Enterprise Contact Center RFP

exhibit 3

<Contractor>

Master TELECOM Services Agreement <Number>

for the state of ohio’s enterprise contact center resulting from rfp #src000030184

This Master Telecom Services Agreement #MCSA[#] (“Contract”) resulting from Request for Proposals #SRC0000030184 titled Enterprise Contact Center (the “RFP”) is by and between <Contractor name> (“Contractor”), having an office at <Contractor address>, and the State of Ohio (“State”), through its Department of Administrative Services (“DAS”), having its principal place of business at 30 East Broad Street, 40th Floor, Columbus, Ohio 43215. The State and the Contractor are sometimes referred to jointly as the "Parties" or individually as a “Party.” The effective date of this Contract is the date it is signed by the State.

1. General Information

1.1. Organization

This Contract covers purchases of telecom products and services set forth in the contract resulting from the RFP (“Services”) that the Contractor makes available to Subscribers. The Service Attachments to this Contract describe the Services the Contractor offers under this Contract along with any special terms or conditions applicable only to those Services, descriptions of those Services, features, all fees associated with such Services, and any other provisions to which the Parties have agreed with respect to those Services. Such Service Attachments, when executed by the Parties, are incorporated into this Contract and become a part hereof. This Contract includes references to the contract resulting from the RFP, referred to as the RFP Contract herein.

1.2. Subscribers

A “Subscriber” means any of the following: (i) State entities such as agencies, boards, and commissions that place requests (“Orders”) through the State’s ordering system, OhioBuys, for any of the Services identified by one or more Service Attachments incorporated into this Contract; (ii) Other entities of the State, such as the legislative and judicial branches of State government and the independent offices of elected State officials that place Orders under this Contract; and (iii) Cooperative Purchasing Members, defined in the next section, that place Orders under this Contract.

1.3. Cooperative Purchasing Members

“Cooperative Purchasing Members” are entities that qualify for participation in the State’s cooperative purchasing program under Section 125.04 of the Ohio Revised Code (“R.C.”) and that have completed the steps necessary to participate in that program. They may include Ohio political subdivisions, such as counties, townships, municipal corporations, school districts, conservancy districts, township park districts, park districts created under R.C. Chapter 1545, regional transit authorities, regional airport authorities, regional water and sewer districts, and port authorities. They also may include any Ohio county board of elections, state institutions of higher education, private fire companies, private, nonprofit emergency medical service organizations, and chartered nonpublic schools.

1.4. Term

This Contract is effective on the date of final signature below. Unless earlier terminated as set forth herein, this Contract will expire on November 30, 2030.

1.5. Contract – Renewal

The State may renew this Contract by issuing written notice to the Contractor of the decision to do so and the Contractor may decline such renewal if it so desires. Renewals will be initiated by the State in writing before the expiration of the then-current term. This expiration and renewal procedure will also apply to the end of any subsequent renewal term. Any existing orders under this Contract in effect at the time of termination or expiration of this Contract will continue or terminate as set forth in Section 6.1 below.

1.6. Service Attachment(s) – Renewal

As part of the renewal of this Contract, the State may renew any or all Service Attachments under this Contract. Unless otherwise specified in the written renewal notice or in a Service Attachment, all Service Attachments are renewed upon the renewal of this Contract. Individual Orders under a Service Attachment may be renewed as long as the applicable Service Attachment remains in effect. Any such Order renewal is effective only on issuance of a purchase order from the Subscriber for the applicable Service.

After the first renewal, the Parties agree that pricing of Services under any Service Attachment may be renegotiated to reflect more favorable rates to the State.

The Subscribers have the option anytime during the Contract’s term to upgrade to a new technology or Service offering with the Contractor without incurring any fees for terminating the existing technology or Service early.

1.7. Relationship of the Parties and Subscribers

It is fully understood and agreed that Contractor is an independent contractor and is not an agent, servant, or employee of the State or any Subscriber. Contractor declares that it is engaged as an independent business and has complied with all applicable federal, state, and local laws regarding business permits and licenses of any kind, including but not limited to any insurance coverage, workers’ compensation, or unemployment compensation that is required in the normal course of business and will assume all responsibility for any federal, state, municipal, or other tax liabilities. Additionally, Contractor understands that as an independent contractor, it is not a public employee and is not entitled to contributions from the State to any public employee retirement system.

