HomeMy WebLinkAboutStaff Report 14206
City of Palo Alto (ID # 14206)
City Council Staff Report
Meeting Date: 5/16/2022 Report Type: Consent Calendar
City of Palo Alto Page 1
Title: Approval of Contract No. C22183905 with Prime Government Solutions,
Inc. for an Amount Not to Exceed $136,892 Over a Term of Approximately
Five-Years through June 30, 2027 for the Provision of Cloud-based Agenda,
Meeting, and Commission Management and Automation Software
From: City Manager
Lead Department: City Clerk
Recommendation
Staff recommends that Council approve and authorize the City Manager or their
designee to execute Contract No. C22183905 with Prime Government Solutions, Inc. in
an amount not to exceed $171,400 for a term of approximately five years through June
30, 2027 for the provision of a City-wide, cloud-based public meeting management
software solution to include agenda workflow automation, real time meeting
management tools, video streaming and Board and Commission management
functionality.
Background
In August of 2010 the City of Palo Alto entered into an agreement with IQM2 to provide
agenda automation services. This system was used by all City Departments to create
legislative reports and agendas for City Council Meetings, Council Standing Committee
meetings and several Board and Commission meetings. This system’s most used
functionality was to route agenda reports through virtual workflow queues for review
and modification prior to publication. IQM2 was acquired by Granicus and in 2018 the
City renewed the contract for services, which expires in 2022. Since the initial
acquisition of the agenda automation software both the industry as well as the needs of
the City have changed. New services have become available that are not currently
provided by the Granicus system that could enable staff to streamline the process of
creating and compiling agenda packets, publishing meeting materials in responsive
design formats, increasing staff efficiency, improving transparency and access to
legislative records and other tools to improve the meeting process.
Discussion
City of Palo Alto Page 2
Staff recommends the City Council authorize the City Manager to execute an agreement
with Prime Government Solutions, Inc. in an amount not to exceed $171,400 for a
roughly five-year term through June 27, 2027 for the provisions of a Citywide, cloud-
based public meeting management software solution to include agenda workflow
automation system, real time meeting management tools, video streaming and Board
and Commission management functionality. Implementing this new solution will help
the City move forward with efficiency of preparing staff reports, agendas and minutes
for public meetings, facilitating a more efficient and inclusive meeting environment as
well as improving transparency and access to records for the public and staff.
Changing providers from Granicus to Prime Government Solutions, Inc. will provide
additional efficiency tools to staff, as well as increased access to meetings and records
by the public in a self-serve capacity.
Solicitation Process
On December 16, 2021, a request for proposals (RFP) for the project was posted online
on the PlanetBids website, the City’s eProcurement platform, and 1,497 vendors were
notified. The solicitation period was posted for 40 days and 5 proposals were received.
The solicitation closed on January 11, 2022.
Table 1: Summary of Request for Proposal
Proposal Description Agenda and Meeting Management System
(RFP183905)
Proposed Length of Project ~Five Years
Number of Vendors Notified 1,497
Number of Proposal Packages Downloaded 19
Total Days to Respond to Proposal 40
Pre-Proposal Meeting No
Pre-Proposal Meeting Date N/A
Number of Proposals Received 5
Proposal Price Range $84,445 to $237,226
Public Link to Solicitation https://pbsystem.planetbids.com/portal/25569/bo/bo-
detail/89376
Staff reviewed the five proposals and deemed all five of the proposals as responsive in
accordance with the requirements of the request for proposals.
Evaluation of Proposals
City of Palo Alto Page 3
Staff created a city-wide evaluation committee consisting of representatives of the
highest-use departments; Public Works, Planning and Development Services, Utilities,
Information Technology, the City Manager’s and the City Clerk’s Offices. Team members
represented different user roles of the existing system including staff report authors,
reviewers and approvers, and administrative and clerk support roles. The committee
carefully reviewed each firm’s qualifications and proposal according to the RFP’s criteria,
including:
• quality and completeness of the proposal,
• quality and effectiveness of services,
• experience with projects of similar scope and complexity,
• prior record of performance,
• cost,
• proposer’s financial condition,
• ability to provide future services and add-on capabilities,
• system reliability and up-time,
• ability to provide timely an responsive customer service, and
• the system must have high level of usability, teachability, simplicity, and
intuitiveness.
Based on the team’s evaluation of proposals, staff selected Prime Government Solutions
Inc. to be recommended for an award of contract to deliver, software, installation,
support and training services for the comprehensive city-wide agenda and meeting
automation and legislative history software system.
The evaluation team is recommending that the City Council award an agreement to
Prime Government Solutions, Inc. for legislative management software for a term of
approximately five years through June 30, 2027. This agreement will include
subscription to web-based software as a service, infrastructure to integrate for video
capabilities, customization of templates for all City Council, Committees and
Commissions, additional meeting management functionalities such as electronic voting,
public participation management and includes abundant training for staff prior to,
during and after implementation. This software is intended to improve staff efficiency
and provide increased access to the public meeting process, before, during and after
meetings.
The attached proposed contract (Attachment A) is on the City’s professional services
template, which permits the City to terminate without cause/for convenience by
providing written notice to the contractor. In the event the City finds itself facing a
challenging budget situation, and it is determined that City resources need to be
refocused elsewhere, the City can terminate for convenience. Other options include
termination due to non-appropriation of funds or amending the contract to reduce the
cost, for example, by reducing the scope of work. The contract may also be
temporarily suspended by written notice of the City Manager.
City of Palo Alto Page 4
Timeline
The implementation timeline for this project is anticipated to be approximately 20
weeks (6 months). During this time staff in the City Clerk’s Office, Information
Technology Department as well as the staff liaisons for the Board and Commissions will
work with the PrimeGov vendor implementation team to design and customize the
templates, workflows and processes for the needs of the City. Following that phase
Prime Government Solutions, Inc. will work on citywide training to train staff users in all
departments on the functionalities of the new system simultaneous to our existing
processes. This means that staff will be maintaining the existing system and practices in
parallel with the implementation of this new system. Finally, after thorough testing, the
team go live with the public facing portal and activate the meeting management
functionalities live at a public meeting.
Resource Impact
The current contract with Granicus to provide meeting management software is
$12,000 annually. The Prime Government Solutions, Inc. contract is $39,400 for the
initial year, and $29,200 thereafter with a 5 percent annual CPI increase for the
remaining four years of the contract. The total not to exceed cost over the five-year
term is approximately $171,400. The services to be provided by Prime Government
Solutions, Inc. will include the same base of services plus additional features such as
one-click document combining and publishing, minutes preparation, video integration,
and searchable public portals. Also included is a Board and Commission Management
module that offers live voting and public speaker facilitation. Data migration of historic
records, video streaming and archiving services are also included in this contract.
The current FY 2022 cost is budgeted in the Information Technology Department, no
additional funding is requested. Continued funding for this contract is recommended in
the FY 2023 Proposed Budget and subject to City Council adoption in June 2022, and
annuall appropriation of funds thereafter.
In addition to the cost of the contract, this process will require staff resources citywide
at all levels in ths organization. Support for the development of templates, processes,
and system configuration will require dedicated resources typically used for support of
Council, Boards, Committees, and Commissions to ensure a smooth development and
transition. Training for authors citywide will also require resources as staff learn the
new system and maintain the current system. This system is used daily by staff
throughout the City to produce the weekly packets of information, and running parallel
processes is important to ensure day-to-day business continues. This will requires
additional staff attention and focus to this citywide project.
Stakeholder Engagement
Staff from key departments were engaged in evaluation of proposals under the RFP, as
detailed above.
City of Palo Alto Page 5
Policy Implications
This recommendation does not present any changes to existing City policies and aligns
with the City’s Charter requirements.
Environmental Review
This is not a project under Section 21065 for purposes of the California Environmental
Quality Act (CEQA).
Attachments:
• Attachment A: Prime Government Solutions Inc. Contract, C22183905
Professional Services-SAAS
Rev. Dec.15, 2020
Page 1 of 39
CITY OF PALO ALTO CONTRACT NO. C22183905
AGREEMENT FOR PROFESSIONAL SERVICES – SOFTWARE-AS-A-SERVICE
(“SAAS”)
BETWEEN THE CITY OF PALO ALTO AND
PRIME GOVERNMENT SOLUTIONS, INC.
This Agreement for Professional Services – Software-as-a-Service (“SAAS”) (this “Agreement”)
is entered into as of the 16th day of May, 2022 (the “Effective Date”), by and between the CITY
OF PALO ALTO, a California chartered municipal corporation (“CITY”), and PRIME
GOVERNMENT SOLUTIONS, INC., a Utah corporation, located at 3429 Derry Street,
Harrisburg, PA 17111 (“CONSULTANT”).
The following recitals are a substantive portion of this Agreement and arefully incorporated herein
by this reference:
RECITALS
A. CITY intends to implement and provide a comprehensive organization-wide agenda and
meeting automation and legislative history software system (the “Project”) and desires to engage
a consultant to deliver software, installation, support and training services in connection with the
Project (the “Services”, as detailed more fully in Exhibit A).
B. CONSULTANT represents that it, its employees and subconsultants, if any, possess the
necessary professional expertise, qualifications, and capability, and all required licenses and/or
certifications to provide the Services.
C. CITY, in reliance on these representations, desires to engage CONSULTANT to provide
the Services as more fully described in Exhibit A, entitled “SCOPE OF SERVICES”.
NOW, THEREFORE, in consideration of the recitals, covenants, terms, and conditions, in this
Agreement, the parties agree as follows:
SECTION 1. SCOPE OF SERVICES. CONSULTANT shall perform the Services described
in Exhibit A in accordance with the terms and conditions contained in this Agreement. The
performance of all Services shall be to the reasonable satisfaction of CITY.
SECTION 2. TERM.
The term of this Agreement shall be from the date of its full execution through June 30, 2027
unless terminated earlier pursuant to Section 19 (Termination) of this Agreement.
SECTION 3. SCHEDULE OF PERFORMANCE. Time is of the essence in the performance
of Services under this Agreement. CONSULTANT shall complete the Services within the term of
this Agreement and in accordance with the schedule set forth in Exhibit B, entitled “SCHEDULE
OF PERFORMANCE”. Any Services for which times for performance are not specified in this
Professional Services-SAAS
Rev. Dec.15, 2020
Page 2 of 39
Agreement shall be commenced and completed by CONSULTANT in a reasonably prompt and
timely manner based upon the circumstances and direction communicated to the CONSULTANT.
CITY’s agreement to extend the term or the schedule for performance shall not preclude recovery
of damages for delay if the extension is required due to the fault of CONSULTANT.
SECTION 4. NOT TO EXCEED COMPENSATION. The compensation to be paid to
CONSULTANT for performance of the Services shall be based on the compensation structure
detailed in Exhibit C, entitled “COMPENSATION,” including any reimbursable expenses
specified therein, and the maximum total compensation shall not exceed One Hundred Seventy-
One Thousand Three Hundred Ninety-Nine Dollars and Twenty-Four Cents. ($171,399.24).
