EX-10.36 4 moh-12312018xex1036.htm EXHIBIT 10.36 Exhibit

Certain information in this exhibit has been omitted and filed separately with the Securities and Exchange Commission. Confidential treatment has been requested with respect to the omitted portions in accordance with Rule 24b-2 of the Securities Exchange Act of 1934, as amended. Omitted portions of this exhibit are marked by “[redacted]”.

 
 
 
Master Services Agreement
For Information Technology Services
between
MOLINA HEALTHCARE, INC.
and
INFOSYS LIMITED
COMPANY CONFIDENTIAL
MILBANK, TWEED, HADLEY & McCLOY LLP


 
 
 



CONTENTS
Clause
 
Page
Part A
DEFINITIONS AND INTERPRETATION2
2

1
Definitions
2

2
Interpretation
2

Part B
THE TERM AND EXTENSION OF TERM
3

3
The Term
3

4
Extension of the Term
3

Part C
AGREEMENT STRUCTURE AND FORMALITIES
4

5
Structure of the Master Services Agreement
4

6
Not Used
4

7
Flow-Through of Changes
4

Part D
WARRANTIES AND EXCLUSIVITY
5

8
Warranties, Representations and Covenants
5

9
No Exclusivity
11

Part E
THE SERVICES
12

10
Molina Group
12

11
Transition
12

12
Structure of the Services
12

13
Project Work Orders
13

14
Provision of the Services
15

15
Service Delivery Locations
16

16
Software Requirements
17

17
Service Levels
19

18
Service Credits
20

19
Quality
21

20
Training
21

21
Mutual Assistance and Cooperation
22

Part F
CHANGE
23

22
The Relevant Change Management Process
23

23
Technology Development and Asset Refresh
23

Part G
SECURITY, BUSINESS CONTINUITY AND INCIDENT MANAGEMENT
24

24
Security
24

25
Business Continuity Management and Disaster Recovery
25

26
Major Incidents
25

27
Virus and Harmful Code Protection
27

Part H
FACILITIES and SAFETY, HEALTH AND ENVIRONMENT
29

28
Site Systems and Access to Molina Facilities
29

Part I
INTELLECTUAL PROPERTY, CONFIDENTIALITY AND DATA PROTECTION
31




29
Intellectual Property Rights
31

30
Confidentiality
35

31
Use of Confidential Information and Molina Data
38

32
Return of Confidential Information
38

33
Announcements and Publicity
39

34
Data Protection and Data Privacy
39

Part J
CONTRACT ADMINISTRATION and HR
45

35
Contract Management Portal
45

36
Governance
45

37
Policies
46

38
Audit and Information Access
46

39
HR Obligations
50

Part K
PAYMENT
51

40
Charges
51

41
Late Payment
51

42
Invoices
51

43
Taxation
51

Part L
CONTINUING PROTECTIONS FOR MOLINA
55

44
Most Valued Client
55

45
Reference Client
56

46
Benchmarking
57

Part M
WHAT HAPPENS WHEN A PARTY FAILS TO PERFORM
58

47
Advance Warning
58

48
Step-In
58

49
Enhanced Co–Operation
62

50
Service Relocation
64

51
Termination of the Entire Agreement for Cause
64

52
Termination of a Project Work Order for Cause
69

53
Partial Termination
71

54
Termination for Continued Force Majeure
73

55
Termination for Convenience
73

56
The Effective Date of Termination
74

57
Consequences of Termination
74

Part N
INDEMNIFICATION, LIMITATION OF LIABILITY AND EXCUSING CAUSES
78

58
Indemnification, Liability
78

59
Insurance
87

60
Excusing Causes
89

61
Force Majeure
92

Part O
ASSIGNMENT AND SUBCONTRACTING
95

62
Assignment; Certain Service Provider Financing Arrangements
95




63
Subcontracting
95

64
Disposal of a Molina Company
96

65
Third Party Administration
97

Part P
MISCELLANEOUS PROVISIONS
98

66
Further Assurance
98

67
Third Party Beneficiaries
98

68
Notices
98

69
Entire Agreement
100

70
Waiver
100

71
No Partnership
101

72
Severability
101

73
Counterparts
101

74
Dispute Resolution and Dispute Management
101

75
Governing Law and Jurisdiction
102






TABLE OF SCHEDULES
Schedule 1     Definitions and Interpretation
Schedule 2    Statements of Work
Schedule 3    Pricing and Invoicing
Schedule 4    Transition and Transformation
Schedule 5    Benchmarking
Schedule 6    Service Levels and Service Credits
Schedule 7    Governance
Schedule 8    Termination Assistance and Exit
Schedule 9    Change
Schedule 10    Approved Service Delivery Locations
Schedule 11    Approved Subcontractors
Schedule 12    Intentionally Omitted
Schedule 13    Access to Molina Facilities
Schedule 14    Molina Policies
Schedule 15    HR Matters and Key Personnel
Schedule 16     Dependencies
Schedule 17    Mutual Assistance and Cooperation
Schedule 18    Molina Locations
Schedule 19    Agreed Form Non-Disclosure Agreement
Schedule 20    Intentionally Omitted
Schedule 21    Service Provider Technical Solution
Schedule 22    Intentionally Omitted
Schedule 23     Business Continuity and Disaster Recovery
Schedule 24    Certain Security Requirements




THIS AGREEMENT is made on February 4, 2019:
BETWEEN:
(1)
MOLINA HEALTHCARE, INC., a Delaware corporation, whose headquarters is at 200 Oceangate, Long Beach, CA 90802, USA (“Molina”); and
(2)
INFOSYS LIMITED, a limited liability company registered in India (company number L85110KA1981PLC013115), whose registered office is at Electronics City, Hosur Road, Bangalore, 560 100, India (the “Service Provider”).
INTRODUCTION:
(A)
Molina has conducted a wide-ranging strategic review of its technology requirements for information technology. Following the review, Molina identified a number of key criteria that would define a successful relationship between Molina and the chosen suppliers.
(B)
In order to implement Molina’s strategic requirements, Molina issued a Request for Proposal in August 2018 (“RFP”) to the chosen suppliers.
(C)
The Service Provider responded to the RFP with the RFP Proposal in August 2018.
(D)
Molina and the Service Provider engaged in a period of negotiations in relation to this Agreement based on the RFP Proposal.
(E)
Following discussions with the Service Provider in connection with the RFP Proposal, Molina has selected the Service Provider to be a provider of services to Molina for the benefit of all the Molina Companies.
(F)
Molina has entered into, and may from time to time enter into, multiple contracts with multiple suppliers for the supply of different elements of Molina’s information technology requirements. This Agreement concerns the Services only.
(G)
Molina requires its various suppliers to co–operate with each other and with Molina to achieve an end–to–end service for Molina.
(H)
The Service Provider has agreed to supply the Services to Molina for the benefit of all the Molina Companies on the terms of this Agreement.
THE PARTIES AGREE as follows:

-1-



PART A
DEFINITIONS AND INTERPRETATION
1.
DEFINITIONS
In this Agreement, capitalized words and phrases shall have the meanings given in paragraph 1 of Schedule 1 (Definitions and Interpretation) to this Agreement.
2.
INTERPRETATION
This Agreement shall be construed in accordance with paragraph 2 of Schedule 1 (Definitions and Interpretation) to this Agreement.


-2-


PART B    THE TERM AND EXTENSION OF TERM
3.
THE TERM
3.1
Subject to Clause 4 (Extension of the Term), the Term shall:
(a)
commence on the Effective Date; and
(b)
expire at 11.59 pm and 59 seconds (Pacific time) on the Expiry Date, unless terminated earlier in accordance with Clause 51 (Termination of the Entire Agreement for Cause), Clause 54 (Termination for Continued Force Majeure) or Clause 55 (Termination for Convenience).
4.
EXTENSION OF THE TERM
4.1
Molina may extend the term for a maximum of two (2) additional periods of twelve (12) months each.
4.2
If Molina wishes to extend the Term, it shall give notice of its request to extend the Term in writing to the Service Provider at least two (2) months prior to the then-current Expiry Date (“Renewal Notice”).
4.3
Each extension of the Term pursuant to Clause 4.2 shall be referred to as an “Extended Term” for the purposes of this Clause 4 (Extension of the Term).
4.4
Each Renewal Notice shall specify the date, in accordance with Clause 4.1, on which the Term shall expire.
4.5
The Charges applicable to each Extended Term shall be determined in accordance with Schedule 3 (Pricing and Invoicing).
4.6
Molina and the Service Provider shall meet to discuss the Renewal Notice no later than two (2) weeks after the date the Renewal Notice is received.
4.7
The Service Provider acknowledges that it has not been given any assurance nor has the Service Provider any legitimate expectation that the Term will be extended.


-3-


PART C    AGREEMENT STRUCTURE AND FORMALITIES
5.
STRUCTURE OF THE MASTER SERVICES AGREEMENT
5.1
Master Services Agreement
This Agreement:
(a)
sets out the terms on which the Service Provider shall provide the Services or procure the provision of the Services to Molina, Molina Companies; and
(b)
describes how the relationship between Molina and the Service Provider will be managed.
6.
NOT USED
7.
FLOW-THROUGH OF CHANGES
7.1
Except where expressly stated otherwise in this Agreement, each requirement in this Agreement for the Parties to agree on a matter shall be construed as a reference to Molina and the Service Provider agreeing on the matter, and it shall not be necessary for the purposes of this Agreement to obtain the agreement of any other Molina Company or any Service Provider Company on that matter.


-4-


PART D    WARRANTIES AND EXCLUSIVITY
8.
WARRANTIES, REPRESENTATIONS AND COVENANTS
8.1
Service Provider’s General Warranties
The Service Provider hereby warrants, represents and covenants to Molina as follows:
(a)
Authorization
The Service Provider has all the requisite power and authority to enter into this Agreement.
(b)
Performance
The Service Provider shall have all the necessary licenses and consents and Resources it requires in order to deliver the Services as and when required to fulfill all of its obligations under this Agreement and each Project Work Order, except Software, Hardware and licenses and consents that Molina is required to provide as a Molina Responsibility.
(c)
Execution
Execution of this Agreement by the Service Provider does not and will not violate any Applicable Law and does not and will not constitute a default under or breach of any of the Service Provider’s existing or future obligations.
(d)
Compliance
The Service Provider shall comply with Applicable Law in relation to this Agreement. Changes to Applicable Law shall be implemented in accordance with the Change Control Process.
(e)
Inducements to Molina
The Service Provider has not violated any Applicable Law or any Policy regarding the offering of unlawful inducements in connection with this Agreement.
(f)
Inducements from Third Parties
The Service Provider has not received any payment or other benefit from any Third Party (except for any arms’ length payments made for goods or services provided) in return for the Service Provider introducing that Third Party to Molina or in return for subcontracting part of the Services to that Third Party.
(g)
No Exclusive Deals
As of the Effective Date, the Service Provider has no agreements in place under or in relation to this Agreement that would have the effect of preventing a supplier from providing goods or services to Molina other than through the Service Provider or

-5-


have the effect of requiring the Service Provider to use only one supplier of any kind of goods or services for the purposes of providing Services to Molina.
(h)
Quality of Code
(i)
The Service Provider shall develop all Source Code and any associated graphical user interfaces that it develops under this Agreement or a Project Work Order:
(A)
in accordance with Good Industry Practice;
(B)
in accordance with all applicable Policies and Molina conventions that have been notified by Molina to the Service Provider, including any conventions relating to development language, naming conventions for modules, subroutines, variables and constants and use of interfaces, modules and subroutines; and
(C)
in accordance with applicable Third Party Software supplier guidelines, including any style guides, to the extent that the Third Party Software supplier guidelines do not conflict with any Molina conventions.
(ii)
The Service Provider agrees that Molina shall be entitled to engage an expert Third Party to conduct an independent assessment of Source Code quality if in Molina’s opinion the Service Provider has failed to comply with any of the terms in this Clause 8.1(h).
8.2
Warranties given at the Effective Date
Subject to Clause 8.4, each of the representations and warranties in Clauses 8.1(a), 8.1(c), 8.1(e) and 8.1(f) shall be given at the Effective Date only.
8.3
Warranties of a Continuing Nature
Each of the representations, warranties and covenants in Clause 8.1 (other than those referred to in Clause 8.2) shall be of a continuing nature, and shall be deemed to have been repeated on each day throughout the Term and thereafter for as long as any Services under this Agreement remain to be performed during an Exit Period.
8.4
Warranties Repeated on Execution of Project Work Order
Each of the representations, warranties and covenants in Clause 8.1 (including those referred to in Clause 8.2) shall be deemed to have been repeated on the date on which each Project Work Order is executed, and shall apply as repeated as if references in those representations, warranties and covenants to this Agreement were references to that Project Work Order.
8.5
The RFP Proposal and Due Diligence
(a)
The Service Provider represents and warrants that the RFP Proposal was created and submitted in good faith and the Service Provider represents and warrants that the

-6-


contents of the RFP Proposal are true and accurate in all material respects based on the information available to the Service Provider at the date the RFP Proposal was submitted to Molina.
(b)
The Service Provider represents and warrants to Molina that it:
(i)
has satisfied itself as to the risks, contingencies and circumstances relating to the performance of the Services and its other obligations under this Agreement before entering into this Agreement;
(ii)
has reviewed and considered all information provided by Molina in relation to this Agreement and all other information that is accessible to the Service Provider and that the Service Provider ought reasonably to consider in relation to its performance of this Agreement, including data concerning existing volumes, service performance and other metrics made available to Service Provider during the diligence process relating to this Agreement;
(iii)
has made all necessary enquiries of Molina that the Service Provider ought reasonably to consider in relation to its performance of this Agreement;
(iv)
has reviewed the Services and determined the Charges having regard to all of the Services to be provided under this Agreement; and
(v)
will have no claim against Molina, or relief from any of its obligations under this Agreement, or any right to increase the Charges, in each case, in respect of any risk, contingency or other circumstance that the Service Provider failed to identify or consider during the course of the Service Provider’s due diligence activities unless caused by fraudulent misrepresentation or fraudulent omission by Molina or any Molina Company.
(c)
Molina represents and warrants to the Service Provider that the Service Provider is entitled to rely upon the content of the responses by Molina to any enquiries made by the Service Provider as set out in Clause 8.5(b)(iii) above, in each case solely to the extent of such responses and without limiting the Service Provider’s need to make additional enquiries as may be required to resolve conflicting information provided by Molina or for the Service Provider to conduct diligence in accordance with Good Industry Practice (e.g., a general or high-level response by Molina shall not relieve the Service Provider of responsibility for enquiring about information at a level of detail that a reasonably prudent service provider would seek when acting in accordance with Good Industry Practice); provided, however, that where such responses by Molina are or appear to be conflicting, so long has Molina has acted in good faith in providing such responses, it is the responsibility of the Service Provider and not of Molina to identify and to make additional enquiries to resolve such conflict to the satisfaction of the Service Provider.
8.6
Capability

-7-


The Service Provider represents and warrants to Molina that it has carefully reviewed the Services and that it has all necessary skill, resources, experience and technical capacity to deliver all of the Services in accordance with this Agreement.
8.7
Molina Warranties, Representations and Covenants
Molina hereby warrants, represents and covenants to the Service Provider as follows:
(a)
Authorization
Molina has all requisite power and authority to enter into this Agreement and to fulfill all of its obligations under this Agreement.
(b)
Execution
Execution of this Agreement by Molina does not and will not violate any Applicable Law and does not and will not constitute a default under or breach of any of Molina’s existing or future obligations.
(c)
Compliance
Performance of this Agreement by Molina does not and will not violate any Applicable Law that is binding on Molina as a healthcare insurance company and recipient of the Services.
(d)
Licenses
Molina shall have all the necessary licenses and consents it requires in order to grant the Service Provider the rights to Use Molina IP in accordance with Clause 29 (Intellectual Property Rights).
8.8
Warranties given at the Effective Date
Each of the representations, warranties and covenants in Clause 8.7(a) and Clause 8.7(b) shall be given at the Effective Date only.
8.9
Warranties of a Continuing Nature
The representation, warranty and covenant in Clause 8.7(c) shall be of a continuing nature, and shall be deemed to have been repeated on each day throughout the Term and thereafter for as long as any obligations under this Agreement remain to be performed after the expiry or termination of this Agreement.
8.10
Warranties Repeated on Execution of Project Work Order
Each of the representations, warranties and covenants in Clause 8.7 (including those referred to in Clause 8.8) shall be deemed to have been repeated on the date on which each Project Work Order is executed, and shall apply as repeated as if references in those representations, warranties and covenants to this Agreement were references to that Project Work Order.

-8-


8.11
Compliance with Import/Export Laws
(a)
The Parties agree to comply with all Applicable Laws with respect to the export and import of Systems, Materials, data, information and technologies (“Controlled Items”), including those of the U.S. and with applicable embargoes/sanctions which the U.S. may impose from time to time (“Import/Export Laws”).
(b)
Except as provided in Clause 8.11(c) or where it is prohibited by any Import/Export Law, the Service Provider shall be responsible for, and shall notify Molina of, the export and import of all Controlled Items provided or procured by Service Provider in connection with the provision of the Services, including for determining and obtaining all relevant export and import authorizations.
(c)
Molina shall be responsible for the export of all Controlled Items that it is required under this Agreement or any Project Work Order to provide to the Service Provider in order for the Service Provider to provide the Services.
(d)
In circumstances where a Party (the “Responsible Party”) is responsible for the import or export of any Controlled Items, the other Party agrees to cooperate with the Responsible Party, reasonably and in good faith, through the import/export process, including but not limited to providing information available to the other Party so that the Responsible Party may:
(i)
determine all relevant import and export authorizations; and
(ii)
export and import the Controlled Items.
(e)
The Parties acknowledge that Import/Export Laws may include restrictions on access by citizens of third countries, wherever located, to certain U.S. source Controlled Items.
(f)
The Service Provider shall:
(i)
ensure that none of the Service Provider Personnel is on the United States Denied/Restricted Party List (DRPL) as notified by the U.S. Department of Commerce, or is considered a national of any country under US embargo or anti-terrorism export controls; and
(ii)
ensure that no Service Provider Person is an individual who, if he or she were to have access to any Controlled Items in connection with the Services, would cause Molina to contravene any Import/Export Law (whether as a result of a deemed export or re-export or otherwise).
8.12
Ethical Business Practices
(a)
The Service Provider represents, warrants and covenants to Molina that:
(i)
in undertaking the activities contemplated by this Agreement, the Service Provider has complied with, and will continue to comply with, the Molina

-9-


Anti-Corruption Policy (and the Service Provider acknowledges that it has been provided with a copy of that Policy prior to the Effective Date), all applicable laws, regulations and industry codes and good business ethics including without limitation the Foreign Corrupt Practices Act of the United States, the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions and the Bribery Act 2010, and all other applicable laws, regulations and industry codes prohibiting bribery and other forms of corruption in the public and private sectors, and shall not take any action or make any payment in contravention of any such laws, regulations or industry codes or any other Applicable Law;
(ii)
neither the Service Provider, any Service Provider Company nor any of its or their directors, officers, employees, agents or partners shall directly or indirectly offer, promise, give or authorize the giving of any financial or other advantage, or anything else of value to any official or employee of any government, government department or agency, enterprise owned in whole or in part by any government or government department or agency, public international organization, political party, or any other public or regulatory organization that may recommend, purchase, pay for, reimburse, authorize, approve or supply a product or service sold by Molina (the persons covered by this provision are referred to in this Agreement as “Government Officials”) or to any other person or entity at the request of or with the assent or acquiescence of a Government Official, for the purpose of obtaining or retaining business for Molina, securing any other business advantage for Molina or influencing any act or decision in connection with the activities of the Service Provider contemplated by this Agreement;
(iii)
neither the Service Provider, any Service Provider Company nor any of its or their directors, officers, employees, agents or partners shall directly or indirectly offer, promise, give or authorize the giving of any financial or other advantage, or anything else of value, to any person including an officer, employee, agent or representative of another company or organization to induce such person or another person to breach a duty to his or her employer or improperly perform any work-related activity or reward such person or another person for breaching a duty to his or her employer or improperly performing any work-related activity; and
(iv)
neither the Service Provider, any Service Provider Company nor any of its or their directors, officers, employees, agents or partners (a) has made prior to the Effective Date any payment, authorization, promise or gift as described in sub-Clauses (ii) or (iii) above; (b) is a Government Official or (c) will become a Government Official without prior written notice to Molina.

-10-


(b)
The Service Provider shall notify Molina promptly in the event that any of the information contained in the Anti-Corruption Questionnaire is rendered untrue or incomplete as a result of future developments.
(c)
Upon each anniversary of the Effective Date an authorized signatory of the Service Provider shall sign and submit to Molina a certification in a form provided by Molina confirming that the Service Provider is in full compliance with this Clause 8.12 and that the Anti-Corruption Questionnaire is still accurate and complete or clearly indicating any changes thereto.
(d)
The Service Provider shall ensure that each Service Provider Company and Subcontractor complies with the Service Provider’s obligations under this Clause 8.12.
9.
NO EXCLUSIVITY
9.1
The Service Provider is not granted exclusive supplier status by this Agreement for services of the same or a similar nature as the Services (including any future additions to or expansions of the Services) to Molina or any Molina Company.
9.2
Molina may, and any Molina Company may, at any time, obtain from a Third Party or a Molina Company or perform itself, services of the same or a similar nature as the Services.
9.3
This Agreement does not give the Service Provider or any Service Provider Company any right to a minimum level or volume of Services or Charges.
9.4
Molina makes no commitment to use the Service Provider for the provision of any Services or to incur any Charges.
9.5
Nothing in this Clause 9 affects Molina’s obligation to pay for those Services actually consumed or utilized in accordance with this Agreement or any Project Work Order, or affects any other express payment obligation of Molina under this Agreement or any Project Work Order.


-11-


PART E    THE SERVICES
10.
MOLINA GROUP
The Services are provided for the benefit of Molina and the other Molina Companies under this Agreement.
11.
TRANSITION
11.1
The Parties shall comply with their respective obligations set out in Schedule 4 (Transition and Transformation).
11.2
The Service Provider shall ensure that each Transition Milestone set out in the Transition Plans is Achieved by the corresponding Milestone Date.
11.3
The Service Provider’s obligation to Achieve each Transition Milestone, and Molina’s remedies under this Clause 11 (Transition) for any failure by the Service Provider to Achieve a Transition Milestone are subject to Clause 60 (Excusing Causes).
11.4
If a Transition Milestone that is a Delivery Credit Milestone is not Achieved by the relevant Milestone Date (or such other period as the Parties may agree in writing), the Service Provider shall credit a Delivery Credit to Molina, which shall be credited in the same manner as Service Credits in accordance with Schedule 3 (Pricing and Invoicing). The amount of each Delivery Credit shall be determined in accordance with Schedule 4 (Transition and Transformation).
11.5
If a Transition Milestone applicable to any Wave is not Achieved within [redacted] of the relevant Milestone Date, Molina may, without prejudice to its other rights and remedies:
(a)
postpone the Service Commencement Date for the Services in that Wave, and in any subsequent Wave, either to a certain date or until the Transition Milestone has been Achieved;
(b)
move all or part of the Services in that Wave, and in any subsequent Wave, to a later Wave; and/or
(c)
remove from the scope of this Agreement all or part of the Services in that Wave, and in any subsequent Wave, in one, more than one, or all Countries.
12.
STRUCTURE OF THE SERVICES
12.1
The Services include:
(a)
the Run Services;
(b)
the Project Services;
(c)
the services described elsewhere in, as applicable, this Agreement and any Project Work Order; and

-12-


(d)
all other activities, responsibilities and obligations that are an inherent or necessary part of the Services described in Clauses 12.1(a)-(c) above, provided that in each case such other activities, responsibilities and obligations contemplated in this Clause 12.1(d) are (i) not expressly being retained by Molina pursuant to this Agreement or (ii) with respect to those Services being provided under the applicable Statement of Work (and without limiting the Service Provider’s obligations under another Statement or Work or PWO), identified as being outside the scope of Services set out in the applicable Statement of Work or PWO.
12.2
The Run Services shall be provided under this Agreement, without the need for the Parties to enter into any Project Work Order, and are described in the Statement(s) of Work.
12.3
The Project Services shall be provided under Project Work Orders, and are described in the Projects Statement of Work. Clause 13 (Project Work Orders) describes Project Work Orders, the process by which the terms of Project Work Orders shall be agreed and the contents and legal effect of each Project Work Order.
13.
PROJECT WORK ORDERS
13.1
Introductory
(a)
This Clause 13 (Project Work Orders) describes the process by which the terms of Project Work Orders shall be agreed, and the contents and legal effect of each Project Work Order.
(b)
Each Project Work Order shall be substantially in the form attached at Appendix 2-D to Schedule 2 (Statement of Work).
(c)
Each Project Work Order shall be executed by a Molina Company (acting by those persons authorized by Molina from time to time) and a Service Provider Company.
13.2
Agreement of Project Work Orders
(a)
Each Project Work Order shall be agreed in accordance with the process set out in the Projects Statement of Work.
(b)
Except as provided in Clause 13.2(c), a Project Work Order may be entered into during the Term but not after the end of the Term.
(c)
A Project Work Order may be entered into during the twelve (12) month period following the end of the Term, but only:
(i)
with the approval of the Head of IS Vendor and Supplier Management; and
(ii)
if it is Linked to a Project Work Order that was entered into during the Term.
13.3
Effect of Project Work Orders
(a)
Each Project Work Order shall constitute a contract between the Molina PWO Party and the Service Provider PWO Party, separate from and in addition to this Agreement.