Contractor acknowledges and agrees any individual providing personal services under this Contract is not a public employee for purposes of R.C. Chapter 145. Unless Contractor is a “business entity” as that term is defined in R.C. 145.037 (“an entity with five or more employees that is a corporation, association, firm, limited liability company, partnership, sole proprietorship, or other entity engaged in business”), Contractor must have any individual performing services under the Contract complete and submit to the Subscriber the Independent Contractor Acknowledgement form, available at https://www.opers.org/forms-archive/PEDACKN-Non-Member-Acknowledgment.pdf .

Contractor’s failure to complete and submit the Independent Contractor Acknowledgement form prior to providing any Service or commencement of any work, service or deliverable, provided under this Contract, will serve as Contractor’s certification that Contractor is a “business entity” as the term is defined in R.C. 145.037.

1.8. State Audits and Reporting Requirements

1.8.1. State Audits

Contractor must keep all financial records related to this Contract in a manner consistent with Generally Accepted Accounting Principles (GAAP) or equivalent accounting principles. Additionally, Contractor must keep separate business records for this Contract, including records of disbursements and obligations incurred that must be supported by quotes, invoices, vouchers and other data as appropriate.

During the term of this Contract and for three years after its termination or expiration, on reasonable notice and during customary business hours, the State may audit the Contractor's records and other materials that relate to (i) the Services performed under this Contract, (ii) any billing or invoices under the Contract, or (iii) pricing representations that the Contractor made to acquire this Contract, and Contractor agrees to provide the State with access to and the right to examine any records or other materials involving transactions related to this Contract. This audit right also will apply to the State's duly authorized representatives and any organization providing funding for any Order hereunder.

The Contractor must make such records and materials available to the State within five business days after receiving the State’s written notice of its intent to audit the Contractor’s records, and must notify the State as soon as the records are ready for audit.

If an audit reveals any of the following: (i) any material deviation from the Contract requirements; (ii) any misrepresentations; or (iii) any overcharge to the Subscribers or any other provider of funds for the Contract, the Subscribers or other party will be entitled to recover damages as well as the cost of the audit.

1.8.2. Quarterly Reporting

Contractor must report the quarterly dollar value (in U.S. currency rounded to the nearest whole dollar) of the sales to Cooperative Purchasing Members under this Contract each calendar quarter (i.e., January-March, April-June, July-September and October-December). The dollar value of the sales reported must equal the price paid by Cooperative Purchasing Members for purchases under this Contract during the reporting period. The sales to State agencies under this Contract are automatically reported in OhioBuys.

Contractor must submit the quarterly sales report to the State via OhioBuys. If no sales occur, Contractor must show zero sales on the report. The report must be submitted 30 days after the completion of the reporting period.

Contractor also must submit a closeout report within 120 days after the expiration of this Contract. For purposes of this subsection 1.9.2, the Contract expires on the physical completion of the last, outstanding task or completion of an Order of the Contract. The closeout report must cover all sales not shown in the final quarterly sales report and reconcile all errors and credits. If Contractor reported all Contract sales and reconciled all errors and credits on the final quarterly sales report, then the closeout report should show zero sales.

If Contractor falsifies any sales report, the State may terminate this Contract for cause.

1.8.3. Other Reports

The State also may require various additional reports from the Contractor related to the Services. Such reports include those identified in any Service Attachment. Further, the State will be entitled to any other reports that the Contractor makes generally available to its other customers without additional charge. The State’s rights under this section will apply to all Services provided to all Subscribers under this Contract, but a Subscriber’s rights to reports will apply solely to Services it orders or receives under this Contract.

1.9. Subscribers’ Reliance on Contract

Subscribers may rely on this Contract. Whenever a Subscriber is a Cooperative Purchasing Member and relies on this Contract to issue an Order, the Subscriber will step into the shoes of the State under this Contract for purposes of its Order, and, as to the Subscriber's Order, this Contract will be between the Contractor and that Subscriber. The Contractor must look exclusively to that Subscriber for performance, including, but not limited to payment, and must hold the State harmless regarding such Orders and the Subscriber's performance. The State, through DAS, has the right to terminate this Contract and seek such remedies on termination as this Contract provides should the Contractor fail to honor its obligations under an Order from any Subscriber, whether a Cooperative Purchasing Member or not.