The hourly schedule of rates, if applicable, is set out in Exhibit C-1, entitled “SCHEDULE OF
RATES.” Any work performed or expenses incurred for which payment would result in a total
exceeding the maximum compensation set forth in this Section 4 shall be at no cost to the CITY.
SECTION 5. INVOICES. In order to request payment, CONSULTANT shall submit invoices
to the CITY describing the Services performed and the applicable charges (including, if applicable,
an identification of personnel who performed the Services, hours worked, hourly rates, and
reimbursable expenses), based upon Exhibit C or, as applicable, CONSULTANT’s schedule of
rates set forth in Exhibit C-1. If applicable, the invoice shall also describe the percentage of
completion of each task. The information in CONSULTANT’s invoices shall be subject to
verification by CITY. CONSULTANT shall send all invoices to CITY’s Project Manager at the
address specified in Section 13 (Project Management) below. CITY will generally process and
pay invoices within thirty (30) days of receipt of an acceptable invoice.
SECTION 6. QUALIFICATIONS/STANDARD OF CARE. All Services shall be performed
by CONSULTANT or under CONSULTANT’s supervision. CONSULTANT represents that it,
its employees and subcontractors, if any, possess the professional and technical personnel
necessary to perform the Services required by this Agreement and that the personnel have
sufficient skill and experience to perform the Services assigned to them. CONSULTANT
represents that it, its employees and subcontractors, if any, have and shall maintain during the term
of this Agreement all licenses, permits, qualifications, insurance and approvals of whatever nature
that are legally required to perform the Services. All Services to be furnished by CONSULTANT
under this Agreement shall meet the professional standard and quality that prevail among
professionals in the same discipline and of similar knowledge and skill engaged in related work
throughout California under the same or similar circumstances.
SECTION 7. COMPLIANCE WITH LAWS. CONSULTANT shall keep itself informed of
and in compliance with all federal, state and local laws, ordinances, regulations, and orders that
may affect in any manner the Project or the performance of the Services or those engaged to
perform Services under this Agreement, as amended from time to time. CONSULTANT shall
procure all permits and licenses, pay all charges and fees, and give all notices required by law in
the performance of the Services.
SECTION 8. ERRORS/OMISSIONS. CONSULTANT is solely responsible for costs,
including, but not limited to, increases in the cost of Services, arising from or caused by
CONSULTANT’s errors and omissions, including, but not limited to, the costs of corrections such
errors and omissions, any change order markup costs, or costs arising from delay caused by the
Professional Services-SAAS
Rev. Dec.15, 2020
Page 3 of 39
errors and omissions or unreasonable delay in correcting the errors and omissions.
SECTION 9. COST ESTIMATES. If this Agreement pertains to the design of a public works
project, CONSULTANT shall submit estimates of probable construction costs at each phase of
design submittal. If the total estimated construction cost at any submittal exceeds the CITY’s
stated construction budget by ten percent (10%) or more, CONSULTANT shall make
recommendations to CITY for aligning the Project design with the budget, incorporate CITY
approved recommendations, and revise the design to meet the Project budget, at no additional cost
to CITY.
SECTION 10. INDEPENDENT CONTRACTOR. CONSULTANT acknowledges and agrees
that CONSULTANT and any agent or employee of CONSULTANT will act as and shall be
deemed at all times to be an independent contractor and shall be wholly responsible for the manner
in which CONSULTANT performs the Services requested by CITY under this Agreement.
CONSULTANT and any agent or employee of CONSULTANT will not have employee status
with CITY, nor be entitled to participate in any plans, arrangements, or distributions by CITY
pertaining to or in connection with any retirement, health or other benefits that CITY may offer its
employees. CONSULTANT will be responsible for all obligations and payments, whether
imposed by federal, state or local law, including, but not limited to, FICA, income tax
withholdings, workers’ compensation, unemployment compensation, insurance, and other similar
responsibilities related to CONSULTANT’s performance of the Services, or any agent or
employee of CONSULTANT providing same. Nothing in this Agreement shall be construed as
creating an employment or agency relationship between CITY and CONSULTANT or any agent
or employee of CONSULTANT. Any terms in this Agreement referring to direction from CITY
shall be construed as providing for direction as to policy and the result of CONSULTANT’s
provision of the Services only, and not as to the means by which such a result is obtained.
SECTION 11. ASSIGNMENT. The parties agree that the expertise and experience of
CONSULTANT are material considerations for this Agreement. CONSULTANT shall not assign
or transfer any interest in this Agreement nor the performance of any of CONSULTANT’s
obligations hereunder without the prior written approval of the City Manager. Any purported
assignment made without the prior written approval of the City Manager will be void and without
effect. Subject to the foregoing, the covenants, terms, conditions and provisions of this Agreement
will apply to, and will bind, the heirs, successors, executors, administrators and assignees of the
parties.
SECTION 12. SUBCONTRACTING. CONSULTANT shall not subcontract any portion of
the Services to be performed under this Agreement without the prior written authorization of the
City Manager or designee. In the event CONSULTANT does subcontract any portion of the work
to be performed under this Agreement, CONSULTANT shall be fully responsible for all acts and
omissions of subcontractors.
SECTION 13. PROJECT MANAGEMENT. CONSULTANT will assign Michelle Cooper,
Sales Direct, 3429 Derry Street, Harrisburg, PA 17111, Telephone: 512-347-9399, Email:
michelle.cooper@primegov.com as the CONSULTANT’s Project Manager to have supervisory
responsibility for the performance, progress, and execution of the Services and represent
CONSULTANT during the day-to-day performance of the Services. If circumstances cause the
Professional Services-SAAS
Rev. Dec.15, 2020
Page 4 of 39
substitution of the CONSULTANT’s Project Manager or any other of CONSULTANT’s key
personnel for any reason, the appointment of a substitute Project Manager and the assignment of
any key new or replacement personnel will be subject to the prior written approval of the CITY’s
Project Manager. CONSULTANT, at CITY’s request, shall promptly remove CONSULTANT
personnel who CITY finds do not perform the Services in an acceptable manner, are uncooperative,
or present a threat to the adequate or timely completion of the Services or a threat to the safety of
persons or property.
CITY’s Project Manager is Lesley Milton, City Clerk’s Office, 250 Hamilton Avenue, Palo Alto,
CA, 94301 Telephone: 6560-329-2571 Email: Lesley.milton@cityofpaloalto.org. CITY’s Project
Manager will be CONSULTANT’s point of contact with respect to performance, progress and
execution of the Services. CITY may designate an alternate Project Manager from time to time.
SECTION 14. INTELLECTUAL PROPERTY; DATA. All work product, including without
limitation, all writings, drawings, studies, sketches, photographs, plans, reports, specifications,
computations, models, recordings, data, documents, and other materials and copyright interests
developed under this Agreement, in any format or media, as unique to this engagement with CITY,
shall be and remain the exclusive property of CITY without restriction or limitation upon their use.
CONSULTANT makes no representation of the suitability of the work product for use in or
application to circumstances not contemplated by the Scope of Services.
14.1 Intellectual Property Rights in the SAAS. CONSULTANT and/or its
licensor(s), as applicable, retain all right, title, and interest in and to the SAAS, further defined as
the online-hosted SAAS to be provided by CONSULTANT to CITY, its Authorized Users
(defined below), and public users (if applicable, as addressed in Section 14.2 below), pursuant to
this Agreement, as detailed in Exhibit A (“Scope of Services”), including without limitation all
Software (defined below) used to provide the SAAS and all graphics, user interfaces, logos, and
trademarks reproduced through the SAAS. This Agreement does not grant CITY any intellectual
property license or rights in or to the SAAS or any of its components or any Documentation
(defined below) except those expressly granted herein. CITY recognizes that the SAAS and its
components and the Documentation are protected by copyright and other laws. “Software” means
the online-hosted computer software application(s) residing on CONSULTANT-provided servers
that CONSULTANT uses to provide to CITY the Services detailed in this Agreement, and that
CONSULTANT makes digitally accessible to the CITY, its Authorized Users, and public users (if
applicable, as addressed in Section 14.2 below), via the internet. “Documentation” means the
technical publications relating to the use of the SAAS, such as reference, installation,
administrative and programmer or user manuals, made available by CONSULTANT to CITY.
14.2 Grant of Right to Use the SAAS. Subject to the terms of this Agreement,
CONSULTANT hereby grants to CITY a non-exclusive, non-assignable license to access and use
the SAAS for the term of this Agreement as contemplated herein. The license granted to CITY
hereunder includes the right to provide to the CITY’s Authorized Users access to the SAAS in
accordance with this Agreement. “Authorized User” means all persons holding a valid ID and
password issued by the CITY pursuant to this Agreement. If the SAAS provided pursuant to this
Agreement consists of, or includes, public-facing functionalities, the license granted hereunder
also extends to public users to access and use the public-facing functionalities of the SAAS.
CONSULTANT warrants that it has the right to provide the foregoing license to access and use
Professional Services-SAAS
Rev. Dec.15, 2020
Page 5 of 39
the SAAS pursuant to this Agreement, that CONSULTANT has obtained any and all necessary
permissions from third parties to provide the SAAS, and that access to and use of the SAAS in
accordance with the terms of this Agreement shall not infringe the copyright of any third party.
14.3 Ownership of Data; Grant of License to City Data. The parties
acknowledge and agree that CITY owns the City data, content, documents, materials and other
information, in any format or media, collected, stored, imported or inputted into, or gathered by,
the SAAS, including without limitation data from third parties (“City Data”); that the CITY has a
right to control, access and retrieve City Data at any time during the term of the Agreement, in
computer-readable format. The CITY hereby grants to CONSULTANT and its subcontractors, if
any, the limited, non-exclusive, non-transferable, revocable rights to access and use City Data
during the term of this Agreement solely for the purposes of performing CONSULTANT’s
obligations to CITY hereunder and supporting CITY’s use of the SAAS hereunder, as well as to
generate aggregated, system-wide collations of industry and business data in a non-attributed, non-
identifiable manner for product improvement and product creation that does not identify CITY or
detail of its particular data, and as is otherwise expressly permitted under this Agreement. This
Agreement does not grant CONSULTANT or its subcontractors, if any, any intellectual property
license or rights in or to the City Data except those expressly granted herein. Upon termination or
expiration, if CITY will leave the SAAS, CONSULTANT and CITY shall work together to
provide CITY with a copy of City Data in mutually-agreed computer-readable format(s). CITY
shall have the option to choose from one of several methods to obtain a copy of City Data. Once
such data has been provided to CITY, CONSULTANT shall use, or cause to be used, industry-
standard secure means of destruction or erasure of any City Data remaining in its possession and,
at the CITY’s request, certify the same.
14.4.Data Security. CONSULTANT will maintain, or cause to be maintained,
a data security program for the SAAS that will include reasonable administrative,
physical, technical, organizational and other security measures to protect against unauthorized
access to, or destruction, loss, unavailability or alteration of, any City Data accessed by
CONSULTANT and its subcontractors, if any, in the performance of this Agreement including
without limitation City Data processed or stored by the SAAS.