-13-


(b)
Each Project Work Order shall incorporate the terms of this Agreement. Except for references to Molina in Clauses 29.3(a) and 29.3(a) (in respect of which Molina and not the Molina PWO Party shall accrue all rights), if any provision of this Master Services Agreement provides that a Party shall have a right, remedy or claim, or shall be subject to an obligation or liability, that provision, as incorporated into a Project Work Order, shall confer that right, remedy or claim or impose that obligation or liability on the Molina PWO Party (in the case of rights, remedies or claims of, or obligations or liabilities on, Molina) and on the Service Provider PWO Party (in the case of rights, remedies or claims of, or obligations or liabilities on, the Service Provider), in respect of that Project Work Order.
(c)
The Service Provider shall procure the performance by each Service Provider PWO Party of its obligations under each Project Work Order.
(d)
Molina shall procure the performance by each Molina PWO Party of its obligations each Project Work Order.
(e)
Nothing in this Clause 13.3 shall relieve Molina or the Service Provider of any of its obligations under this Agreement in respect of any Project Work Order, including the Service Provider’s obligation to provide the Services and Molina’s obligation to pay the Charges, but:
(i)
performance by Molina of an activity under this Agreement in respect of a Project Work Order shall discharge the Molina PWO Party from its corresponding obligation to perform that activity under the Project Work Order; and
(ii)
performance by the Service Provider of an activity under this Agreement in respect of a Project Work Order shall discharge the Service Provider PWO Party from its corresponding obligation to perform that activity under the Project Work Order.
13.4
Services under a Project Work Order
(a)
The Services to be provided under each Project Work Order are:
(i)
the services, functions, roles and responsibilities set out in the Project Work Order itself; and
(ii)
the services, functions, roles and responsibilities set out in any software development lifecycle or methodology expressly referenced in the Project Work Order.
13.5
Linked Project Work Orders
(a)
In this Agreement, a Project Work Order (“Project Work Order A”) is Linked to another Project Work Order (“Project Work Order B”) (and Project Work Order B is also Linked to Project Work Order A) if:

-14-


(i)
any of the Deliverables of Project Work Order A, or any derivative works or Modified versions of any of those Deliverables, are Input Deliverables for Project Work Order B;
(ii)
any of the Deliverables of Project Work Order A, or any derivative works or Modified versions of any of those Deliverables, are Input Deliverables for a Project Work Order that is Linked to Project Work Order B;
(iii)
both of the following conditions are satisfied:
(A)
any of the Deliverables of Project Work Order A, or any derivative works or Modified versions of any of those Deliverables, are Input Deliverables (or the equivalent of Input Deliverables) for an agreement with a Third Party; and
(B)
any of the Deliverables (or the equivalent of Deliverables) of that agreement, or any derivative works or Modified versions of any of any of those Deliverables, are Input Deliverables for Project Work Order B; or
(iv)
Project Work Order A expressly states that it is ‘Linked’ to Project Work Order B.
14.
PROVISION OF THE SERVICES
14.1
The Service Provider shall provide, or shall procure the provision by Service Provider Companies of, the Services to Molina and the Molina Companies.
14.2
Each of the Service Provider and Molina has the rights and obligations allocated to it in each Statement of Work.
14.3
The Service Provider or the Service Provider PWO Party (as applicable) shall provide the Services with effect from the following dates:
(a)
in the case of the Run Services, each Service Commencement Date, as set out in Schedule 4 (Transition and Transformation); and
(b)
in the case of the Project Services under each Project Work Order, the commencement date for the Project Services under that Project Work Order.
14.4
The Service Provider shall provide the Services and perform all its other obligations under this Agreement in a manner that at all times complies with:
(a)
the provisions referred to in Clause 13.4 (in the case of the Project Services);
(b)
subject to Clause 14.5 and if the relevant Project Work Order expressly contemplates the applicability of the associated detail in the Service Provider Technical Solution to the Services set out in such Project Work Order, the Service Provider Technical Solution; and

-15-


(c)
the Policies, as notified by Molina to the Service Provider in writing from time to time.
14.5
Except to the extent the provisions of this Agreement or the applicable Project Work Order expressly contemplate that an obligation in an SoW is subject to the related detail set out in Schedule 21 (Service Provider Technical Solution), Service Provider shall not be entitled to rely on any provision of Schedule 21 (Service Provider Technical Solution), whether expressed as an assumption, a dependency or otherwise, as limiting or reducing any of its obligations under:
(a)
any other provision of this Agreement (including under any provision of any Schedule other than Schedule 21 (Service Provider Technical Solution)); or
(b)
any Project Work Order.
15.
SERVICE DELIVERY LOCATIONS
15.1
The Service Provider shall provide the Run Services only from Approved Service Delivery Locations.
15.2
If any Project Work Order provides that the Service Provider must provide the Project Services under that Project Work Order (or some of those Services) at or from a particular Molina Location or Approved Service Delivery Location, or Molina requires the Service Provider to provide any Catalogue Item at or from a particular Molina Location or Approved Service Delivery Location, the Service Provider shall provide those Project Services or that Catalogue Item at or from that Molina Location or Approved Service Delivery Location.
15.3
If any Project Work Order does not include a provision as described in Clause 15.2, or includes such a provision only in respect of certain Project Services under that Project Work Order, then the Service Provider may provide the Project Services under that Project Work Order, or the Project Services not covered by such a provision, from any Approved Service Delivery Location but not from any other location.
15.4
Molina may, by written notice to the Service Provider, remove any Approved Service Delivery Location from Schedule 10 (Approved Service Delivery Locations) (and that location shall cease to be an Approved Service Delivery Location) if:
(a)
the Service Provider commits a material breach of this Agreement that is wholly or mainly due to the Approved Service Delivery Location, and, if that breach is capable of remedy, that breach is not remedied within twenty (20) Business Days (or such other period as may be agreed by the Parties); or
(b)
that Approved Service Delivery Location does not comply with any Policy and is not or cannot be made to be compliant with that Policy within twenty (20) Business Days.
15.5
Clause 50 (Service Relocation) shall apply if Molina removes any Approved Service Delivery Location under Clause 15.4.

-16-


16.
SOFTWARE REQUIREMENTS
16.1
The Service Provider shall be responsible for installing, operating and maintaining, at its own expense, the Service Provider Software utilized in the performance of the Services.
16.2
The Service Provider shall provide the following to Molina together with any Deliverable required to be provided under this Agreement or any Project Work Order that is, or that includes, any Software that has been created or developed by the Service Provider in the performance of the Services (including any Modification to any such Software) (a “Customized Software Deliverable”):
(a)
all Source Code in respect of the Customized Software Deliverable;
(b)
copies of all:
(i)
Service Provider Software that is embedded in the Customized Software Deliverable;
(ii)
Service Provider Software that is necessary to Use, Modify, support or maintain or continue to develop the Customized Software Deliverable, except where such Service Provider Software is owned by a Third Party and the Agreement or relevant Project Work Order expressly sets outs that that Molina will have to obtain the copies of that Service Provider Software from such Third Party;
(iii)
other Service Provider Software that the Parties have agreed will be provided to Molina;
(iv)
Third Party Software in respect of which Molina has requested the Service Provider to assist it in obtaining licenses under Clause 16.8(d); and
(v)
Third Party Software that the Service Provider has incorporated into a Customized Software Deliverable.
(c)
full details of the Customized Software Deliverable, including full name and version details, the type of media on which the Customized Software Deliverable is provided, any backup command or Software used to create the Customized Software Deliverable provided, any compression used on the Customized Software Deliverable, any archive hardware used in relation to the Customized Software Deliverable and details of the operating system on which the Customized Software Deliverable runs;
(d)
any password and encryption details necessary to access the Source Code to the Customized Software Deliverable that the Service Provider is required to provide under this Clause 16.2;
(e)
a directory listing of the media on which the Customized Software Deliverable is provided;
(f)
design information in respect of the Customized Software Deliverable, including module names and functionality; and

-17-


(g)
the name and contact details of the Service Provider Personnel who Molina may contact if it has any queries regarding the Customized Software Deliverable.
16.3
The Service Provider shall promptly provide Molina with any additional information that Molina may reasonably request in order to be able to Use, reproduce, Modify, build, compile, install, enhance or support any Customized Software Deliverable.
16.4
The Service Provider may not incorporate any Service Provider Software, any Third Party Software or any Open Source Software (including any Modification to any Service Provider Software, Third Party Software or Open Source Software made in the course of providing the Services) (the “Software Materials”) into any Molina Work Product, any Customized Software Deliverable or any of Molina’s Applications or other Systems unless the Service Provider has all the necessary licenses and consents it requires in order to grant to Molina the rights described in Clause 29 (Intellectual Property Rights) and:
(a)
the Software Materials were already incorporated in Materials provided by Molina to the Service Provider for the Service Provider to Modify;
(b)
the Software Materials’ inclusion is expressly set out in a Statement of Work or a Project Work Order as an exception to the obligation set out in this Clause 16.4;
(c)
the Software Materials’ inclusion is approved via the Change Control Process; or
(d)
in the case of Open Source Software, the Open Source Software is Approved Open Source Software.
16.5
In order to ensure compliance with Clause 16.4, the Service Provider shall use Software tools in accordance with Good Industry Practice to detect the presence of Open Source Software.
16.6
The Service Provider may not, without the prior written permission of Molina or in accordance with the Policies, create any dependency between the Use, Modification, development, maintenance or support of any Customized Software Deliverable or any of Molina’s Applications or other Systems and:
(a)
any Service Provider IP;
(b)
any Software, Materials or data the Intellectual Property Rights in which (or some of them) are owned by any Third Party; or
(c)
any services, assets or facilities that are not under Molina’s control and which Molina does not enjoy a perpetual, irrevocable, transferrable, sublicenseable, royalty-free, fully paid up right to use to the extent necessary for the proper operation of the Customized Software Deliverable, Molina Application or other System.
In this Clause 16.6, to “create a dependency” means the Customized Software Deliverable, Molina Application or other System (as applicable), cannot be Used, Modified, developed or supported without one of the items listed in Clauses 16.6(a), 16.6(b) or 16.6(c).

-18-


16.7
The Service Provider shall ensure that all Service Provider Software, Third Party Software and Open Source Software that are incorporated into any Molina Work Product, any Customized Software Deliverable or any of Molina’s Applications or other Systems are clearly identified, either in the Source Code in respect of the Molina Work Product or Customized Software Deliverable or as otherwise agreed between the Parties, as being Service Provider Software, Third Party Software or Open Source Software (as the case may be).
16.8
The Service Provider shall:
(a)
obtain the prior written approval of Molina in respect of all Systems used in the creation or development of Molina Work Product created for Regulated Systems;
(b)
not use any System in the creation or development of Molina Work Product created for Regulated Systems that has not been approved by Molina in accordance with Clause 16.8(a);
(c)
obtain for the benefit of Molina and the other Molina Companies, at the Service Provider’s cost (unless expressly stated as a Molina Responsibility), a license, on terms that are at least as favorable as those in Clause 29.4 (or such other terms as may be agreed by the Parties in writing) in respect of any Third Party Software incorporated into any Molina Work Product or any Customized Software Deliverable;
(d)
if requested by Molina, assist Molina in obtaining (including introducing Molina to the relevant Third Party), at Molina’s cost, a license for Molina and the other Molina Companies to Use any Third Party Software approved by Molina in accordance with Clause 16.8(a) on, to the extent agreed by the applicable Third Party licensor, the standard license terms offered by the relevant Third Party licensor;
(e)
obtain for the benefit of Molina and the other Molina Companies, at the Service Provider’s cost, a license to Use any Software, Materials and data, and any services, assets or facilities, owned by any Third Party and on which the Use, Modification, development, maintenance or support of any Customized Software Deliverable becomes dependent as a result of any action taken by the Service Provider in breach of Clauses 16.6(b) or 16.6(c); and
(f)
wherever possible, use applications and tools that are generally commercially available in the creation and development of Molina Work Product.
17.
SERVICE LEVELS
17.1
The Service Levels are set out in Schedule 6 (Service Levels and Service Credits).
17.2
Without limiting the Service Provider’s obligations to provide the Services in accordance with the quality standards in Clause 19 (Quality), the Service Provider must ensure that the Services at all times meet or exceed the Service Levels.

-19-


17.3
If Service Level Default occurs, the Service Provider shall do any or all of the following (as directed by Molina):
(a)
prior to the end of the month following the month in which the failure (or, as applicable, the last failure) occurred (or within such shorter period as may be specified in Schedule 6 (Service Levels and Service Credits)), perform a Root Cause Analysis to identify the cause of such failure and provide Molina with a written report identifying the root cause of the failure, the consequences of the failure and the Service Provider’s procedures for correcting the failure and for ensuring that the failure does not occur again in the future, in each case as further set out in Schedule 6 (Service Levels and Service Credits); and
(b)
correct any fault or defect in the Systems (other than Systems that Molina is responsible for providing and maintaining, in each case as expressly stated in the applicable Statement of Work or Project Work Order) or processes used by the Service Provider to provide the Services which gave rise to the failure so that the same fault or defect does not reoccur.
17.4
The Service Provider is responsible for ensuring that performance against each of the Service Levels is capable of being measured and reported, and that performance is measured and reported, in accordance with this Agreement.
17.5
If the Service Provider does not measure or report performance against any Service Level in any month in which the Service Provider is required to measure and report performance as set out in Schedule 6 (Service Levels and Service Credits), then the Service Provider shall be deemed to have failed to meet that Service Level and all the normal consequences of such a failure shall apply including crediting Service Credits in accordance with Clause 18 (Service Credits).
18.
SERVICE CREDITS
18.1
If a Service Level Default occurs, the Service Provider shall credit Molina Service Credits in accordance with Schedule 6 (Service Levels and Service Credits).
18.2
The Service Credits that the Service Provider must credit to Molina shall be credited, reported, applied and calculated in accordance with the method set out in Schedule 6 (Service Levels and Service Credits).
18.3
The Service Provider must automatically credit Service Credits against the Charges in accordance with Schedule 3 (Pricing and Invoicing).
18.4
The Service Provider acknowledges and agrees that the credit of any Service Credit by the Service Provider is a one-time price adjustment (without the need to adjust the Charges in Schedule 3 (Pricing and Invoicing)) to reflect the fact that Molina was not provided the quality of Service that it contracted to receive. A Service Credit is therefore not an estimate of the loss or damage suffered by Molina as a result of the Service Provider’s failure to deliver the Services to meet a Service Level.

-20-


18.5
If Molina brings an action based on the same circumstances that gave rise to the payment of Service Credits then any award of damages shall be reduced by the amount of the Service Credit to reflect the Service Credits already credited.
18.6
Service Credits are not Molina’s sole or exclusive remedy in relation to:
(a)
any failure by the Service Provider to meet the Service Levels; or
(b)
breach of, or failure to perform, this Agreement by the Service Provider.
18.7
Subject to Clause 18.5, Molina is not precluded from claiming general damages should Service Credits not fully compensate Molina for its recoverable loss.
19.
QUALITY
19.1
The Service Provider shall perform its obligations under this Agreement in accordance with Good Industry Practice.
19.2
The Parties shall have the rights and obligations allocated to them in Schedule 14 (Molina Policies).
20.
TRAINING
20.1
The Service Provider shall train the Service Provider Personnel about Molina Policies and on regulatory matters impacting on Molina. In the case of regulatory matters, the Service Provider shall train the Service Provider Personnel in accordance with Molina’s interpretation of such regulatory matters that it notifies to the Service Provider in writing, and, if Molina does not notify the Service Provider of any interpretation, the Service Provider shall train the Service Provider Personnel about regulatory matters impacting on Molina in accordance with Good Industry Practice.
20.2
Molina may provide materials, including speaker notes and handouts, for use in the training sessions referred to in Clause 20.1, and the Service Provider shall ensure that these materials are used in those training sessions, including in such manner as Molina may specify.
20.3
The Service Provider shall bear all of its own costs related to the staging and running of the training sessions referred to in Clause 20.1.
20.4
Molina shall have the right to attend training sessions referred to in Clause 20.1. The Service Provider shall, promptly upon request by Molina, provide Molina with copies of all materials presented or distributed to Service Provider Personnel attending training sessions referred to in Clause 20.1.
20.5
If Molina discovers that the Service Provider is not performing its obligations under Clause 20.1 in accordance with Good Industry Practice, or that the training sessions under Clause 20.1 are otherwise deficient in any material respect, then, without prejudice to any of Molina’s other remedies under this Agreement, the Parties may agree that until the Service Provider has remedied that failure or those deficiencies:

-21-


(a)
Molina may require all Service Provider Personnel to attend training sessions run by or on behalf of Molina on the matters referred to in Clause 20.1;
(b)
the Service Provider shall bear all of its own costs related to the attendance by Service Provider Personnel at those training sessions (including travel and living expenses); and
(c)
Molina shall not be liable to pay any amounts to the Service Provider in respect of the time spent by any Service Provider Personnel in attending any of those training sessions.
20.6
Molina may, in circumstances other than those described in Clause 20.5, require Service Provider Personnel to attend training sessions run by or on behalf of Molina on the matters referred to in Clause 20.1. Molina shall reimburse the Service Provider’s reasonable travel and living expenses incurred in complying with this Clause 20.6.
21.
MUTUAL ASSISTANCE AND COOPERATION
The Parties shall have the rights and obligations allocated to them in Schedule 17 (Mutual Assistance and Cooperation).


-22-


PART F    CHANGE
22.
THE RELEVANT CHANGE MANAGEMENT PROCESS
The Parties shall have the rights and obligations as set out in Schedule 9 (Change).
23.
TECHNOLOGY DEVELOPMENT AND ASSET REFRESH
23.1
Continuous Improvement
(a)
The Service Provider shall proactively plan for and identify opportunities to improve the Services and, in so doing, shall advise Molina of each such opportunity that is identified for consideration and possible implementation.
(b)
The Service Provider shall, in addition to any requirements to reduce the Charges as set out in Schedule 3 (Pricing and Invoicing), proactively plan for and identify opportunities to reduce the Charges further (without compromising the quality of the Services) and, in so doing, shall advise Molina of each such opportunity that is identified for consideration and possible implementation.
23.2
Technological Flexibility
(a)
The Service Provider shall, where practicable, employ technology platforms, systems and solutions to provide the Services that have the ability to interface and interoperate with industry standard technology platforms and systems.
(b)
Notwithstanding and in addition to Clause 23.2(a), all interfaces that are required to be prepared and developed by the Service Provider under this Agreement or any Project Work Order must, where practicable and unless otherwise mandated by Molina, be prepared and developed:
(i)
using open standards and open communications protocols;
(ii)
in accordance with the Service Provider’s then current development, interface and interoperability methodologies;
(iii)
using applications and Software tools that are generally available in the market (if any), rather than bespoke applications or Software tools created for the purpose of developing a specific interface unless otherwise agreed between the Parties; and
(iv)
in accordance with Good Industry Practice in the Software development industry and any specific practices recommended, and publications issued (including recommendations on the use of application programming interfaces) by the vendor of the platforms, Systems and solutions that the interfaces are designed to connect.


-23-


PART G    SECURITY, BUSINESS CONTINUITY AND INCIDENT MANAGEMENT
24.
SECURITY
24.1
The Service Provider shall comply with its obligations in relation to security set out in the Policies and each Statement of Work.
24.2
The Service Provider understands and acknowledges that Molina is a covered entity and/or business associates subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act (“HITECH) and any regulations promulgated thereunder (collectively the “HIPAA Rules”) and that Service Provider creates, receives, maintains, and/or transmits Protected Health Information (“PHI”) in providing Services on behalf of Molina. The Parties agree to enter into the Business Associate Agreement set forth in Schedule 24 (Certain Security Requirements).
24.3
The Service Provider understands and acknowledges that Molina is a Qualified Health Plan which participates in state and federal health insurance exchanges which involve the use and disclosure of Personally Identifiable Information (“PII”). The Service Provider agree to comply with applicable state and federal law with respect to safeguarding such PII. The Parties agree to abide by the requirements set forth in Schedule 24 which is incorporated herein by reference. The Service Provider shall access or use Molina’s Systems only for the purpose of performing the Services and for no other purpose whatsoever.
24.4
The Service Provider understands and acknowleges that Molina is subject to other state and federal laws regulating the privacy and confidentiality of personal information, including, but not limited to, the Gramm-Leach-Bliley Act (“GLBA”), Title 42 Part 2 pertaining to the confidentiality of Substance Abuse Disorder Information, and 42 CFR 431.00 et seq., pertaining to the Confidentiality of Medicaid Participant information, and the California Consumer Privacy Act (“CCPA”).
24.5
When accessing or using Molina’s Systems the Service Provider shall, and shall procure that such of the Service Provider Personnel who have access to Molina’s Systems in connection with the performance of the Services shall, comply with all Policies relating to security of Molina’s Systems.
24.6
The Service Provider shall ensure that all the Service Provider Personnel are granted access to Molina’s Confidential Information and any of Molina’s Systems only on a need-to-access basis which shall be restricted to such access as is necessary to perform the Services. Such Service Provider Personnel granted access shall be bound by written confidentiality obligations no less restrictive than those set out in this Agreement (which obligations may, in respect of each Service Provider Person, be set out in that Service Provider Person’s terms of employment or in a separate non-disclosure agreement) and shall be informed by the Service Provider of the confidentiality obligations in this Agreement.

-24-


24.7
The Service Provider shall ensure that no Service Provider Company and, to the extent any of the following events arise from any failure by the Service Provider to fulfill its obligations under this Agreement, that no Third Party:
(a)
suspends, interrupts or discontinues Molina’s (or any Molina Company’s) use of Molina’s Systems;
(b)
erases, destroys, corrupts or modifies any of the Molina Data without the consent or knowledge of Molina;
(c)
is, at any time, unable to locate definitively any media, device or equipment on which Molina Data is stored; or
(d)
bypasses any internal or external security measure in order to obtain access to the relevant Molina Systems or Molina Data without the consent or knowledge of Molina.
24.8
The Service Provider shall notify Molina as soon as it becomes aware of any actual or suspected breaches of this Clause 24 (Security). Molina shall be entitled to investigate, or engage a third party to investigate on its behalf, any actual or alleged breaches (and the Service Provider shall fully cooperate) and the Service Provider shall, as soon as practicable and to extent such actual or alleged breaches are rectifiable by the Service Provider, rectify any breaches identified. The costs of any such investigation, cooperation, and of any rectification of failures by the Service Provider to comply with this Clause 24 (Security), shall be borne by the Service Provider; provided, however, that Molina shall be responsible for such costs to the extent (a) the Service Provider is not responsible for the actions of the applicable Third Party as set out in Clause 24.7, (b) the breach was caused by Molina, (c) the breach was caused by an Other Service Provider whose contract with Molina or whose related activities are not being administered or managed by the Service Provider or any of its Affiliates, or (d) the breach was caused by an Other Service Provider whose contract with Molina or whose related activities are being managed by the Service Provider and such breach was not directly caused by Service Provider’s failure to properly manage or administer such Other Service Provider.
24.9
The Service Provider shall notify Molina as soon as it becomes aware of any actual or suspected vulnerability in the security of any of Molina’s Systems (whether or not those vulnerabilities are, or result from, a breach of this Agreement by the Service Provider).
25.
BUSINESS CONTINUITY MANAGEMENT AND DISASTER RECOVERY
25.1
In addition to the Service Provider’s obligations set out in Schedule 23 (Business Continuity and Disaster Recovery), the Service Provider shall implement, test and maintain disaster recovery and business continuity procedures in respect of its own Systems and facilities used to provide the Services, in accordance with Good Industry Practice.
26.
MAJOR INCIDENTS
26.1
In the event of a Major Incident, the Service Provider shall:

-25-


(a)
comply with its obligations in this Agreement and the Policies according to the nature and impact of that Major Incident;
(b)
take Appropriate Actions to mitigate any adverse effects of the Major Incident on the Services; and
(c)
take Appropriate Actions to ensure that the steps taken by the Service Provider in managing and resolving the Major Incident do not add any further disruptions to the impact of the Major Incident on the Services.
26.2
If a Major Incident is caused or contributed to by, or is otherwise connected to, the Services or Deliverables that the Service Provider has provided under this Agreement or any Project Work Order, the Service Provider shall:
(a)
take Appropriate Actions to assign personnel from its Incident Response Team to manage and resolve the Major Incident (before assigning BAU Personnel); and
(b)
to the extent that it is unable to assign personnel from its Incident Response Team in accordance with Clause 26.2(a), take Appropriate Actions to:
(i)
assign BAU Personnel to manage and resolve the Major Incident; and
(ii)
back-fill the roles of any BAU Personnel assigned in accordance with Clause 26.2(b)(i).
26.3
Subject to Clause 26.4 and without prejudice to Clause 60 (Excusing Causes) and Clause 61 (Force Majeure), the Service Provider shall not be liable for a failure to perform its obligations under this Agreement (other than any of its obligations under this Clause 26 (Major Incidents)) if and to the extent that the failure resulted from:
(a)
an action or step taken by the Service Provider in managing and resolving a Major Incident which Molina directed the Service Provider to take; or
(b)
BAU Personnel being assigned to manage and resolve a Major Incident in accordance with this Clause 26 (Major Incidents) and, as a result, being unavailable to perform the Services.
26.4
The Service Provider shall not be entitled to relief under Clause 26.3 to the extent that:
(a)
the Major Incident occurred as a result of a breach by the Service Provider of any of its obligations under this Agreement or a negligent act or omission on the part of the Service Provider; or
(b)
the Service Provider fails to comply with its obligations under Clause 26.1.
26.5
The Service Provider’s obligations under this Agreement in relation to the management and resolution of a Major Incident apply irrespective of whether the Parties have agreed on the Service Provider’s liability in relation to that Major Incident or any action or step to be taken in managing or resolving the Major Incident, and the Service Provider may not

-26-


refuse to perform those obligations on the grounds that the Parties have not reached such agreement.
26.6
In circumstances where a Major Incident was not caused by an act or omission of the Service Provider (or of a Service Provider Company), or by the Service Provider’s breach of any of its obligations under this Agreement, to the extent the Service Provider’s compliance with this Clause 26 causes it to incur demonstrable and material costs in addition to those it incurs in complying with its obligations under this Agreement, the Parties shall agree any adjustment to the Charges in accordance with the Change Control Process.
26.7
The Service Provider shall:
(a)
maintain a plan for responding to Major Incidents using the Incident Response Team and shall test this plan on an annual basis;
(b)
ensure that a member of the Incident Response Team is available at all times to respond to a Major Incident, irrespective of when or where the Major Incident occurs;
(c)
maintain an up-to-date call-out list containing names, roles and contact details (including mobile and home phone numbers) of all members of the Incident Response Team;
(d)
identify a manager and single point of contact on the Incident Response Team;
(e)
cooperate with Other Service Providers to share such call-out lists for each Incident Response Team;
(f)
recommend to Molina that a Major Incident be declared as a result of an event or crisis within the Service Provider’s own organization; and
(g)
participate in formal reviews and assessments of all Major Incidents to capture learning and improvements to the Services arising out of the Major Incident including retrospectively processing such Major Incidents in accordance with this Agreement and the Policies.
27.
VIRUS AND HARMFUL CODE PROTECTION
27.1
Service Provider Responsibility
(a)
Subject to Clause 27.1(c), the Service Provider must ensure that it does not introduce, or, by failing to comply with its obligations under this Agreement, permit the introduction of, any computer program virus, drop dead device, Trojan horse, time bomb, back door device, or other code that is harmful, destructive, disabling or which assists in or enables unauthorized access to, or use or modification of, any of Molina’s Systems or associated data or otherwise disrupts or impairs the normal operation of any of Molina’s Systems (“Harmful Code”) into any Molina Work Product or in any Customized Software Deliverable.

