There are two primary models by which vendors will make software available to customers (1) software as a service (SaaS); and (2) on premise. In a SaaS model, the vendor provides, maintains, and hosts (either itself or through a hosting SaaS vendor) the desired software, and grants the customer access to the software functionality via the internet.
Tech & Sourcing @ Morgan Lewis
TECHNOLOGY TRANSACTIONS, OUTSOURCING, AND COMMERCIAL CONTRACTS NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
One of the major changes introduced by the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which was signed into New York law last year, is scheduled to take effect this week.
The Financial Stability Board (FSB) published on December 9, 2019, its report on financial institutions’ increasing reliance on third parties to provide cloud computing services (the Report).
Following adoption of the law on the preinstallation of Russian software on electronic devices in December 2019, the Russian Federal Antimonopoly Service (FAS) has developed draft guidelines to determine the types of electronic devices that will be subject to the new regulations, as well as the deadlines and procedures for the preinstallation of domestic software.
In a long-term outsourcing, software as a service (SaaS), or other services agreement, the customer will typically push for a termination right relating to the service provider’s breach, and perhaps for an insolvency event or change in control of the service provider.
Morgan Lewis has recently issued several LawFlashes on the 2019 Novel Coronavirus (COVID-19) outbreak, providing a number of resources for businesses across the globe dealing with various compliance challenges and unanswered questions.
Are you about to sign a service agreement with a third-party service provider under which it will access and use technology of your company? Have you checked your applicable third-party contracts to see if you need any consents?
The UK government has indicated that the UK’s approach to public procurement will fundamentally change post-Brexit. While it remains to be seen whether such a fundamental change will be possible in practice, the UK government’s pronouncements clearly suggest that change is on the way, which will most likely provide a less prescriptive framework for UK contracting authorities to follow.
The US Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) published a report on January 27 outlining various industry practices and approaches to managing and combating cybersecurity risks and maintaining operation resiliency. The OCIE observed these practices through conducting thousands of examinations, and hopes that organizations can use the report to enhance their own cybersecurity preparedness and operational resiliency.
Washington may be the next state to enact its own data privacy law after a bill was introduced into the Washington State Senate earlier this month. Known as the Washington Privacy Act, the bill’s sponsor, Sen. Reuven Carlyle, stated at a press conference that lawmakers had reached “95 percent agreement in principle on the core elements of the bill.”