• Omaha Public Power District
I think blockchain will have a major impact in the future of and will transform the legal industry. And I try to stay informed ('try' is the magic word) -- check out this link as well: www.legaler.com/
Blockchain approaches are really bleeding edge at this point, and only for the very best informed. We recently did a workshop at MIT on AI, Blockchains and the Future of Law. Happy to make introductions if you are seriously considering this. But in the meantime- suggest you might look at the work we are doing with the IACCM on contract standards that are compatible with a blockchain approach - or not. github.com/IACCM and a "Wise Contracts" paper with Helena Haapio - papers.ssrn.com/sol3/papers.cfm.
Also - the AccordProject.org is very active in this field and in the IACCM.
Hi Andrew, aeternity is a blockchain implementation with some limited contracting features. Basically the ecosystems support smart contracts on their blockchain but with many limitations in terms of compliance. Our approach is a bit different, we offer an end to end contract management system in the blockchain supporting eprocurement and supply chains. Have a look here www.trakti.com and let me know if you want to know more. PS we are production ready ;-)
Public Works Advisory, NSW Department...
I'm not sure I can reflect on any experience that directly relates. However, I would like to comment and also hear from you an update as to this situation.
Unless the terms and conditions of the contract specifically indemnify the other party [that produced the documentation] in relation to errors and omissions in its own documentation, then you have grounds to negotiate a variation for the higher price of the preferred product. Depending on the scale of the change, perhaps it's best to absorb the cost and seek savings elsewhere...
David - you face a challenge experienced by many in the Aerospace/Defence sector, as well as the Engineering/Construction, Oil and Gas, Pharmaceutical and other sectors. All of those sectors have utilized the training content provided by IACCM, as it represents leading and innovative practices in this domain.
I'd be interested to know more about how you define the role. I'm assuming - but perhaps wrongly - that the focus is post-award, but is it then dealing largely with contractvmanagement, or more broadly with performance management? To what extent is this a combined project and contract management responsibility?
• Abu Dhabi National Oil Company (ADNOC)
An organisation like yours has what it takes to develop sub-contract programme managers internally due to the criticality of the service you provide. It was not clear if you tried to employ(source) the sub-contract managers or you tried outsourcing sub-contract management.
You would consider it great to employ these managers as staff for long-term rolling programmes rather contractor employees; except you need them for short-term tasks. You will need individuals with experience project, programme, commercial and contract excellence
You would prefer to contact each of the professional bodies you mentioned directly to make your enquiry. However, from my experience with CIPS and IACCM, both bodies are excellent in their area of specialisation. You won't go wrong partnering with them. APM and RICS would also have a specific focus that you would best explore reaching out to them.
My view is that the challenge in the UK rests with the way in which these professions are segregated rather than blended and then the fixation on qualifications rather than real world experience. Programme manager are marketable at one rate and contract managers at a lower rate so the temptation is from a career viewpoint is to market yourself at the higher rate profession. Hybrid roles tend to be thus rarer and need a premium to attract the right talent. Sadly recruitment companies in the UK focus on the volume for standard based roles and do not flex to the individual requirement. Often the best approach is use of LinkedIn or network sites for ready made talent. Otherwise growing your own and investing in your team is a great way to go but will take time and they will nurturing through the process. I hope that this helps.
The governance and framework for outsourcing service on-boarding and general service contractor on-boarding would be largely applicable here. The key here is that the SOW's, SLA's and KPI's are clear and complete - but that holds true in any services contract. From what I have seen, SIAM principles are highly relevant here.
what you need to add to the master agreement are clauses derived from Art. 28. I am also doing the same for my Master Agreements. Here is an example,
Obligations of processors (supplier) in particular include:
- To comply with the GDPR data processing principles and to protect the rights and freedoms of data subjects;
- To demonstrate compliance with the GDPR;
- To maintain records of processing activities and make them available upon request by supervisory authorities;
- To appoint data protection officers or representatives;
- To cooperate with supervisory authorities in the performance of their tasks;
- To ensure a level of security by taking appropriate technical and organisational measures;
- Specific obligations as regards transfer of data outside the EU.
In general, an auditor (DPA) should be able to trace data regarding customers. This also include emails, Excel spreadsheets with links to external systems such as financial and banking, etc.
It is not enough to have a supplier follow the GDPR. It is of most importance that your company/organisation is also GDPR compliant. To start with you need to have a DPO.
As mentioned by Amir there are a number of elements to include, and depending on your organisation and the data you are processing you may need to identify a DPO.
Other things you should identify include:
Is the relationship with the supplier a Controller-Processor, Processor-Sub Processor or Controller-Controller.
Is special data being transferred to the supplier?
Will the supplier be exporting data outside of he EU?
You may also want to include an indemnity clause in case the supplier causes you to breach the GDPR regulation.
If you go to the Information Commissionaire's Office website in the UK (ICO.org.uk) there are some excellent guides and information which may assist you (including links to Article 29 Working Party).
Hi, this is not something to answer without knowing more details. Interesting to know is who is the data processor and who the data controller? What kind of data flows will there be? How sensitive is the personal data involved in this.. etc etc.. You may want to look at the liability limits...
• Piotr Powazka
The question is what this deal is all about. There will be a different approach to just shipping some goods vs. complicated outsourcing contract which you process personall data for. Remember that you need to remeber that even contact details stated in the agreement for e.g. contract managers are considered to be under GDPR scope. What my concern is, you very likely act as processor for your customer. The buyer's organization is the Administrator. Did they raise any particular matter.
It looks like you are outside of Europe. GDPR is not only about the DPA to stay compliant. You as a processor have certain duties to fulfill. If your company is not on Privacy Shield list (which in fact may soon become invalid just as Safe Harbour) according to some media news, it could be better to have Standard Contractual Clauses in place.
The topic is very broad and without more details it is difficult to help you.
IACCM conducted a Ask The Expert webinar on this topic, featuring James Mullock of Bird and Bird. His session was highly rated. The recording and James's presentation are in the IACCM Library. Plus, there are a few other resources in the IACCM Library which are relevant. If you have trouble finding these resources, please let me know.
You can also have a look at the Article 29 Working Party webpage - there is a page setting out draft contract provisions that are in line with the GDPR as it is currently being interpreted. You may not want to use the clauses themselves but can use them as a measure for your own inclusions.