-27-


(b)
The Service Provider must take Appropriate Actions to ensure that no Harmful Code is introduced into any of Molina’s Systems by the Service Provider or any of its Subcontractors.
(c)
The Service Provider will not be in breach of the provisions of Clause 27.1(a) in circumstances where Materials provided to it by Molina or Other Service Providers already contain Harmful Code, except where the Service Provider’s obligations under this Agreement or a Project Work Order in relation to the Customized Software Deliverable include an obligation to eliminate such Harmful Code.
27.2
Molina Responsibility
Molina shall implement and enforce its own internal policies as they apply to virus protection.
27.3
Procedure if Harmful Code is Found
If any Harmful Code is found by the Service Provider to have been introduced into any Molina Work Product, any Customized Software Deliverable or any of Molina’s Systems:
(a)
the Service Provider must report that fact to Molina as soon as the Service Provider becomes aware of it and provide all information reasonably requested by Molina and which it is capable of providing in relation to the Harmful Code, its manner of introduction and the effect the Harmful Code has had or is likely to have;
(b)
the Service Provider shall cooperate fully with Molina and its Third Party suppliers in taking the necessary remedial action to eliminate the Harmful Code and shall itself take Appropriate Actions to prevent re–occurrence (including implementing appropriate policies and processes to prevent further occurrences);
(c)
if so directed by Molina, the Service Provider shall, at its own cost (except in circumstances where Clause 27.3(d) applies), take Appropriate Actions to remove the Harmful Code from all Molina Work Product, Customized Software Deliverables and Molina Systems (or such of them as Molina may specify) but shall in all cases remedy any consequences of the introduction, execution or proliferation of the Harmful Code, whether by way of removing the Harmful Code or creating a Workaround; and
(d)
Molina shall bear the cost of the Service Provider removing Harmful Code in accordance with this Clause 27.3 if (i) the Harmful Code was introduced by Molina or a Third Party acting on Molina’s behalf or (ii) the Service Provider is not responsible for the actions of the applicable Third Party as set out in Clause 24.7, in each case unless the Service Provider is required to remove the Harmful Code as part of the Services or under another agreement with a Molina Company.

-28-


PART H    FACILITIES AND SAFETY, HEALTH AND ENVIRONMENT
28.
SITE SYSTEMS AND ACCESS TO MOLINA FACILITIES
28.1
The Service Provider may install Site Systems only in accordance with the terms set out in Schedule 13 (Access to Molina Facilities).
28.2
Molina shall give the Service Provider the access to the Molina Facilities as is required by Schedule 13 (Access to Molina Facilities) and each Project Work Order and each Party shall have the rights and obligations in relation to accessing the Molina Facilities as set out in Schedule 13 (Access to Molina Facilities) or in a Project Work Order.
28.3
Molina’s Discretion
The Service Provider may install Site Systems at Molina Facilities only with Molina’s prior written consent, which may be given or refused in Molina’s absolute discretion. Molina consents to the continuing installation of Site Systems that are already installed at Molina Facilities as at the Effective Date, and consents to the installation of those Site Systems that are specifically included in the Agreement, a Project Work Order or a Transition Project.
28.4
Quality and Compliance
The Service Provider shall procure that all Site Systems comply and remain compliant with all applicable Policies until removed from Molina Facilities.
28.5
Compatibility
The Service Provider shall procure that the Site Systems and the Services are at all times compatible with the technical standards set out in the Policies.
28.6
Installation, Removal and Use
(a)
The Service Provider shall, in reasonable time:
(i)
provide Molina with the information and instructions necessary to enable appropriately skilled Molina personnel to prepare each Molina Facility for the delivery and installation of the Site Systems; and
(ii)
deliver the Site Systems to, and install them at, Molina Facilities.
(b)
When a Site System ceases to be used in the provision of the Services, the Service Provider shall promptly disconnect that System, make good any damage caused by the disconnection (unless otherwise instructed by Molina) and remove it from the relevant Molina Facility, provided that where the Site System is an Exit System, the Service Provider shall take no action to remove that Site System from the relevant Molina Facility unless Molina gives its written consent, which it shall not unreasonably withhold.
(c)
The Service Provider shall not use the Site Systems other than for the provision of the Services without first obtaining Molina’s written consent.

-29-


(d)
If a Site System is removed from a Molina Facility, the Service Provider shall promptly securely erase all Molina Data and Molina Confidential Information from that Site System in accordance with the Policies and with Molina’s written consent.


-30-


PART I    INTELLECTUAL PROPERTY, CONFIDENTIALITY AND DATA PROTECTION
29.
INTELLECTUAL PROPERTY RIGHTS
29.1
Ownership of Pre–existing Intellectual Property Rights
(a)
This Agreement shall not assign or otherwise transfer any Intellectual Property Rights existing as at the Effective Date.
(b)
Neither Party shall contest ownership of all or part of the other Party’s pre–existing Intellectual Property Rights.
29.2
License of Molina IP and Molina Work Product
(a)
Molina shall retain all right, title and interest in and to the Molina IP, including all Intellectual Property Rights therein.
(b)
Subject to this Clause 29.2, the Service Provider and the Approved Subcontractors are hereby granted (in each case, to the extent necessary and for the sole purpose of providing the Services):
(i)
a world–wide, fully paid–up, non–exclusive license to Use the Molina IP; and
(ii)
a right to use the Molina–owned Systems, and, to the extent permitted under the relevant lease, Molina–leased Systems.
(c)
The Molina IP shall be made available to the Service Provider in such form and on such media as exists at the Effective Date and for Molina IP provided after the Effective Date in such form and on such media as may be agreed between the Parties.
(d)
Neither the Service Provider nor the Approved Subcontractors shall be permitted to Use the Molina IP for the benefit of any entities other than Molina Companies without the prior written consent of Molina, which may be withheld at Molina’s sole discretion.
(e)
The license granted under this Clause 29.2 shall take effect from the date that the Molina IP is first provided to the Service Provider or the Approved Subcontractors.
(f)
The right to use the Molina–owned or leased Systems under this Clause 29.2 shall take effect from the following date:
(i)
in the case of each System that is required to be used by the Service Provider or the Approved Subcontractors in the provision of the Run Services, the applicable Service Commencement Date; and
(ii)
in the case of each System that is required to be used by the Service Provider or the Approved Subcontractors in the provision of the Project Services, the commencement of the applicable Project Work Order (or, if the System is

-31-


required to be used in relation to more than one Project Work Order, the first commencement of any such Project Work Order).
(g)
The license granted under this Clause 29.2 shall terminate:
(i)
in respect of a particular item of the Molina IP, on the date that item ceases to be Used in performance of the Services, in which event the Service Provider shall (to the extent the Molina IP is, or comprises, Confidential Information) promptly comply with Clause 32 (Return of Confidential Information) in respect of that item; and
(ii)
in total, on the date on which this Agreement has expired or been terminated and the Service Provider has completed the performance of all of its obligations under all Project Work Orders (including its obligations under Schedule 8 (Termination Assistance and Exit) in respect of all Project Work Orders that are terminated).
(h)
The right to use the Molina–owned or leased Systems under this Clause 29.2 shall terminate on the date on which this Agreement has expired or been terminated and the Service Provider has completed the performance of all of its obligations under all Project Work Orders (including its obligations under Schedule 8 (Termination Assistance and Exit) in respect of all Project Work Orders that are terminated).
29.3
Rights in Molina Work Product
(a)
Subject to Clause 29.1, Clause 29.3(b), and Clause 29.3(c), Molina shall own all right, title and interest (including ownership of all Intellectual Property Rights, patentable inventions and patents thereon) in and to Molina Work Product. This Agreement memorializes that it was the Parties’ intent before commencement of the Molina Work Product that the Molina Work Product was to be a work made for hire within the meaning of the Copyright Act, 17 U.S.C. § 101 et seq. and all other applicable intellectual property laws, owned by Molina. The Service Provider acknowledges that, for the purposes of the foregoing, the Work Product shall be considered “works made for hire” under all applicable copyright laws.
(b)
To the extent that any of the rights, title and interest referred to in Clause 29.3(a) do not vest in Molina by operation of law, the Service Provider hereby irrevocably assigns, transfers and conveys to Molina with full title guarantee and, when applicable, shall procure that any of its Affiliates or Subcontractors irrevocably assign, transfer and convey to Molina with full title guarantee, without further consideration, all such rights, title and interest (including Intellectual Property Rights) and such assignment shall be an assignment (in respect of any copyright subsisting therein) of future copyright pursuant the Copyright Act, 17 U.S.C. § 101 et seq. and all other applicable intellectual property laws.
(c)
If a Deliverable, or any other Software or Materials specifically created or developed by the Service Provider for Molina and required to be delivered to Molina in the

-32-


course of providing the Services, incorporates Service Provider IP (including any Modification of pre-existing Service Provider IP):
(i)
that Deliverable, Software or Materials as a whole shall be treated for the purposes of this Agreement as Molina Work Product, and not as a Modification of the incorporated Service Provider IP; but
(ii)
that incorporated Service Provider IP shall remain treated as Service Provider IP, and nothing in this Agreement shall assign or otherwise transfer any Intellectual Property Rights in that incorporated Service Provider IP.
(d)
With respect to any moral rights in any of the Molina Work Product, the Service Provider shall procure, and shall procure that any Affiliates of the Service Provider and any Subcontractors procure, that all applicable moral rights shall not be asserted by the holder of such rights.
29.4
License of Service Provider IP
(a)
Subject to Clause 29.3 and this Clause 29.4, the members of the Service Provider Group shall retain all right, title and interest in and to the Service Provider IP, including all Intellectual Property Rights therein.
(b)
The Service Provider hereby grants to each Molina Company, for its benefit and for the benefit of its contractors and agents, a perpetual, irrevocable, world-wide, fully paid-up, non-exclusive, transferable license (with the right to sublicense) to Use and Modify all Service Provider IP that is:
(i)
incorporated within any Deliverable or Molina Work Product by the Service Provider or any Subcontractor (whether solely or jointly with Molina or any Third Party);
(ii)
otherwise necessary for the Use of any Molina Work Product or any Deliverable;
(iii)
necessary for the ongoing support, maintenance, Modification or development of any Molina Work Product or any Deliverable; or
(iv)
integrated into any other Systems that are transferred to Molina or a Successor Supplier on termination or expiry of this Agreement (in whole or in part).
(c)
Clause 29.4(b) applies to Service Provider IP irrespective of whether the use made of the Service Provider IP by the Service Provider in providing the Services was in compliance with, or in breach of, this Agreement.
(d)
Other than in the case specified in Clause 29.4(e)(i) or for the purpose specified in Clause 29.4(e)(ii), or as otherwise expressly provided in this Agreement, and subject always to Clause 29.4(f), nothing in this Agreement shall be construed to give Molina, a Molina Company or an Other Service Provider the right to use any

-33-


Embedded Service Provider IP in a manner unconnected with the Application or System in connection with which the Embedded Service Provider IP is provided.
(e)
For the purpose of Clause 29.4(d):
(i)
the case specified in this Clause is: if another provision of this Agreement or a Project Work Order provides, or the specifications applicable to the Application or System or to the Deliverable in which the Embedded Service Provider IP is incorporated provide, for that Service Provider IP to be used other than in connection with that Application or System; and
(ii)
the purpose specified in this Clause is: achieving interoperability with that Application or System.
(f)
Clause 29.4(d) shall not apply in respect of any Embedded Service Provider IP if the Service Provider does not comply with Clause 16.4 or 16.7 in respect of that Embedded Service Provider IP.
(g)
The Service Provider hereby grants to each Molina Company, for its benefit and for the benefit of its contractors and agents, during the Term (including the term of any Project Work Order that continues after the end of the Term, and any Exit Period), a world–wide, fully paid–up, non–exclusive license to Use the Service Provider IP (other than Service Provider IP subject to the license under Clause 29.4(b)) to the extent necessary to receive the Services.
(h)
The Service Provider hereby grants to each Molina Company for the benefit of the Other Service Providers, during the Term (including the term of any Project Work Order that continues after the end of the Term and any Exit Period), a world–wide, fully paid–up, non–exclusive license to Use the Service Provider IP (other than Service Provider IP subject to the license under Clause 29.4(b)) to the extent necessary to enable those Other Service Providers to interact with the Service Provider or to enable the Other Service Provider’s services to interface with the Services.
(i)
Molina shall ensure that the Other Service Providers comply with the license granted pursuant to Clause 29.4(h).
(j)
The licenses granted under this Clause 29.4 above shall take effect from the date on which the Service Provider IP that is the subject of the license is first used by, or on behalf of, the Service Provider to provide the Services or incorporated into any Deliverable or any Molina Work Product or becomes necessary for the Use of any Deliverable or any Molina Work Product.
(k)
If a Service Provider Method is incorporated within Molina’s business processes or practices:
(i)
by or on behalf of the Service Provider;

-34-


(ii)
by or on behalf of Molina, on the Service Provider’s recommendation; or
(iii)
by or on behalf of Molina as a result of Molina having learned to perform the Service Provider Method in the course of receiving the Services during the Term,
then the Service Provider hereby grants to each Molina Company, for its benefit and for the benefit of its contractors and agents (in connection with the provision of services to a Molina Company), a perpetual, irrevocable, world-wide, fully paid-up, non-exclusive, transferable license (with the right to sublicense) to conduct its business and operate its processes and practices incorporating the Service Provider Method. For the avoidance of doubt, Molina shall comply with its obligations set out in Clause 30 (Confidentiality) with respect to Service Provider Methods except as the disclosure thereof may be permitted as set out in this Clause 29.4(k).
(l)
In each case where the Service Provider grants a license under this Clause 29.4 for the benefit of a contractor or agent of any Molina Company or any Other Service Provider, that contractor, agent or Other Service Provider may exercise its rights under that license for the sole purpose of providing goods, services and Software to the Molina Companies.
29.5
Protection of each Party’s Rights
(a)
Except to the extent contemplated in this Agreement, the Service Provider shall not at any time do anything or cause anything to be done that would prejudice Molina’s right, title and interest in any of the Intellectual Property Rights vested in Molina pursuant to this Agreement.
(b)
Except to the extent contemplated in this Agreement, Molina shall not at any time do anything or cause anything to be done that would prejudice the Service Provider’s right, title and interest in any Intellectual Property Rights vested in the Service Provider pursuant to this Agreement.
(c)
Each Party agrees to, at the claiming Party’s reasonable expense, do all things reasonably necessary to confirm the ownership of the subject matter and Intellectual Property Rights therein as contemplated in this Clause 29 (Intellectual Property Rights), including executing or procuring the execution of documents or taking other reasonable actions as necessary to perfect ownership or otherwise to give full effect to the licenses granted pursuant to this Clause 29 (Intellectual Property Rights).
(d)
Neither Party shall be permitted to use any trademarks of the other Party for any purpose except with the express written permission of the owner of the trade marks.
30.
CONFIDENTIALITY
30.1
In this Clause 30 (Confidentiality), the “Disclosing Party” means the Party making a disclosure of Confidential Information to the other Party (the “Receiving Party”).

-35-


30.2
The Receiving Party shall, and shall procure that its Subcontractors shall:
(a)
keep the Confidential Information confidential;
(b)
not disclose the Confidential Information to any person, other than in accordance with Clauses 30.3 to 30.5 or Clause 30.7, unless it first obtains the written consent of the Disclosing Party; and
(c)
not use the Confidential Information other than for the Permitted Purposes.
30.3
Each Party and its Subcontractors may disclose Confidential Information to:
(a)
each other and their respective employees and Authorized Persons; and
(b)
its auditors to the extent reasonably required for such appointment and the exercise by the auditor of its audit obligations.
30.4
Without limiting Clause 30.3, Molina may disclose Confidential Information (other than Service Provider Commercially Sensitive Information) to:
(a)
Successor Suppliers to the extent set out in the Exit Plan or Schedule 8 (Termination Assistance and Exit);
(b)
any Step-In Agent appointed pursuant to Clause 48 (Step-In) to the extent reasonably required for such appointment and the exercise by the Step-In Agent of its step-in obligations, provided such Step-In Agent enters into an Agreed Form NDA;
(c)
any Other Service Provider to the extent required to enable the Other Service Provider to interact with the Service Provider or to enable the Other Service Provider’s services to interface with the Services; and
(d)
without limiting Clause 30.10, any Regulatory Authority (or any Person that is an Affiliate of, or acting at the behest of, a Regulatory Authority) to which Molina or any Molina Company is obligated to provide services pursuant to a contract with such Regulatory Authority or Person.
30.5
The Receiving Party may disclose Confidential Information to Third Parties (including, if the Receiving Party is Molina, any Step-in Agent, Successor Supplier or Other Service Provider) only if those Third Parties have entered into a non-disclosure agreement for the benefit of the Disclosing Party containing confidentiality terms no less stringent than those set out in this Agreement (which may take the form of an Agreed Form NDA) or to those that are subject to professional obligations preventing disclosure.
30.6
The Receiving Party shall be liable to the Disclosing Party if any person to whom the Receiving Party disclosed Confidential Information does not comply with this Clause 30 (Confidentiality) or the non-disclosure agreement in favor of the Disclosing Party described in Clause 30.5 above.
30.7
The Receiving Party may disclose any information relating to the services or transactions under this Agreement and Confidential Information where disclosure is required by law,

-36-


by a court of competent jurisdiction or by a regulatory body or stock exchange with authority over its business or securities, provided that, where permitted by law, the Receiving Party gives the Disclosing Party as much notice of the disclosure as is practicable so that the Disclosing Party may seek a protective order. The compelled disclosure described in the preceding sentence shall not otherwise alter or affect the confidential nature of the Confidential Information.
30.8
The obligations contained in Clauses 30.2 to 30.7 do not apply to any Confidential Information which:
(a)
is at the date of this Agreement in, or at any time after the date of this Agreement comes into, the public domain other than through the Receiving Party’s breach of this Agreement;
(b)
can be shown by the Receiving Party to the reasonable satisfaction of the Disclosing Party to have been known by the Receiving Party before disclosure to the Receiving Party;
(c)
has been developed by the Receiving Party independently, without reference to any Confidential Information provided by or otherwise obtained from the Disclosing Party (or another member of its Group) or its contractors; or
(d)
subsequently comes lawfully into the possession of the Receiving Party from a Third Party without restriction as to disclosure or use.
30.9
Nothing in this Clause 30 (Confidentiality) or any other obligation of confidence arising under this Agreement or at law or in equity shall restrict in any way the use (including disclosure) or enjoyment by Molina of any Service Provider IP (in accordance with any license terms) that Molina is authorized to use or enjoy under this Agreement.
30.10
Each Party may disclose to any Regulatory Authority a breach by the other of this Agreement where such Party has an obligation to disclose that breach to a Regulatory Authority.
30.11
Subject to Clause 30.3, Clause 30.4 and Clause 30.7, in no event shall either Party’s Confidential Information be provided to other persons who are, or who work for, a competitor of such Party without that Party’s prior written consent.
30.12
If the Receiving Party commits a breach of this Clause 30 (Confidentiality), the Disclosing Party shall be entitled to seek the remedies afforded it in equity or at law for breach of confidence, in addition to the remedies available to it for breach of contract.
30.13
Molina shall be entitled to disclose the terms of this Agreement (other than Schedule 21 (Service Provider Technical Solution) and the Charges) and any Project Work Orders to any Third Party who Molina wishes to engage to provide Replacement Services, provided that the identity of the Service Provider and the identities of Service Provider Personnel are anonymized in that disclosure. Nothing in this Clause 30.13 shall prevent Molina from disclosing to any such Third Party that the Service Provider is the provider of any Services, provided that Molina does not also disclose that the terms of this Agreement or any Project

-37-


Work Order are the terms on which the Service Provider has agreed to provide those Services.
30.14
The Receiving Party shall promptly notify the Disclosing Party of any facts known to the Receiving Party concerning any accidental or unauthorized access, disclosure or use, or accidental or unauthorized loss, damage or destruction of Confidential Information by any current or former employee, contractor, agent, or subcontractor of the Receiving Party.
31.
USE OF CONFIDENTIAL INFORMATION AND MOLINA DATA
31.1
The Service Provider must not examine or analyze the contents of any Molina Confidential Information or Molina Data disclosed to the Service Provider in the performance of its obligations under this Agreement except as necessary for the performance of those obligations. PHI, PII and other Personal Data subject to privacy and confidentiality requirements pursuant to Applicable Law, as applicable, shall be only be used and disclosed by the Service Provider in accordance the attached Business Associate Agreement and applicable law. The Service Provider shall continue to safeguard any such information even after the Molina Confidential Information is disclosed to unauthorized individuals or subject to unauthorized access.
31.2
The Service Provider shall keep any Molina Confidential Information and Molina Data which is in electronic form separate from information in relation to any Third Party in such a way that it can only be accessed by specified authorized individuals who must enter an appropriately secured password or similar security control to gain access.
31.3
The Service Provider shall keep any Molina Confidential Information and Molina Data which is in paper form separate from information in relation to any Third Party in such a way that it can only be accessed by specified authorized individuals who must use an appropriate restricted key or similar security control to gain access.
32.
RETURN OF CONFIDENTIAL INFORMATION
32.1
The Receiving Party must promptly on request from the Disclosing Party:
(a)
return to the Disclosing Party;
(b)
destroy and certify in writing to the Disclosing Party the destruction of; or
(c)
destroy and permit an employee of the Disclosing Party to witness the destruction of,
all the Disclosing Party’s Confidential Information in the Receiving Party’s possession or control, except as set out in Clause 57.5.
32.2
The Receiving Party may retain one copy of any notes and other records that it is required by law to retain.
32.3
Either Party may retain information that it is required to disclose in order to comply with any of those reporting obligations set out in Clause 30.7.

