AN ACT SETTING THE LIMITS OF CONTRACTOR LIABILITY UNDER STATE INFORMATION TECHNOLOGY PROCUREMENT CONTRACTS. Enacted June 30, 2016. Effective June 30, 2016.
Summary date: Jul 7 2016 - More information
Summary date: Jun 22 2016 - More information
House committee substitute makes the following changes to the 2nd edition.
Amends GS 143B-1350(h1) concerning limitations of liability for IT procurement contracts, providing that when specified circumstances apply, the amount of liability for damages and any other losses relating to the loss of, unauthorized access to, or unauthorized disclosure of data can be raised no more than three times the value of the contract (previously, could not be raised more than five times the value of the contract). Makes clarifying changes to provisions that the limitation on liability for the contractor does not apply to intentional or willful misconduct, damage to personal property, or injuries to individuals. Also adds new language that the limitation on liability also does not apply to notification costs resulting from compliance with GS 132-1.10(c1), concerning disclosures of social security numbers and other personal information as specified.
Amends the effective date providing that when the bill becomes law, it also applies to contracts entered into, extended via the exercise of options, or otherwise, renewed, or amended on or after that date.
Summary date: May 25 2016 - More information
Senate committee substitute deletes the previous language of the 1st edition and provides the following.
Amends GS 143B-1350(h1) to require that all contracts subject to Part 4 of Article 15 of GS Chapter 143B (Information Technology Procurement) include a limitation on the contractor's liability to the State for damages. Requires that the limitation of liability be for damages arising from any cause whatsoever, regardless of the form of action, except as otherwise provided in subsection (h1). Establishes that the amount of liability is to be determined based on the nature of the goods or services covered by the contract, but that there is to be a presumptive limitation of no more than two times the value of the contract. Sets out the specific limitations of liability to be included.
Sets out three circumstances that must be true for the amount of liability for damages and any other losses relating to the loss of, unauthorized access to, or unauthorized disclosure of data to be raised to no more than five times the value of the contract.
Directs the State Chief Information Officer to report annually, no later than March 1, regarding the contracts containing liability amounts of more than two times the value of the contract to the Joint Legislative Commission on Governmental Operations and the Joint Legislative Oversight Committee on Information Technology.
Requires the Department of Information Technology or a separate agency to reasonably determine that the contractor has sufficient financial resources to satisfy the agreed upon limitation of liability before entering into any contract subject to Part 5.
Establishes that subsection (h1) requirements do not apply to liability of the contractor for intentional or willful misconduct, damage to tangible personal property, or physical injuries to persons.
Establishes that nothing in subsection (h1) limits the contractor's liability directly to third parties, or affects the rights and obligations related to contribution among joint tortfeasors under GS Chapter 1B or other applicable law.
Summary date: Apr 28 2016 - More information
Enacts a new subsection (h1) under GS 143B-1350 (Procurement of information technology) that establishes that all contracts subject to Part 4 (Information Technology Procurement) must include a limitation on the contractor’s liability for damages arising from any cause, regardless of the form or action, of no more than two times the value of the contract. Requires that the limitation must specifically include, at the least, the contractor’s liability for damages and any other losses relating to the loss of, unauthorized access to, or unauthorized disclosure of data. Provides that the limitation of liability required is not required to apply to liability of the contractor for intentional or willful misconduct, damage to tangible personal property, or physical injuries to persons. Applies to contracts entered into on or after the date the act becomes law.
© 2021 School of Government The University of North Carolina at Chapel Hill
This work is copyrighted and subject to "fair use" as permitted by federal copyright law. No portion of this publication may be reproduced or transmitted in any form or by any means without the express written permission of the publisher. Distribution by third parties is prohibited. Prohibited distribution includes, but is not limited to, posting, e-mailing, faxing, archiving in a public database, installing on intranets or servers, and redistributing via a computer network or in printed form. Unauthorized use or reproduction may result in legal action against the unauthorized user.