SECTION 15. AUDITS. CONSULTANT agrees to permit CITY and its authorized
representatives to audit, at any reasonable time during the term of this Agreement and for four (4)
years from the date of final payment, CONSULTANT’s books and accounting records, invoices,
materials, payrolls or other data pertaining to its Services under this Agreement, including without
limitation records demonstrating compliance with the requirements of Section 10 (Independent
Contractor) and records related to invoicing. CONSULTANT further agrees to maintain and retain
accurate books and records in accordance with generally accepted accounting principles for at least
four (4) years after the expiration or earlier termination of this Agreement or the completion of
any audit hereunder, whichever is later. CITY will provide reasonable notice in advance and in
writing of any audit conducted by CITY under this Section and any such audit will be at CITY’s
expense.
SECTION 16. INDEMNITY.
16.1. To the fullest extent permitted by law, CONSULTANT shall indemnify,
Professional Services-SAAS
Rev. Dec.15, 2020
Page 6 of 39
defend and hold harmless CITY, its Council members, officers, employees and agents (each an
“Indemnified Party”) from and against any and all demands, claims, or liability of any nature,
including death or injury to any person, property damage or any other loss, including all costs and
expenses of whatever nature including attorney’s fees, experts fees, court costs and disbursements
(“Claims”) resulting from, arising out of or in any manner related to performance or
nonperformance by CONSULTANT, its officers, employees, agents or contractors under this
Agreement, regardless of whether or not it is caused in part by an Indemnified Party.
16.2. Notwithstanding the above, nothing in this Section 16 shall be construed to
require CONSULTANT to indemnify an Indemnified Party from a Claim arising from the active
negligence or willful misconduct of an Indemnified Party that is not contributed to by any act of,
or by any omission to perform a duty imposed by law or agreement by, CONSULTANT, its
officers, employees, agents or contractors under this Agreement.
16.3. The acceptance of CONSULTANT’s Services and duties by CITY shall not
operate as a waiver of the right of indemnification. The provisions of this Section 16 shall survive
the expiration or early termination of this Agreement.
SECTION 17. WAIVERS. No waiver of a condition or nonperformance of an obligation under
this Agreement is effective unless it is in writing in accordance with Section 29.4 of this
Agreement. No delay or failure to require performance of any provision of this Agreement shall
constitute a waiver of that provision as to that or any other instance. Any waiver granted shall
apply solely to the specific instance expressly stated. No single or partial exercise of any right or
remedy will preclude any other or further exercise of any right or remedy.
SECTION 18. INSURANCE.
18.1. CONSULTANT, at its sole cost and expense, shall obtain and maintain, in
full force and effect during the term of this Agreement, the insurance coverage described in Exhibit
D, entitled “INSURANCE REQUIREMENTS”. CONSULTANT and its contractors, if any, shall
obtain a policy endorsement naming CITY as an additional insured under any general liability or
automobile policy or policies.
18.2. All insurance coverage required hereunder shall be provided through
carriers with AM Best’s Key Rating Guide ratings of A-:VII or higher which are licensed or
authorized to transact insurance business in the State of California. Any and all contractors of
CONSULTANT retained to perform Services under this Agreement will obtain and maintain, in
full force and effect during the term of this Agreement, identical insurance coverage, naming CITY
as an additional insured under such policies as required above.
18.3. Certificates evidencing such insurance shall be filed with CITY
concurrently with the execution of this Agreement. The certificates will be subject to the approval
of CITY’s Risk Manager and will contain an endorsement stating that the insurance is primary
coverage and will not be canceled, or materially reduced in coverage or limits, by the insurer except
after filing with the Purchasing Manager thirty (30) days’ prior written notice of the cancellation
or modification. If the insurer cancels or modifies the insurance and provides less than thirty (30)
days’ notice to CONSULTANT, CONSULTANT shall provide the Purchasing Manager written
Professional Services-SAAS
Rev. Dec.15, 2020
Page 7 of 39
notice of the cancellation or modification within two (2) business days of the CONSULTANT’s
receipt of such notice. CONSULTANT shall be responsible for ensuring that current certificates
evidencing the insurance are provided to CITY’s Chief Procurement Officer during the entire term
of this Agreement.
18.4. The procuring of such required policy or policies of insurance will not be
construed to limit CONSULTANT’s liability hereunder nor to fulfill the indemnification
provisions of this Agreement. Notwithstanding the policy or policies of insurance,
CONSULTANT will be obligated for the full and total amount of any damage, injury, or loss
caused by or directly arising as a result of the Services performed under this Agreement, including
such damage, injury, or loss arising after the Agreement is terminated or the term has expired.
SECTION 19. TERMINATION OR SUSPENSION OF AGREEMENT OR SERVICES.
19.1. The City Manager may suspend the performance of the Services, in whole
or in part, or terminate this Agreement, with or without cause, by giving thirty (30) days prior
written notice thereof to CONSULTANT. If CONSULTANT fails to perform any of its material
obligations under this Agreement, in addition to all other remedies provided under this Agreement
or at law, the City Manager may terminate this Agreement sooner upon written notice of
termination. Upon receipt of any notice of suspension or termination, CONSULTANT will
discontinue its performance of the Services on the effective date in the notice of suspension or
termination.
19.2. In event of suspension or termination, CONSULTANT will deliver to the
City Manager on or before the effective date in the notice of suspension or termination, any and
all work product, as detailed in Section 14 (Intellectual Property; Data), whether or not completed,
prepared by CONSULTANT or its contractors, if any, in the performance of this Agreement. Such
work product is the property of CITY, as detailed in Section 14 (Intellectual Property; Data).
19.3. In event of suspension or termination, CONSULTANT will be paid for the
Services rendered and work products delivered to CITY in accordance with the Scope of Services
up to the effective date in the notice of suspension or termination; provided, however, if this
Agreement is suspended or terminated on account of a default by CONSULTANT, CITY will be
obligated to compensate CONSULTANT only for that portion of CONSULTANT’s Services
provided in material conformity with this Agreement as such determination is made by the City
Manager acting in the reasonable exercise of his/her discretion. The following Sections will
survive any expiration or termination of this Agreement: 14, 15, 16, 17, 19.2, 19.3, 19.4, 20, 25,
27, 28, 29 and 30.
19.4. No payment, partial payment, acceptance, or partial acceptance by CITY
will operate as a waiver on the part of CITY of any of its rights under this Agreement, unless made
in accordance with Section 17 (Waivers).
SECTION 20. NOTICES.
All notices hereunder will be given in writing and mailed, postage prepaid, by
certified mail, addressed as follows:
Professional Services-SAAS
Rev. Dec.15, 2020
Page 8 of 39
To CITY: Office of the City Clerk
City of Palo Alto
Post Office Box 10250
Palo Alto, CA 94303
With a copy to the Purchasing Manager
To CONSULTANT: Attention of the Project Manager at the address of
CONSULTANT recited on the first page of this Agreement.
CONSULTANT shall provide written notice to CITY of any change of address.
SECTION 21. CONFLICT OF INTEREST.
21.1. In executing this Agreement, CONSULTANT covenants that it presently
has no interest, and will not acquire any interest, direct or indirect, financial or otherwise, which
would conflict in any manner or degree with the performance of the Services.
21.2. CONSULTANT further covenants that, in the performance of this
Agreement, it will not employ subcontractors or other persons or parties having such an interest.
CONSULTANT certifies that no person who has or will have any financial interest under this
Agreement is an officer or employee of CITY; this provision will be interpreted in accordance
with the applicable provisions of the Palo Alto Municipal Code and the Government Code of the
State of California, as amended from time to time. CONSULTANT agrees to notify CITY if any
conflict arises.
21.3. If the CONSULTANT meets the definition of a “Consultant” as defined by
the Regulations of the Fair Political Practices Commission, CONSULTANT will file the
appropriate financial disclosure documents required by the Palo Alto Municipal Code and the
Political Reform Act of 1974, as amended from time to time.
SECTION 22. NONDISCRIMINATION; COMPLIANCE WITH ADA.
22.1. As set forth in Palo Alto Municipal Code Section 2.30.510, as amended
from time to time, CONSULTANT certifies that in the performance of this Agreement, it shall not
discriminate in the employment of any person due to that person’s race, skin color, gender, gender
identity, age, religion, disability, national origin, ancestry, sexual orientation, pregnancy, genetic
information or condition, housing status, marital status, familial status, weight or height of such
person. CONSULTANT acknowledges that it has read and understands the provisions of Section
2.30.510 of the Palo Alto Municipal Code relating to Nondiscrimination Requirements and the
penalties for violation thereof, and agrees to meet all requirements of Section 2.30.510 pertaining
to nondiscrimination in employment.
22.2. CONSULTANT understands and agrees that pursuant to the Americans
Disabilities Act (“ADA”), programs, services and other activities provided by a public entity to
the public, whether directly or through a contractor or subcontractor, are required to be accessible
Professional Services-SAAS
Rev. Dec.15, 2020
Page 9 of 39
to the disabled public. CONSULTANT will provide the Services specified in this Agreement in a
manner that complies with the ADA and any other applicable federal, state and local disability
rights laws and regulations, as amended from time to time. CONSULTANT will not discriminate
against persons with disabilities in the provision of services, benefits or activities provided under
this Agreement.
SECTION 23. ENVIRONMENTALLY PREFERRED PURCHASING AND ZERO
WASTE REQUIREMENTS. CONSULTANT shall comply with the CITY’s Environmentally
Preferred Purchasing policies which are available at CITY’s Purchasing Department, hereby
incorporated by reference and as amended from time to time. CONSULTANT shall comply with
waste reduction, reuse, recycling and disposal requirements of CITY’s Zero Waste Program. Zero
Waste best practices include, first, minimizing and reducing waste; second, reusing waste; and,
third, recycling or composting waste. In particular, CONSULTANT shall comply with the
following Zero Waste requirements:
(a) All printed materials provided by CONSULTANT to CITY generated from a
personal computer and printer including but not limited to, proposals, quotes, invoices, reports,
and public education materials, shall be double-sided and printed on a minimum of 30% or greater
post-consumer content paper, unless otherwise approved by CITY’s Project Manager. Any
submitted materials printed by a professional printing company shall be a minimum of 30% or
greater post-consumer material and printed with vegetable-based inks.
(b) Goods purchased by CONSULTANT on behalf of CITY shall be purchased in
accordance with CITY’s Environmental Purchasing Policy including but not limited to Extended
Producer Responsibility requirements for products and packaging. A copy of this policy is on file
at the Purchasing Department’s office.
(c) Reusable/returnable pallets shall be taken back by CONSULTANT, at no
additional cost to CITY, for reuse or recycling. CONSULTANT shall provide documentation from
the facility accepting the pallets to verify that pallets are not being disposed.
SECTION 24. COMPLIANCE WITH PALO ALTO MINIMUM WAGE ORDINANCE.
CONSULTANT shall comply with all requirements of the Palo Alto Municipal Code Chapter 4.62
(Citywide Minimum Wage), as amended from time to time. In particular, for any employee
otherwise entitled to the State minimum wage, who performs at least two (2) hours of work in a
calendar week within the geographic boundaries of the City, CONSULTANT shall pay such
employees no less than the minimum wage set forth in Palo Alto Municipal Code Section 4.62.030
for each hour worked within the geographic boundaries of the City of Palo Alto. In addition,
CONSULTANT shall post notices regarding the Palo Alto Minimum Wage Ordinance in
accordance with Palo Alto Municipal Code Section 4.62.060.