-38-


33.
ANNOUNCEMENTS AND PUBLICITY
33.1
The Service Provider may not disclose to any existing or potential customer (whether in any marketing materials addressed to a specific customer or its customers generally, in a response to a ‘request for information’, ‘request for proposal’ or similar document, or otherwise) any information regarding the existence or subject matter of this Agreement.
33.2
Molina shall be entitled to disclose the termination or expiry of this Agreement (in whole or in part), and the basis of the termination or expiry, to potential Successor Suppliers and such other Third Parties as Molina has reasonable grounds for notifying of the termination or expiry (except to the extent that the Parties agree in a confidential settlement agreement that this information will not be disclosed).
34.
DATA PROTECTION AND DATA PRIVACY
34.1
In this Clause 34 (Data Protection and Data Privacy):
(a)
Data Protection Laws means all Applicable Laws (including HIPAA and HITECH), and any laws, rules, regulations, regulatory guidance, and regulatory requirements relating to personal information, personally identifiable information, Personal Data, non-public information, or protected health information (whether enacted by the United States, any State or other jurisdiction thereof, or any other government or regulatory agency) in relation to: (a) data protection; (b) privacy; (c) restrictions on, or requirements in respect of, the processing of Personal Data of any kind, including protected health information; and (d) actions required to be taken in respect of unauthorized or accidental access to or use or disclosure of Personal Data;
(b)
data is Personal Data for the purposes of this Agreement if:
(i)
it relates to natural persons and its processing, under or in connection with this Agreement, is subject to any Data Protection Laws, including Data Breach Notification laws, that apply to data about legal persons as well as data about natural persons;
(ii)
it is PHI; or
(iii)
it includes any of the following information and its processing, under or in connection with this Agreement, is subject to any U.S. federal or state law or regulation: name, address, telephone number, fax number, social security number, DEA number, other government issued identifier, credit card information, medical insurance identifiers, IP addresses, e-mail addresses and information relating to the past, present or future health or condition (physical or mental) of an individual;
(c)
Data Safeguards means administrative, technical and physical safeguards that protect against threats or hazards to the integrity and security of, the unauthorized or accidental destruction, loss, alteration or use of, and the unauthorized access to, In-scope Personal Data and that comply with (i) the requirements set out in

-39-


Schedule 24 (Certain Security Requirements), (ii) Good Industry Practice, and (iii) the requirements set out in each applicable Statement of Work;
(d)
In-Scope Personal Data means any Personal Data that is processed by the Service Provider in the course of providing the Services or performing its other obligations under this Agreement.
34.2
Each of the Service Provider and Molina shall, at all times, comply with its obligations under all Data Protection Laws and all applicable Molina Policies in connection with this Agreement. It is the parties’ understanding that Molina is the data controller and the Service Provider is the data processor under this Agreement.
34.3
The Service Provider shall not be entitled to use or otherwise process any In-Scope Personal Data for any purpose other than to provide the Services and to perform its other obligations under this Agreement.
34.4
The Service Provider shall:
(a)
Process In-Scope Personal Data only on and in accordance with the written instructions of Molina, which instructions may be given specifically in writing or, to the extent not inconsistent with those specific instructions, may be contained in Molina Policies;
(b)
promptly notify Molina upon becoming aware of any errors or inaccuracies in any In-Scope Personal Data;
(c)
ensure that, except as otherwise instructed in writing by Molina or required by Applicable Law, any copies of In-Scope Personal Data in the possession or under the control of the Service Provider, any Subcontractor or any Service Provider Personnel are permanently destroyed when they are no longer required for the performance of the Service Provider’s obligations under this Agreement;
(d)
provide access to In-Scope Personal Data only to Service Provider Personnel who: (i) need to have access to the data in order to carry out their roles in the performance of the Service Provider’s obligations under this Agreement; (ii) have been appropriately trained on the requirements of Data Protection Laws applicable to the processing, care and handling of the data; and (iii) are subject to contractual or statutory obligations of confidentiality in respect of the In-Scope Personal Data; and
(e)
subject to Clause 34.11, give the Molina Companies such co–operation, assistance and information and execute all documents as they may reasonably request to assist them to comply with their obligations under any Data Protection Laws insofar as they relate to any In-Scope Personal Data, and co–operate and comply with the directions or decisions of any competent data protection or privacy authority, or any other relevant regulatory authority, in relation to such data, and, in each case, within such time to assist Molina Companies to meet any time limit imposed by Data

-40-


Protection Laws or by the data protection or privacy authority, or such other relevant regulatory authority,.
34.5
In respect of In-Scope Personal Data the processing of which is subject to any Applicable Law that prohibits or restricts (a) the transfer of that In-Scope Personal Data to any country or territory or (b) the processing of that In-Scope Personal Data in any country or territory, the Service Provider shall not transfer or Process that In-Scope Personal Data in contravention of any such prohibition or restriction, except where the transfer merely continues, and is carried out in all material respects in the same way as, a transfer which was carried on between Molina Companies before the Effective Date (unless another provision of this Agreement requires that transfer to cease).
34.6
The Service Provider shall:
(a)
at all times have in place (and keep Molina Companies’ Corporate Privacy Official informed in writing of the identity of) a Service Provider Person who is responsible for assisting Molina Companies in responding to enquiries received from data subjects or any competent data protection or privacy authority, or any other relevant regulatory authority;
(b)
ensure that the Service Provider Person referred to in Clause 34.6(a) always responds promptly and reasonably to the enquiries referred to in that Clause, taking full account of the relevant requirements of Data Protection Laws as to timely response; and
(c)
take no steps in relation to any enquiry as referred to in Clause 34.6(a) except on the written instructions of the applicable Molina Company.
34.7
The Service Provider shall:
(a)
not disclose or transfer any In-Scope Personal Data to any third party, except for a disclosure or transfer:
(i)
made on the written instructions of Molina;
(ii)
to a Subcontractor in accordance with Clause 34.7(b); or
(iii)
to the extent required by Applicable Law or any other provision of this Agreement;
(b)
in respect of any processing of In-Scope Personal Data by a Subcontractor:
(i)
comply with the provisions of Clause 63 (Subcontracting);
(ii)
ensure that the Subcontractor’s processing is carried out under a written contract imposing on the Subcontractor equivalent obligations as are imposed on the Service Provider under this Clause 34 (Data Protection and Data Privacy);
(iii)
procure that the Subcontractor performs and observes those obligations; and

-41-


(iv)
if Molina so requests, procure that the Subcontractor enters into a written contract with Molina (or a Molina Company nominated by Molina), imposing on the Subcontractor the same obligations as are imposed on the Service Provider under this Clause 34 (Data Protection and Data Privacy).
The Service Provider understands and agrees that it is not authorized to respond to any requests for In-Scope Personal Data, whether made by a regulatory authority, data subject, or any other party, unless the Service Provider is explicitly authorized by Molina or the response is legally required under a subpoena or similar legal document issued by a government agency that compels disclosure by the Service Provider.
34.8
The Service Provider:
(a)
shall adopt, implement, maintain, and comply with the Data Safeguards, including, as part of the Data Safeguards, security procedures and practices to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of In-Scope Personal Data;
(b)
warrants to Molina that the Service Provider has written security policies, procedures and practices that comply with the Service Provider’s data security obligations under Data Protection Laws;
(c)
shall maintain and enforce the Data Safeguards at each Approved Service Delivery Location and each other facility from which the Service Provider provides the Services, and with respect to any and all networks that process In-scope Personal Data;
(d)
shall immediately notify Molina in writing: (i) if it cannot comply with any term of the Agreement regarding the Services that affects the privacy or security of Molina Data or In-Scope Personal Data (and if this occurs, the Service Provider shall remedy the noncompliance in accordance with the Agreement, and Molina shall be entitled to suspend transmission of such information to the Service Provider and suspend the portion of the Services involving the impacted Molina Data or In-Scope Personal Data until such gap or weakness is eliminated to Molina’s satisfaction); (ii) of any request for access to any In-Scope Personal Data received from an individual who is (or claims to be) the subject of the data and enforcing a regulatory granted right; or (iii) of any request for access to any In-Scope Personal Data received by the Service Provider from any government official (including any data protection agency or law enforcement agency) or from other third parties, other than those set forth in this Agreement; and
(e)
shall review and revise the Data Safeguards from time to time in accordance with prevailing Good Industry Practice and as reasonably requested by Molina (and shall promptly provide details of such revised Data Safeguards to Molina in writing upon request), provided that any changes to the Data Safeguards:

-42-


(i)
will not alter or modify the Service Provider’s ability to meet its obligations under this Agreement or alter the nature of any Services;
(ii)
will not in any way weaken, compromise or alter the confidentiality and security of In-scope Personal Information; and
(iii)
will be implemented at no additional cost to Molina.
34.9
Security Breach Response.
(a)
Upon becoming aware of any unauthorized or accidental access to or use or disclosure of any In-Scope Personal Data which is in the Service Provider’s custody or control, or the Service Provider having reasonable belief that any such access, use or disclosure has occurred or is at risk of occurring (which shall include, without limitation, the loss of or the inability to locate definitively any media, device or equipment on which In-Scope Personal Data is or may be stored), the Service Provider shall:
(i)
notify Molina without delay, and in any event within twenty-four (24) hours, providing reasonable detail of the impact on Molina of the access, use or disclosure and the corrective action taken and to be taken by the Service Provider;
(ii)
subject to Clause 34.11, promptly take all necessary and appropriate corrective action to mitigate and to remedy the underlying causes of the access, use or disclosure;
(iii)
take any action pertaining to the access, use or disclosure required by Applicable Law including, without limitation, at the request of Molina, providing notices to data subjects whose Personal Data may have been affected, whether or not such notice is required by Applicable Law; and
(iv)
if the access, use or disclosure would permit access to a data subject’s financial information or lead to a reasonable risk of identity theft or fraud, the Service Provider shall provide, for a reasonable period of time of not less than one (1) year, credit monitoring services for any such data subjects.
(b)
Except where the Service Provider is not responsible for the actions of the applicable Third Party as set out in Clause 24.7, the Service Provider shall be responsible for all of the following costs and expenses resulting from any unauthorized or accidental access to or use or disclosure of any In-Scope Personal Data which is in the Service Provider’s custody or control, regardless of whether such costs and expenses are incurred by or on behalf of the Service Provider or by or on behalf of Molina:
(i)
the cost of providing notice of the event to affected individuals;
(ii)
the cost of providing required notice to government agencies, credit bureaus, media and/or other required entities;

-43-


(iii)
the cost of providing individuals affected by the event with credit monitoring (including identity theft insurance) and credit protection services designed to prevent fraud associated with identity theft crimes for a specific period not to exceed twelve (12) months, except to the extent Applicable Law specifies a longer period for such credit protection services, in which case such longer period shall then apply;
(iv)
the cost of providing reasonable call center support for such affected individuals for a specific period not less than ninety (90) days, except to the extent Applicable Law specifies a longer period of time for such call center support, in which case such longer period shall then apply;
(v)
the fees associated with computer forensics work required to investigate the event;
(vi)
non-appealable fines or penalties assessed by governments or regulators;
(vii)
the costs or fees associated with any obligations imposed by Applicable Law, in addition to the costs, expenses and fees defined herein; and
(viii)
any other costs and expenses to undertake any other action the Parties hereto agree to be an appropriate response to the circumstances in which the unauthorized or accidental access to or use or disclosure of any In-Scope Personal Data occurs.
34.10
Molina:
(a)
is responsible, in its own right and on behalf of the other Molina Companies, for instructing the Service Provider to take such steps in the processing of Personal Data on behalf of Molina Companies as are reasonably necessary for the performance of the Service Provider’s obligations under this Agreement; and
(b)
authorizes the Service Provider, to the extent permitted by Data Protection Laws, to provide equivalent instructions to the Subcontractors on behalf of Molina.
34.11
The costs and expenses incurred by the Service Provider in complying with Clauses 34.4(e), 34.9(a)(ii), 34.9(a)(iii) and 34.9(a)(iv) shall be borne:
(a)
by the Service Provider in cases where the action required to be taken by the Service Provider results from a breach of this Agreement or any negligent, willful or fraudulent act or omission of the Service Provider, any Subcontractor or any Service Provider Personnel; and
(b)
by Molina in other cases.


-44-


PART J    CONTRACT ADMINISTRATION AND HR
35.
CONTRACT MANAGEMENT PORTAL
35.1
The Service Provider shall maintain a contract management intranet site (the “Contract Management Portal”) in accordance with the requirements set out in this Agreement.
35.2
The Contract Management Portal shall act as the main tool for the Service Provider to report Service performance.
35.3
The Contract Management Portal shall contain an interface to the Service Provider’s various monitoring tools to enable Molina to review performance against Service Levels at any time by means of the Contract Management Portal.
35.4
The Contract Management Portal shall be the main data repository for all information generated by the Service Provider related to this Agreement and the Service Provider shall ensure that it is updated to ensure that the information is accurate and it reflects the nature of the Services at any given time.
35.5
The Service Provider shall ensure that the Contract Management Portal contains:
(a)
conformed copies of this Agreement and all Project Work Orders updated regularly to reflect all Change Notices;
(b)
scanned counterparts of all Change Notices signed by each Party (or PWO Party as applicable);
(c)
scanned counterparts of all Project Work Orders signed by each Party (or PWO Party as applicable);
(d)
copies of the current and all historic Reports, including all Reports related to performance against the Service Levels;
(e)
copies of the current and all historic invoices;
(f)
the Exit Plan;
(g)
the information that the Service Provider is required to provide to Molina during the Term under the Exit Plan or Schedule 8 (Termination Assistance and Exit) (and the Service Provider shall update this information in the Contract Management Portal whenever the Exit Plan itself is updated); and
(h)
copies of all current proposals and responses to Change Notices and such other information referred to in Schedule 3 (Pricing and Invoicing).
36.
GOVERNANCE
The Parties shall have the rights and obligations allocated to them in relation to governance, contract management and reporting as set out in Schedule 7 (Governance).


-45-


37.
POLICIES
The Parties shall have the rights and obligations allocated to them in Schedule 14 (Molina Policies).
38.
AUDIT AND INFORMATION ACCESS
38.1
Molina may, from time to time, notify the Service Provider of appropriate persons (“Representatives”) including Molina employees and other representatives, auditors, any Software Auditor and any Regulatory Authority (including any person acting on behalf of such Regulatory Authority), who are to have access rights to those portions of the sites from which the Service Provider and Subcontractors provide, manage and administer the Services.
38.2
The Service Provider shall (and except to the extent otherwise agreed in writing by both the chief information officer and the chief information security officer of Molina, shall procure that the Subcontractors shall) allow the Representatives, for the purposes set out in Clause 38.4 and on the production of satisfactory evidence of identity and authority:
(a)
access to each of those sites, the records and supporting documents referred to in Clauses 38.9 and 38.10, the relevant Service Provider Personnel (or Subcontractor personnel) and Systems (including operational records and manuals relating to Molina but excluding the general corporate financial books and ledgers of the Service Provider and any data to the extent it relates to any other customer of the Service Provider) and any other information in relation to the Services as requested by those Representatives; and
(b)
reasonable facilities at each of those sites at all reasonable times during normal working hours at the relevant site, including facilities to print or copy information required.
38.3
Molina shall give the Service Provider not less than twenty (20) Business Days’ prior written notice of an audit under Clause 38.2 except in cases where:
(a)
Molina conducts an audit under Clause 38.6(a)(i), in which case it shall be entitled to conduct an audit upon giving the Service Provider not less than ten (10) Business Days’ notice; or
(b)
Molina conducts an audit under Clause 38.6(a)(ii), in which case it shall be entitled to conduct an audit upon giving the Service Provider such prior notice as is reasonably practicable in the circumstances and that the Regulatory Authority permits Molina to give (which the Service Provider acknowledges may be no prior notice at all).
38.4
The purposes referred to in Clause 38.2 are:
(a)
to inspect the records and supporting documents referred to in Clauses 38.9 and 38.10;

-46-


(b)
for Molina or any duly appointed agent and/or any Regulatory Authority or any Software Auditor to inspect Records, documents, files, computer data and other material in relation to the Services to enable Molina to fulfill its responsibilities to that Regulatory Authority or to any Software Vendor;
(c)
to assess whether the Service Provider is performing its obligations in this Agreement;
(d)
to carry out surveys of risk for the purposes of the Molina Group insurance cover;
(e)
to review the integrity of Molina’s Confidential Information and to make inspections, audits and tests for the purpose of conducting the internal and external audits of the Molina Group, and making reports as required by any Regulatory Authority;
(f)
to verify the Service Provider’s compliance with its obligations under Clauses 24 (Security), 25 (Business Continuity Management and Disaster Recovery) and 34 (Data Protection and Data Privacy) and Schedules 23 (Business Continuity Management and Disaster Recovery) and 14 (Molina Policies);
(g)
to conduct any risk assessment in relation to the delivery of the Services that Molina may wish to undertake to assess the possible impact of the delivery of the Services on Molina’s business; and
(h)
to comply with the requirements of any Regulatory Authority or a Software Auditor or for any purpose reasonably determined by Molina to ensure Molina’s compliance with Applicable Law.
38.5
Any audit (other than those conducted by a Regulatory Authority), whether referenced in this Clause or any other provision of this Agreement, shall be subject to the following limitations:
(a)
subject to Clause 38.6, Molina may not conduct an audit more than once in any twelve (12)-month period;
(b)
use of a material competitor as an auditor under this Agreement shall be subject to the Service Provider’s prior written approval;
(c)
all audit results and records disclosed solely as a result of the audit shall be held as Service Provider’s Confidential Information and may only be used for purposes permitted by this Agreement;
(d)
Molina and any auditor conducting any such audit shall at all times comply with the reasonable security and confidentiality guidelines of the Service Provider with respect to the audit.
38.6
Clause 38.5(a) is subject to the following:
(a)
nothing in Clause 38.5(a) limits the number of audits that Molina may conduct in circumstances where:

-47-


(i)
Molina knows or has reasonable grounds to believe that the Service Provider is not complying with any of its obligations under this Agreement; or
(ii)
the audit is carried out by, on behalf of, or at the request or direction of, a Regulatory Authority;
(b)
any audit that falls under Clause 38.6(a) shall be in addition to the single audit that Molina is permitted to conduct in each twelve (12)-month period under Clause 38.5(a);
(c)
if any sites, records, documents, personnel or Systems that the Service Provider is required to make available to Molina during an audit are not available to Molina during any audit, Molina may repeat that audit on one or more occasions until the sites, records, documents, personnel or Systems (as the case may be) have been made available in accordance with this Agreement; and
(d)
Molina may conduct audits more frequently than those permitted by this Clause 38 (Audit and Information Access) provided such additional audits are agreed in accordance with the Change Control Process.
38.7
The Service Provider warrants and represents that there is no legal or regulatory impediment or any other restriction of any kind imposed upon the Service Provider or, as far as the Service Provider is aware, any Subcontractor that would prevent Molina or any of its Representatives from accessing any of the Service Provider’s or Subcontractor’s sites to carry out audits in accordance with this Clause 38 (Audit and Information Access). In the event it is discovered or determined that any Subcontractor would prevent Molina or any of its Representatives from accessing any of the Service Provider’s or Subcontractor’s sites to carry out audits in accordance with this Clause 38 (Audit and Information Access), the Service Provider promptly secure such access as set out in Clause 38.2, and the Service Provider shall not be relieved of its obligations set out in this Clause 38 (Audit and Information Access).
38.8
The Service Provider shall, as soon as practicable after becoming aware of an impediment or restriction of the type referred to in Clause 38.7, provide Molina with written notice of such impediment or restriction and offer Molina alternative ways to exercise its rights under this Clause 38 that were affected by the impediment or restriction.
38.9
The Service Provider shall at all times operate a system of accounting in relation to, and maintain complete and accurate records of, and adequate supporting documents for, its Charges (and those of the members of the Service Provider Group) incurred in performing its obligations under this Agreement and the amounts invoiced to Molina under this Agreement, in accordance with GAAP.
38.10
The Service Provider shall maintain its records of its Charges (and those of the other members of the Service Provider Group) in accordance with GAAP in a manner and to a level of detail sufficient to demonstrate to an experienced financial auditor the calculation of the Charges under Schedule 3 (Pricing and Invoicing). The Service Provider shall retain

-48-


these records and supporting documents for as long as Services continue to be provided under this Agreement and then for as long as is required by Applicable Law.
38.11
The Service Provider shall, at the Service Provider’s cost to the extent the required changes are the result of Service Provider’s breach of this Agreement, implement any formal directions or instructions given by any Regulatory Authority arising from an audit under Clause 38.6(a)(ii) in accordance with any time periods stipulated by such Regulatory Authority, and if no time periods are stipulated, as soon as reasonably practicable. If a Regulatory Authority makes a recommendation that is specifically for the benefit of Molina and (a) has no application or benefit for other Service Provider customers, then the implementation of such recommendation shall be at Molina’s cost and (b) such recommendation by its nature requires an implementation that is specific to Molina, then the aspects of such implementation that are specific to Molina shall be at Molina’s cost except to the extent the Service Provider is responsible for such costs as set out in the first sentence of this Clause 38.11.
38.12
Molina may, instead of conducting an audit at a Service Provider or Subcontractor site in accordance with this Clause 38 (Audit and Information Access), request the Service Provider to furnish Molina with such information as Molina may reasonably specify and to which Representatives would have been entitled to have access had Molina conducted such an audit. The Service Provider shall promptly comply with any request by Molina under this Clause 38.12, and shall provide the requested information to Molina in such form and format as Molina may reasonably specify. Nothing in this Clause 38.12 limits Molina’s rights to conduct an audit under this Clause 38 (Audit and Information Access).
38.13
Controls Audit Reports
(a)
Within five (5) Business Days after a written request from Molina, the Service Provider shall, at its cost, procure that Molina is provided with an audit report in the form of one of the following (a “Controls Audit Report”):
(i)
a SOC 1, Type II report prepared in accordance with the American Institute of Certified Public Accountants (AICPA) Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization;
(ii)
a report prepared in accordance with the International Standards for Assurance Engagements (ISAE) No. 3402, Assurance Reports on Controls at a Service Organization; or
(iii)
an Assurance Report on Controls of Contract Services prepared in accordance with Auditing and Assurance Practice Committee Statement No. 86.
(b)
Each Controls Audit Report shall be prepared by the Service Provider’s independent accountants reasonably acceptable to Molina and shall be a multi-client audit covering the Service Provider’s common processes for the Services and Region specified by Molina.

-49-


(c)
With regard to each such Controls Audit Report, the Service Provider, at its cost, shall provide Molina with any relevant certification, report and other documentation requested by Molina, including, but not limited to, Early Warning Reports and Bridging Letters.
(d)
The Service Provider shall ensure that Molina is timely informed of the details (including the period covered) and timing of the availability of such Control Audit Reports and any change of the foregoing.
(e)
At Molina’s written request, and at Molina’s cost, the Service Provider shall request its appointed independent accountants to undertake a review of the Service Provider’s controls in accordance with the applicable standards above in respect of the Services to be provided under this Agreement, where such controls are not covered by the Controls Audit Report. The Service Provider shall make available to Molina a copy of the reports produced in accordance with this Clause as soon as they are completed.
(f)
The Service Provider shall cooperate with Molina and the independent accountants to determine the scope and control objective requirements for each Controls Audit Report where applicable to that report.
(g)
If any Controls Audit Report identifies any deficiencies, the Service Provider shall, at the request of and in consultation with Molina, plan and implement any necessary corrective measures in a timely manner.
38.14
The Service Provider shall at all times hold and maintain ISO 9000/20000 Certifications in relation to the Approved Service Delivery Locations.
38.15
The Service Provider shall upon Molina’s request, assist Molina with its audit of Molina’s Sarbanes-Oxley (SOX) oriented internal control processes and implement such modifications as Molina may direct, at Molina’s cost.
39.
HR OBLIGATIONS
The Parties shall comply with their respective obligations set out in Schedule 15 (HR Matters and Key Personnel).


-50-


PART K    PAYMENT
40.
CHARGES
40.1
Except where any provision of this Agreement provides otherwise, Molina shall pay to the Service Provider, or shall procure the payment by Molina Companies to the Service Provider of, the Charges that have been correctly invoiced to Molina in accordance with Schedule 3 (Pricing and Invoicing), in accordance with the timeframes as set out in Schedule 3 (Pricing and Invoicing).
40.2
The Service Provider acknowledges that the Charges, and the activities for which the Service Provider is entitled to invoice Molina, are set out in Schedule 3 (Pricing and Invoicing). Except to the extent the provisions of the applicable SoW or the applicable Project Work Order expressly contemplate that an obligation in such SoW or such Project Work Order, as applicable, is subject to the related detail set out in Schedule 21 (Service Provider Technical Solution), the Service Provider shall not be entitled to rely on any provision of Schedule 21 (Service Provider Technical Solution), whether expressed as an assumption, a dependency or otherwise, as creating any entitlement for the Service Provider to charge, or any obligation on Molina to pay, any amounts of any kind in respect of the performance of the Services; provided, however, that the Service Provider may rely on the provisions of Schedule 21 (Service Provider Technical Solution) with respect to the interpretation of obligations of the Service Provider set out in Schedule 21 (Service Provider Technical Solution) that are not otherwise set out in this Agreement.
41.
LATE PAYMENT
If either Party fails to pay any undisputed sum, or any disputed sum which is subsequently determined not to have been disputed in good faith, by the due date for payment (as set out in Schedule 3 (Pricing and Invoicing)), the other Party may charge the paying Party interest at the Agreed Interest Rate on the sum from the due date for payment until the date upon which the obligation of the paying Party to pay the sum is discharged (whether before or after judgment).
42.
INVOICES
The Service Provider shall invoice Molina for the Charges from the relevant Charges Commencement Date (and not before that date), in accordance with the procedures in Schedule 3 (Pricing and Invoicing).
43.
TAXATION
43.1
The Charges do not include any taxes, duties, levies, fees or similar charges of any jurisdiction that may be assessed or imposed in connection with the transactions contemplated by this Agreement. Molina will pay all Taxes imposed on the provision of Services to Molina. The Service Provider will invoice said Taxes in accordance with Schedule 3 (Pricing and Invoicing). The invoicing location and beneficiary locations for

-51-


the Molina entities receiving the Services shall be those locations set out in, as applicable, this Agreement or the applicable Project Work Order.
43.2
Each Party will bear sole responsibility for Taxes based upon its own income, employment taxes of its own employees, agents or subcontractors, and for any assessments or taxes on any real or personal property it owns, leases or otherwise acquires. Molina is not responsible for Taxes based on the Service Provider’s gross receipts including, but not limited to, any corporate business taxes.
43.3
Molina and the Service Provider will cooperate to segregate the charges into:
(a)
those for taxable Services;
(b)
those for non-taxable or exempt Services;
(c)
those for which a sales, use, excise, gross receipts, value-added or other similar tax has already been paid; and
(d)
those for which the Service Provider functions merely as a paying agent for Molina or a Molina Company that otherwise are non-taxable or have previously been subject to tax.
43.4
In the event that any payment in respect of any invoice is subject by Applicable Law to any withholding tax:
(a)
Molina (or the applicable Molina Company, as applicable) may make payment to the Service Provider of the amount owing less a deduction for such withholding tax and account to the relevant taxation authority for the appropriate withholding tax;
(b)
payment of such net sum to the Service Provider and of the withholding tax to the relevant taxation authority will constitute full settlement of the sums owing pursuant to the relevant invoice;
(c)
Molina or the applicable Molina Company will send the tax receipt or will provide evidence that may be reasonably required to establish the payment of the relevant withholding tax immediately upon payment of such taxes or upon request, whichever occurs earlier; and
(d)
the Service Provider will, on request from Molina (or the applicable Molina Company, as applicable), provide a declaration of tax residence on the prescribed forms and obtain certification by the relevant taxation authority in order to confirm the applicability and availability of any reduced rate of withholding tax pursuant to the provisions of any relevant double taxation treaties.
43.5
If applicable, with respect to Taxes-related notices, assessments, audits, and proceedings:
(a)
the Parties and their duly appointed representative will cooperate in order to negotiate, resolve, settle or contest any liability for Taxes attributable to any transaction or payment contemplated by this Agreement. Molina will cooperate with

-52-


the reasonable requests of the Service Provider and its representatives with respect to any audit by a taxing authority or any other proceeding covered by this Clause 43.5(a).
(b)
if Molina receives notice of any asserted Taxes-related liability (“Asserted Tax Liability”), Molina will promptly give notice thereof (a “Tax Claims Notice”) to the Service Provider. The Tax Claims Notice will describe the Asserted Tax Liability in reasonable detail, and will indicate the amount thereof. The Service Provider will not be liable to Molina under this Clause 43.5(b) for such claim.
(c)
Molina will reasonably cooperate with the Service Provider taking all action in connection with contesting any such claim as the Service Provider may reasonably request in writing from time to time provided that within thirty (30) days after the related Tax Claims Notice has been delivered by Molina to the Service Provider, the Service Provider requests within thirty (30) days in writing that such claim be contested.
(d)
the Service Provider will promptly notify Molina in writing upon receipt by the Service Provider (or by a Service Provider Company) of notice of any sales or use Taxes-related assessment or adjustments applicable to Molina’s purchase of services that may affect any liability for Taxes of Molina. The Service Provider and the Service Provider Companies will cooperate with the reasonable requests of Molina and its representatives with respect to any Taxes-related assessment by a taxing authority or any other administrative or judicial proceeding covered by this Clause 43.5(d). Molina will be responsible for any Taxes of the sort contemplated in this Clause 43.5(d) to the extent Molina is responsible for such Taxes under Clause 43.1; provided, however, that Service Provider will be responsible for any interest or penalties directly resulting from its delay or failures.
(e)
the Service Provider and Molina will cooperate with each other in connection with:
(i)
the preparation and filing of any Taxes-related returns of the respective Parties, and
(ii)
any audit examination or other proceeding by any government taxing authority of or with respect to the returns referred to in Clause 43.5(e)(i).
(f)
Such cooperation will include, without limitation, the furnishing or making available of records, books of account or other materials of the Parties necessary or helpful for the defense against the assertions of any taxing authority as to any Taxes-related audit, Asserted Tax Liability or for the preparation of Taxes-related returns filed by the Parties. Each Party will also provide access to employees of the other Party for purposes of contesting any jointly agreed Taxes-related audit or Asserted Tax Liability or for the preparation of Taxes-related returns filed by the Parties. For purposes of clarity, each Party shall have full control over its own tax returns and any government audits of its finances or taxes, and (a) the Service Provider shall have no obligation under this Clause 43.5(f) to share the confidential information of

-53-


its other customers and (b) Molina shall have no obligation under this Clause 43.5(f) to share the confidential information of its other suppliers, its customers, or its members.
43.6
If any transaction or payment contemplated by this Agreement is exempt from any Tax or Taxes noted on an invoice, Molina will provide the Service Provider with a valid exemption certificate or other evidence of such exemption in a form reasonably acceptable to the Service Provider. Each Party will cooperate with the other in minimizing applicable Taxes.