1.10. Subcontracting

The State recognizes that it may be necessary for the Contractor to use a subcontractor to perform a portion of the work under the Contract. In those circumstances, the Contractor must submit a list identifying the Contractor’s subcontractors. The Contractor may not enter into subcontracts related to the Contract after award without written approval from the State. If any change occurs during the term of the Contract, that requires a change to identified subcontractors, the Contractor must amend its list of subcontractors and request written approval from the State. The State reserves the right to reject any subcontractor submitted by the Contractor.

All subcontracts will be at the sole expense of the Contractor and the Contractor will be solely responsible for payment of its subcontractors. The Contractor assumes responsibility for all sub-contracting work performed or product delivered under the Contract. All agreements with subcontractors must incorporate the applicable terms of this Contract by reference and include the following provisions: (1) the subcontractor agrees to be bound by all applicable terms and conditions of this Contract; and (2) the terms of this Contract prevail over any conflicting terms of the agreement with the subcontractor. The Contractor will be the sole point of contact with regard to all contractual matters.

1.11. Third-Party Suppliers

The Contractor must incorporate the costs of any third-party supplies and services in the Contractor’s fees identified on the applicable Service Attachment under this Contract.

The Contractor’s use of other suppliers does not mean that the State will pay for them. The Contractor will be solely responsible for payment of its suppliers and any claims of those suppliers for any failure of the Contractor to meet its obligations under this Contract or other agreement with the suppliers. The Contractor will hold the State harmless and indemnify the State against any such claims.

The Contractor assumes responsibility for all Services provided under this Contract whether it or one of its suppliers provides them in whole or in part. Further, the Contractor will be the sole point of contact for all contractual matters, including payment of all charges resulting from the Contract and all Service requests.

The Contractor must pass all available warranties for third-party supplies and services to Subscribers under this Contract.

1.12. Non-Exclusivity

This Contract is non-exclusive and is not a requirements contract. Nothing herein prevents either Party from entering into similar agreements with other entities.

1.13. Competitive Pricing and Services

For the purposes of maintaining pricing and Service competitiveness through the term of the Contract, the Contractor agrees to periodically review and discuss its pricing and Service offerings with the State upon request. The review may include a like-customer review wherein the Contractor would provide an analysis that includes both retail and wholesale prices of similar services it provides to other customers similar to the State to ensure the State and the Subscribers are receiving cost-competitive and technologically competitive Services. Requests for amendments to the Service Attachments to reduce fees and introduce technological Service improvements may be submitted by Contractor at any time throughout the term of the Contract.

1.14. Conflict Resolution

If one Party believes the other Party has violated or is not complying with the terms of this Contract or if any other dispute arises under this Contract, the Party raising the matter may provide to the other Party written notice referencing this section and specifying the nature of the dispute (the “Dispute Notification”).  The Parties then will seek to resolve the dispute in accordance with the procedures in this section.

i. All disputes will be submitted first to the authorized State or Subscriber representatives (or designee) and the Contractor’s representative for resolution.  For 15 days from receipt of the Dispute Notification, the authorized State or Subscriber representatives and Contractor’s representative will discuss and attempt to resolve the dispute in good faith.

ii. If after the 15 days identified above, the authorized State or Subscriber representatives and the Contractor’s representative are unable to resolve the dispute, the Parties will then escalate the dispute to the proper State or Subscriber and Contractor representatives for resolution.  For the next 15 days, the escalated State or Subscriber and Contractor representatives will discuss and attempt to resolve the dispute in good faith.

iii. If following the 15 days in the previous paragraph, the State’s or Subscriber’s and the Contractor’s escalated representatives are still unable to resolve the dispute, the Parties will then further escalate the dispute to the State’s Chief Information Officer (“CIO”) or a designee, or the equivalent Subscriber representative, and to the Contractor’s Vice President level for resolution.  For the next 15 days, the State’s CIO or Subscriber representative and Contractor’s Vice President will discuss and attempt to resolve the dispute in good faith.  If the State’s CIO or Subscriber representative and Contractor’s Vice President are unable to resolve the dispute within that time, the Parties will nevertheless continue to retain their rights to initiate formal proceedings hereunder.

The specific format for such discussions will be left to the discretion of the representatives of the State or Subscriber and Contractor responsible for attempting to resolve the dispute, but each Party will involve the business, technical, and legal resources reasonably necessary to attempt in good faith to resolve the dispute at the earliest possible time and without undue delay.