SECTION 25. NON-APPROPRIATION. This Agreement is subject to the fiscal provisions of
the Charter of the City of Palo Alto and the Palo Alto Municipal Code, as amended from time to
time. This Agreement will terminate without any penalty (a) at the end of any fiscal year in the
event that funds are not appropriated for the following fiscal year, or (b) at any time within a fiscal
year in the event that funds are only appropriated for a portion of the fiscal year and funds for this
Agreement are no longer available. This Section shall take precedence in the event of a conflict
with any other covenant, term, condition, or provision of this Agreement.
SECTION 26. PREVAILING WAGES AND DIR REGISTRATION FOR PUBLIC
Professional Services-SAAS
Rev. Dec.15, 2020
Page 10 of 39
WORKS CONTRACTS.
26.1.This Project is not subject to prevailing wages and related
requirements. CONSULTANT is not required to pay prevailing wages and meet related
requirements under the California Labor Code and California Code of Regulations in the
performance and implementation of the Project if the contract:
(1) is not a public works contract;
(2) is for a public works construction project of $25,000 or less, per California
Labor Code Sections 1782(d)(1), 1725.5(f) and 1773.3(j); or
(3) is for a public works alteration, demolition, repair, or maintenance project of
$15,000 or less, per California Labor Code Sections 1782(d)(1), 1725.5(f)and
1773.3(j).
SECTION 27. CLAIMS PROCEDURE FOR “9204 PUBLIC WORKS PROJECTS”.For
purposes of this Section 27, a “9204 Public Works Project” means the erection, construction,
alteration, repair, or improvement of any public structure, building, road, or other public
improvement of any kind. (Cal. Pub. Cont. Code § 9204.) Per California Public Contract Code
Section 9204, for Public Works Projects, certain claims procedures shall apply, as set forth in
Exhibit F, entitled “Claims for Public Contract Code Section 9204 Public Works Projects”.
This Project is not a 9204 Public Works Project.
SECTION 28. CONFIDENTIAL INFORMATION.
28.1. In the performance of this Agreement, CONSULTANT may have access to
CITY’s Confidential Information (defined below). CONSULTANT will hold Confidential
Information in strict confidence, not disclose it to any third party, and will use it only for the
performance of its obligations to CITY under this Agreement and for no other purpose.
CONSULTANT will maintain reasonable and appropriate administrative, technical and physical
safeguards to ensure the security, confidentiality and integrity of the Confidential Information.
Notwithstanding the foregoing, CONSULTANT may disclose Confidential Information to its
employees, agents and subcontractors, if any, to the extent they have a need to know in order to
perform CONSULTANT’s obligations to CITY under this Agreement and for no other purpose,
provided that the CONSULTANT informs them of, and requires them to follow, the confidentiality
and security obligations of this Agreement.
28.2. “Confidential Information” means all data, information (including without
limitation “Personal Information” about a California resident as defined in Civil Code Section
1798 et seq., as amended from time to time) and materials, in any form or media, tangible or
intangible, provided or otherwise made available to CONSULTANT by CITY, directly or
indirectly, pursuant to this Agreement. Confidential Information excludes information that
CONSULTANT can show by appropriate documentation: (i) was publicly known at the time it
was provided or has subsequently become publicly known other than by a breach of this
Agreement; (ii) was rightfully in CONSULTANT’s possession free of any obligation of
confidence prior to receipt of Confidential Information; (iii) is rightfully obtained by
CONSULTANT from a third party without breach of any confidentiality obligation; (iv) is
independently developed by employees of CONSULTANT without any use of or access to the
Professional Services-SAAS
Rev. Dec.15, 2020
Page 11 of 39
Confidential Information; or (v) CONSULTANT has written consent to disclose signed by an
authorized representative of CITY.
28.3. Notwithstanding the foregoing, CONSULTANT may disclose Confidential
Information to the extent required by order of a court of competent jurisdiction or governmental
body, provided that CONSULTANT will notify CITY in writing of such order immediately upon
receipt and prior to any such disclosure (unless CONSULTANT is prohibited by law from doing
so), to give CITY an opportunity to oppose or otherwise respond to such order.
28.4. CONSULTANT will notify City promptly upon learning of any breach in
the security of its systems or unauthorized disclosure of, or access to, Confidential Information in
its possession or control, and if such Confidential Information consists of Personal Information,
CONSULTANT will provide information to CITY sufficient to meet the notice requirements of
Civil Code Section 1798 et seq., as applicable, as amended from time to time.
28.5. Prior to or upon termination or expiration of this Agreement,
CONSULTANT will honor any request from the CITY to return or securely destroy all copies of
Confidential Information. All Confidential Information is and will remain the property of the CITY
and nothing contained in this Agreement grants or confers any rights to such Confidential
Information on CONSULTANT.
28.6. If selected in Section 30 (Exhibits), this Agreement is also subject to the
terms and conditions of the Information Privacy Policy and Cybersecurity Terms and Conditions.
SECTION 29. MISCELLANEOUS PROVISIONS.
29.1. This Agreement will be governed by California law, without regard to its
conflict of law provisions.
29.2. In the event that an action is brought, the parties agree that trial of such
action will be vested exclusively in the state courts of California in the County of Santa Clara,
State of California.
29.3. The prevailing party in any action brought to enforce the provisions of this
Agreement may recover its reasonable costs and attorneys’ fees expended in connection with that
action. The prevailing party shall be entitled to recover an amount equal to the fair market value
of legal services provided by attorneys employed by it as well as any attorneys’ fees paid to third
parties.
29.4. This Agreement, including all exhibits, constitutes the entire and integrated
agreement between the parties with respect to the subject matter of this Agreement, and supersedes
all prior agreements, negotiations, representations, statements and undertakings, either oral or
written. This Agreement may be amended only by a written instrument, which is signed by the
authorized representatives of the parties and approved as required under Palo Alto Municipal
Code, as amended from time to time.
29.5. If a court of competent jurisdiction finds or rules that any provision of this
Professional Services-SAAS
Rev. Dec.15, 2020
Page 12 of 39
Agreement is void or unenforceable, the unaffected provisions of this Agreement will remain in
full force and effect.
29.6. In the event of a conflict between the terms of this Agreement and the
exhibits hereto (per Section 30) or CONSULTANT’s proposal (if any), the Agreement shall
control. In the event of a conflict between the exhibits hereto and CONSULTANT’s proposal (if
any), the exhibits shall control.
29.7. The provisions of all checked boxes in this Agreement shall apply to this
Agreement; the provisions of any unchecked boxes shall not apply to this Agreement.
29.8. All section headings contained in this Agreement are for convenience and
reference only and are not intended to define or limit the scope of any provision of this Agreement.
29.9. This Agreement may be signed in multiple counterparts, which, when
executed by the authorized representatives of the parties, shall together constitute a single binding
agreement.
SECTION 30. EXHIBITS. Each of the following exhibits, if the check box for such exhibit is
selected below, is hereby attached and incorporated into this Agreement by reference as though
fully set forth herein:
EXHIBIT A: SCOPE OF SERVICES
EXHIBIT B: SCHEDULE OF PERFORMANCE
EXHIBIT C: COMPENSATION
EXHIBIT D: INSURANCE REQUIREMENTS
EXHIBIT E: INFORMATION PRIVACY POLICY
EXHIBIT F: CYBERSECURITY TERMS AND CONDITIONS
THIS AGREEMENT IS NOT COMPLETE UNLESS ALL SELECTED EXHIBITS
ARE ATTACHED.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 14 of 39
EXHIBIT A
SCOPE OF SERVICES
CONSULTANT shall provide the Services detailed in this Exhibit A, entitled “SCOPE OF
SERVICES”.
CONSULTANT will provide to CITY access to and use of its PrimeGov Legislative Management
software (also referred to herein as “PrimeGov”), providing an end-to-end online-hosted software-
as-a-service (“SAAS”) solution designed to provide the necessary tools for effective and
transparent creation of legislative meeting content. The solution consists of the software and
services detailed below.
The PrimeGov Legislative Management platform is a single, hosted software solution that can be
partitioned into separate modules when the client is looking to start with a specific function only.
If the client decides to add services in the future, the client never has to worry about integration of
data migration issues because all modules share the same database.
The following PrimeGov modules are included under this Agreement:
Agenda Automation
Meeting Management
o including Member Voting
Video Streaming
Committee Management
Further details are provided below on each PrimeGov module, other functionalities included in
PrimeGov, the project planning and implementation activities, objectives, and assumptions.
(Task 1) Agenda Automation will allow CITY staff to create meeting types, agenda items, upload
related documents to create an agenda and materials packet. Meeting documents and supporting
materials can be compiled for distribution to the staff, public, council members, and more.
CITY will:
Complete On-Boarding Assessment including:
Documentation of Item Types
Documentation of Meeting Types for each meeting body
Documentation of the proposed meeting schedule for each meeting body
Produce and share full Word samples including numbering, font, size and other
formatting details for each meeting body:
Agenda Notice of Cancellation
Packet
Identify sections and items included in each meeting body
Review and discuss modifications required to accommodate CONSULTANT’S
PrimeGov best practices, current functionality, and consistency of the proposed meeting
document templates
Complete Agenda Training
Professional Services-SAAS
Rev. Dec.15, 2020
Page 15 of 39
Complete User Acceptance Testing
Conduct end-user training
Review and Sign off Agenda configuration
CONSULTANT will:
Review and configure meeting types (e.g., regular, special, and workshop) that are
provided as part of the on-boarding assessment including:
o Agenda o Packet
o Minutes o Notice of Cancellation
Review and configure item types
Perform a gap analysis to review functionality and identify potential feature requests and
enhancements that can be evaluated for inclusion in a future release.
Complete end-to-end agenda testing
Deliver full document set per meeting with the proposed layout and design
Provide agenda training
Agenda Automation: Forms/Workflow will allow for the automation of the item submission
process in the Agenda Automation module. This will enable users to ensure items are reviewed
electronically and that users can always know where an item is at in the process. Workflow allows
for linear routing of an item with its supporting materials on its journey to an agenda. Workflow
is flexible and will enable users to have an ad-hoc review process via peer review while also
allowing the administration to design a consistent approval process. Items can be created at any
time and added to the agenda automatically when the approved process is complete. The workflow
steps can be routed to users or groups to ensure an end-to-end electronic process.
Following is an example of the Agenda Item Approval Workflow:
1. Create document 7. Department Head review
2. Create item 8. Legal review
3. Add item to the meeting 9. Finance review
4. Attach documents 10. City Manager review
5. Originator review 11. City Clerk review
6. Peer review 12. Approve on agenda
CITY will:
Complete on-boarding assessment including:
Documentation of the workflow process
Form to initiate a submission Identification of Review Groups
Notification Emails Identification of Review Users
Workflow Steps Staff Report (cover page)
Identification of originators Word sample
Identify a decision maker and lead procedural discussions regarding the item approval
process.