-54-


PART L    CONTINUING PROTECTIONS FOR MOLINA
44.
MOST VALUED CLIENT
44.1
Disasters
If a disaster occurs that would trigger the Service Provider’s disaster recovery or business continuity plans and, as a result, the Service Provider has to allocate scarce Resources between accounts, the Service Provider must, acting reasonably, treat Molina no less favorably than other similarly situated clients receiving similar services to the Services on a like–for–like basis, having regard to the overall circumstances and commercial agreement with each of its customers.
44.2
Dialogue with Senior Management
The Service Provider must, on reasonable prior notice, allow Molina access to the Service Provider’s senior management (including the Service Provider’s senior-most Regional Account Executive) to discuss the Service Provider’s performance under this Agreement as and when reasonably requested by Molina.
44.3
Service Consistency
The Service Provider shall:
(a)
manage the delivery of the Services, and its relationship with Molina, in a consistent manner;
(b)
use the same systems, processes and tools in the provision of the Services that are provided in different jurisdictions, except where otherwise set out in this Agreement; and
(c)
procure that all members of the Governance Boards are authorized and empowered to take all decisions necessary in connection with the day–to–day provision of the Services as required.
44.4
New Technologies to Deliver the Services
(a)
If the Service Provider has developed or is in the process of developing a new product or technology during the Term that could be used to deliver the Services in a materially more efficient way, it shall, subject to Applicable Law and any confidentiality restrictions that may exist, use reasonable efforts to keep Molina informed of:
(i)
the product or technology and the development progress of the product or technology;
(ii)
the benefits to Molina of that product or technology; and
(iii)
whether that product or technology has been implemented elsewhere and if so, the benefits and problems associated with that implementation.

-55-


(b)
If the Service Provider implements a product or technology for the first time and that product or technology could be used to deliver the Services, the Service Provider shall, where the Service Provider Delivery Lead is aware (acting proactively) and subject to any confidentiality restrictions that may exist, use reasonable efforts to keep Molina informed of:
(i)
the implementation progress;
(ii)
the benefits to Molina of that product or technology; and
(iii)
the benefits and problems associated with the implementation.
(c)
The Service Provider shall, on an annual basis, subject to Applicable Law and any confidentiality restrictions that may exist, use reasonable efforts to advise Molina of those future technology skills which the Service Provider believes will be required by Molina’s employees to adapt to changes in technology which the Service Provider intends to employ. In connection with the foregoing, the Service Provider shall discuss with Molina how those future technology skills could address Molina’s business needs.
45.
REFERENCE CLIENT
45.1
In this Clause 45 (Reference Client), a “Qualifying Deal” is a potential infrastructure outsourcing, or application development or application maintenance outsourcing, transaction in the healthcare sector (or a transaction with infrastructure outsourcing as a significant component) between the Service Provider and a potential customer in the healthcare or healthcare payor industry (whether that customer is an existing customer or a new customer) (a “Potential Customer”), under which the aggregate annual spending under the potential contract (when considering global spending) is anticipated by the Service Provider to exceed [redacted].
45.2
The Service Provider shall on at least two (2) occasions in each Contract Year (provided there are at least two (2) Qualifying Deals in any Contract Year, and if not then as many as there are), before submitting a proposal (a “Tender”) for those Qualifying Deals, notify Molina specifying the identity of the Potential Customer (unless it would be either an actionable breach of confidence or breach of agreement for the Service Provider to do so) and give Molina the option to be listed as a reference client in the Tender.
45.3
If Molina states, in response to the invitation in Clause 45.2, that it wishes to be listed as a reference client in a Tender the Service Provider must list Molina as a reference client.
45.4
The Service Provider shall not disclose any specific information in relation to this Agreement or in relation to its relationship with Molina to the Potential Customer, but may provide a general description of the Services and the geographical coverage and provide the name and address of the Molina contact as provided by the GCC and invite the Potential Customer to make contact with the Molina contact as provided by the GCC.
45.5
Molina shall respond to any query from a Potential Customer in good faith.

-56-


45.6
Subject to Clause 45.7, the Service Provider agrees that Molina may disclose the Confidential Information of the Service Provider to any Potential Customer but only to the extent that it is relevant and necessary to give the Potential Customer a full and fair assessment of the Service Provider’s performance under this Agreement.
45.7
Molina shall enter into an Agreed Form NDA with any Potential Customer prior to disclosing any Confidential Information of the Service Provider. If the Potential Customer refuses to enter into an Agreed Form NDA in accordance with this Clause 45.7, Molina shall, subject to Clause 30 (Confidentiality), not disclose any of the Service Provider’s Confidential Information to that Potential Customer.
46.
BENCHMARKING
The Parties shall have the rights and obligations allocated to them in Schedule 5 (Benchmarking).


-57-


PART M    WHAT HAPPENS WHEN A PARTY FAILS TO PERFORM
47.
ADVANCE WARNING
47.1
The Service Provider shall notify and provide full details to Molina in writing as soon as it becomes aware of, any event or occurrence, actual or threatened, which materially affects or would materially affect the Service Provider’s ability to provide the Services or perform any of its other obligations under this Agreement.
48.
STEP-IN
48.1
Instigation of Step-In
(a)
Molina may by notice in writing appoint a Step-In Agent to perform the Services or any part of the Services if:
(i)
the Service Provider has committed a breach of this Agreement that would entitle Molina to terminate this Agreement at law or pursuant to the specific termination rights set out in Clause 51.1(a) (subject to the same right to remedy as is set out in that Clause 51.1(a)), Clause 51.1(b), Clause 51.1(c), Clause 51.1(d) or Clause 51.1(f), or there is a reasonable probability on the merits that such a breach of the nature stated in the termination clauses referenced above will be committed;
(ii)
the Service Provider has committed a breach of a Project Work Order that would entitle Molina to terminate that Project Work Order at law or pursuant to the specific termination rights set out in Clause 52.1(a) (subject to the same right to remedy as is set out in that Clause 52.1(a)), Clause 52.1(b) or Clause 52.1(c), or there is a reasonable probability on the merits that such a breach of the nature stated in the termination clauses referenced above will be committed,
(the circumstances described in Clause 48.1(a)(i) and Clause 48.1(a)(ii) each being a “Step-In Event” and together being the “Step-In Events”).
(b)
Molina’s right under Clause 48.1(a) is referred to in this Clause as its right to step in.
(c)
In the circumstances described in Clause 48.1(a)(i), Molina may exercise its right to step in in respect of the affected Services and any Project Work Order.
(d)
In the circumstances described in Clause 48.1(a)(ii), Molina may exercise its right to step in only in respect of the Project Work Order referred to in that Clause and any Project Work Order that is Linked to that Project Work Order.
(e)
Molina shall give the Service Provider notice of the proposed Step-In Agent prior to appointing that Step-In Agent and shall reasonably consider any objections that the Service Provider may have in relation to any proposed Step-In Agent, but Molina is entitled to appoint any Step-In Agent it considers appropriate.

-58-


(f)
If Molina exercises its right in Clause 48.1(a) to step in in circumstances where it is reasonably likely that a Step-In Event will occur (but such Step-In Event has not actually yet occurred), Molina shall, prior to exercising its right to step in, give the Service Provider five (5) Business Days (starting on the day after issue of Molina’s notice under Clause 48.1(a)) to demonstrate to the reasonable satisfaction of Molina that such a breach will not be committed. If the Service Provider demonstrates to the reasonable satisfaction of Molina that the breach will not be committed, Molina will not exercise its right to step in in respect of that breach.
48.2
The Step-In Process
(a)
Prior to appointing a Step-In Agent, Molina shall ask the Service Provider:
(i)
whether Molina should engage the Step-In Agent on a time and materials basis or on a fixed fee basis; and
(ii)
for how long Molina should engage the Step-In Agent,
and shall attempt to incorporate the recommendations given by the Service Provider above into Molina’s agreement with the Step-In Agent together with a right to terminate on one month’s notice and if these terms cannot be obtained, Molina shall take Appropriate Action to secure reasonable terms.
(b)
Prior to exercising its step in rights, Molina shall procure that the Step-In Agent enters into an Agreed Form NDA.
(c)
If the contract appointing a Step-In Agent needs to be renewed then Clause 48.2(a) above shall apply in relation to that renewal.
(d)
Molina shall deliver written notice to the Service Provider (“Step-In Notice”) specifying the date by which the Step-In Agent shall commence, which date shall not be less than seven (7) Business Days following the date of the Step-In Notice.
(e)
The Step-In Notice shall include details of the Step-In Agent, details of the Services over which the right of step in is being exercised and such information as Molina is able to provide in relation to how the Step-In Agent intends to perform its activities.
48.3
The Step-Out Process
(a)
Molina may elect to cease exercising its right to step in at any time by giving written notice to the Service Provider.
(b)
Molina’s right to step in will cease when condition (i) below has been satisfied, either of conditions (ii) and (iii) below (as applicable) has also been satisfied and either of conditions (iv) and (v) below has also been satisfied:
(i)
the event giving rise to Molina’s right to step in has ceased and/or has been resolved or remedied;

-59-


(ii)
the Service Provider has demonstrated to Molina’s reasonable satisfaction that the event giving rise to Molina’s right to step in will not reoccur, or, if a reoccurrence does occur, that a reasonable mitigation plan is in place, and that the Service Provider is able to resume performance of the Services in accordance with this Agreement;
(iii)
in cases of reasonable likelihood of the Step-In Events occurring the Service Provider has demonstrated to Molina’s reasonable satisfaction that the breach referred to in those Clauses will not occur;
(iv)
in circumstances where a Step-In Agent has been appointed, the contract between Molina and the Step-In Agent has expired;
(v)
in circumstances where a Step-In Agent is appointed under terms which are obtained in compliance with Clause 48.2(a) and that contract has not expired and the Service Provider undertakes in writing to bear any costs and expenses incurred by Molina in terminating any contract between Molina and the Step-In Agent prior to its expiry date.
(c)
On cessation of Molina’s right to step in pursuant to Clause 48.3(b), or Molina electing to cease exercising its right to step in pursuant to Clause 48.3(a), Molina shall deliver written notice to the Service Provider (“Step-Out Notice”) specifying the indicative date by which it plans to conclude such action, which date shall not be less than fourteen (14) Business Days following the date of the Step-Out Notice. In the event Molina exercises its right to step-in under this Agreement, the Parties shall discuss such matter and developments relating thereto as part of the meetings of the Operational Review Board.
(d)
The Service Provider shall, during the exercise of Molina’s right of step-in, develop a plan to demonstrate to Molina how it will resume the proper performance of the Services (“Step-Out Plan”), and shall, as soon as it is prepared and following receipt of a Step-Out Notice, provide that Step-Out Plan to Molina.
(e)
Molina shall be entitled to comment on the Step-Out Plan and the Service Provider shall make all reasonable efforts to incorporate into the Step-Out Plan any comments that Molina may make. Responsibility for the Step-Out Plan and delivery of the Services remains with the Service Provider and accordingly the Service Provider is not obligated to accept any of Molina’s suggestions. Acceptance by Molina of the Step-Out Plan does not mean that Molina waives any rights it may have if the Service Provider is unable to perform any of its obligations in accordance with the terms of this Agreement after the Step-Out Date.
(f)
Following receipt and review of the Step-Out Plan, unless Molina decides to exercise its right to terminate this Agreement or a Project Work Order for the breach giving rise to the right to step in, Molina shall either:

-60-


(i)
confirm the date for resumption of the affected Services by the Service Provider as set out in the Step-Out Notice; or
(ii)
revise the date to reflect the time to implement the Step-Out Plan and the state of readiness of the Service Provider (“Step-Out Date”).
(g)
Once the date for the resumption of the affected Service is fixed, the Service Provider shall devote the necessary resources to implement the Step-Out Plan such that delivery of the affected Services is restored to the Service Levels, and that the affected Services are delivered in accordance with all other provisions of this Agreement, from the Step-Out Date.
(h)
Where Molina serves a notice of termination of this Agreement, or of any Project Work Order in respect of which Molina exercises its right to step in, for any reason, or the Initial Term or any Extended Term expires during the exercise by Molina of a right to step in, Molina’s right to step in shall continue until the earlier of the Step-Out Date and the completion by the Service Provider of its obligations under Schedule 8 (Termination Assistance and Exit).
(i)
The exercise by Molina of its right to step in and its decision to step out shall be without prejudice to any other rights or remedies of Molina.
(j)
During any period of step-in Molina and the Service Provider shall meet weekly to discuss progress toward remedying or resolving the relevant Step-In Event, including deciding whether or not the Services can be returned to the Service Provider.
48.4
Liability issues relating to the Step-In Process
(a)
If Molina exercises its right to step in, and the Service Levels for the Services the subject of Molina’s right to step in are not met while Molina is exercising its right to step in, then the Service Provider shall not be liable for failing to meet such Service Levels to the extent that it was prevented from meeting such Service Levels by Molina’s exercise of its right to step in.
(b)
By exercising its right to step in Molina shall not, and shall not be deemed to, assume any obligation to resolve the event giving rise to Molina’s right to step in or relieve the Service Provider of any obligation or liability in relation to that event or relieve the Service Provider of any of its other obligations or liabilities under this Agreement; provided, however, that to the extent Molina steps-in under this Clause 48 (Step-In) to take control of any Service Provider activity necessary to the Service Provider’s performance of the Services in accordance with this Agreement, the Service Provider’s obligations to continue to perform affected Services after such step-in by Molina shall be limited accordingly until Molina steps-out in accordance with this Agreement; provided, however, that the foregoing shall not limit the Service Provider’s liability for its breaches of the Agreement giving rise to such step-in by Molina, including such liability for Loses suffered by Molina during the step-in

-61-


period in connection with Molina’s engaging in self-help to mitigate or to remediate the failures by the Service Provider to perform its obligaitons hereunder.
(c)
For a period of six (6) months, Molina or a Step-In Agent may instruct the Service Provider to procure that certain Service Provider Personnel cease the provision of Services under any Project Work Order that is charged on a Time & Materials basis in respect of which Molina exercises its right to step in.
(d)
For up to six (6) months after the date Molina actually stepped-in to perform the Services as contemplated in this Clause 48 (Step-In), Molina shall not be liable to pay the Charges in respect of those Run Services for which Molina exercises its right to step in for as long as Molina is exercising its right to step in.
(e)
The Service Provider shall be liable for Molina’s costs incurred as a result of the exercise of its right to step in, including any Step-In Agent’s charges (the “Step-In Costs”), to the extent that those Step-In Costs exceed the Charges that Molina is not liable to pay pursuant to Clause 48.4(c) or Clause 48.4(d); provided, however, that without limiting Molina’s rights to pursue additional damages under this Agreement, the Service Provider’s obligation to reimburse Molina for Step-In Costs or to pay Step-In Costs directly shall not exceed [redacted].
(f)
Each Party shall take Appropriate Actions to minimize Step-In Costs.
(g)
Subject to any necessary restrictions that the Service Provider must make to protect the confidentiality of the Service Provider’s other customers (in circumstances where it is providing the Services from a facility that it uses for other customers) or the Service Provider IP, and provided that the Step-In Agent complies with the Service Provider’s reasonable security and health and safety policies, the Service Provider shall provide any Step–In Agent with such assistance, co–operation and information in relation to the Services, and such access to the Service Provider’s Systems as is necessary for the Step-In Agent to properly perform its role or as Molina or the Step-In Agent may request.
(h)
If the Step-Out Date shall not have occurred by the date six (6) months after the date Molina actually stepped-in to perform the Services as contemplated in this Clause 48 (Step-In), Molina shall have the option to terminate this Agreement or the affected Services pursuant to Clause 51.1(c) (Performance-Related Failures) upon notice to the Service Provider.
48.5
Assistance with Appointment of Step-In Agent
The Service Provider must provide Molina with reasonable cooperation, information and assistance as reasonably requested by Molina in the preparation for the appointment of a Step-In Agent (including any assistance in the conduct of any request for proposal process in relation to that appointment).
49.
ENHANCED CO–OPERATION

-62-


49.1
Molina may, in circumstances where Molina has the right to step in as set out in Clause 48.1, nominate its employees, agents, advisors or contractors, to oversee the Service Provider or any of its Subcontractors implicated in the circumstances giving rise to the right to step in as set out in Clause 48.1 (“Consultants”).
49.2
If Molina exercises its rights under Clause 48 (Step-In) in respect of any Services, Molina may not exercise its rights under this Clause 49.1 (Enhanced Co–Operation) in respect of the same Services until after the Step-Out Date. For the purposes of this Clause 49.2, the same Services provided from or received in different Countries shall be considered different Services.
49.3
The Consultants shall be given full access to all information (other than information related to the Charges and the Service Provider’s internal cost base including the cost of performing the Services) that is available to all of the Key Persons and that is related to the performance of the Services that are affected by the event giving rise to Molina’s rights in this Clause and shall be able to make suggestions related to any element of the performance of the Services.
49.4
The Service Provider shall comply with all written directions of the Consultants and shall reasonably consider all suggestions of the Consultants but is not obliged to follow any suggestions given by the Consultants.
49.5
If the Service Provider does follow a suggestion of a Consultant, then the Service Provider shall be fully responsible for all consequences that flow from the suggestion as if it were the Service Provider’s own suggestion. The Service Provider shall not be liable for delay, damage or loss to the extent caused directly by the Consultant (and not by the Service Provider acting on the Consultant’s suggestions) or by the Service Provider complying with an express written direction of the Consultant.
49.6
By exercising its rights under this Clause, Molina shall not, and shall not be deemed to, assume any obligation to resolve the event giving rise to Molina’s rights under this Clause or relieve the Service Provider of any obligation or liability in relation to that event.
49.7
The duration of any secondment shall be at Molina’s reasonable discretion.
49.8
The Service Provider shall be responsible for paying an amount equal to [redacted] for each Consultant (in the case of a Consultant who is an employee of Molina) or the [redacted] (in the case of a Consultant who is a contractor or agent of Molina) for the duration of the secondment but shall not be liable for [redacted]; provided, however, that without limiting Molina’s rights to pursue additional damages under this Agreement, the Service Provider’s obligation to reimburse Molina in connection with such secondment shall not exceed [redacted].
49.9
The exercise by Molina of its rights in this Clause 49.1 (Enhanced Cooperation) shall be without prejudice to any other rights or remedies of Molina including the right to step in following the completion of the secondment referred to in this Clause 49.1 (Enhanced Cooperation).

-63-


50.
SERVICE RELOCATION
50.1
If Molina notifies the Service Provider that it proposes to remove any Approved Service Delivery Location from Schedule 10 (Approved Service Delivery Locations) in accordance with Clause 15.4 and the Service Provider is at that time providing Services from that Approved Service Delivery Location the Service Provider may, within twenty (20) Business Days, submit to Molina a written response explaining why, having used all reasonable endeavors, it would not be able to move the provision of the Services from the Approved Service Delivery Location as proposed by Molina.
50.2
If the Service Provider does not submit a response within twenty (20) Business Days or Molina notifies in writing that it does not accept the Service Provider’s response under Clause 50.1, the Service Provider shall:
(a)
submit to Molina a project plan (which shall include a detailed impact assessment) for moving the location from which those Services are delivered to an Approved Service Delivery Location (a “Service Relocation Plan”); and
(b)
upon Molina’s approval of the Service Relocation Plan (not to be unreasonably withheld or delayed), implement the Service Relocation Plan in accordance with its terms, subject to such modifications as Molina may reasonably require.
50.3
The Service Relocation Plan shall incorporate such provisions of the Exit Plan as are relevant to the relocation of the Services from the former Approved Service Delivery Location to the replacement Approved Service Delivery Location.
50.4
The costs of implementation of a Service Relocation Plan (“Service Relocation Costs”) shall be borne as follows:
(a)
if the removal referred to in Clause 50.1 was effected by Molina exercising its rights under Clause 15.4(a), or by Molina exercising its rights under Clause 15.4(b) (other than as described in Clause 50.4(b)), the Service Relocation Costs shall be borne by the Service Provider; and
(b)
if the removal referred to in Clause 50.1 was effected by Molina exercising its rights under Clause 15.4(b) in circumstances where the Approved Service Delivery Location did not comply with a Policy because of a change in that Policy, the Service Relocation Costs shall be borne by Molina.
51.
TERMINATION OF THE ENTIRE AGREEMENT FOR CAUSE
51.1
Molina’s Rights to Terminate for Cause
Molina may terminate this Agreement by notice to the Service Provider on or at any time after the occurrence of any of the following events:
(a)
Material Breach

-64-


A material breach of this Agreement (whether or not a repudiatory breach, and whether or not a single material breach or multiple breaches that in aggregate are material), including a breach of any Project Work Order that is (or is when viewed with other breaches as an aggregate) a material breach of this Agreement, and, if the material breach is capable of being remedied, the Service Provider failing to remedy the material breach within twenty (20) Business Days (or such longer period as may be agreed) starting on the Business Day after receipt of notice from Molina giving particulars of the breach and requiring the Service Provider to remedy the breach.
(b)
Persistent Breach
A failure by the Service Provider to perform an obligation under this Agreement or any Project Work Order (whether or not a repudiatory breach) that has been, or that is substantially similar to failures that have been, repeated sufficiently often to collectively amount to a material breach, provided that:
(i)
Molina has previously notified the Service Provider Delivery Lead (via formal notice, written correspondence, or during a meeting of the Operational Review Board (and a Party subsequently memorializes such discussion in writing within a reasonable time under the circumstances)) on one or more occasions that if the same or substantially similar breach occurs again, Molina may exercise its rights under this Clause, and the first such notification occurred at least twenty (20) Business Days prior to Molina’s termination of the applicable Services pursuant to this Clause 51.1(b)(i); and
(ii)
the breach referred to in a notice submitted under Clause 51.1(b)(i) did in fact occur again.
(c)
Performance-Related Failures
Without limiting Molina’s rights under Clause 51.1(a) and Clause 51.1(b):
(i)
for any four (4) consecutive months, the Service Credits that the Service Provider must credit in each such month equals the At Risk Amount;
(ii)
Service Provider commits a breach of a kind permitting Molina to terminate this Agreement or certain Services pursuant to Clause 48.4.
(iii)
without prejudice to the Service Provider’s right to argue that Service Credits are not applicable due to the application of Clause 60 (Excusing Causes), the Service Provider withholds Service Credits or Delivery Credits in circumstances where the Service Provider has an obligation to credit such Service Credits or Delivery Credits pursuant to Clause 11 (Transition) in the case of Delivery Credits or Clause 18 (Service Credits) in the case of Service Credits, and Service Provider fails to pay Molina such amounts (or issue Molina a credit note for such amounts) within ten (10) Business Days after any Molina demand that such amount be paid or credited to Molina.

-65-


(d)
Regulatory Sanction
An act or omission of the Service Provider which is in breach of this Agreement or any Project Work Order resulting in:
(i)
any of the following:
(A)
any Regulatory Authority subjecting Molina to a prohibition or restriction on the carrying on of its business;
(B)
a Regulatory Authority subjecting Molina to a fine or similar penalty;
(C)
a Regulatory Authority subjecting Molina to public censure; or
(D)
any Regulatory Authority making a formal finding that it has observed a condition in relation to the business or operations of any Molina Company that the Regulatory Authority considers to be objectionable (including the issue of an FDA Form 483, as replaced from time to time, or the equivalent in any jurisdiction) and requires that condition to be rectified;
(ii)
any Regulatory Authority withdrawing any license required for Molina or any member of the Molina Group to carry on its business or any part of its business, or imposing any conditions on any such license; or
(iii)
any Regulatory Authority notifying Molina that if Molina fails to remedy the act or omission, or if the act or omission recurs, it will or will be likely to take the action referred to in Clause 51.1(d)(i) or Clause 51.1(d)(ii), so long as Molina shall have promptly informed the Service Provider that the applicable Regulatory Authority has so notified Molina.
The Parties acknowledge and agree that, for the purposes of determining whether the Service Provider breached this Agreement, Molina’s right to terminate this Agreement pursuant to this Clause 51.1(d) shall not be construed as expanding the Service Provider’s obligations to comply with Applicable Law as otherwise set out in this Agreement.
(e)
Specific Failures
The Service Provider is in material breach of Clauses 24 (Security), 29 (Intellectual Property Rights), 30 (Confidentiality) or 34 (Data Protection and Data Privacy) (whether or not such breach is a material breach of this Agreement) and such breach:
(i)
is not capable of remedy; or
(ii)
is capable of remedy and the Service Provider fails to remedy the breach within twenty (20) Business Days starting on the Business Day after receipt of notice from Molina giving particulars of the breach and requiring the Service Provider to remedy the breach.