If the Parties are unable to resolve the dispute and the dispute involves a claim that the Contractor is noncompliant with its obligations hereunder or has overcharged for a Service, the State or affected Subscribers may withhold payment for any Services that are the subject of the dispute until the Contractor cures the noncompliance, the Parties arrive at an agreement to resolve the dispute, or a Party obtains a resolution in a court of competent jurisdiction.

Nothing in this section is intended to limit the rights provided under the termination section of this Contract or be a prerequisite to exercising those rights.

Once the dispute has been resolved, any payments withheld will be handled in the following manner:

i. If the resolution was in favor of the State or one or more Subscribers, the Contractor will issue a credit on the next invoice for the affected Subscribers.  If the credit exceeds the Service charges on the next invoice or an invoice will not be issued within 60 days of the resolution, at the State’s option, the Contractor will issue payment in the form of a check in the amount exceeding the Service charges or for the full amount if an invoice will not be issued within 60 days.  Any such checks must be issued within that 60-day period.

ii. If in favor of the Contractor, the affected Subscribers will submit appropriate payment within 30 days of receiving notification of the resolution at the office designated to receive the invoice and receiving a proper invoice.

iii. In either of the above cases, the amount or amounts withheld by the State or Subscriber(s) will be taken into account in calculating any amount(s) due.

2. General Requirements

2.1. Telecom Services Standards

All Service subscriptions must provide a Service that maintains a redundant infrastructure that will ensure access for all the State’s enrolled users in case of a failure at any one of the Contractor locations, with effective contingency planning (including back-up and disaster recovery capabilities) and 24x7 trouble shooting service for inquiries, outages, issue resolutions, etc. All such Services must be dependable and provide response rates that are as good as or better than industry standards. They also must meet the Service Level Agreements (“SLAs”) provided in the applicable Service Attachment and the Contractor must issue any credits or refunds for any failure to meet the SLAs, as provided in the applicable Service Attachment. The Services must also be supported with sufficient connectivity and computing resources to handle reasonably anticipated peak demand and the Contractor must ensure that sufficient bandwidth and computing resources are dedicated to the Services to meet peak demand times without material degradation in performance.

All Services must offer a customizable and extendable capability based on open-standards APIs that enable integration with third party applications.  The Services must provide the State’s systems administrators with 24x7 visibility into the Services through a real-time, web-based “dashboard” capability that enables them to monitor, in real or near real time, the Services’ performance against the established SLAs and promised operational parameters.

The Contractor has and will continue to use its best efforts through quality assurance procedures to ensure that there are no viruses, malware, or undocumented features in its infrastructure and Services and that they do not contain any embedded device or code (e.g., time bomb) that is intended to obstruct or prevent any use of or access to them by the Subscribers. The Services must not contain, under any circumstances, any embedded ability to automatically exercise electronic self-help.

User access to the Services must be capable of using SAML or OpenID Connect protocols to securely federate with the State’s identity provider service in order to: (i) support single sign-on capability for users; (ii) ensure that every user is tied to an identity provider account; and (iii) prevent user access when a user is disabled or deleted in the applicable identity provider user store. Active Directory or other LDAP services should be used only as an alternative if SAML or OpenID Connect are unavailable.

2.2. Data Security and Privacy Terms, Exhibit 2

Contractor must comply with Exhibit 1, Data Security and Privacy Terms, of the RFP Contract. Exhibit 1 is incorporated into this Contract as if fully rewritten herein.

Contractor must comply with Exhibit 2, State IT Policy, Standard and Service Requirements, of the RFP. Exhibit 2, as modified by Contractor’s responses therein and as mutually agreed upon by the Parties, is incorporated into this Contract as if fully rewritten herein.

Contractor may be required to complete a new Exhibit 2 for additional products, Services or Service Attachments under this Contract, and each new Exhibit 2, as modified by Contractor’s responses therein and as mutually agreed upon by the Parties, is incorporated into this Contract as if fully rewritten herein.

2.3. Object Reassignment

Any Service subscriptions that are provided by the number of items that may be used by or in conjunction with it, such as nodes, users, or connections (“Objects”), may be reassigned to other, similar Objects within the Subscriber’s organization at any time and without any additional fee or charge. For example, a named user subscription may be assigned to another user. Any such reassignment must be in conjunction with termination of use by or with the previous Object, if such termination is required to keep the total number of licensed Objects within the scope of the applicable subscription. Should a Subscriber require a special code, unique key, or similar item to reassign the subscription as contemplated by this section, the Contractor will provide such a code, key, or similar item to the Subscriber at any time and without a fee or charge. For clarity, a later section in this Contract governs assignment of a Service subscription to a successor in interest.

