Understanding Vendor Contracts 

When embarking on a software implementation project, it is important that both parties are perfectly clear on the expectations and the standards for success. Even more importantly, these standards and expectations should be captured in writing, usually through contracts and agreements. Depending on the type of project and party commitments, you may need to put in place several different agreements. The following are the most common documents in use. 

Master Services Agreement (MSA) 

An MSA is a long-term contract between two organizations that are likely to embark on multiple projects. It defines the terms and conditions that apply to all current and future work, such as covers terms and renewal, service levels, data, payments, audits, termination, confidentiality, and how disagreements will be handled. Putting an MSA in place with a long-term partner saves time, as the basics of the working relationship do not need to be redefined for each subsequent project. In order to do so, it purposely does not cover specific project details, like deliverables and timelines.  

Implementation Contract or Statement of Work (SOW) 

An implementation contract describes the details of the implementation phase of the project, including timelines, payment schedules, project team members, deliverables, system training, hyper care support, integrations, migrations, and assumptions. If there is an existing MSA in place, this contract works with the terms stated in the MSA. If there is no MSA, then the implementation contract should encompass those high-level terms and conditions as well. It is important that the implementation process does not begin until all parties have agreed on the contract, and all parties have signed the agreement.  

Subscription/Licensing Agreement (SLA) 

An SLA is an agreement between the developer of a product and a company or consumer who wishes to use the product. It is intended to protect the proprietary software from abuse and prevent fraud. This is normally used with an MSA, because of the continual relationship between the client and vendor and for a software as a service (SaaS) product. It details the subscriptions or licenses for the software or hardware and grants users' specific rights to use the product while preventing the theft of the software, limiting liability, disclaiming warranties, and prohibiting licensure without sale. It should include costs, cancellation policy, payments and terms, upgrades and updates, system responsibilities and availability, support hours, error testing, how to address issues, and a recovery time objective/recovery point objective.  

Confidentiality or Non-Disclosure Agreement (NDA) 

Pharmaceutical research and development revolves around spending precious time and resources to amass proprietary data and products. An NDA helps to prevent potential sabotage or the release of information to a competitor. It bars the signatory from discussing certain aspects of a project with outsiders, and it outlines the penalties for breach. It is an important tool for maintaining integrity with a vendor. If the vendor will be working with systems or data that is sensitive, then you must have a signed NDA in place before they are allowed to access the systems or review the system information. In some cases, you might want to have an NDA in place before beginning contract negotiations where you might need to share proprietary information about your business or processes. 

Supplier, Vendor, and Service Quality Agreements 

Quality agreements define the responsibilities of the supplier or vendor in ensuring the quality of the product or service they provide. They include assurances as to how the vendor produces their software, tool, or materials, including specifics about any changes to materials or related processes. Details may include an agreement not to make changes without permission, how notification of desired changes is communicated, plan for handling of corrective action/preventive action (CAPA) investigations, record/documentation retention requirements, and whether there is a requirement that the supplier maintain any certifications. Note that quality agreements are not implementation agreements, although they may be referenced by the implementation agreement.  

As you prepare to partner with a software vendor or supplier, consider what you expect from them, and ensure that you have assurances in writing. Determine the documentation that is most appropriate for your relationship, prepare it carefully, and then execute the agreements that will ensure the most successful outcome for you.