-66-


(f)
For security breach
(i)
The Service Provider is in breach of Clause 24 (Security), Clause 30 (Confidentiality) or Clause 34 (Data Protection and Data Privacy) and as a result:
(A)
Molina is required to notify a Regulatory Authority and/or affected data subjects of such breach;
(B)
there is a material adverse impact on Molina’s reputation;
(C)
the Service Provider is unable to locate definitively, for a period of longer than fifteen (15) days, any media, device or equipment on which Molina Data is stored;
(D)
a third party gains unauthorized access to any Molina System or any Molina Data; or
(E)
any of the events described in Clause 51.1(d) occur.
(g)
For exhaustion of liability cap
The sum of the damages that the Service Provider has already paid and the damages that the Service Provider is ordered in a final ruling by a court of competent jurisdiction or agrees to pay but has not paid, to Molina under or in connection with this Agreement, exceed fifty percent (50%) of an applicable limit under Clause 58.4 (i.e., either or both of the limits set out in Clause 58.4(b)(i) and Clause 58.4(b)(ii)) unless Molina and the Service Provider agree in writing to increase that limit such that those damages no longer exceed that percentage of that limit.
(h)
For violation of ethical requirements
The Service Provider commits a material breach of Clause 8.12.
(i)
For Failure to complete Transition
The Service Provider fails to Achieve the Final Transition Milestone within sixty (60) days after its Milestone Date.
(j)
Termination of the Entire Agreement for a Failed Benchmark
If the Service Provider fails to implement the findings of a Final Benchmark Report under paragraph 9.6 of Schedule 5 (Benchmarking).
51.2
Right of Molina to Terminate for Change of Control
(a)
Molina may terminate this Agreement, without any payment or penalty, by giving at least three (3) months’ notice to the Service Provider at any time if the person that acquires Control of the Service Provider is:

-67-


(i)
a Molina Competitor;
(ii)
an entity that does not comply with Molina’s Code of Conduct, as amended from time to time in accordance with Schedule 9 (Change), or with whom Molina could not contract without breaching that policy;
(iii)
an Excluded Supplier;
(iv)
an entity with a financial standing that is materially worse than that of the Service Provider; or
(v)
an entity whose Control of the Service Provider will, or is likely, on the basis of an objective analysis, to lead to a material detrimental impact on the provision of the Services or damage to the reputation of Molina or any other Molina Company.
(b)
The Service Provider shall give Molina notice of any acquisition of Control of the Service Provider as soon as practicable (taking into account any restrictions imposed by Applicable Law) and in any event within thirty (30) Business Days after the acquisition.
51.3
Right of both Parties to Terminate for Insolvency
Either Party may terminate this Agreement by notice to the other Party on or at any time after the occurrence of any of the following:
(a)
the other Party being unable to pay its debts as they fall due; or
(b)
the taking of any of the following steps by the other Party or any other person:
(i)
the presentation of a petition for winding up the other Party (and, where the petition is presented by a person other than the other Party, that petition not being struck out or withdrawn within fourteen (14) days);
(ii)
the application for an order or tabling of an effective resolution for winding up the other Party (and, where the application is made or resolution tabled by a person other than the other Party, that application or resolution not being struck out or withdrawn within fourteen (14) days);
(iii)
the application for an order or application for the appointment of a liquidator, receiver (including an administrative receiver), administrator, trustee or similar officer in respect of the other Party (and, where the application is made by a person other than the other Party, that application not being struck out or withdrawn within fourteen (14) days);
(iv)
an execution creditor, encumbrancer, receiver (including an administrative receiver) or similar officer taking possession of the whole or any part of the other Party’s property, assets or undertaking; or

-68-


(v)
the other Party making a composition with its creditors generally (other than for the purpose of a solvent reorganization, solvent arrangement or solvent scheme).
51.4
Right for Service Provider to Terminate Agreement
(a)
If, at any time, the total amount of undisputed Charges that are overdue for payment exceeds the amount of the Charges for the previous three (3) full calendar months:
(i)
the Service Provider may give Molina written notice, for the attention of each of Head of IS Vendor and Supplier Management:
(A)
requiring payment of the undisputed amounts within fifteen (15) days of receipt of such notice by Molina; and
(B)
notifying Molina that it will exercise its rights to terminate if payment is not received within fifteen (15) days of receipt of that notice.
(ii)
If Molina does not pay the amounts set out in any notice served pursuant to Clause 51.4(a) within the period set out in that notice, the Service Provider may terminate this Agreement by giving written notice to Molina. If Molina pays the Charges set out in the notice prior to the date of termination specified in the further notice, then the notice shall automatically be deemed rescinded and the Agreement shall not terminate, but this shall not affect the Service Provider’s ability to levy late payment charges in accordance with Clause 41 (Late Payment).
(iii)
The continued non-payment of the same Charges shall constitute a single occasion of non-payment for the purposes of this Clause.
(b)
The Service Provider may terminate this Agreement by giving written notice to Molina if Molina is in material breach of Clauses 29 (Intellectual Property Rights) or 30 (Confidentiality) and, if the breach is capable of remedy, fails to remedy the breach within twenty (20) Business Days starting on the Business Day after receipt of notice from the Service Provider giving particulars of the breach and requiring Molina to remedy the breach.
(c)
For the purposes of Clause 51.4(b), a breach by Molina of Clause 29 (Intellectual Property Rights) is not material unless it causes irreparable damage to the Service Provider’s business for which damages would not provide an adequate remedy.
(d)
In circumstances where the Service Provider terminates this Agreement under Clause 51.4(a) or Clause 51.4(b), the Service Provider may also terminate all Project Work Orders (but not some of them only), by giving fourteen (14) days’ written notice to Molina.
52.
TERMINATION OF A PROJECT WORK ORDER FOR CAUSE
52.1
Termination by Molina

-69-


Molina may terminate any Project Work Order by notice to the Service Provider on or at any time after the occurrence of any of the following events:
(a)
Material Breach
A material breach of that Project Work Order (whether or not a repudiatory breach, and whether or not a single material breach or multiple breaches that are in aggregate material) and, if the material breach is capable of being remedied, the Service Provider failing to remedy the material breach within twenty (20) Local Business Days (or such longer period as may be agreed) starting on the Local Business Day after receipt of notice from Molina giving particulars of the breach and requiring the Service Provider to remedy the breach.
(b)
Persistent Breach
A failure by the Service Provider to perform an obligation under that Project Work Order (whether or not a repudiatory breach) that has been, or that is substantially similar to failures that have been, repeated sufficiently often to collectively amount to a material breach provided that Molina has previously notified the Service Provider that if the failure or a substantially similar failure is repeated Molina may wish to terminate the Project Work Order.
(c)
Late Delivery
The Service Provider fails to Achieve the Final Milestone under a Project Work Order within twenty (20) Business Days after its Milestone Date, except to the extent the applicable Project Work Order sets outs shorter timeframe.
(d)
Termination of Linked Project Work Order
Molina terminates any Project Work Order that is Linked to that Project Work Order in accordance with this Clause 52 (Termination of a Project Work Order for Cause), or becomes entitled to do so (whether or not Molina actually exercises that right).
(e)
Termination of MSA
Molina terminates this Agreement in accordance with Clause 51 (Termination of the Entire Agreement for Cause), or becomes entitled to do so (whether or not Molina actually exercises that right).
52.2
Right for Service Provider to Terminate for Non–Payment of Charges
(a)
If Molina fails to pay any undisputed Charges under any Project Work Order when due under this Agreement, the Service Provider may give Molina notice of its intention to terminate that Project Work Order if payment is not received within twenty (20) Local Business Days of that notice.
(b)
If Molina does not pay the Charges set out in any notice served pursuant to Clause 52.2(a) within the period set out in that notice, the Service Provider may

-70-


terminate the Project Work Order specified in that notice by giving a further ten (10) Local Business Days’ written notice to Molina. If Molina pays the Charges set out in the further notice prior to the date of termination specified in the notice, then the notice shall automatically be deemed rescinded and the Project Work Order shall not terminate, but this shall not affect the Service Provider’s ability to levy late payment charges in accordance with Clause 41 (Late Payment).
(c)
Without limiting Clause 51.4(b), nothing in this Clause entitles the Service Provider to terminate this Agreement or any Project Work Order other than the Project Work Order referred to in Clauses 52.2(a) and 52.2(b).
52.3
Right of both Project Work Order Parties to Terminate for Insolvency
Either PWO Party may terminate a Project Work Order by notice to the other PWO Party on or at any time after the occurrence of any of the following:
(a)
the other PWO Party being unable to pay its debts as they fall due; or
(b)
the taking of any of the following steps by the other PWO Party or any other person:
(i)
the presentation of a petition for winding up the other PWO Party (and, where the petition is presented by a person other than the other PWO Party, that petition not being struck out or withdrawn within fourteen (14) days);
(ii)
the application for an order or tabling of an effective resolution for winding up the other PWO Party (and, where the application is made or resolution tabled by a person other than the other PWO Party, that application or resolution not being struck out or withdrawn within fourteen (14) days);
(iii)
the application for an order or application for the appointment of a liquidator, receiver (including an administrative receiver), administrator, trustee or similar officer in respect of the other PWO Party (and, where the application is made by a person other than the other PWO Party, that application not being struck out or withdrawn within fourteen (14) days);
(iv)
an execution creditor, encumbrancer, receiver (including an administrative receiver) or similar officer taking possession of the whole or any part of the other PWO Party’s property, assets or undertaking; or
(v)
the other PWO Party making a composition with its creditors generally (other than for the purpose of a solvent reorganization, solvent arrangement or solvent scheme).
53.
PARTIAL TERMINATION
53.1
Where this Agreement gives Molina the right to terminate this Agreement in its entirety, Molina may instead elect to terminate this Agreement in respect of:

-71-


(a)
any or all of the Sub-Towers affected by the events, facts or circumstances giving rise to Molina’s right to terminate;
(b)
any or all of the Service Elements affected by the events, facts or circumstances giving rise to Molina’s right to terminate; or
(c)
a combination of (a) and (b).
53.2
Without limiting Clause 51 (Termination of the Entire Agreement for Cause) or Clause 53.1, if any of the events referred to in Clause 53.3 occur in respect of any Sub-Tower or Service Element, Molina may terminate this Agreement in respect of that Sub-Tower or Service Element by notice to the Service Provider on or at any time after the occurrence of that event.
53.3
The events are:
(a)
Material Breach
A material breach of this Agreement in the context of that Sub-Tower or Service Element (whether or not a repudiatory breach, whether or not a single material breach or multiple breaches that in the aggregate are material, and whether or not a material breach of this Agreement as a whole) and, if the material breach is capable of being remedied, the Service Provider failing to remedy the material breach within twenty (20) Business Days (or such longer period as may be agreed) starting on the Business Day after receipt of notice from Molina giving particulars of the breach and requiring the Service Provider to remedy the breach.
(b)
Persistent Breach
A failure by the Service Provider to perform an obligation in relation to that Sub-Tower or Service Element (whether or not a repudiatory breach) that has been, or that is substantially similar to failures that have been, repeated sufficiently often to collectively amount to a material breach provided that Molina has previously notified the Service Provider Delivery Lead (via formal notice, written correspondence, or during a meeting of the Operational Review Board (and a Party subsequently memorializes such discussion in writing within a reasonable time under the circumstances)) on one or more occasions that if the failure or a substantially similar failure is repeated Molina may wish to terminate this Agreement or that Sub-Tower or that Service Element, and the first such notification occurred at least twenty (20) Business Days prior to Molina’s termination of the applicable Services pursuant to this Clause 53.3(b).
53.4
Nothing in Clause 53.2:
(a)
shall be construed as meaning that the events referred to in Clause 53.3 are not also material breaches of this Agreement as a whole or would not have a materially adverse impact on the use or enjoyment of the Services as a whole; or

-72-


(b)
shall prevent Molina from exercising its rights under Clause 51 (Termination of the Entire Agreement for Cause) in circumstances where it is entitled to do so as a result of the events referred to in Clause 53.3.
53.5
In the case of partial termination as contemplated by Clause 53.1, Clause 53.2 or Clause 53.3, the Change Control Process shall be used to modify this Agreement to account for the partial termination. Molina may terminate the entire Agreement (under Clauses 53.1 or 53.2) for the reason giving rise to the termination right, at any time up to the execution of the relevant Change Notice that shall modify this Agreement with respect to such partial termination.
54.
TERMINATION FOR CONTINUED FORCE MAJEURE
54.1
If the Service Provider is excused from the performance of any of the Services by reason of a Force Majeure Event in accordance with Clause 61 (Force Majeure) for a period of thirty (30) or more consecutive days, then Molina may, on written notice to the Service Provider, terminate any portion of this Agreement or any Project Work Order so affected that it would have been entitled to terminate in accordance with Clause 53 (Partial Termination).
54.2
In the case of partial termination as contemplated by Clause 54.1 in circumstances where any terminated Service does not have a separately identifiable Charge that relates specifically to that Service:
(a)
the Change Control Process shall be used to modify this Agreement or the Project Work Order (as the case may be) to adjust the Charges for the partial termination as well as other changes strictly necessary to reflect the partial termination;
(b)
if the Parties cannot agree (after exhausting all of the available escalation levels forming part of Schedule 7 (Governance)) to an adjustment to the Charges following notice of a partial termination, then this Agreement or the Project Work Order (as the case may be) shall terminate in whole; and
(c)
Molina may terminate the entire Agreement or the Project Work Order (as the case may be) at any time up to the execution of the relevant Change Notice that shall modify this Agreement or the Project Work Order.
55.
TERMINATION FOR CONVENIENCE
55.1
Termination of MSA for Convenience
(a)
Molina may terminate this Agreement, in whole or in respect of one or more Services, for convenience by giving:
(i)
not less than six (6) months’ prior written notice to the Service Provider, in the case of a termination of this Agreement in whole; and
(ii)
not less than three (3) months’ prior written notice to the Service Provider, in the case of a termination of this Agreement in respect of one or more Services,

-73-


(b)
Termination of this Agreement by Molina under Clause 55.1 shall not entitle Molina or the Service Provider to terminate any Project Work Order under Clause 52 (Termination of a Project Work Order for Cause).
55.2
Termination of Project Work Order for Convenience
Molina shall be entitled to terminate any Project Work Order at any time for convenience by giving three (3) months’ written notice to the Service Provider.
56.
THE EFFECTIVE DATE OF TERMINATION
56.1
The Termination Date shall be determined by the Party terminating this Agreement or the Project Work Order and shall be set out in the termination notice.
56.2
If a Termination Date is not included in the termination notice, the Termination Date shall, except in the case of notice under Clause 55 (Termination for Convenience), be forty-five (45) Business Days from the date the termination notice is received.
56.3
The Service Provider’s obligation to deliver the Services does not cease on the Termination Date. The Service Provider must continue to deliver the Services in accordance with this Agreement to the extent required under Schedule 8 (Termination Assistance and Exit).
56.4
Molina is not required to exhaust all or any part of the Dispute Resolution Procedure before exercising a right to terminate this Agreement.
57.
CONSEQUENCES OF TERMINATION
57.1
No Right to an Injunction
(a)
The only remedy that the Service Provider shall have in relation to the wrongful termination of this Agreement or a Project Work Order by Molina is damages.
(b)
Without limiting Clause 57.1(a), the Service Provider shall have no right to an injunction or similar relief or remedy restraining Molina from terminating this Agreement or a Project Work Order.
(c)
The Service Provider must not refuse to provide the Services or suspend the provision of the Services following any notice of termination issued by Molina and in particular the Service Provider must not refuse to meet its obligations under the Exit Plan even if it is pursuing a claim against Molina that it has wrongfully repudiated this Agreement.
57.2
Damages and Termination not Exclusive
(a)
If this Agreement is terminated by either Party for breach by the other Party, the terminating Party may, in addition to terminating the Agreement, claim damages for that breach irrespective of the reason for terminating the Agreement.
(b)
If this Agreement is terminated by Molina under Clause 51 (Termination of the Entire Agreement for Cause) or Clause 53 (Partial Termination), Molina shall be entitled

-74-


to recover damages in respect of losses resulting from the termination of this Agreement, as well as damages in respect of losses resulting from any breach of this Agreement.
(c)
If this Agreement is terminated by the Service Provider under Clause 51 (Termination of the Entire Agreement for Cause), the Service Provider shall be entitled to recover damages in respect of losses resulting from the termination of this Agreement, as well as damages in respect of losses resulting from any breach of this Agreement.
(d)
If any Project Work Order is terminated by either PWO Party for breach by the other PWO Party, the terminating PWO Party may, in addition to terminating the Project Work Order, claim damages for that breach irrespective of the reason for terminating the Project Work Order.
(e)
If a Project Work Order is terminated by Molina under Clause 52 (Termination of a Project Work Order for Cause), Molina shall be entitled to recover damages in respect of losses resulting from the termination of the Project Work Order, as well as damages in respect of losses resulting from any breach of the Project Work Order.
(f)
If a Project Work Order is terminated by the Service Provider under Clause 52 (Termination of a Project Work Order for Cause), the Service Provider shall be entitled to recover damages in respect of losses resulting from the termination of that Project Work Order, as well as damages in respect of losses resulting from any breach of that Project Work Order.
57.3
Rights in addition to right to termination at law
(a)
The Service Provider may not terminate this Agreement other than as expressly provided in Clause 51.3 and Clause 51.4, but nothing in this Clause restricts the Service Provider’s right to rescind this Agreement for fraudulent misrepresentation by Molina.
(b)
Neither the Service Provider nor the applicable Service Provider PWO Party may terminate any Project Work Order other than as expressly provided in Clause 52.2 and Clause 52.3, but nothing in this Clause restricts the right of the Service Provider or the applicable Service Provider PWO Party to rescind a Project Work Order for fraudulent misrepresentation by Molina.
57.4
Termination Assistance
Molina and the Service Provider each has the rights and obligations allocated to it in Schedule 8 (Termination Assistance and Exit) in relation to preparation for, and the consequences of, expiry or termination (in whole or in part) of this Agreement or a Project Work Order.
57.5
Return and Treatment of Confidential Information
On termination or expiry of this Agreement, each Party agrees that:

-75-


(a)
it must continue to keep confidential the other Party’s Confidential Information in accordance with Clause 30 (Confidentiality); and
(b)
its rights to use and disclose the other Party’s Confidential Information cease other than:
(i)
in relation to information any Party (including Subcontractors) is required to disclose in order to comply with any of those reporting obligations set out in Clause 30.7;
(ii)
to the extent use and disclosure of Confidential Information is necessary in order to make use of the license rights granted pursuant to Clause 29 (Intellectual Property Rights); and
(iii)
in relation to disclosures required to be made by either Party in order to carry out their respective obligations as set out in Schedule 8 (Termination Assistance and Exit).
57.6
Other Consequences of Termination
(a)
Expiry or termination of this Agreement does not affect a Party’s accrued rights and obligations at the time of expiry or termination.
(b)
Without prejudice to Clause 52.1(e), expiry or termination of this Agreement shall not result in the automatic expiry or termination of any Project Work Order.
(c)
The provisions of Clauses 1 (Definitions), 2 (Interpretation), 8.11, 29 (Intellectual Property Rights), 30 (Confidentiality), 31 (Use of Confidential Information and Molina Data), 32 (Return of Confidential Information), 33 (Announcements and Publicity), 34 (Data Protection and Data Privacy), 39 (HR Obligations), 40 (Charges), 41 (Late Payment), 42 (Invoices), 43 (Taxation), 57.2, 57.3, 57.4, 57.5, 57.6, 58(Indemnification, Liability), 60 (Excusing Causes), 61 (Force Majeure), 66 (Further Assurance), 67 (Third Party Beneficiaries), 69 (Entire Agreement), 70 (Waiver), 71 (No Partnership), 72 (Severability), 73 (Counterparts), 74 (Dispute Resolution and Dispute Management) and 75 (Governing Law and Jurisdiction) and any other Clauses where the context requires it to survive shall survive expiry or termination of this Agreement or of any Project Work Order for any reason.
(d)
Clauses 13.3(c) and 13.3(d) shall survive expiry or termination of this Agreement for as long as any Project Work Order remains in force.
(e)
The provisions of the Schedules will survive expiry or termination of this Agreement for any reason to the extent that and for so long as they are referred to in Clauses which survive.
(f)
Molina’s obligation to pay Charges properly incurred prior to the date of expiry or termination of this Agreement, or of termination of the Project Work Order in respect

-76-


of which those Charges are payable, shall survive the expiry or termination of this Agreement and that Project Work Order.
(g)
If this Agreement is terminated by Molina pursuant to Clause 55 (Termination for Convenience), then Molina shall pay the applicable early termination fee as set forth in, as applicable, Schedule 3 (Pricing and Invoicing) or the applicable Project Work Order.


-77-


PART N    INDEMNIFICATION, LIMITATION OF LIABILITY AND
EXCUSING CAUSES
58.
INDEMNIFICATION, LIABILITY.
58.1
Indemnification by the Service Provider.
The Service Provider will, at its sole cost and expense, defend, indemnify and keep indemnified, and hold harmless Molina and the Molina Companies and each of their respective officers, directors, employees, contractors, agents, representatives, successors and assigns (each an “Molina Indemnified Party”) from any and all Losses of a Third Party alleged, incurred, or awarded to or payable in settlement with such Third Party, in each case arising out of a claim by a Third Party, to the extent caused by:
(a)
An IPR Claim Against Molina, in each case except to the extent such IPR Claim Against Molina results from:
(i)
the Service Provider complying with Molina’s specifications or other requirements, but only if those specifications or requirements mandated the specific act or acts of infringement or alleged infringement on which the IPR Claim is based;
(ii)
Molina IP or any materials or resources provided by or on behalf of Molina or any Molina Companies and used in a manner permitted by this Agreement;
(iii)
modifications made by or on behalf of Molina or any Molina Companies by any person (other than modifications made by or on behalf of the Service Provider or any Service Provider Companies) of the Services, Software, System, Materials or Modifications that are the subject of the IPR Claim Against Molina, but only if such Services, Software, System, Materials or Modifications, without that modification, would not have resulted in the infringement or alleged infringement on which the IPR Claim is based;
(iv)
use or combination (other than by or on behalf of the Service Provider) of the Services, Software, System, Materials or Modifications that are the subject of the IPR Claim Against Molina, with items not provided by or on behalf of the Service Provider or its Subcontractors and absent such use or combination such Services, Software, System, Materials or Modifications would not have resulted in the infringement or alleged infringement on which the IPR Claim Against the Service Provider is based;
(v)
refusal to use corrections and enhancements provided by the Service Provider at no additional cost, where:
(A)
those corrections and enhancements could have been implemented without disruption to Molina’s business; and

-78-


(B)
the act or acts of infringement or alleged infringement on which the IPR Claim Against Molina is based would not have occurred if the corrections and enhancements had been implemented; or
(vi)
use by a Third Party of the Services, Software System, Materials or Modifications that are the subject of the IPR Claim Against Molina in a manner where such use by Molina would have constituted a breach of this Agreement;
(a)
a violation of or non-compliance with Applicable Law by the Service Provider or any Subcontractor except to the extent such violation or non-compliance by Service Provider resulted from:
(i)
a breach of this Agreement by the Molina or any Molina Company;
(ii)
violation or non-compliance with Applicable Law (including obligations that Molina may have under Data Protection Laws by virtue of its role as a data controller or other similar concepts under applicable Data Protection Laws) by Molina or any Molina Company; or
(iii)
the Service Provider’s compliance with Molina’s written instructions on how to comply with a particular Applicable Law, to the extent the only plausible manner in which the Service Provider could have complied with such instruction resulted in such violation of or non-compliance with Applicable Law;
(b)
breaches of the Service Provider’s obligations with respect to Clause 30 (Confidentiality);
(c)
death or bodily injury, or the damage, loss or destruction of real or tangible personal property of Third Parties (including employees of any Molina Company, Service Provider Company, or their respective subcontractors) resulting from the acts or omissions (including breach of contract or negligence) of the Service Provider, or any Service Provider Personnel, agents and/or representatives or any of the personnel of the foregoing;
(d)
any Taxes, interest, penalties or other amounts assessed against Molina that are the obligation of the Service Provider pursuant to 43 (Taxation); or
(e)
the gross negligence, willful misconduct or fraud of the Service Provider, any Service Provider Company, or any Subcontractor.
58.2
Indemnification by Molina
Molina will, at its sole cost and expense, defend, indemnify and keep indemnified, and hold harmless the Service Provider and the Service Provider Companies and each of their respective officers, directors, employees, contractors, agents, representatives, successors and assigns (each a “Service Provider Indemnified Party”) from any and all Losses of a

-79-


Third Party alleged, incurred, or awarded to or payable in settlement with such Third Party, in each case arising out of a claim by a Third Party, to the extent caused by:
(a)
an IPR Claim Against the Service Provider, in each case except to the extent such IPR Claim Against the Service Provider results from:
(i)
Molina complying with the Service Provider’s specifications or other requirements, but only if those specifications or requirements mandated the specific act or acts of infringement or alleged infringement on which the IPR Claim Against the Service Provider is based;
(ii)
Service Provider IP or any materials or resources provided by or on behalf of Service Provider or any Service Provider Companies and used in a manner permitted by this Agreement;
(iii)
modifications made by or on behalf of the Service Provider by any person (other than modifications made by or on behalf of Molina or any Molina Companies) of any Molina IP, Software or Third Party Software that are the subject of the IPR Claim Against the Service Provider, but only if such Molina IP, Software or Third Party Software, without that modification, would not have resulted in the infringement or alleged infringement on which the IPR Claim is based;
(iv)
refusal to use corrections and enhancements provided by Molina at no additional cost, where:
(A)
those corrections and enhancements could have been implemented without disruption to Service Provider’s business; and
(B)
the act or acts of infringement or alleged infringement on which the IPR Claim Against the Service Provider is based would not have occurred if the corrections and enhancements had been implemented; or
(v)
 use of the Molina IP, Software or Third Party Software that are the subject of the IPR Claim Against the Service Provider in connection with the provision of services to any party other than the Molina Companies;
(b)
a violation of or non-compliance with Applicable Law by Molina, in each case except to the extent such violation or non-compliance by Molina resulted from:
(i)
a breach of this Agreement by the Service Provider or any Service Provider Company; or
(ii)
violation or non-compliance with Applicable Law (including obligations that the Service Provider may have under Data Protection Laws by virtue of its role as a data processor or other similar concepts under applicable Data Protection Laws) by the Service Provider or any Service Provider Company;
(c)
breaches of Molina’s obligations with respect to Clause 30 (Confidentiality);