Review and discuss modifications required to accommodate CONSULTANT’s
PrimeGov best practices, current functionality, and consistency of the proposed item
approval workflow.
Review and discuss modifications required to accommodate CONSULTANT’s
Professional Services-SAAS
Rev. Dec.15, 2020
Page 16 of 39
PrimeGov best practices, current functionality, and consistency of the proposed form and
staff report document.
Provide technical resources required for add-in installation on CITY workstations and is
responsible for end-user support.
Complete workflow training.
Complete user acceptance testing.
Conduct workflow end user training.
Review and sign-off on workflow configuration.
CONSULTANT will:
Review and configure workflows provided as part of the on-boarding assessment
including:
Workflow Design
Workflow Configuration
Notification Emails
Review and configure item submission forms with accompanying staff report that is
provided as part of the on-boarding assessment including:
o HTML form design
o Staff report Word document content controls
Perform a gap analysis to review functionality and identify potential feature requests and
enhancements that can be evaluated for inclusion in a future release.
Complete end-to-end workflow and forms testing
Provide workflow training
(Task 2) Meeting Management will allow the meeting administrator to run a meeting and record
roll call, minutes, motions, votes, notes, and actions with ease. The CONSULTANT’s PrimeGov
real-time Minutes tools provide a single interface that allows all aspects of the meeting to be
managed often by a single user. The real-time meeting tools also offer options for citizen
engagement information regarding the active item, speakers, motion information, and votes can be
displayed in chambers or online via the public portal in real time. Minutes provides a means to
record motions, votes, minutes and other facets of the meeting. Also, agenda items can be added,
removed, edited and re-arranged as changes occur during the meeting.
CITY will:
Complete On-Boarding Assessment including:
o Documentation of Motion Types
o Documentation of Motion Type configuration
o Minutes
o Motion template
o Action template
o Vote result template
Produce and share complete Word samples including numbering, font, size and other
formatting details for each meeting body:
o Minutes
Identify sections and items to be included in each meeting body
Review and discuss modifications required to accommodate CONSULTANT’s
PrimeGov best practices, current functionality, and consistency of the proposed minute
Professional Services-SAAS
Rev. Dec.15, 2020
Page 17 of 39
templates
Complete Minutes Training
CONSULTANT will:
Review and configure Meeting Types (e.g., Regular, Special, and Workshop) that are
provided as part of the on-boarding assessment including:
o Minutes
Review and configure:
o Motion Types
o Motion Type configuration
o Motion template
o Action template
o Vote Result template
Deliver complete document set per meeting with the proposed layout and design
Provide Minutes training
(Subset of Task 2) Member Voting will provide a means for members to record their vote during
a meeting within Meeting Management and offers the ability to communicate the voting process
of agenda items to the public. This solution allows voting members and support personnel the
opportunity to electronically view items and supporting documentation on the agenda and to
electronically cast votes on motions. The Member Voting solution also provides a more automated
and effective approach to recording the events of the meeting to make it easy for the supporting
personnel to follow along and manage the meeting as it is in session.
CITY will:
Complete On-Boarding Assessment including:
o Motion Types
o Roles
o Voting options
o Public Comment
o Request to Speak
Complete Member Voting training
Perform a Mock Meeting or other User Acceptance Testing
Review and sign off on Member Voting configuration
CONSULTANT will:
Configure and review Voting for the Meeting Types, including:
o Motion Types
o Roles
o Voting Options
o Speaker Management
Provide Member Voting training
(Task 3) Video Streaming will provide high-quality live stream and on-demand audio and/or
video of your meetings. The video is immediately available for on-demand access via the
interactive agenda on the public portal. The events of the meeting can be time-stamped by
Professional Services-SAAS
Rev. Dec.15, 2020
Page 18 of 39
activating an item in the Meeting Viewer or adding a timestamp via meeting details.
CITY will:
Complete on-boarding assessment, including:
o YouTube account
configured for embedded
live streaming
o Complete Installation of
Encoder
o Provide HDMI or SDI
Video Feed
o Provide HDMI or Analog
Audio
o Provide Network
connection
o RJ-45 Ethernet
o Static IP Address
o Gateway
o DNS
Complete Video training
Review and sign off on Video configuration
CONSULTANT will:
Provide Video Installation Configuration Guide
Configure PrimeGov API/Google AUTH/Zoom
Perform a video streaming test
Provide Video Streaming training
(Task 4) Committee Management will allow CITY staff to easily add and edit committees,
members, positions, and terms. The public portal will allow for automated application and
appointment management through internal workflows built within the CONSULTANT’s
PrimeGov system. In one succinct view, a user can take care of all committee tasks efficiently and
effectively. Committee Management makes it easy to create initial and subsequent terms quickly,
and even split terms if a seat becomes vacant mid-term. Also included are vacancy reports, expiring
seats reports, and expiring training reports.
CITY will:
Complete On-Boarding Assessment including:
o Documentation of Committees, Active Positions and Members
o Documentation of Current Terms (Start Date/End Date), Nominating and
Appointing Entities
o Documentation of Training Types
o Documentation of Application Management workflow process:
Position Application Form to initiate a submission
Workflow Steps
Identification of Review Users & Groups
Notification Emails
Complete User Acceptance Testing
Review and Sign off Committee Management configuration
Complete Committee Management training
CONSULTANT will:
Professional Services-SAAS
Rev. Dec.15, 2020
Page 19 of 39
Review and Configure Committees that are provided as part of the on-boarding assessment
including:
o Boards and Commissions, Active Positions, and Active Members
o Current Terms, Nominating and Appointing Entities
Configure a Committee Management public portal to allow for public display of committee
information and acceptance of applications for advertised positions
Review and discuss modifications required to accommodate CONSULTANT’s PrimeGov
best practices, existing functionality, and consistency of the proposed Committee
Management.
Perform a Gap Analysis to review functionality and identify potential feature requests and
enhancements that can be evaluated for inclusion in a future release.
Configure up to one (1) Position Application Form for vacant position applications.
Configure up to one (1) Application Workflow to support the stages of the application
lifecycle.
Complete end to end Committee Management testing.
Provide Committee Management training.
(Task 5) Data migration services will be provided.
The following are also included with the CONSULTANT’s provision of its PrimeGov
Legislative Management software solution:
Global Software and Services
PrimeGov Public Portal will be integrated directly within the CITY’s website providing a
seamless look and feel. Constituents will be able to search for and view meeting materials, and
video. The portal also provides the ability for citizens to search the voting history of elected
officials. This includes the meeting history, voting records, speakers, and video specific to the
item. An internal portal can also be used if the CITY would like to publish meeting documentation
internally before it being made available to the public.
For CITY, the PrimeGov Public Portal will be integrated directly within CITY’s website
through an iFrame.
CITY will:
Provide technical resources required for integration on the CITYwebsite and is responsible
for end-user support of website.
CONSULTANT will:
Review and configure Public Portal and provide technical guidance for successful
integration.
PrimeGov Historical Import (Conversion) CONSULTANT will import historical data
utilization of a utility that has been specifically developed for the conversion process.
CITY will:
Complete On-Boarding Assessment including:
Professional Services-SAAS
Rev. Dec.15, 2020
Page 20 of 39
o Identification of Content
o Identification of the location of data and supporting files
Provide access to data and supporting files for import
Provide media files in MP4 video format
Provide a clear and understandable naming convention to identify files and their location
Customer Acceptance Testing
Review and sign off on Historical Import results
CONSULTANT will:
Import of up to seven (7) years’ worth of historic documents for meeting types identified
as part of PrimeGov Agenda Automation implementation, including:
o Agendas
o Minutes
o Packets
Provide a Conversion report outlining successful import counts and identification of
failed record imports.
Complete one import and one delta import of data after initial import.
PrimeGov Administration will allow users and administrators access to the PrimeGov platform
from any location with access to an internet connection. All system settings and security are
managed and administered from the PrimeGov administrative platform.
CITY will:
Complete On-Boarding Assessment including:
o Identities/Users
o Roles
o Departments
o Department Heads
o Security and Permissions
o Email Settings
Customer Acceptance Testing
Complete PrimeGov Administrator Training
Review and sign off on Administration
CONSULTANT will:
Deploy a Cloud Production Environment instance including:
o Software Suite outlined
above
o Identities/User
o Email Address
o First Name
o Last Name
o Department
o Title
o Roles
o Administrator
o General CITY Staff
o Committee
o Members
o Departments
o Department Heads
o Security and Permissions
o Email Settings
Provide PrimeGov Administrator Training
PrimeGov Reporting The PrimeGov reporting engine will allow users to configure reports on
any data stored in the system. Users can create “views” using system tools then use those views to
Professional Services-SAAS
Rev. Dec.15, 2020
Page 21 of 39
create their own report. Standard reports are also provided and include:
Committee Member Reports
Committee Vacancy Reports
Vote Records
Attendance Records
Audit Reports (login, adds, deletes, etc.)
Usage Reports (Items Submitted, Items Approved, Review Time)
All reports can be exported to (PDF, CSV, and Excel). Users can filter and re-run standard
reports or save them.
PrimeGov API The PrimeGov Legislative Management Suite is driven by Restful Web Services.
This allows virtually anyone (other software vendors, open data developers) the CITY allows to
consume the data available in the system. Access is controlled by the CITY and the available
“datasets” are published by the CITY, just like publishing an agenda.
Customization and Development
Customization and Development is not included in this Project Scope.
General Project Requirements
The following are the general project requirements based upon the processes described above for
this PrimeGov implementation.
CITY will:
Commit a Project lead and relevant Subject Matter Experts, as needed for successful
project delivery.
Lead development or procedural discussions, produce end-user training documentation,
and conduct end-user training sessions, as needed.
Provide technical resources required for video streaming
Provide technical resources required for add-in installation on CITY workstations and is
responsible for end-user support.
Complete Training assigned
Complete User Acceptance Testing
Provide feedback and sign off all phases of the project
Ensure local infrastructure complies with published minimum requirements.
Provide resources required to use remote sharing software for meetings such as
GoToMeeting or Microsoft Teams
CONSULTANT will:
Commit a project lead and other subject matter experts, as needed for successful project
delivery
Note: Implementation tasks are estimates until the completion of the Gap analysis. After
completion of the Gap analysis, CONSULTANT and CITY will review the
Implementation project requirements, including but not limited to, Future State process
designs, work effort estimates, timelines, and software, and enter into a separate contract
Professional Services-SAAS
Rev. Dec.15, 2020
Page 22 of 39
for services, if necessary.
Test and Deploy Software Upgrades and Patches
Review and conduct a Demonstration of the entire solution in the PrimeGov platform as a
refresher of system features and including the approval process.
CONSULTANT will perform a gap analysis with CITY at each step to clarify and confirm the
agenda management processes and CONSULTANT’s PrimeGov best practices and functionality.
CONSULTANT will be responsible for the following project management tasks:
Project Tracking
Weekly Status Calls
Regular remote share working sessions
Issue resolution portal for tracking of issues identified as issues, defects, feature requests,
and bugs.
