
The main lesson here is that you need ‘best practice’ to draw up a SaaS contract similar to any ‘traditional’ outsourcing contract. But beware! The good law folk said that standard contracts, even from the major SaaS suppliers, are very light on the sort of information you might expect to see in a standard outsourcing contract. For example, specifying where the data will be stored, whether it can or will be moved, who can access it – these terms are rarely present. So where are you on data protection? And, do the contracts cover your right to access the data if you cease using the service or the SaaS provider chooses to cease operating the service? What assistance will the SaaS provider offer should you choose to move to another provider? This could be a real minefield. In the legal parlance, the change in risk profile makes contract due diligence an imperative. Caveat Emptor!
No comments:
Post a Comment