-80-


(d)
death or bodily injury, or the damage, loss or destruction of real or tangible personal property of Third Parties (including employees of any Molina Company, Service Provider Company and/or their respective subcontractors) resulting from the acts or omissions (including breach of contract or negligence) of Molina or Molina Companies, agents and/or representatives or any of the personnel of the foregoing;
(e)
any Taxes, interest, penalties or other amounts assessed against the Service Provider that are the obligation of Molina pursuant to Clause 43 (Taxation); or
(f)
use of any Service Provider IP other than as authorized and for use as part of the Services (or as may be permitted following the expiration or termination of this Agreement or the applicable Services, as applicable).
58.3
Indemnification Procedures.
(a)
The following procedures shall apply if any third-party Claim is commenced against any Molina Indemnified Party or Service Provider Indemnified Party (the “Indemnified Party”):
(i)
Notice of such Claim will be given to the other Party (the “Indemnifying Party”) as promptly as practicable.
(ii)
If, after such notice, the Indemnifying Party acknowledges that the terms of this Agreement apply with respect to such Claim, then subject to Clause 58.3(a)(vii) and except where Clause 58.3(a)(viii) applies, the Indemnifying Party will be entitled, if it so elects, in a notice promptly delivered to the Indemnified Party, but in no event less than ten (10) days prior to the date on which a response to such Claim is due or as soon as reasonably practicable if notice of the Claim was given with less than ten (10) days to respond to the Claim, to immediately take control of the defense and investigation of such Claim and to employ and engage attorneys reasonably acceptable to the Indemnified Party to handle and defend the same, at the Indemnifying Party’s sole cost and expense.
(iii)
No settlement of a Claim that involves a remedy other than the payment of money by the Indemnifying Party will be entered into without the consent of the Indemnified Party which is not to be unreasonably withheld.
(iv)
After notice by the Indemnifying Party to the Indemnified Party of its election to assume full control of the defense of any such Claim (excluding those instances where the Indemnified Party has the option to retain control of the defense of the applicable claim), the Indemnifying Party will not be liable to the Indemnified Party for any legal expenses incurred thereafter by such Indemnified Party in connection with the defense of that Claim.
(v)
If the Indemnifying Party does not assume full control over the defense of a Claim subject to such defense as provided in this Clause 58.3(a), the

-81-


Indemnifying Party may participate in such defense, at its sole cost and expense, and the Indemnified Party will have the right to defend the Claim in such manner as it may deem appropriate, at the reasonable cost and expense (including attorneys’ fees) of the Indemnifying Party.
(vi)
The Indemnified Party will, at the Indemnifying Party’s cost and expense, cooperate in all reasonable respects with the Indemnifying Party and its attorneys in the investigation, trial and defense of such Claim and any appeal arising therefrom.
(vii)
The Indemnified Party may, at its own cost and expense, participate, through its attorneys or otherwise, in such investigation, trial and defense of such Claim and any appeal arising therefrom.
(viii)
If an Indemnified Party is entitled to indemnification in respect of a Claim (in accordance with Clause 58), and liability in connection with that Claim is subject to a liability cap set out in Clause 58.4, the Indemnified Party will be entitled, if it so elects, in a notice promptly delivered to the Indemnifying Party, but in no event less than ten (10) days prior to the date on which a response to such Claim is due or as soon as reasonably practicable if notice of the Claim was given with less than ten (10) days to respond to the Claim, to immediately take control of the defense and investigation of such Claim and to employ and engage attorneys reasonably acceptable to the Indemnified Party to handle and defend the same, at the Indemnifying Party’s sole cost and expense, provided that if the Indemnified Party assumes control of the defense of a Claim in accordance with this Clause 58.3(a)(viii), the Indemnified Party:
(A)
shall comply with its obligations to mitigate under Clause 58.8 (No Double Recovery; Duty to Mitigate Damages) with respect to losses incurred in connection with the Claim and the defense of the Claim; and
(B)
may only enter into a settlement of a Claim concerning the payment of money with a complete release of all Indemnified Parties’ liability, and shall not without the consent of the Indemnifying Party, in its discretion, enter into any settlement of a Claim that involves an admission of liability by or on behalf of the Indemnifying Party, or involves any other remedy except the payment of money.
(b)
If an IPR Claim against an Indemnified Party is made, in addition to the obligations of the Indemnifying Party set out in Clause 58.3(a), the Indemnifying Party (i) may, at the Indemnifying Party’s cost and expense, procure for itself and the Indemnified Party, as the case may be, the right to continue using infringing items and (ii) may, in the Indemnifying Party’s discretion, (A) substitute or modify any affected item so as to avoid the infringement, (B) replace any part of any affected item with a non–infringing item or remove any or part of the affected item so long as such modification or removal results in the affected item offering equivalent or better features and

-82-


functionality to the infringing items, or (C) if substitution or modification in line with the above is not practicable, Indemnifying Party may remove the affected item (and the Indemnified Party shall cease using it) and refund the amounts paid for such item; provided, however, that in the event the Indemnifying Party exercises the option set out in clause (C) above, (I) such provision shall not be construed as relieving the Indemnifying Party exercising such option from any of its obligations under this Agreement, regardless of whether the performance of such obligations are affected by actions taken by the Indemnifying Party excercising such option and (II) the Indemnifying Party exercising such option shall bear any incremental costs and expenses incurred by the Indemnified Party as a result of the exercise of such option to the extent such incremental costs relate to changes implemented by or on behalf of the Indemnified Party to mitigate the effects of the Indemnifying Party’s exercising such option. Where the Indemnifying Party addresses the applicable IPR Claim via clause (ii) of the preceding sentence, the Parties shall memorialize the change to the Service Provider Technical Solution via a Change Notice in an amendment to this Agreement.
58.4
Limitations Caps.
(a)
References in this Clause 58.4 to Charges paid or payable (as specified below in this Clause 58.4) by Molina as the basis for calculating a limitation of liability under this Agreement will be the aggregate of all such Charges under this Agreement (including Charges paid or payable pursuant to Project Work Orders), but excluding VAT or other taxes that are payable by Molina in connection with the Services. Molina will have the sole right to recover damages and assert all rights, and exercise all options, under this Agreement on behalf of and for the benefit of Molina Companies. The Service Provider will have the sole right to recover damages and assert all rights, and exercise all options, under this Agreement on behalf of and for the benefit of the Service Provider Companies.
(b)
Service Provider’s Liability Caps
(i)
General Liability Cap.
Except as set forth in Clause 58.6 and Clause 58.4(b)(ii), the Service Provider’s total liability under this Agreement (whether the liability is in contract, in tort, breach of warranty, negligence, strict liability or otherwise) for any claim or Losses under this Agreement will under no circumstances exceed an amount equal to the greater of:
(A)
[redacted]; and
(B)
[redacted],
[redacted].

-83-


Amounts that apply against the limitation of liability set out in this Clause 58.4(b)(i) shall not apply against any other limitation of liability or damages cap set out in this Agreement.
(ii)
Security Incident Liability Cap.
Except as set forth in Clause 58.6, the Service Provider’s total liability under this Agreement (whether the liability is in contract, in tort, breach of warranty, negligence, strict liability or otherwise) for (x) liability arising from any cause of action arising from breach by the Service Provider of Clause 34 (Data Protection and Data Privacy), (y) the Service Provider’s responsibility for certain costs and expenses as set out in Clause 34.9 (Security Breach Response.), and (z) the Service Provider’s obligation of the Service Provider to indemnify Molina pursuant to Attachment 24A (Business Associate Agreement) to Schedule 24 (Certain Security Requirements), as applicable, will under no circumstances exceed an amount equal to the greater of:
(A)
[redacted]; and
(B)
[redacted],
[redacted].
Amounts that apply against the limitation of liability set out in this Clause 58.4(b)(ii) shall not apply against any other limitation of liability or damages cap set out in this Agreement.
(c)
Molina’s Liability Cap
Except as set forth in Clause 58.6, Molina’s total liability in the aggregate under this Agreement (whether the liability is in contract, in tort, breach of warranty, negligence, strict liability or otherwise) for any claim or Losses under this Agreement will under no circumstances exceed:
(A)
[redacted]; and
(B)
[redacted],
[redacted].
58.5
Consequential Damages Exclusion.
(a)
EXCEPT AS SET OUT IN CLAUSE 58.5(b) AND CLAUSE 58.6, IN NO EVENT, WHETHER IN CONTRACT OR IN TORT (INCLUDING BREACH OF WARRANTY, NEGLIGENCE AND STRICT LIABILITY), WILL EITHER PARTY BE LIABLE TO THE OTHER FOR LOST REVENUE, LOST PROFIT, LOSS OF GOODWILL, LOSS OF ANTICIPATED SAVINGS, LOSS OF BUSINESS, OR CONSEQUENTIAL, INDIRECT, SPECIAL, EXEMPLARY,

-84-


PUNITIVE OR INCIDENTAL DAMAGES EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.
(b)
Notwithstanding Clause 58.5(a) the following will be recoverable damages that apply against the caps on liability set forth in Clause 58.4 as applicable to the extent that they result directly from either Party’s failure to perform in accordance with this Agreement:
(i)
the reasonable cost of researching, procuring, purchasing, installing, testing and implementing alternative Systems and/or services used in whole or partial substitution for the Services;
(ii)
the reasonable cost of restoring lost or corrupted data (including recreating data in circumstances where the data is no longer reasonably available in the form in which it existed at the time of the loss or corruption), provided that the data has been backed up by or on behalf of Molina in accordance with a reasonable back-up policy (but that proviso does not apply to the extent the Service Provider is responsible for backing up that data under this Agreement and has failed to do so in accordance with this Agreement);
(iii)
fines payable by Molina or any Molina Company as a result of the Service Provider’s breach of this Agreement;
(iv)
the reasonable cost of implementing and performing work-arounds;
(v)
the reasonable cost of replacing lost, stolen or damaged goods or materials;
(vi)
the reasonable cost of procuring replacement services, or services designed to rectify defects in the Services from an alternate source; and
(vii)
additional wages, overtime, fees and expenses (including reasonable travel and lodging) incurred by Molina Companies in:
(A)
appointing advisors to advise upon the impact and consequences of the Service Provider’s breach, including legal and compliance professionals;
(B)
investigating the circumstances of the Service Provider’s breach, whether such investigation is conducted by Molina or by a third party on Molina’s behalf;
(C)
performing or rectifying, or engaging a Third Party to perform or rectify, the Services that the Service Provider has failed to perform; and
(D)
managing a Third Party’s or the Service Provider’s investigation, performance or rectification of the Services that the Service Provider has failed to perform.
58.6
Exceptions

-85-


(a)
In each case subject to Clause 58.6(x), liability arising from the following will not be subject to any cap in Clause 58.1 and the disclaimer in Clause 58.5(a) will not apply with respect to:
(i)
death or bodily injury or physical or real property damage caused by a Party or its personnel;
(ii)
Molina’s obligation to pay the Charges;
(iii)
any Charge Deductions;
(iv)
the cost of procuring any license for any Software incorporated into Molina Work Product or System that the Service Provider should have procured, but did not procure, for Molina’s benefit under any provision of this Agreement;
(v)
the breach by either Party of the obligations contained in Clause 29 (Intellectual Property Rights) or Clause 30 (Confidentiality);
(vi)
[redacted];
(vii)
[redacted];
(viii)
[redacted];
(ix)
[redacted];
(x)
liability arising from the intentional cessation by the Service Provider of any of its obligations under this Agreement;
(xi)
liability arising from willful misconduct by either Party or members of its Group;
(xii)
liability arising from the fraud of either Party or members of its Group;
(xiii)
liability arising from gross negligence of either Party or members of its Group; and
(xiv)
the extent such limitation or exclusion is not permitted by Applicable Law.
(b)
If a claim or event of any sort that is contemplated by this Clause 58.6 is one with respect to which both (i) the provisions of Clause 58.4(b)(ii) are set out as applying to limit the amount Service Provider’s liability and (ii) any other provision of this Clause 58.6 applies, then Clause 58.4(b)(ii) shall be deemed not to apply, and the Service Provider’s liability with respect to such claim or event shall be unlimited in the manner otherwise contemplated in this Clause 58.6. For example, in the event the Service Provider breaches Clause 34 (Data Protection and Data Privacy) as a result of the [redacted] of [redacted], then [redacted] shall be deemed not to apply,

-86-


and the Service Provider’s liability with respect to such claim or event shall be [redacted].
58.7
Open Negotiation
Molina and the Service Provider have freely and openly negotiated this Agreement, including the pricing, with the knowledge that the liability of the Parties is to be limited in accordance with the provisions of this Agreement.
58.8
No Double Recovery; Duty to Mitigate Damages
In the event of any set of circumstances that results in both Service Credits (or Delivery Credits) and Molina incurring a Loss, an amount equal to the Service Credits (or Delivery Credits, as applicable) paid by the Service Provider in connection with such circumstances will be deducted from the Losses recoverable by Molina pursuant to this Agreement. In no event will any of the provisions in this Agreement be interpreted to allow recovery for the same Losses more than once. Each Party has a duty to mitigate the damages and losses that would otherwise be recoverable from the other Party pursuant to this Agreement to the extent required under the law governing this Agreement, as set out in Clause 75.1.
59.
INSURANCE
59.1
In this Clause, unless the context otherwise requires:
(a)
Insurance” means each of the policies of insurance which the Service Provider is required to maintain pursuant to this Agreement and “Insurances” means all such policies of insurance collectively;
(b)
Insurance Limits” means the monetary amounts set out in Clause 59.2;
(c)
Insurer” means the persons providing the Insurance; and
(d)
“Prudent Service Provider” means in respect of the Insurances a prudent supplier, in a similar industry and of similar size and financial strength as the Service Provider, providing services of a type and size similar to those undertaken by the Service Provider under this Agreement.
59.2
The Service Provider shall, during the Term and at its expense, have and maintain in force the following insurance coverages (including tail coverage of at least 1 year for any claims-made policies, if such claims-made policies are not maintained for 1 year after the conclusion of this Agreement):
(a)
Employer’s Liability Insurance, including coverage for occupational injury, illness and disease, and other similar social insurance with the minimum limits in amount equal to the greater of (i) the minimum limits required by Applicable Law and (ii) [redacted];
(b)
Worker’s Compensation Insurance, including coverage for occupational injury, illness, and disease, and other similar social insurance with minimum limits in

-87-


accordance with the laws of the country, state, or territory exercising jurisdiction over the employee;
(c)
Commercial General Liability Insurance, including Products, Completed Operations, on an occurrence basis, of [redacted] per occurrence and an aggregate limit of [redacted]. This coverage shall name Molina and each other Molina Company as additional insureds, to the extent allowable by law, as set out in Clause 59.11;
(d)
Auto Liability Insurance as required by local law and, in any event and in addition, automobile bodily injury and property damage liability insurance covering owned, non-owned and hired automobiles, the limits of which shall not be less than [redacted] combined single limit per occurrence;
(e)
Commercial Crime Insurance, in an amount not less than [redacted] per occurrence and in the aggregate covering the theft of money, securities and other tangible property belonging to Molina by a Service Provider employee, while performing the Services for Molina, and with Molina added as Loss Payee under said Policy;
(f)
Professional Liability Insurance (specifically, Cyber Insurance that includes both Network Security and Privacy Liability) covering the Service Provider’s liability for claims due to an act, error, omission or negligence in the performance of the Service under this Agreement, with a limit of [redacted] per claim with an aggregate limit of [redacted];
(g)
in the event Services include handling funds from Customer employees and/or members, the Service Provider shall provide proof of Fidelity Bonds and Crime Insurance with a [redacted] limit covering losses resulting from employee dishonesty, fraudulence, and/or theft;
(h)
cybersecurity insurance in amounts equal to the greater of (i) with industry standard limits and (ii) a minimum [redacted] limit of liability; and
(i)
Umbrella Liability Insurance with a minimum limit of [redacted] per occurrence and in the aggregate, in excess of the insurance coverage described in Clause 59.2(b) and Clause 59.2(d) provided that Molina shall not require the Service Provider to evidence such insurance in jurisdictions that do not permit non-admitted insurance.
59.3
The Insurances shall cover the liability of the Service Provider.
59.4
The Insurance Limits must be maintained as per the limits above.
59.5
These stated Insurance coverages:
(a)
shall be maintained with excesses or deductibles no greater than those that would be assumed by a Prudent Service Provider; and
(b)
shall not be subject to any exclusions other than those that are typical in all the circumstances and would be accepted by a Prudent Service Provider.

-88-


59.6
The Insurances shall be maintained with insurers or reinsurers that have a Rating in Best’s Rating Guide of A (A) or higher (or equivalent rating agency).
59.7
If the General Liability Insurer disputes any bodily injury, death or property insurance claim by the Service Provider arising out of this Agreement and to which Molina is also named in such action, the Service Provider shall so notify Molina in writing.
59.8
The Service Provider shall give Molina at least thirty (30) days’ prior written notice if any Insurance will be cancelled.
59.9
Molina may elect (but shall not be obliged), after giving thirty (30) days’ written notice and an opportunity to cure to the Service Provider, to purchase any Insurance which the Service Provider is required to maintain pursuant to this Agreement but has failed to maintain in full force and effect, and Molina shall be entitled to recover the reasonable premium and other reasonable costs incurred in connection therewith as a debt due from the Service Provider.
59.10
The Service Provider shall provide before the Effective Date, and within ten (10) Business Days after the renewal of every stated Insurance, a certificate of insurance from the insurance brokers who arranged the Insurances addressed to Molina evidencing that such Insurance is in effect as of the Effective Date as at each renewal date.
59.11
Provision Specific to Commercial General Liability Insurance
(a)
The Service Provider shall ensure that Molina and each member of the Molina Group shall be added and maintained as an additional insured for claims against Molina and members of the Molina Group from any person (other than Molina’s own employees) resulting from the negligence of the Service Provider and any Service Provider Personnel in the course of this Agreement and for which the Service Provider is itself insured under that Insurance subject to the terms and conditions of the policy.
(b)
The Commercial General Liability Insurance shall provide that each insured party shall be insured for its own insurable interest, and separately from any other insured party.
(c)
The Service Provider shall endeavor to give at least thirty (30) days’ prior written notice to Molina if any Insurer proposes to cancel that Insurance.
59.12
It is acknowledged by the parties that should any local custom or Applicable Law in any jurisdiction require or have the effect of requiring any amendment to the provisions of, or the obligations imposed by this Clause 59 in respect of that jurisdiction, the necessary amendments to this Clause 59 shall be agreed between the parties (such amendments applying in relation to that jurisdiction only) and recorded in this Agreement with respect to that jurisdiction.
59.13
Waiver of Subrogation.

-89-


The Service Provider waives all rights of recovery against Molina and the Molina Companies and its and their officers, directors, employees, agents, and other representatives for any loss, damage, or injury of any nature whatsoever to the Service Provider unless the loss, damage or injury was caused by the negligence or willful misconduct of Molina and the Molina Companies and its and their officers, directors, employees, agents and other representatives. The Service Provider will obtain from the Service Provider’s insurance carriers waivers of the subrogation rights under the respective policies for commercial general liability and auto liability.
60.
EXCUSING CAUSES
60.1
This Clause 60 (Excusing Causes) and Clause 61 (Force Majeure) set out:
(a)
the only bases on which the Service Provider shall be excused from liability for a failure to perform (or delay in performing) its obligations under this Agreement, and the conditions to which that excuse is subject; and
(b)
the Service Provider’s only remedies in respect of Molina’s failure to perform the Molina Responsibilities (but without prejudice to the Service Provider’s right to terminate this Agreement under Clause 51 (Termination of the Entire Agreement for Cause)).
Any reference to Service Provider in this Clause 60 shall be read as including a reference to any member of the Service Provider Group.
60.2
Subject to Clause 60.5, the Service Provider shall not be liable for any failure to perform (or any delay in performing) any of its obligations under this Agreement (including the Service Levels) if and to the extent that the Service Provider can reasonably demonstrate that the failure or delay results from:
(a)
a failure or delay by Molina, Molina Companies, or Other Service Providers (other than those Other Service Providers whose contract with Molina or whose related activities are not being administered or managed by the Service Provider or any of its Affiliates, to the extent the failure or delay by the applicable Other Service Provider results from the Service Provider’s improper administration, improper management, or other breach of this Agreement by the Service Provider) in performing any Molina Responsibility; or
(b)
the Service Provider acting in accordance with an express instruction by Molina, provided that:
(i)
the instruction was issued by an employee or other representative of Molina with at least apparent authority; and
(ii)
the instruction was not manifestly issued in error
(each, an “Excusing Cause”).

-90-


60.3
The provision by Service Provider or any other member of the Service Provider Group of other services to Molina other than the Services, where the provision of such other services adversely affects the Services, shall not amount to an Excusing Cause, provided that it is neither (a) a breach of the applicable agreement between Molina or any member of the Molina Group, on one hand, and the Service Provider or any member of the Service Provider Group, on the other hand, for which Molina or any member of the Molina Group is liable nor (b) an event for which Molina or the applicable member of the Molina Group is responsible in a manner which, under the terms of the applicable agreement, results in the Service Provider or the applicable member of the Service Provider Group being relieved of its obligation to perform its obligations under such agreement.
60.4
The Service Provider shall:
(a)
notify Molina in writing, and in a form that complies with the requirements of Clause 60.4(b) (an “Excusing Cause Notice”), as soon as practicable after becoming aware of an Excusing Cause which has led, is leading or is likely to lead to a failure or delay in the Service Provider performing its obligations under this Agreement;
(b)
provide Molina with full details of, in each case as soon as is practicable under the circumstances:
(i)
the precise nature of the Excusing Cause and the actual or potential delay or failure;
(ii)
the specific obligations that are impacted by the Excusing Cause and how the Excusing Cause prevents or delays the performance of those obligations;
(iii)
if the Service Provider seeks relief from Service Levels, the specific Service Levels in respect of which the Service Provider seeks relief and the reasons why the Excusing Cause impacts the Service Provider’s ability to meet those Service Levels;
(iv)
the specific actions the Service Provider requires Molina to take in order for the Service Provider to resume performance of the Services in accordance with this Agreement; and
(v)
the specific actions the Service Provider will to take in order for the Service Provider to mitigate the effect of the Excusing Cause and resume performance of the Services in accordance with this Agreement;
(c)
use all reasonable endeavors to continue to perform the affected obligations in accordance with this Agreement notwithstanding the occurrence of any Excusing Cause; and
(d)
comply with its obligations under this Agreement that relate to the management and resolution of the effects of the Excusing Cause (including, without limitation, its obligations under Clauses 24 (Security) to Clause 27 (Virus and Harmful Code Protection)).

-91-


60.5
If the Service Provider
(a)
fails to comply with Clause 60.4; or
(b)
submits an Excusing Cause Notice that does not comply with any of the requirements of Clause 60.4(b),
the Service Provider shall not be excused from liability under Clause 60.2 to the extent that compliance with Clause 60.4 would have mitigated, or would have enabled Molina to mitigate, the effects of the Excusing Cause.
60.6
Where an Excusing Cause contributed to a failure by the Service Provider to meet a Milestone, the Milestone Date for that Milestone (and Molina’s obligation to make payment in respect of any Payment Milestone corresponding to that Milestone) shall be automatically extended (without the need for Agreement Change) by a period of time equal to the delay caused by the Excusing Cause (which the Parties acknowledge may not necessarily be exactly the same as the period for which the Excusing Cause itself persisted).
60.7
If an Agreement Change has been made in respect of an Excusing Cause in accordance with Schedule 9 (Change), which may include an adjustment to the Charges, the Service Provider is not entitled to any other relief in respect of that Excusing Cause except as set out in the relevant agreed Change Notice.
60.8
Where the Parties cannot agree an Agreement Change to give effect to the adjustment to the Charges, either Party shall be entitled to initiate the Fast-Track Dispute Resolution Procedure, subject to Clause 60.12 and Clause 60.13.
60.9
Where there is a dispute under Clause 60.11, the Independent Expert shall be called upon to determine, and shall provide a formal report (the “Expert Report”) specifying:
(a)
whether there is an entitlement to a change to the Charges due to an Excusing Cause; and/or
(b)
how the Charges should be adjusted based on the Excusing Cause.
60.10
The Independent Expert shall determine the matters set out in Clause 60.9 by confirming all the relevant circumstances, including having regard to the following factors:
(a)
whether there has in fact been an Excusing Cause within the meaning of Clause 60; and
(b)
if there has been an Excusing Cause, the consequence of all the Excusing Causes in the relevant month is that the Service Provider had to expend more than 160 hours of Service Provider Personnel time in additional effort to perform the Services.
60.11
If the Independent Expert determines these criteria are met, then the Service Provider shall be entitled to adjust the Charges. If an Excusing Cause results directly in any delay in the Service Provider achieving a Milestone, and that delay results directly in the Service Provider incurring additional costs which it is unable to mitigate despite having used

-92-


reasonable efforts to do so, the Service Provider shall be entitled to recover those costs from Molina. Where the Service Provider has incurred costs beyond the Delivery Credit amounts provided for above, nothing in this Clause 60.11 shall be taken as preventing the Service Provider in recovering any such amounts by way of damages in accordance with Clause 60.14.
60.12
A claim by a Party (“Claiming Party”) under this Agreement for damages shall not be defeated because of the fault of the Claiming Party suffering the damage, but the damages recoverable by the Claiming Party in respect of that claim shall be reduced to the extent that the Claiming Party is responsible for the situation giving rise to the claim.
60.13
The acts, delays, failures or omissions of Molina referred to in this Clause 60 shall be deemed to include the acts, delays, failures or omissions of members of the Molina Group.
60.14
Any sums recoverable as an Excusing Cause under the provisions of this Clause 60 (Excusing Causes) shall be counted towards the liability cap under Clause 58.4(c) (Molina’s Liability Cap) and shall be subject to the provisions of Clause 58 (Indemnification, Liability), save that the provisions of Clause 58.5(a) relating to loss of profits and loss of revenue shall not apply to the extent that the sums recoverable by the Service Provider are for additional Service Provider Personnel, which shall be charged for in accordance with Appendix 3A (Resource Rates) to Schedule 3 (Pricing and Invoicing).
61.
FORCE MAJEURE
61.1
Neither Party shall be liable to the other for any breach or delay in performance of its obligations under this Agreement (including the Service Provider’s obligation to perform the Services in accordance with the Service Levels) if and to the extent that the breach or delay is caused by a Force Majeure Event.
61.2
The failure of any Subcontractor to perform any obligation owed to Molina shall constitute a Force Majeure Event with respect to the Service Provider’s performance of the Services only if and to the extent that the failure by the Subcontractor is itself caused by a Force Majeure Event.
61.3
When a Force Majeure Event has occurred, the non-performing Party shall be excused from further performance of the obligations affected for as long as the circumstances prevail and the non-performing Party continues to use its reasonable endeavors to recommence performance whenever and to whatever extent reasonably possible. Any Party so delayed in its performance shall promptly notify the other Party, and describe at a reasonable level of detail the circumstances causing such delay.
61.4
If a Force Majeure Event causes the Service Provider to allocate limited resources between or among the Service Provider’s customers, the Service Provider shall not unreasonably place Molina in lower priority to any other similarly affected customers of the Service Provider. Except as may be required by Applicable Law, in no event shall the Service Provider redeploy or reassign any Key Personnel to another account solely as a result of the occurrence of a Force Majeure Event.