Review and configuration of user and role permissions within the PrimeGov Solution
CONSULTANT will perform testing of the software functionality and provide support
during CITY user acceptance testing before production.
Training will be provided to those individuals identified as testers for successful User
Acceptance Testing
Professional Services-SAAS
Rev. Dec.15, 2020
Page 23 of 39
EXHIBIT B
SCHEDULE OF PERFORMANCE
CONSULTANT shall perform the Services so as to complete each milestone within the number
of days/weeks or the date timeframes specified below. The time to complete each milestone may
be increased or decreased by mutual written agreement of the Project Managers for
CONSULTANT and CITY so long as all work is completed within the term of the Agreement.
CONSULTANT shall provide a detailed schedule of work consistent with the schedule below
within 2 weeks of receipt of the notice to proceed (“NTP”) from the CITY.
Date Task/Milestone
Week of May 16, 2022 PrimeGov Project Team Assigned & Welcome Letter sent to Palo Alto
Week of May 16, 2022 Kick-off Call with Palo Alto Team & PrimeGov Implementation Team
May-June 2022 Project Design & Agenda Automation Phase
June-July 2022 Agenda & Workflow Configuration & Testing
July-August 2022 Agenda Automation Training
August 2022 Agenda Automation Go Live
July – September 2022 Stage 2 Meeting Management & Member Voting
July – September 2022 Stage 3 Video Streaming
September – October 2022 Stage 4 Committee Management
October 2022 Complete Project Go Live
May 2022 – June 30, 2027 Ongoing Annual Provision of Access to and Use of PrimeGov Software-
as-a-Service (SAAS) and Provision of Support and Maintenance
Professional Services-SAAS
Rev. Dec.15, 2020
Page 24 of 39
EXHIBIT C
COMPENSATION
CITY agrees to compensate CONSULTANT for Services performed in accordance with the terms
and conditions of this Agreement, and as set forth in the budget schedule below. Compensation
shall be based on the budget schedule below up to the not to exceed budget amount for each task
set forth below.
CITY’s Project Manager may approve in writing the transfer of budget amounts between any of
the tasks or categories listed below, provided that the total compensation for the Services,
including any specified reimbursable expenses, and the total compensation for Additional Services
(if any, per Section 4 of the Agreement) do not exceed the amounts set forth in Section 4 of this
Agreement.
CONSULTANT agrees to complete all Services, any specified reimbursable expenses, and
Additional Services (if any, per Section 4), within this/these amount(s). Any work performed or
expenses incurred for which payment would result in a total exceeding the maximum amount of
compensation set forth in this Agreement shall be at no cost to the CITY.
(CONTINUED ON THE NEXT PAGE.)
Professional Services-SAAS
Rev. Dec.15, 2020
Page 25 of 39
BUDGET SCHEDULE
The following Budget Schedule provides the Annual Cost of PrimeGov Software Solution (Tasks
1-5) and One-Time Costs, as applicable. The Annual Costs for the provision of the PrimeGov
Software Solution include licensing, support and maintenance.
TASK
NOT-TO-EXCEED AMOUNTS
One-Time Cost Annual Cost Subtotals
CONTRACT YEAR 1
Task 1 Agenda Automation -- $6,100.00
Task 2 Meeting Management & Member Voting -- $8,670.00
Task 3 Video Streaming --$10,068.00
Task 4 Committee Management -- $4,335.00
Task 5 Data Migration (included in Annual Costs,
Contract Years 1 & 2)
-- $0.00
Standard Implementation Costs $3,000.00 --
1 Standard Encoder $2,000.00 --
Data Migration (Additional 5 Years) $5,500.00
Subtotals Contract Year 1 $10,500.00 $29,173.00 $39,373.00
CONTRACT YEAR 2
Tasks 1-5 Annual Cost as in previous Contract
Year plus 5% Annual Increase)
-- $30,631.65
Subtotals Contract Year 2 -- $30,631.65 $30,631.65
CONTRACT YEAR 3
Tasks 1-5 Annual Cost as in previous Contract
Year plus 5% Annual Increase)
-- $32,163.23
Subtotals Contract Year 3 -- $32,163.23 $32,163.23
CONTRACT YEAR 4
Tasks 1-5 Annual Cost as in previous Contract
Year plus 5% Annual Increase)
-- $33,771.39
Subtotals Contract Year 4 -- $33,771.39 $33,771.39
CONTRACT YEAR 5
Tasks 1-5 Annual Cost as in previous Contract
Year plus 5% Annual Increase)
-- $35,459.97
Subtotals Contract Year 5 -- $35,459.97 $35,459.97
SUBTOTAL – CONTRACT YEARS 1-5 $171,399.24
REIMBURSABLE EXPENSES (if any) $0.00
ADDITIONAL SERVICES (per Section 4) $0.00
TOTAL NOT TO EXCEED COMPENSATION $171,399.24
Professional Services-SAAS
Rev. Dec.15, 2020
Page 26 of 39
REIMBURSABLE EXPENSES
CONSULTANT’S ordinary business expenses, such as administrative, overhead,
administrative support time/overtime, information systems, software and hardware,
photocopying, telecommunications (telephone, internet), in-house printing, insurance and
other ordinary business expenses, are included within the scope of payment for Services and
are not reimbursable expenses hereunder.
Reimbursable expenses, if any are specified as reimbursable under this section, will be
reimbursed at actual cost. The expenses (by type, e.g. travel) for which CONSULTANT will
be reimbursed are: NONE up to the not-to-exceed amount of: $0.00.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 27 of 39
EXHIBIT D
INSURANCE REQUIREMENTS
CONSULTANTS TO THE CITY OF PALO ALTO (CITY), AT THEIR SOLE EXPENSE, SHALL FOR THE TERM OF THE
CONTRACT OBTAIN AND MAINTAIN INSURANCE IN THE AMOUNTS FOR THE COVERAGE SPECIFIED BELOW,
AFFORDED BY COMPANIES WITH AM BEST’S KEY RATING OF A-:VII, OR HIGHER, LICENSED OR
AUTHORIZED TO TRANSACT INSURANCE BUSINESS IN THE STATE OF CALIFORNIA.
AWARD IS CONTINGENT ON COMPLIANCE WITH CITY’S INSURANCE REQUIREMENTS AS SPECIFIED HEREIN.
REQUIRED TYPE OF COVERAGE REQUIREMENT
MINIMUM LIMITS
EACH
OCCURRENCE AGGREGATE
YES
YES
WORKER’S COMPENSATION
EMPLOYER’S LIABILITY
STATUTORY
STATUTORY STATUTORY STATUTORY
YES GENERAL LIABILITY, INCLUDING
PERSONAL INJURY, BROAD FORM
PROPERTY DAMAGE BLANKET
CONTRACTUAL, AND FIRE LEGAL
LIABILITY
BODILY INJURY
PROPERTY DAMAGE
BODILY INJURY & PROPERTY
DAMAGE COMBINED.
$1,000,000
$1,000,000
$1,000,000
$1,000,000
$1,000,000
$1,000,000
YES AUTOMOBILE LIABILITY,
INCLUDING ALL OWNED, HIRED,
NON-OWNED
BODILY INJURY
- EACH PERSON
- EACH OCCURRENCE
PROPERTY DAMAGE
BODILY INJURY AND PROPERTY
DAMAGE, COMBINED
$1,000,000
$1,000,000
$1,000,000
$1,000,000
$1,000,000
$1,000,000
$1,000,000
$1,000,000
$1,000,000
$1,000,000
YES PROFESSIONAL LIABILITY,
INCLUDING, ERRORS AND
OMISSIONS, MALPRACTICE (WHEN
APPLICABLE), AND NEGLIGENT
PERFORMANCE
ALL DAMAGES $1,000,000
YES THE CITY OF PALO ALTO IS TO BE NAMED AS AN ADDITIONAL INSURED: CONSULTANT, AT ITS SOLE COST
AND EXPENSE, SHALL OBTAIN AND MAINTAIN, IN FULL FORCE AND EFFECT THROUGHOUT THE ENTIRE TERM
OF ANY RESULTANT AGREEMENT, THE INSURANCE COVERAGE HEREIN DESCRIBED, INSURING NOT ONLY
CONSULTANT AND ITS SUBCONSULTANTS, IF ANY, BUT ALSO, WITH THE EXCEPTION OF WORKERS’
COMPENSATION, EMPLOYER’S LIABILITY AND PROFESSIONAL INSURANCE, NAMING AS ADDITIONAL
INSUREDS CITY, ITS COUNCIL MEMBERS, OFFICERS, AGENTS, AND EMPLOYEES.
I. INSURANCE COVERAGE MUST INCLUDE:
A. A CONTRACTUAL LIABILITY ENDORSEMENT PROVIDING INSURANCE COVERAGE FOR
CONSULTANT’S AGREEMENT TO INDEMNIFY CITY.
II. THE CONSULTANT MUST SUBMIT CERTIFICATES(S) OF INSURANCE EVIDENCING REQUIRED COVERAGE
AT THE FOLLOWING URL: HTTPS://WWW.PLANETBIDS.COM/PORTAL/PORTAL.CFM?COMPANYID=25569
III. ENDORSEMENT PROVISIONS WITH RESPECT TO THE INSURANCE AFFORDED TO ADDITIONAL
INSUREDS:
A. PRIMARY COVERAGE
WITH RESPECT TO CLAIMS ARISING OUT OF THE OPERATIONS OF THE NAMED INSURED,
INSURANCE AS AFFORDED BY THIS POLICY IS PRIMARY AND IS NOT ADDITIONAL TO OR
CONTRIBUTING WITH ANY OTHER INSURANCE CARRIED BY OR FOR THE BENEFIT OF THE
Professional Services-SAAS
Rev. Dec.15, 2020
Page 28 of 39
ADDITIONAL INSUREDS.
B. CROSS LIABILITY
THE NAMING OF MORE THAN ONE PERSON, FIRM, OR CORPORATION AS INSUREDS UNDER
THE POLICY SHALL NOT, FOR THAT REASON ALONE, EXTINGUISH ANY RIGHTS OF THE
INSURED AGAINST ANOTHER, BUT THIS ENDORSEMENT, AND THE NAMING OF MULTIPLE
INSUREDS, SHALL NOT INCREASE THE TOTAL LIABILITY OF THE COMPANY UNDER THIS
POLICY.
C. NOTICE OF CANCELLATION
1. IF THE POLICY IS CANCELED BEFORE ITS EXPIRATION DATE FOR ANY REASON
OTHER THAN THE NON-PAYMENT OF PREMIUM, THE CONSULTANT SHALL PROVIDE
CITY AT LEAST A THIRTY (30) DAY WRITTEN NOTICE BEFORE THE EFFECTIVE DATE
OF CANCELLATION.
2. IF THE POLICY IS CANCELED BEFORE ITS EXPIRATION DATE FOR THE NON-PAYMENT
OF PREMIUM, THE CONSULTANT SHALL PROVIDE CITY AT LEAST A TEN (10) DAY
WRITTEN NOTICE BEFORE THE EFFECTIVE DATE OF CANCELLATION.
