<div dir="ltr"><div dir="ltr"><div>Hi,</div><div>I haven't seen this in any of our licenses, but our IT department must review and approve all of our license agreements before they can be signed (and we don't have signature authority). IT has brought other issues to our attention like authentication and authorized users and would presumably flag clauses like the ones you've seen.</div><div><br></div><div>Patrick</div><div><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><font color="#000000"><b><br></b></font></div><div><font color="#000000"><b>Patrick Hartsfield | Assistant Director for Collections and Metadata</b><br><br></font></div><div><font color="#000000">Springfield College</font></div><div><span style="color:rgb(0,0,0);font-size:12.8px">Office of Library Services</span></div><div><span style="color:rgb(0,0,0);font-size:12.8px"><br></span></div><div><font color="#000000">263 Alden Street</font></div><div><font color="#000000">Springfield, Massachusetts 01109</font></div><div><font color="#000000"><br></font></div><div><font color="#000000"><a href="http://springfield.edu" target="_blank">springfield.edu</a> | </font><span style="color:rgb(0,0,0);font-size:12.8px">413-748-3784</span></div><div><font color="#000000"><a href="mailto:jhartsfield@springfield.edu" target="_blank">jhartsfield@springfield.edu</a></font><br></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><br></div><br><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Wed, Apr 30, 2025 at 4:21 PM <<a href="mailto:eril-l-request@lists.eril-l.org">eril-l-request@lists.eril-l.org</a>> wrote:</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Message: 3<br>
Date: Tue, 29 Apr 2025 21:31:58 +0000<br>
From: Electronic Resources in Libraries discussion list<br>
<<a href="mailto:eril-l@lists.eril-l.org" target="_blank">eril-l@lists.eril-l.org</a>><br>
To: Electronic Resources in Libraries discussion list via Eril-l<br>
<<a href="mailto:eril-l@lists.eril-l.org" target="_blank">eril-l@lists.eril-l.org</a>><br>
Subject: [Eril-l] Information security requirements and vendor audits<br>
in eresource licenses<br>
Message-ID:<br>
<<a href="mailto:mailman.994.1745962325.1175082.eril-l-eril-l.org@lists.eril-l.org" target="_blank">mailman.994.1745962325.1175082.eril-l-eril-l.org@lists.eril-l.org</a>><br>
Content-Type: text/plain; charset="us-ascii"<br>
<br>
Hi all,<br>
<br>
I'm looking for input on whether others have encountered clauses in their license agreements that require:<br>
<br>
* specific information security measures (and associated documentation) to be in place<br>
* audit rights for the vendor, to check compliance with the required information security measures<br>
<br>
If so - did you accept these terms? Did you coordinate with your institution's IT?<br>
<br>
Thank you!<br>
<br>
Charlotte Peterson<br>
Electronic Resources Librarian<br>
Butler University Libraries<br>
<a href="mailto:cpeterson1@butler.edu" target="_blank">cpeterson1@butler.edu</a><br>
317-940-5877<br>
</blockquote></div></div>