2.4. Generated Files

“Generated Files” are files storing information, instructions, or data that a Subscriber creates or modifies using the Services and in which the data or other information was provided or created by a Subscriber. Such Generated Files are also included in the definition of “Subscriber Data” in a later section of this Contract. Examples of Generated Files include, among others, text files, data tables created with a database engine, and image files created with a graphics application. Applications consisting of instruction sets created with a programming language that the Contractor provided to a Subscriber also would be considered Generated Files. As between the Subscriber and the Contractor, the Subscriber will own all Generated Files that the Subscriber prepares by using the Services, excluding such portions of the Generated Files that consist of embedded portions of Contractor software. The Contractor or its licensors will retain ownership of any portion of software embedded into Generated Files, but the Contractor grants to the Subscriber a nonexclusive, royalty-free right to reproduce and distribute to third parties any portions of the software embedded in any Generated Files that the Subscriber creates while using the Services in a way the Services are designed to be used. In the Subscriber’s distribution of the Generated Files, the Subscriber may not use the Contractor’s name, logo, or trademarks, except to the extent that such are incorporated in such Generated Files by the design of a Service when used as intended.

2.5. Contractor Warranties

The Contractor warrants the following:

i. It has validly entered into this Contract and has the legal power to do so.

ii. The Services will perform materially in accordance with the applicable user guide, technical materials, related writings, and the requirements of this Contract.

iii. Subject to any limitations specified in the applicable Service Attachment, the functionality of the Services will not be materially decreased during a subscription term.

iv. It will not transmit viruses, worms, time bombs, Trojan horses or other harmful or malicious code, files, scripts, agents or programs (“Malicious Code”) to a Subscriber.

For any breach of a warranty above, the State’s and individual Subscribers’ remedies will be as provided in the section of this Contract dealing with termination.

Contractor also warrants that:

i. The recommendations, guidance, and performance of the Contractor under this Contract will be in accordance with the industry’s professional standards, the requirements of this Contract and without any material defect.

ii. No Service will infringe on the intellectual property rights of any third party.

iii. All warranties are in accordance with the Contractor’s standard business practices.

iv. The Services comply with all governmental, environmental and safety standards.

v. Contractor has the right to enter into this Contract.

vi. The Contractor has not entered into any other contracts or employment relationships that restrict the Contractor’s ability to perform under this Contract.

vii. The Contractor will observe and abide by all applicable laws and regulations, including those of the State regarding conduct on any premises under the State’s control.

viii. The Contractor has good and marketable title to any Service or related equipment delivered under this Contract for which title passes to the Subscribers.

ix. The Contractor has the right and ability to grant the license granted in any Service for which title does not pass to the Subscribers.

The Contractor must notify the State and Subscribers in writing immediately upon the discovery of any breach of the warranties given above. Further, if any work of the Contractor or any Service fails to comply with these warranties, and the Contractor is so notified in writing, the Contractor will correct such failure in a commercially reasonable time or as specified in the Contract. If the Contractor fails to comply, the Contractor will refund the amount paid for the impacted Service(s). The Contractor will also indemnify the State for any direct damages and claims by third parties based on breach of these warranties.

Failure of the Contractor to meet any SLAs in an applicable Service Attachment will not be considered a breach of this warranty section unless the State reasonably determines that the failure is persistent or extended in duration.

2.6. State and Subscribers Responsibilities

The State and each Subscriber will be responsible for their respective compliance with this Contract. Additionally, each Subscriber will:

i. Be responsible for the accuracy, quality, and legality of its data and of the means by which the data was acquired;

ii. Use commercially reasonable efforts to prevent unauthorized access to or use of the Services to which it subscribes and notify the Contractor promptly of any unauthorized access or use of which it becomes aware; and

iii. Use the Services only in accordance with the applicable user guide, to the extent it is not inconsistent with this Contract, applicable laws, or government regulations.