EVIDENCE OF INSURANCE AND OTHER RELATED NOTICES ARE REQUIRED TO BE
FILED WITH THE CITY OF PALO ALTO AT THE FOLLOWING URL:
HTTPS://WWW.PLANETBIDS.COM/PORTAL/PORTAL.CFM?COMPANYID=25569
OR
HTTP://WWW.CITYOFPALOALTO.ORG/GOV/DEPTS/ASD/PLANET_BIDS_HOW_TO.ASP
Professional Services-SAAS
Rev. Dec.15, 2020
Page 29 of 39
POLICY STATEMENT
The City of Palo Alto (the “City”) strives to promote and sustain a superior quality of life for persons in
Palo Alto. In promoting the quality of life of these persons, it is the policy of the City, consistent with the
provisions of the California Public Records Act, California Government Code §§ 6250 – 6270, to take
appropriate measures to safeguard the security and privacy of the personal (including, without limitation,
financial) information of persons, collected in the ordinary course and scope of conducting the City’s
business as a local government agency. These measures are generally observed by federal, state and local
authorities and reflected in federal and California laws, the City’s rules and regulations, and industry best
practices, including, without limitation, the provisions of California Civil Code §§ 1798.3(a), 1798.24,
1798.79.8(b), 1798.80(e), 1798.81.5, 1798.82(e), 1798.83(e)(7), and 1798.92(c). Though some of these
provisions do not apply to local government agencies like the City, the City will conduct business in a
manner which promotes the privacy of personal information, as reflected in federal and California laws.
The objective of this Policy is to describe the City’s data security goals and objectives, to ensure the
ongoing protection of the Personal Information, Personally Identifiable Information, Protected Critical
Infrastructure Information and Personally Identifying Information of persons doing business with the City
and receiving services from the City or a third party under contract to the City to provide services. The
terms “Personal Information,” “Protected Critical Infrastructure Information”, “Personally Identifiable
Information” and “Personally Identifying Information” (collectively, the “Information”) are defined in the
California Civil Code sections, referred to above, and are incorporated in this Policy by reference.
PURPOSE
The City, acting in its governmental and proprietary capacities, collects the Information pertaining to
persons who do business with or receive services from the City. The Information is collected by a variety
of means, including, without limitation, from persons applying to receive services provided by the City,
persons accessing the City’s website, and persons who access other information portals maintained
by the City’s staff and/or authorized third-party contractors. The City is committed to protecting
the privacy and security of the Information collected by the City. The City acknowledges federal and
California laws, policies, rules, regulations and procedures, and industry best practices are dedicated to
ensuring the Information is collected, stored and utilized in compliance with applicable laws.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 30 of 39
POLICY AND PROCEDURES 1-64/IT
Revised: December 2017
The goals and objectives of the Policy are: (a) a safe, productive, and inoffensive work environment for
all users having access to the City’s applications and databases; (b) the appropriate maintenance and
security of database information assets owned by, or entrusted to, the City; (c) the controlled access and
security of the Information provided to the City’s staff and third party contractors; and (d) faithful
compliance with legal and regulatory requirements.
SCOPE
The Policy will guide the City’s staff and, indirectly, third party contractors, which are by contract
required to protect the confidentiality and privacy of the Information of the persons whose personal
information data are intended to be covered by the Policy and which will be advised by City staff to
conform their performances to the Policy should they enjoy conditional access to that information.
CONSEQUENCES
The City’s employees shall comply with the Policy in the execution of their official duties to the extent
their work implicates access to the Information referred to in this Policy. A failure to comply may result
in employment and/or legal consequences.
EXCEPTIONS
In the event that a City employee cannot fully comply with one or more element(s) described in this
Policy, the employee may request an exception by submitting Security Exception Request. The exception
request will be reviewed and administered by the City’s Information Security Manager (the “ISM”). The
employee, with the approval of his or her supervisor, will provide any additional information as may be
requested by the ISM. The ISM will conduct a risk assessment of the requested exception in accordance
with guidelines approved by the City’s Chief Information Officer (“CIO”) and approved as to form by the
City Attorney. The Policy’s guidelines will include at a minimum: purpose, source, collection, storage,
access, retention, usage, and protection of the Information identified in the request. The ISM will consult
with the CIO to approve or deny the exception request. After due consideration is given to the request,
the exception request disposition will be communicated, in writing, to the City employee and his or her
supervisor. The approval of any request may be subject to countermeasures established by the CIO,
acting by the ISM.
MUNICIPAL ORDINANCE
This Policy will supersede any City policy, rule, regulation or procedure regarding information privacy.
RESPONSIBILITIES OF CITY STAFF
Professional Services-SAAS
Rev. Dec.15, 2020
Page 31 of 39
POLICY AND PROCEDURES 1-64/IT
Revised: December 2017
A. RESPONSIBILITY OF CIO AND ISM
The CIO, acting by the ISM, will establish an information security management framework to initiate
and coordinate the implementation of information security measures by the City’s government.
The City’s employees, in particular, software application users and database users, and, indirectly,
third party contractors under contract to the City to provide services, shall by guided by this Policy
in the performance of their job responsibilities.
The ISM will be responsible for: (a) developing and updating the Policy, (b) enforcing compliance
with and the effectiveness of the Policy; (c) the development of privacy standards that will manifest
the Policy in detailed, auditable technical requirements, which will be designed and maintained by
the persons responsible for the City’s IT environments;
(d) assisting the City’s staff in evaluating security and privacy incidents that arise in regard to
potential violations of the Policy; (e) reviewing and approving department-specific policies and
procedures which fall under the purview of this Policy; and (f) reviewing Non- Disclosure Agreements
(NDAs) signed by third party contractors, which will provide services, including, without limitation,
local or ‘cloud-based’ software services to the City.
B. RESPONSIBILITY OF INFORMATION SECURITY STEERING COMMITTEE
The Information Security Steering Committee (the “ISSC”), which is comprised of the City’s
employees, drawn from the various City departments, will provide the primary direction,
prioritization and approval for all information security efforts, including key information security and
privacy risks, programs, initiatives and activities. The ISSC will provide input to the information
security and privacy strategic planning processes to ensure that information security risks are
adequately considered, assessed and addressed at the appropriate City department level.
C.RESPONSIBILITY OF USERS
All authorized users of the Information will be responsible for complying with information privacy
processes and technologies within the scope of responsibility of each user.
D.RESPONSIBILITY OF INFORMATION TECHNOLOGY (IT) MANAGERS
The City’s IT Managers, who are responsible for internal, external, direct and indirect connections to
the City’s networks, will be responsible for configuring, maintaining and securing the City’s IT
networks in compliance with the City’s information security and privacy policies. They are also
responsible for timely internal reporting of events that may have compromised network, system or
data security.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 32 of 39
POLICY AND PROCEDURES 1-64/IT
Revised: December 2017
E. RESPONSIBILITY OF AUTHORIZATION COORDINATION
The ISM will ensure that the City’s employees secure the execution of Non-Disclosure Agreements
(NDA), whenever access to the Information will be granted to third party contractors, in conjunction
with the Software as a Service (SaaS) Security and Privacy Terms and Conditions. An NDA must be
executed prior to the sharing of the Information of persons covered by this Policy with third party
contractors. The City’s approach to managing information security and its implementation (i.e.
objectives, policies, processes, and procedures for information security) will be reviewed
independently by the ISM at planned intervals, or whenever significant changes to security
implementation have occurred.
The CIO, acting by the ISM, will review and recommend changes to the Policy annually, or as
appropriate, commencing from the date of its adoption.
GENERAL PROCEDURE FOR INFORMATION PRIVACY
A.OVERVIEW
The Policy applies to activities that involve the use of the City’s information assets, namely, the
Information of persons doing business with the City or receiving services from the City, which are
owned by, or entrusted to, the City and will be made available to the City’s employees and third
party contractors under contract to the City to provide Software as a Service consulting services.
These activities include, without limitation, accessing the Internet, using e-mail, accessing the City’s
intranet or other networks, systems, or devices.
The term “information assets” also includes the personal information of the City’s employees and
any other related organizations while those assets are under the City’s control. Security measures
will be designed, implemented, and maintained to ensure that only authorized persons will enjoy
access to the information assets. The City’s staff will act to protect its information assets from theft,
damage, loss, compromise, and inappropriate disclosure or alteration. The City will plan, design,
implement and maintain information management systems, networks and processes in order to
assure the appropriate confidentiality, integrity, and availability of its information assets to the City’s
employees and authorized third parties.
B. PERSONAL INFORMATION AND CHOICE
Except as permitted or provided by applicable laws, the City will not share the Information of any
person doing business with the City, or receiving services from the City, in violation of this Policy,
unless that person has consented to the City’s sharing of such information during the conduct of
the City’s business as a local government agency with third parties under contract to the City to
provide services.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 33 of 39
POLICY AND PROCEDURES 1-64/IT
Revised: December 2017
C.METHODS OF COLLECTION OF PERSONAL INFORMATION
The City may gather the Information from a variety of sources and resources, provided that the
collection of such information is both necessary and appropriate in order for the City to conduct
business as a local government agency in its governmental and proprietary capacities. That
information may be gathered at service windows and contact centers as well as at web sites, by
mobile applications, and with other technologies, wherever the City may interact with persons who
need to share such formation in order to secure the City’s services.
The City’s staff will inform the persons whose Information are covered by this Policy that the City’s
web site may use “cookies” to customize the browsing experience with the City of Palo Alto web site.
The City will note that a cookie contains unique information that a web site can use to track, among
others, the Internet Protocol address of the computer used to access the City’s web sites, the
identification of the browser software and operating systems used, the date and time a user
accessed the site, and the Internet address of the website from which the user linked to the City’s
web sites. Cookies created on the user’s computer by using the City’s web site do not contain the
Information, and thus do not compromise the user’s privacy or security. Users can refuse the cookies
or delete the cookie files from their computers by using any of the widely available methods. If the
user chooses not to accept a cookie on his or her computer, it will not prevent or prohibit the user
from gaining access to or using the City’s sites.
D. UTILITIES SERVICE
In the provision of utility services to persons located within Palo Alto, the City of Palo Alto Utilities
Department (“CPAU”) will collect the Information in order to initiate and manage utility services to
customers. To the extent the management of that information is not specifically addressed in the
Utilities Rules and Regulations or other ordinances, rules, regulations or procedures, this Policy will
apply; provided, however, any such Rules and Regulations must conform to this Policy, unless
otherwise directed or approved by the Council. This includes the sharing of CPAU-collected
Information with other City departments except as may be required by law.
Businesses and residents with standard utility meters and/or having non-metered monthly services
will have secure access through a CPAU website to their Information, including, without limitation,
their monthly utility usage and billing data. In addition to their regular monthly utilities billing,
businesses and residents with non-standard or experimental electric, water or natural gas meters
may have their usage and/or billing data provided to them through non-City electronic portals at
different intervals than with the standard monthly billing.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 34 of 39
POLICY AND PROCEDURES 1-64/IT
Revised: December 2017
Businesses and residents with such non-standard or experimental metering will have their
Information covered by the same privacy protections and personal information exchange rules
applicable to Information under applicable federal and California laws.
