As a starting point you will need to identify each element (e.g. employees, software, data, equipment etc.) involved in the Activity, and how each element will be affected. This should provide insight into what your specific requirements are. You should also identify any risks, so that they can be managed and factored into the Outsourcing Agreement where necessary.
Employees who provide IT support services are usually crucial for a business to meet its operational needs, and if you are outsourcing an IT service, they may be affected. The Transfer of Undertakings (Protection of Employment) Regulations 2006 (TUPE) applies to the transfer of employment contracts at the start and end of an outsourcing arrangement. Due to the potential expenses concerning employees, the contractual protections relating to employees and TUPE are often an important part of an Outsourcing Agreement.
If you own the intellectual property rights (IPRs) in the software, you may decide to licence or sell those rights to the Supplier. If you are licencing the software and the Supplier will be developing it further for you, you will need to consider how any new IPRs are going to be dealt with, for example, you may insist on any new IPRs being assigned to you and licensed back to the Supplier, to prevent the Supplier using any software developments to assist a competitor.
You may not own the relevant software, and in this case you will need to check the relevant document to ascertain your ability to grant sub-licences or assign your rights to the Supplier. However, it is unlikely you will be able to do this without the consent of the licensor.
Software maintenance contracts may no longer be needed if the Supplier has its own arrangements in place. If applicable, any termination provisions and any notice requirements will need to be adhered to. Alternatively, the contract should be checked to determine if the Supplier can benefit from any support you have in relation to the software.
The amount and type of data involved will vary from business to business and you will have to consider and adhere to any confidentiality and security requirements. In addition, if any of that data is personal data (i.e. data that can directly or indirectly identify a person such as their name, address, ID number etc.) you will need to comply with data protection legislation. Particular care is required when handing any special categories of personal data (as defined in Article 9(1) GDPR). If the Supplier will be processing personal data for you, certain data processing clauses will need to be inserted into the Outsourcing Agreement.
IT equipment can be sold, leased or loaned to the Supplier. When considering your options here, you will need to be alive to any tax implications on the transfer of business assets (and indeed on the wider outsourcing arrangement).
Transferring responsibility of the Activity to the Supplier could be really beneficial to your business, but losing direct control brings its own challenges. Service levels should be included in the Outsourcing Agreement to help ensure the Supplier continues to meet your business’ needs, with service credits being triggered when such levels are not met - meaning you have an immediate form of redress within contract itself. It is really important that each part of the service has a service level, which clearly states the required standard and is assessed over an appropriate period of time. For further information, please contact Claire Hunt.
The content of this article is for general information only. It is not, and should not be taken as, legal advice. If you require any further information in relation to this article please contact the author in the first instance. Law covered as at December 2020.