A Subscriber may not:

i. Intentionally permit any third party to access or make the Services available to anyone other than its employees and contractors acting on its behalf unless the applicable Service(s) is designed to be publicly-facing or intended for interaction with clients of the Subscriber (e.g., hosted websites), or as otherwise specifically permitted herein;

ii. Sell, resell, rent or lease the Services;

iii. Create derivative works based on the Services except as permitted herein.

iv. Reverse engineer the Services;

v. Use or access the Services to build a competitive product or service or to copy any features, functions, or graphics of the Services;

vi. Use the Services to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights;

vii. Intentionally use the Services to store or transmit Malicious Code;

viii. Intentionally interfere with or disrupt the integrity or performance of the Services or third-party data contained therein; or

ix. Attempt to gain unauthorized access to the Services or their related systems or networks.

3. Insurance, Indemnification, Limitation of Liability

3.1. Insurance

Until all obligations under this Contract are satisfied, and without limiting Contractor’s indemnification obligations herein, Contractor must procure and maintain, for the duration of the Contract, the insurance policies set forth below. Contractor must procure and maintain insurance against claims for injuries to persons or damages to property that may arise from or in connection with the performance of the services hereunder by the Contractor, its agents, representatives, or employees. Contractor must also procure and maintain insurance for claims arising out of their services including, but not limited to, loss, damage, theft or other misuse of data, infringement of intellectual property, invasion of privacy and breach of data. All commercial insurance required must be provided by insurers with a rating of not less than A-VII from A.M. Best or a comparable rating agency, unless otherwise accepted by the State.

Coverage must be at least as broad as:

i. Commercial General Liability: written on an "occurrence" basis, including products and completed operations, property damage, bodily injury and personal and advertising injury with limits of no less than $2,000,000 per occurrence. If a general aggregate limit applies, either the general aggregate limit will apply separately to this project/location or the general aggregate limit will be twice the required occurrence limit. Defense costs are outside of the policy limit. The State of Ohio, its officers, officials and employees are to be covered as additional insureds on the commercial general liability policy with respect to liability arising out of work or operations performed by or on behalf of the Contractor including materials, parts, or equipment furnished in connection with such work or operations.

ii. Automobile Liability: covering Symbol 1 (any auto), or if Contractor has no owned autos, Symbol 8 (hired) and 9 (non-owned), with a limit of no less than $1,000,000 per accident for bodily injury and property damage.

iii. Workers' Compensation: as required by the State of Ohio, or the state in which the work will be performed, with statutory limits, and Employer's Liability Insurance with a limit of no less than $1,000,000 per accident for bodily injury or disease. If Contractor is a sole proprietor, partnership or has no statutory requirement for workers’ compensation, Contractor must provide a letter stating that it is exempt and agreeing to hold the State and Subscribers harmless from loss or liability for such.

iv. Technology Errors and Omissions and Cyber Liability Insurance with limits of no less than $5,000,000 per occurrence or claim, $5,000,000 aggregate. Coverage must be sufficiently broad to respond to the duties and obligations as are undertaken by Contractor in this Contract and must cover all applicable Contractor personnel or subcontractors who perform professional services related to this Contract. Coverage must include, but not be limited to, infringement of copyright, trademark, trade dress, invasion of privacy violations, information theft, damage to or destruction of electronic information, release of private information, alteration of electronic information, extortion and network security. The coverage must provide for breach response costs as well as regulatory fines and penalties and credit monitoring expenses with sub-limits sufficient to respond to these obligations. This coverage requirement may be satisfied with any combination of policies, whether packaged or standalone, and include any applicable excess or umbrella coverage.

The insurance obligations under this Contract are the minimum insurance coverage requirements and/or limits shown in this Contract. Any insurance proceeds in excess of or broader than the minimum required coverage and/or minimum required limits, which are applicable to a given loss, will be available to the State of Ohio. No representation is made that the minimum insurance requirements of this Contract are sufficient to cover the obligations of the Contractor under this Contract.

Pursuant to R.C. 2743.02(D), all applicable insurance or other means of recovery will apply to any claim arising from the Contractor’s activities relating to this Contract on a primary basis. The insurance or self-insurance maintained by the State will not contribute to claims made due to the Contractor’s negligence, errors, or omissions. No subrogation demands will be made against the State of Ohio, except where there is negligence on the part of the State, and any such demands will be reduced by all collateral recovery sources available to or received by the claimant.

Umbrella or Excess Insurance Policies. Umbrella or excess commercial liability policies may be used in combination with primary policies to satisfy the limit requirements above. Such umbrella or excess commercial liability policies must apply without any gaps in the limits of coverage and be at least as broad as and follow the form of the underlying primary coverage required above.

Notice of Cancellation. Contractor must provide the State of Ohio with written notice of cancellation to any insurance policy required above as soon as possible and must use best efforts to notify the State at least 30 days in advance of such cancellation. A lapse in any required insurance coverage during this Contract will be a breach of this Contract.

Deductibles and Self-Insured Retentions. Self-insured retentions must be declared to and approved by the State. The State may require the Contractor to provide proof of ability to pay losses and related investigations, claims administration and defense expenses within the retention. The policy language must provide, or be endorsed to provide, that the self-insured retention may be satisfied by either the named insured or the State. Any and all deductibles and self-insured retentions will be the sole responsibility of the Contractor or subcontractor who procured such insurance and will not apply to the indemnified additional insured parties. The State may deduct from any amounts otherwise due to the Contractor to fund the self-insured retentions. Policies must not contain any self-insured retention provision that limits the satisfaction of the self-insured retention to the named insured. The policy must also provide that defense costs, including the allocated loss adjustment expenses, will satisfy the self-insured retention. The State reserves the right to obtain a copy of any policies and endorsements for verification.

Claims Made Policies. If any of the required policies provide coverage on a claims-made basis:

i. The retroactive date must be shown and must be before the date of the Contract or the beginning of Contract work.

ii. Insurance must be maintained and evidence of insurance must be provided for at least five years after completion of the Contract work.

iii. If coverage is canceled or non-renewed, and not replaced with another claims-made policy with a retroactive date prior to the Contract effective date, the Contractor must purchase "extended reporting'' coverage for a minimum of five years after completion of Contract work. The discovery period must be active during the extended reporting period.

Verification of Coverage. Contractor must furnish the State of Ohio with certificates of insurance and amendatory endorsements or copies of the applicable policy language effecting coverage required by this clause. All certificates are to be received and approved by the State of Ohio before work commences. However, failure to obtain the required documents prior to the work beginning will not waive the Contractor’s obligation to provide them. The State of Ohio reserves the right to require complete, certified copies of all required insurance policies, including endorsements required by these specifications, at any time.

Subcontractors. Contractor must require and verify that all subcontractors maintain insurance with sufficient limits for the nature of the products or services they are providing, and Contractor must ensure that the State of Ohio is an additional insured on commercial general liability insurance required from subcontractors. Contractor will indemnify the State for damages that exceed a subcontractor’s policy limits.

Special Risks or Circumstances. The State reserves the right to modify these requirements, including limits, based on the nature of the risk, prior experience, insurer, coverage, or other special circumstances, as mutually agreed with the Contractor and incorporated into the Contract by written amendment.

3.2. Indemnification

3.2.1. General Indemnification

The Contractor must indemnify the State and Subscribers for all liability and expense resulting from bodily injury to any person (including injury resulting in death) or damage to State or Subscriber property arising out of the performance of this Contract, provided that such bodily injury or property damage is due to the negligence or other tortious conduct of the Contractor, its employees, agents, or subcontractors.  The Contractor will not be responsible for any damages or liability for bodily injury or property damage to the extent caused by the negligence or willful misconduct of the State, a Subscriber, its employees, other contractors, or agents.

3.2.2. Security Incident Indemnification

Contractor must indemnify the State and Subscribers for all third party liability and expense resulting from a Security Incident (defined in Exhibit 1 of the RFP) arising from Contractor’s performance under this Contract and involving Contract Data (defined in Exhibit 1 of the RFP). Damages resulting from the Security Incident will be considered direct damages under this Contract and include the following: (i) expenses for legally-required notification of impacted individuals; (ii) responding to inquiries from such notifications; (iii) government fines and penalties assessed against the State and/or Subscribers; (iv) costs to the State and/or Subscribers for investigations, audits or forensic services as applicable related to the Security Incident; (v) mitigation measures, including 12 months of credit monitoring and identity theft protection for individuals impacted by the Security Incident; (vi) costs to the State and/or Subscribers to reconstruct data that was lost or to repair any damaged State or Subscriber information technology infrastructure; and (vii) other such expenses incurred by the State and/or Subscribers as a result of the Security Incident involving Contract Data. Regardless of any limitation on liability of any kind in this Contract, the Contractor will be responsible for acquiring one year’s identity theft protection services on behalf of any individual or entity whose personally identifiable information is compromised while it is in the Contractor’s possession. Contractor’s indemnification obligations under this paragraph apply whether the expenses or costs incurred by the State are performed by State employees or hired contractors. Contractor must also work with the State to directly notify impacted individuals or persons as required by R.C. Chapters 1347 and 1349 or as otherwise directed by the State or a Subscriber.