E. PUBLIC DISCLOSURE
The Information that is collected by the City in the ordinary course and scope of conducting its
business could be incorporated in a public record that may be subject to inspection and copying by
the public, unless such information is exempt from disclosure to the public by California law.
F.ACCESS TO PERSONAL INFORMATION
The City will take reasonable steps to verify a person’s identity before the City will grant anyone
online access to that person’s Information. Each City department that collects Information will afford
access to affected persons who can review and update that information at reasonable times.
G. SECURITY, CONFIDENTIALITY AND NON-DISCLOSURE
Except as otherwise provided by applicable law or this Policy, the City will treat the Information of
persons covered by this Policy as confidential and will not disclose it, or permit it to be disclosed, to
third parties without the express written consent of the person affected. The City will develop and
maintain reasonable controls that are designed to protect the confidentiality and security of the
Information of persons covered by this Policy.
The City may authorize the City’s employee and or third party contractors to access and/or use the
Information of persons who do business with the City or receive services from the City. In those
instances, the City will require the City’s employee and/or the third party contractors to agree to use
such Information only in furtherance of City-related business and in accordance with the Policy.
If the City becomes aware of a breach, or has reasonable grounds to believe that a security breach
has occurred, with respect to the Information of a person, the City will notify the affected person of
such breach in accordance with applicable laws. The notice of breach will include the date(s) or
estimated date(s) of the known or suspected breach, the nature of the Information that is the subject
of the breach, and the proposed action to be taken or the responsive action taken by the City.
H. DATA RETENTION / INFORMATION RETENTION
Professional Services-SAAS
Rev. Dec.15, 2020
Page 35 of 39
POLICY AND PROCEDURES 1-64/IT
Revised: December 2017
The City will store and secure all Information for a period of time as may be required by law, or if no
period is established by law, for seven (7) years, and thereafter such information will be scheduled
for destruction.
I. SOFTWARE AS A SERVICE (SAAS) OVERSIGHT
The City may engage third party contractors and vendors to provide software application and
database services, commonly known as Software-as-a-Service (SaaS).
In order to assure the privacy and security of the Information of those who do business with the City
and those who received services from the City, as a condition of selling goods and/or services to the
City, the SaaS services provider and its subcontractors, if any, including any IT infrastructure services
provider, shall design, install, provide, and maintain a secure IT environment, while it performs such
services and/or furnishes goods to the City, to the extent any scope of work or services implicates
the confidentiality and privacy of the Information.
These requirements include information security directives pertaining to: (a) the IT infrastructure,
by which the services are provided to the City, including connection to the City's IT systems; (b) the
SaaS services provider’s operations and maintenance processes needed to support the IT
environment, including disaster recovery and business continuity planning; and (c) the IT
infrastructure performance monitoring services to ensure a secure and reliable environment and
service availability to the City. The term “IT infrastructure” refers to the integrated framework,
including, without limitation, data centers, computers, and database management devices, upon
which digital networks operate.
Prior to entering into an agreement to provide services to the City, the City’s staff will require the
SaaS services provider to complete and submit an Information Security and Privacy Questionnaire.
In the event that the SaaS services provider reasonably determines that it cannot fulfill the
information security requirements during the course of providing services, the City will require the
SaaS services provider to promptly inform the ISM.
J.FAIR AND ACCURATE CREDIT TRANSACTION ACT OF 2003
CPAU will require utility customers to provide their Information in order for the City to initiate and
manage utility services to them.
Federal regulations, implementing the Fair and Accurate Credit Transactions Act of 2003 (Public Law
108-159), including the Red Flag Rules, require that CPAU, as a “covered financial institution or
creditor” which provides services in advance of payment and which can affect consumer credit,
develop and implement procedures for an identity theft program for new and existing accounts to
detect, prevent, respond and mitigate potential identity theft of its customers’ Information.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 36 of 39
POLICY AND PROCEDURES1-64/IT
Revised: December 2017
CPAU procedures for potential identity theft will be reviewed independently by the ISM annually
or whenever significant changes to security implementation have occurred. The ISM will
recommend changes to CPAU identity theft procedures, or as appropriate, so as to conform to this
Policy.
There are California laws which are applicable to identity theft; they are set forth in California Civil
Code § 1798.92.
NOTE: Questions regarding this policy should be referred to the Information Technology
Department, as appropriate.
12/5/2017Recommended:
Director Information Technology/CIO Date
12/13/2017
Approved:
City Manager Date
Professional Services-SAAS
Rev. Dec.15, 2020
Page 37 of 39
EXHIBIT “F”
CYBERSECURITY TERMS AND CONDITIONS
In order to assure the privacy and security of the personal information of the City's customers and
people who do business with the City, including, without limitation, vendors, utility customers,
library patrons, and other individuals and companies, who are required to share such information
with the City, as a condition of receiving services from the City or selling goods and services to
the City, including, without limitation, the Software as a Service services provider (the
"Consultant") and its subcontractors, if any, including, without limitation, any Information
Technology ("IT") infrastructure services provider, shall design, install, provide, and maintain a
secure IT environment, described below, while it renders and performs the Services and furnishes
goods, if any, described in the Statement of Work, Exhibit B, to the extent any scope of work
implicates the confidentiality and privacy of the personal information of the City's customers. The
Consultant shall fulfill the data and information security requirements (the "Requirements") set
forth in Part A below.
A "secure IT environment" includes (a) the IT infrastructure, by which the Services are provided
to the City, including connection to the City's IT systems; (b) the Consultant's operations and
maintenance processes needed to support the environment, including disaster recovery and
business continuity planning; and (c) the IT infrastructure performance monitoring services to
ensure a secure and reliable environment and service availability to the City. "IT infrastructure"
refers to the integrated framework, including, without limitation, data centers, computers, and
database management devices, upon which digital networks operate.
In the event that, after the Effective Date, the Consultant reasonably determines that it cannot
fulfill the Requirements, the Consultant shall promptly inform the City of its determination and
submit, in writing, one or more alternate countermeasure options to the Requirements (the
"Alternate Requirements" as set forth in Part B), which may be accepted or rejected in the
reasonable satisfaction of the Information Security Manager (the "ISM").
Part A. Requirements:
The Consultant shall at all times during the term of any contract between the City and the
Consultant:
Appoint or designate an employee, preferably an executive officer, as the security liaison
to the City with respect to the Services to be performed under this Agreement.
Comply with the City's Information Privacy Policy:
adopted and implemented
information security and privacy policies that are documented, are accessible to
the City, and conform to ISO 27001/2 – Information Security Management Systems
(ISMS) Standards. See the following:
http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=42103
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=5029
7
Conduct routine data and information security compliance training of its personnel that is
appropriate to their role.
Develop and maintain detailed documentation of the IT infrastructure, including software
versions and patch levels.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 38 of 39
(f) Develop an independently verifiable process, consistent with industry standards, for
performing professional and criminal background checks of its employees that (1) would
permit verification of employees' personal identity and employment status, and (2) would
enable the immediate denial of access to the City's confidential data and information by
any of its employees who no longer would require access to that information or who are
terminated.
(g) Provide a list of IT infrastructure components in order to verify whether the Consultant
has met or has failed to meet any objective terms and conditions.
(h) Implement access accountability (identification and authentication) architecture and
support role-based access control ("RBAC") and segregation of duties ("SoD")
mechanisms for all personnel, systems, and Software used to provide the Services.
"RBAC" refers to a computer systems security approach to restricting access only to
authorized users. "SoD" is an approach that would require more than one individual to
complete a security task in order to promote the detection and prevention of fraud and
errors.
(i) Assist the City in undertaking annually an assessment to assure that: (1) all elements of
the Services' environment design and deployment are known to the City, and (2) it has
implemented measures in accordance with industry best practices applicable to secure
coding and secure IT architecture.
(j) Provide and maintain secure intersystem communication paths that would ensure the
confidentiality, integrity, and availability of the City's information.
(k) Deploy and maintain IT system upgrades, patches and configurations conforming to
current patch and/or release levels by not later than one (1) week after its date of release.
Emergency security patches must be installed within 24 hours after its date of release.
(l) Provide for the timely detection of, response to, and the reporting of security incidents,
including on-going incident monitoring with logging.
(m) Notify the City within one (1) hour of detecting a security incident that results in the
unauthorized access to or the misuse of the City's confidential data and information.
(n) Inform the City that any third party service provider(s) meet(s) all of the Requirements.
(o) Perform security self-audits on a regular basis and not less frequently than on a quarterly
basis, and provide the required summary reports of those self-audits to the ISM on the
annual anniversary date or any other date agreed to by the Parties.
(p) Accommodate, as practicable, and upon reasonable prior notice by the City, the City's
performance of random site security audits at the Consultant's site(s), including the site(s)
of a third-party service provider(s), as applicable. The scope of these audits will extend to
the Consultant's and its third-party service provider(s)' awareness of security policies and
practices, systems configurations, access authentication and authorization, and incident
detection and response.
(q) Cooperate with the City to ensure that to the extent required by applicable laws, rules and
regulations, and the Confidential Information will be accessible only by the Consultant and
any authorized third-party service provider's personnel.
(r) Perform regular, reliable secured backups of all data needed to maximize the availability
of the Services. Adequately encrypt the City of Palo Alto's data, during the operational
process, hosted at rest, and the backup stage at the Vendors' environment (including
Vendor's contracting organization's environment).
(s) Maintain records relating to the Services for a period of three (3) years after the expiration
or earlier termination of this Agreement and in a mutually agreeable storage medium.
Within thirty (30) days after the effective date of expiration or earlier termination of this
Agreement, all of those records relating to the performance of the Services shall be
provided to the ISM.
Professional Services-SAAS
Rev. Dec.15, 2020
Page 39 of 39
(t) Maintain the Confidential Information in accordance with applicable federal, state, and
local data and information privacy laws, rules, and regulations.
(u) Encrypt the Confidential Information before delivering the same by electronic mail to the
City and or any authorized recipient.
(v) Provide Network Layer IP filtering services to allow access only from the City of Palo
Alto's IP address to the Vendor environment (primarily hosted for the City of Palo Alto).
(w) Offer a robust disaster recovery and business continuity (DR-BCP) solutions to the City
for the systems and services the Vendor provides to the City.
(x) Provide and support Single Sign-on (SSO) and Multifactor Authentication (MFA) solutions
for authentication and authorization services from the "City's environment to the Vendor's
environment," and Vendor's environment to the Vendor's cloud services/hosted
environment." The Vendor shall allow two employees of the City to have superuser and
super-admin access to the Vendor's IT environment, and a cloud-hosted IT environment
belongs to the City.
(y) Unless otherwise addressed in the Agreement, shall not hold the City liable for any direct,
indirect or punitive damages whatsoever including, without limitation, damages for loss of
use, data or profits, arising out of or in any way connected with the City's IT environment,
including, without limitation, IT infrastructure communications.
(z) The Vendor must provide evidence of valid cyber liability insurance policy per the City’s
EXHIBIT “D” INSURANCE REQUIREMENTS.
Part B. Alternate Requirements: