• Mitigation: Provider shall use commercially reasonable efforts to mitigate the impact of the force majeure event.
• Consequences: [Describe consequences for prolonged unavailability or repeated failures].

22. Termination

• Conditions: This Agreement may be terminated for breach, insolvency, non-payment, mutual agreement, material change, or regulatory violation.
• Transition: [Outline post-termination transition and data return/deletion requirements].
• Washington Law: Termination must comply with Washington law.

23. Remedies and Penalties

• Noncompliance: [Describe remedies and penalties for noncompliance, late delivery, service interruption, and other breaches].
• Consistency: Penalties must be consistent with what is permissible under Washington law.

24. Dispute Resolution

• Process: Disputes shall be resolved through negotiation, then Washington AAA or JAMS mediation/arbitration.
• Venue: Venue for any legal action shall be in Washington courts.
• Choice of Law: This Agreement shall be governed by the laws of the State of Washington.

25. Performance Review

• Meetings: Regular performance review meetings will be held [Frequency].
• Metrics: [Define key performance indicators (KPIs)].
• Continuous Improvement: Focus on continuous improvement tied to IT service KPIs.

26. Labor and Union Laws (Washington Specific)

Compliance: Provider shall comply with all applicable labor and union laws for IT resources deployed in Washington.

27. Consumer Notice (Washington Specific)

Requirements: Comply with state-specific consumer notice or disclosure requirements, especially when contracting with Washington government or public entities.

28. Miscellaneous

• Modification: This Agreement may only be modified in a signed writing.
• Assignment: This Agreement may not be assigned without the consent of both parties.
• Entire Agreement: This Agreement constitutes the entire agreement between the parties.
• Notice: All notices shall be in writing and sent to the addresses listed above, in compliance with Washington electronic signature and notice laws.

IN WITNESS WHEREOF, the Parties have executed this Agreement as of the date first written above.

[IT Service Provider Legal Name]

By: [Name]

Title: [Title]

[Client Legal Name]

By: [Name]

Title: [Title]