3.2.3. Infringement Indemnification

Contractor must indemnify release, protect, and hold the State and the Subscribers harmless from any third party claim of infringement of a copyright, patent, trade secret, or similar intellectual property right based on the State’s proper use of any Service provided under this Contract. This obligation of indemnification will not apply where the State has modified or misused the Services and the claim of infringement is based on the modification or misuse. If a successful claim of infringement is made, or if the Contractor reasonably believes that an infringement claim that is pending may actually succeed, the Contractor must take one of the following four actions within an acceptable timeframe:

i. Modify the offending Service so that it is no longer infringing but provides substantially the same functionality as before the modification;

ii. Replace the offending Service with an equivalent or better non-infringing offering;

iii. Acquire the right for the Subscribers to use the infringing Service as it was intended to be used under this Contract; or

iv. Terminate the infringing Service and refund the amount the Subscribers paid for the Service and the amount of any other Service that requires the availability of the infringing Service for it to be useful to the Subscribers.

3.2.4. Indemnification Procedure

For the Contractor’s indemnification obligations in this Section 3.2, the State agrees to: (i) give the Contractor notice of any claim under this section as soon as reasonably practicable; (ii) give the Contractor the authority to settle or otherwise defend any such claim only upon consultation with and approval by the Ohio Attorney General; and (iii) assist with and cooperate in such defense or settlement as reasonably necessary and at Contractor’s expense. The State has the right to participate in the defense or settlement or any claim at its own expense.

3.3. Limitation of Liability

3.3.1. Neither party nor any Subscribers will be liable for any indirect, incidental or consequential loss or damage of any kind including but not limited to lost profits, even if the parties have been advised, knew, or should have known of the possibility of damages.

3.3.2. The State and Subscribers’ combined total liability for damages, whether in contract, law, or equity, will not exceed two times the amount of compensation payable to Contractor for the previous 12 months of Service related to the Service Attachment under which the damages occurred, or the amount of direct damages incurred by the Contractor, whichever is less.

3.3.3. Notwithstanding any other limitation provisions and pursuant to R.C. 9.27, the Contractor is liable for any direct loss to the State or Subscribers for bodily injury, death, or damage to property of the State or Subscribers caused by the negligence, intentional or willful misconduct, fraudulent act, recklessness, or other tortious conduct of the Contractor or Contractor’s employees or agents during its performance under this Contract.

3.3.4. Notwithstanding any other limitation provisions, the Contractor is liable for any other direct loss or damage to the State or Subscribers caused by the gross negligence, intentional or willful misconduct, fraudulent act, recklessness, or other tortious conduct of the Contractor or Contractor's employees or agents during its performance under this Contract.

3.3.5. Any limitation provisions contained in the documents and materials incorporated by reference into this Contract are considered stricken and of no force and effect.

3.3.6. All limitations provisions in this Contract are only to the extent such limitations do not impose an unlawful indemnification on the State or Subscribers.

4. Confidentiality and Handling of Data

4.1. Confidentiality

The parties may disclose or learn of information, documents, data, records, or other material that the disclosing party considers confidential (“Confidential Information”) in the performance of this Contract. The receiving party must treat the Confidential Information as such if it is so marked, otherwise defined as such, or when, by its very nature, it deals with matters that, if generally known, would be damaging to the best interests of either party, the public, other parties, or individuals or organizations about whom the disclosing party keeps information. Title to the Confidential Information and all related materials and documentation remains with the disclosing party. The receiving party may only use the Confidential Information to perform its obligations under this Contract and may not use or disclose any Confidential Information received as a result of this Contract without the written permission of the disclosing party. The Contractor must assume that all State information, documents, data, source codes, software, models, know-how, trade secrets, or other material when, by its very nature, it deals with matters that, if generally known, would be damaging to the best interest of the public, other parties, or individuals or organizations about whom the State keeps information is Confidential Information. In addition, the receiving party may not use or disclose any documents or records that Ohio law prohibits from disclosure.

...