When preparing an RFP, resolve the issues and questions in Appendix B, Checklist of Issues to Resolve Before and During RFP Preparation, and follow these best practice recommendations:
VITA has developed and approved IT contract templates that are customized for the specific type of IT acquisition: Services, Software, Solution, Hardware, Hardware Maintenance, Cloud, and EULA license addendum. Other agencies should be trained in using these prior to use. Until that occurs, agencies should use their own templates and ensure the Minimum VITA Requirements for Agency Delegated RFPs/Contracts provisions are included in the RFP. This can be found on SCM’s website at this location under the Forms section: SCM Policies & Forms. Refer to Chapter 28 - Agency IT Procurement Security and Cloud Requirements for Solicitations and Contracts for more information on required security and cloud related terms and conditions.
Once the requirements are completed, in addition to the agency’s general contract terms, appropriate IT terms should be included, as well as any special terms to cover any extraordinary risk(s) associated with the project. VITA sourcing specialists will use the approved template or master definitions and terms that match the procurement type, while agencies should include all necessary provisions that relate to the IT procurement such as necessary terms related to services, hardware, or software that may include: Ownership of Intellectual Property, Third Party Acquisition of Software, Software Upgrades, Software Disposition, Source Code, Term of Software License, special warranties, etc. It is not the standard for VITA to provide its IT templates or terms to agencies at this time. Agencies who have received delegated authority to conduct their own IT procurements may request assistance for complex solution, application service provider and/or software as a service type IT procurements by contacting: email@example.com.
A project that is part of a larger federal initiative or one funded with federal money may require including specific terms that must be flowed down from the funding sponsor or from federal statute. Examples are: the HITECH and HIPAA Acts for health records related projects. Obviously, this type of project or a project related to data within any Commonwealth agency that processes private health, confidential or sensitive citizen information; i.e., Department of Health, Department of Motor Vehicles, or Department of Social Services, may have special security or data protection needs as well. Procurement officials should seek, ask, research available internal sources, OAG and VITA to determine the requirements for such special terms and conditions.
It is important to perform a quality review of the solicitation to remove redundant, ambiguous and conflicting terms.