-93-


61.5
If the Service Provider is excused from the performance of the Services pursuant to this Clause 61 (Force Majeure) and, as a result, the performance of the Services is substantially prevented, hindered, degraded or delayed for more than thirty (30) consecutive days then, without limiting any other rights it may have, at any time prior to the Service Provider’s recommencement of such Services, Molina may terminate this Agreement pursuant to Clause 54.1.
61.6
Notwithstanding any other provision of this Agreement, where the provision of the Services or part thereof is prevented or affected by a Force Majeure Event, then Molina’s obligation to pay the Charges shall, to the extent to which those Charges relate to that part of the Services which is so prevented or materially affected, be reduced by such an amount as represents the smallest divisible and separately identifiable portion of the Charges as set out in Schedule 3 (Pricing and Invoicing) that relates to and fully covers the suspended Services, until the Service Provider resumes full performance of that part of the Services in accordance with the terms of this Agreement.


-94-


PART O    ASSIGNMENT AND SUBCONTRACTING
62.
ASSIGNMENT; CERTAIN SERVICE PROVIDER FINANCING ARRANGEMENTS
62.1
This Agreement will be binding upon and inure to the benefit of the Parties hereto and their respective successors and permitted assigns.
62.2
Neither Party may assign any of its rights or obligations under this Agreement, by operation of law or otherwise, without the prior written consent of the other Party, which consent will not be unreasonably withheld or delayed. Notwithstanding the foregoing, on written notice to the Service Provider, Molina may assign this Agreement to:
(a)
any Molina Company
(b)
the successor in a merger of Molina or any Molina Company in which Molina or that Molina Company is not the surviving entity;
(c)
any person that acquires Control of Molina or of any Molina Company; or
(d)
any person that acquires all or substantially all of Molina’s or any Molina Company’s assets.
63.
SUBCONTRACTING
63.1
The Service Provider shall be entitled to subcontract its obligations under this Agreement to an Approved Subcontractor without notice to Molina, but only for the specific Services and Approved Service Delivery Locations specifically listed against each of the Approved Subcontractors in Schedule 11(Approved Subcontractors).
63.2
Where an Approved Subcontractor is an Affiliate of the Service Provider and after entering into a Subcontract ceases to be an Affiliate of the Service Provider, the relevant Approved Subcontractor’s status as an Approved Subcontractor shall be automatically revoked unless the Service Provider seeks and obtains Molina’s further approval to the continuation of such Subcontract in accordance with Clause 63.3.
63.3
The Service Provider shall require the prior written approval of Molina (which will not be unreasonably withheld or delayed) to subcontract any of its obligations under this Agreement other than to Approved Subcontractors.
63.4
In relation to all proposed Subcontracts, the Service Provider shall promptly:
(a)
provide Molina with an explanation as to why the Services are required to be subcontracted and provide Molina with the reasons why a particular Subcontractor is proposed;
(b)
give Molina written details of each material amendment to any Subcontract; and
(c)
inform Molina in writing of the termination of any Subcontract.

-95-


63.5
In relation to each Subcontract to which the Service Provider is a party it shall ensure that:
(a)
the Subcontract does not include a provision which would entitle any other party to the Subcontract to terminate it, or cause its automatic termination, on or as a result of the expiry or termination (in whole or in part) of this Agreement;
(b)
the Service Provider is entitled to transfer its rights and obligations under the Subcontract to Molina or a Successor Supplier on expiry or termination (in whole or in part) of this Agreement, that no conditions are attached to such entitlement and that, following any such assignment, Molina or the Successor Supplier is entitled to make full use of the subject matter of the Subcontract for the benefit of Molina; and
(c)
except to the extent that Molina expressly agrees otherwise in writing, the Subcontract shall contain obligations of the Subcontractor which are no less onerous than those in Clauses 24 (Security), 25 (Business Continuity Management and Disaster Recovery), 26 (Major Incidents), 27 (Virus and Harmful Code Protection), 29 (Intellectual Property Rights), 30 (Confidentiality), 37 (Policies), 38 (Audit and Information Access), 39 (HR Obligations), 48 (Step-In), 50 (Service Relocation), 62 (Assignment), 63 (Subcontracting) and 64 (Disposal of a Molina Company).
63.6
The Service Provider shall at all times have in place and make full use of an effective selection and monitoring process designed to validate that the Subcontractors have sufficient quality management and control standards and procedures in place to provide reasonable assurance that they will perform and observe their obligations under the Subcontracts.
63.7
Notwithstanding the grant of any Subcontract, the Service Provider is responsible to Molina for the performance and observance of all its obligations under this Agreement and, subject to the limitation of liabilities in Clause 58 (Indemnification, Liability), for the consequences of any negligent acts or omissions of the Subcontractor arising in connection with this Agreement.
63.8
All of the obligations, prohibitions and requirements in this Agreement that are applicable to the Service Provider shall in so far as applicable to the sub-contracted Services be equally applicable to Subcontractors. The express reference to a Subcontractor in any provision of this Agreement is for emphasis only and shall not mean that the absence of an express reference to a Subcontractor in another provision means that that provision does not apply to a Subcontractor.
64.
DISPOSAL OF A MOLINA COMPANY
64.1
If Molina or any Molina Company transfers a Molina Company or any part of its business or operations that receive the Services to another entity that is not part of the Molina Group, then Molina may remove the transferred business or operations of Molina or the Molina Company from the scope of this Agreement.

-96-


64.2
The Charges in respect of the Run Services shall be adjusted in accordance with Schedule 3 (Pricing and Invoicing) to reflect removal of a Molina Company or part of the business of Molina or a Molina Company from this Agreement.
64.3
The Service Provider shall, at Molina’s cost, comply with the provisions of Schedule 8 (Termination Assistance and Exit) in relation to the removed Molina Company or business or operations.
64.4
The Service Provider shall, if requested by Molina, provide the Services to the entity that acquired the Molina Company or business or operations removed from the scope of the Agreement pursuant to this Agreement for a reasonable period designated by Molina which may be up to and including the end of the Term.
65.
THIRD PARTY ADMINISTRATION
65.1
Molina may appoint a Third Party (other than a direct competitor of the Service Provider) to administer or manage this Agreement, or to perform Molina’s obligations under this Agreement, on behalf of Molina (a “Third Party Manager”), and the Service Provider shall provide all cooperation and assistance reasonably required by Molina to allow that Third Party Manager to administer or manage this Agreement, or perform Molina’s obligations under this Agreement, as appropriate, provided that this does not materially increase the Service Provider’s costs of providing the Services and provided that Molina provides reasonable (and, in any event, not less than thirty (30) Business Days) prior written notice to the Service Provider of the appointment of the Third Party Manager, including reasonable details of the scope of the Third Party Manager’s authority as Molina’s manager.
65.2
Molina shall at all times remain responsible for the performance of its obligations and liabilities under this Agreement and for the acts or omissions of any Third Party Manager, and shall not in any event take the position that an act or omission of such Third Party was outside the scope of its authority.
65.3
The Service Provider shall, at Molina’s request, enter into an Agreed Form NDA with each Third Party Manager.
65.4
Molina shall, at the Service Provider’s request, ensure that each Third Party Manager enters into an Agreed Form NDA with the Service Provider.
65.5
Molina shall disclose to each Third Party Manager only such of the Service Provider’s Confidential Information as is reasonably necessary for that Third Party Manager to perform its functions in administering or managing this Agreement.


-97-


PART P    MISCELLANEOUS PROVISIONS
66.
FURTHER ASSURANCE
66.1
The Service Provider and Molina shall each, to the extent that it is reasonably able to do so and at the other Party’s cost, execute all documents and do all acts and things reasonably required by the other Party to give effect to the terms of this Agreement and the Service Provider shall procure that the Subcontractors do so.
66.2
Throughout the Term, the Service Provider shall ensure that each Key Person and other of its, and its Subcontractors’, employees as may be required by Molina execute such agreements, acknowledgements or undertakings as is required by Applicable Law.
67.
THIRD PARTY BENEFICIARIES
This Agreement is for the sole benefit of the Parties and their permitted assigns and each Party intends that this Agreement shall not benefit, or create any right or cause of action in or on behalf of, any person or entity other than the Parties and their permitted assigns.
68.
NOTICES
68.1
A notice under or in connection with this Agreement shall be in writing, in English and delivered personally or sent by registered first class post (and registered air mail if overseas) or sent by facsimile to the Party due to receive the notice to the address specified in Clause 68.2 and marked for the attention of the representative of the receiving Party specified in Clause 68.4.
68.2
The address referred to in Clause 68.1 is:
(a)
in the case of notices to Molina to:
Molina Healthcare, Inc.
Chief Legal Officer
300 University Avenue, Suite 100
Sacramento, CA 95825
With a copy to:
Molina Healthcare, Inc.
Chief Information Officer
200 E. Oceangate, Suite 100
Long Beach, CA 90802
(b)
in the case of notices to the Service Provider to:
General Counsel
Infosys Ltd
2400 N Glenville Dr
Richardson, TX 75082

-98-


With a copy to:
Michael [redacted]
AVP & Group Manager, Client Services
2400 N Glenville Dr
Richardson, TX 75082
68.3
Unless there is evidence that it was received earlier, a notice under this Agreement is deemed given:
(a)
if delivered personally, when left at the address referred to in Clause 68.2;
(b)
if sent by mail other than air mail, two Business Days after it is posted;
(c)
if sent by air mail, five Business Days after it is posted; and
(d)
if sent by facsimile, at the time of sending provided that the sender’s facsimile machine provides confirmation of error-free transmission to the correct number.
68.4
The representative for each Party is as follows:
(a)
for (1) a notice to terminate this Agreement or a Project Work Order, in each case whether in whole or in part; (2) a notice that the sending Party is seeking or intends to seek a remedy or order from a court or other tribunal; (3) a notice that the sending Party is making or intends to make a claim under any indemnity; (4) a Step-In Notice or a notice by Molina exercising its rights under Clause 49 (Enhanced Co–Operation); or (5) a notice alleging a breach of this Agreement or a Project Work Order by the receiving Party or a member of its Group:
(i)
Chief Legal Officer (with a copy to the Chief Information Officer) (if the receiving Party is Molina); and
(ii)
General Counsel (with a copy to AVP & Group Manager, Client Services) (if the receiving Party is the Service Provider);
(b)
for a notice that Schedule 7 (Governance) provides should be sent to a particular representative of the receiving Party, that representative; and
(c)
for all other notices:
(i)
Chief Information Officer (with a copy to the Chief Legal Officer) (if the receiving Party is Molina); and
(ii)
Michael [redacted] (with a copy to General Counsel) (if the receiving Party is the Service Provider).
68.5
Either Party may change its representative for the purposes of Clauses 68.4(a), 68.4(b) or 68.4(c) by notifying that representative’s counterpart under Clause 68.4. Either Party may change its address for the purposes of Clause 68.2 in accordance with Clause 68.4(c).


-99-


69.
ENTIRE AGREEMENT
69.1
This Agreement, and any other documents incorporated into this Agreement, constitutes the entire understanding between the Parties with respect to its subject matter, and supersedes all prior proposals, marketing materials, negotiations, representations (whether negligently or innocently made), agreements and other written or oral communications between the Parties with respect to the subject matter of this Agreement.
70.
WAIVER
70.1
A failure to exercise or delay in exercising a right or remedy provided by this Agreement or by law does not constitute a waiver of the right or remedy or a waiver of other rights or remedies.
70.2
No single or partial exercise of a right or remedy provided by this Agreement or by law prevents a further exercise of the right or remedy or the exercise of another right or remedy.
70.3
No waiver of any breach of this Agreement, and no course of dealing between the Parties, will be construed as a waiver of any subsequent breach of this Agreement.
70.4
Except where otherwise explicitly agreed, all remedies in this Agreement are cumulative and not exclusive of any other remedy or right in this Agreement or at Law or in equity.
70.5
Where there is a failure or delay by the Service Provider to meet any Milestone or any other obligation where a time period is stipulated and Molina does not exercise its rights in a timely manner then any delay in enforcing its rights shall not constitute a waiver of rights by Molina. If the Service Provider has not met a Milestone or time related obligation and Molina has not exercised its rights in a timely manner, then Molina does not need to issue any notice other than any notice stipulated in this Agreement prior to enforcing its available remedies.
70.6
Without prejudice to the generality of Clauses 70.1 to 70.5, the Service Provider accepts and agrees that:
(a)
because the continued and uninterrupted provision of the Services is of importance to Molina, Molina may elect not to exercise its rights or remedies provided by this Agreement or by law immediately upon those rights or remedies becoming exercisable, and may continue to pay the Charges and/or attempt to negotiate an agreement, arrangement, settlement or compromise with the Service Provider in circumstances where those rights or remedies are exercisable;
(b)
the Service Provider shall not be entitled to claim that, by reason of such delay in exercising its rights or remedies, continued payment or attempted negotiation, Molina is prevented from exercising any of its rights or remedies provided by this Agreement or by law (whether based on waiver, estoppel, laches or any other legal principle or theory) provided that the foregoing shall not be construed as a waiver; and

-100-


(c)
in circumstances where the Service Provider fails to perform any obligation under this Agreement, the acceptance by Molina of different, partial or late performance of that obligation, or the agreement by Molina to any plan for the remedy of that failure, shall not prejudice any of Molina’s rights or remedies provided by this Agreement or by law in respect of that failure (whether based on waiver, estoppel, laches or any other legal principle or theory) or an express or implied election by Molina to affirm this Agreement.
71.
NO PARTNERSHIP
No provision of this Agreement creates a partnership between the Parties or makes a Party the agent of another Party for any purpose. Neither the Service Provider nor Molina has any authority to bind, to contract in the name of or to create a liability for such other Party in any way or for any purpose. No Service Provider personnel shall obtain the status of or otherwise be considered a Molina employee by virtue of their activities under this Agreement. The rights and obligations of Molina under this Agreement may be exercised or performed by one or more Molina Company.
72.
SEVERABILITY
72.1
The provisions contained in each Clause of and Schedule to this Agreement are enforceable independently of each other and the validity of this Agreement will not be affected if any Clause of or Schedule to this Agreement (or part thereof) is invalid or otherwise unenforceable.
72.2
If a Clause of or Schedule to this Agreement (or any part thereof) is void, but would be enforceable if any part of the provision was deleted, the provision in question will apply with such deletion, but only to the extent that the meaning of the provision is not altered by that deletion.
73.
COUNTERPARTS
This Agreement may be executed in any number of counterparts, each of which when executed and delivered is an original, but all the counterparts together constitute the same document.
74.
DISPUTE RESOLUTION AND DISPUTE MANAGEMENT
74.1
Subject to Clause 74.2, Schedule 7 (Governance) shall apply to any dispute, controversy, claim or proceeding arising out of or in connection with this Agreement (a “Dispute”) and the Parties shall have the rights and obligations relating to dispute resolution and management as set out in Schedule 7 (Governance).
74.2
There are separate and specific dispute resolution provisions in Schedule 9 (Change) that deal with failures to agree certain aspects of Agreement Change.
74.3
Any provision of this Agreement which requires one Party to provide information to the other Party shall apply to any given information, notwithstanding that that information may

-101-


be pertinent to an actual or potential Dispute or prejudicial to either Party’s position in any actual or potential Dispute or otherwise. Neither Party shall be entitled to withhold or delay the provision of such information on the grounds that it is pertinent to an actual or potential Dispute or prejudicial to either Party’s position in any actual or potential Dispute or otherwise. This Clause 74.3 shall not be construed as a Party’s waiving its protections under attorney-client privilege or the attorney work product doctrine under Applicable Law.
74.4
If either Party brings any claim against the other in which fraud is not pleaded, and the pleading Party subsequently discovers evidence that suggests fraud on the part of the other Party (or in the case of the Service Provider, its Subcontractors), the pleading Party shall be entitled to amend its pleadings accordingly and the other Party may not argue that the pleading Party is not so entitled.
75.
GOVERNING LAW AND JURISDICTION
75.1
This Agreement is governed by, construed in accordance with, and enforced under the substantive Law of the State of New York, without giving any effect to any contrary choice of law or conflict of law provision or rule (whether of the State of New York or any other jurisdiction). Any claim or action brought by a Party in connection with this Agreement, or any part hereof, will be brought in the appropriate federal or state court located in the State of New York, New York County, and the Parties irrevocably consent to the exclusive jurisdiction of such courts. The United Nations Convention on Contracts for the International Sale of Goods and New York conflict of Law rules do not apply to this Agreement or its subject matter. In any action relating to this Agreement, each of the Parties irrevocably waives the right to trial by jury.
75.2
Either Party may refer any Judgment Payment Dispute relating to this Agreement for binding arbitration conducted by a single arbitrator in accordance with the AAA Commercial Arbitration Rules, then in effect, in Long Beach, California. The parties shall conduct a mandatory settlement conference at the initiation of arbitration, to be administered by AAA. The arbitrator shall have no authority to award damages or provide a remedy that would not be available to such prevailing party in a court of law or award punitive damages. The arbitrator shall have no authority to review the basis for or the substantive merits of the Judgment Payment Dispute, and the arbitrator’s purview shall instead be limited to the enforcement of the Judgement Payment Dispute. Each Party shall bear its own costs and expenses in connection with such arbitration, including attorneys’ fees, and the Parties shall equally bear the arbitrator’s fees and expenses. The Parties agree to accept any decision by the arbitrator as a final determination of the matter in dispute, and judgment on the award rendered by the arbitrator may be entered in any court having jurisdiction.

-102-



EXECUTED BY THE PARTIES:
EXECUTED by    )
MOLINA HEALTHCARE, INC.    )
)
through its duly authorized person,    )
)
)
Signature: ____________________________    )
Name: _______________________________    )
Title: ________________________________    )
    
EXECUTED by    )
INFOSYS LIMITED    )
)
through its duly authorized person,    )
)
)
Signature: ____________________________    )
Name: _______________________________    )
Title: ________________________________    )


-103-



 
 
 
SCHEDULE 1

DEFINITIONS AND INTERPRETATION
 
 
 




1.
DEFINITIONS AND INTERPRETATION
1.1
In the Agreement capitalized terms shall have the meaning given to them in this Schedule 1 (Definitions and Interpretation) and as otherwise determined in the Agreement.
2.
IN THE AGREEMENT (UNLESS THE CONTEXT REQUIRES OTHERWISE):
2.1
the words "including", "include", "for example", "in particular" and words of similar effect shall not be deemed to limit the general effect of the words which precede them and "including", "include" and "for example" shall be continued to have the words "but not limited to" following them;
2.2
reference to any agreement, contract, document or deed shall be construed as a reference to it as varied, supplemented or novated from time to time;
2.3
reference to a party shall be construed to include its successors and permitted assigns or transferees;
2.4
words importing persons shall include natural persons, bodies corporate, un incorporated associations and partnerships (whether or not any of them have separate legal personality);
2.5
words importing the singular shall include the plural and vice versa;
2.6
words importing any one gender shall include other genders;
2.7
the headings, index and front sheet are all for reference only and shall be ignored when construing the Agreement;
2.8
references to a clause, schedule, paragraph or appendix are references to the clause, schedule, paragraph or appendix of, or to, the Agreement;
2.9
reference to any legislative provision shall be deemed to include any statutory instrument, by law, regulation, rule, subordinate or delegated legislation or order and rules and regulations which are made under it and any subsequent re-enactment or amendment of the same;
2.10
if this Agreement is translated and there is any conflict, ambiguity or inconsistency between the English language version and the translated version, then the English version shall prevail;
2.11
if there is any conflict, ambiguity or inconsistency between the parts of the Agreement, then the following order of precedence shall apply and the document higher in the order of precedence will prevail and represent the binding obligation of the Parties:
(a)
the clauses;
(b)
the schedules;
(c)
the appendices; and

-1-

(d)
the annexes.
2.12
If there is a conflict or inconsistency between any provision of this Agreement and any provision of a Project Work Order, the provision of this Agreement shall prevail. A variation of the terms of this Agreement as they apply to any Project Work Order, properly made in accordance with Clause 13.3(f), is not a conflict or inconsistency for the purposes of this paragraph 2.12.
2.13
If there is a conflict or inconsistency between any provision of Schedule 21 (Service Provider Technical Solution) and any other provision or any document incorporated into or attached to this Agreement (including any provision of any other Schedule), that other provision will prevail and represent the binding obligation on the Parties.
2.14
No provision of Schedule 21 (Service Provider Technical Solution) shall in any way affect the interpretation of any other provision of this Agreement, and no obligation of the Service Provider under any other provision of this Agreement shall be interpreted having regard to any provision of Schedule 21 (Service Provider Technical Solution).
2.15
"person" includes any individual, corporation, partnership, firm, joint venture (whether incorporated or not), trust, government or governmental body, authority, agency or unincorporated organization or association of persons;
2.16
an obligation to "procure" a result shall mean that the result a Party is required to procure shall be achieved;
2.17
"day", "month" and "year" means a calendar day, a calendar month and a calendar year, respectively
2.18
a restriction or obligation on the Service Provider is to be construed so as to require the Service Provider to abide by the restriction or comply with the obligation and procure that all Service Provider Personnel and Subcontractors do likewise;
2.19
the Service Provider "remedying" a breach or default, or a breach or default being "remedied" means that the Service Provider must:
(a)
correct all technical, procedural and management errors and failings (other than those errors or failings of Molina or its Third Party contractors, but excluding any member of the Service Provider Group or any Subcontractor or any of their respective Third Party contractors) that caused or contributed to the breach or default, so that any similar breach or default will not occur in the future; and
(b)
restore the affected services or activities (other than those for which the Service Provider has no responsibility under this Agreement) so that they are provided or performed in all respects in accordance with this Agreement;
2.20
the Service Provider having to keep, maintain, store or hold information, Data, records or Materials under this Agreement without a reference to the length of time for which it must be kept, maintained, stored or held is an obligation to keep, maintain, store or hold that information, Data, records or Materials for seven (7) years from the later of the date of its creation or the date it is processed, stored or transmitted under this Agreement;

-2-

2.21
a material breach of this agreement includes an anticipatory breach (as that term is defined at common law) which would, if the breach that is anticipated occurred, be a material breach; and
2.22
"24x7x365" means 24 hours a day, 365 days a year (or 366 days in a leap year), that is to say, at all times.
2.23
Whether one Project Work Order is "Linked" to another Project Work Order shall be determined in accordance with Clause 13.5.
2.24
A reference in this Agreement to this Agreement includes each Project Work Order unless the context requires otherwise, but this does not apply to references to the termination of this Agreement or any right of either Party to terminate this Agreement.
2.25
An obligation to take "Appropriate Actions" to achieve any result is an obligation to take such actions as a party acting in a determined, prudent and reasonable manner would take to achieve that result if it were in that party's own interests to achieve that result, taking into account all relevant circumstances and the cost of taking a particular action.
2.26
The headings in this Agreement and the names given to defined terms are for convenience only, and do not affect the interpretation of this Agreement.
2.27
All documents, notices, correspondence and information required to be produced under this Agreement shall be in English, unless this Agreement expressly provides otherwise.
2.28
If there is any discrepancy between an English language word or series of words and a word or series of words used in any other language relating to the same subject matter, then, to the extent of such discrepancy only, the meaning of the English language word or series of words shall prevail.
2.29
All words and phrases used in this Agreement (whether capitalized or not) shall bear their ordinary meaning unless they are defined as having a particular meaning or required to be construed in a particular manner.
2.30
Each of the conditions, terms, representations and warranties in this Agreement are to be construed independently of the others.
2.31
The inclusion of provisions in the Agreement stating that a particular obligation must be performed at no cost or no charge to Molina (or similar words) should not be taken to conclusively mean that other obligations without similar wording are necessarily subject to additional charges.
2.32
The actions and omissions of the employees, agents, contractors, officers, or attorneys of the Service Provider or a Subcontractor shall be deemed to be the actions of the Service Provider or the Subcontractor as the case may be (and in the case of the Subcontractor the Service Provider shall be liable to Molina for such actions or omissions), and the Service Provider shall be vicariously liable for all such actions and omissions, irrespective of whether:
(a)
the Service Provider or Subcontractor authorized the actions or omissions; or

-3-

(b)
the actions or omissions were willful, deliberate, illegal or fraudulent in connection with the performance of the Services; or
(c)
the actions or omissions were in contravention of instructions.
2.33
The actions and omissions of the employees, agents, contractors, officers, or attorneys of Molina shall be deemed to be the actions of Molina, and Molina shall be vicariously liable for all such actions and omissions, irrespective of whether:
(a)
Molina authorized the actions or omissions; or
(b)
the actions or omissions were willful, deliberate, illegal or fraudulent in connection with the receipt of the Services; or
(c)
the actions or omissions were in contravention of instructions.
2.34
Where a provision of this Agreement requires Molina or the Service Provider to procure, ensure or cause the performance of an obligation under a Project Work Order by a Molina Company or a Service Provider Company, or a contractor or agent of Molina, the Service Provider, a Molina Company or a Service Provider Company:
(a)
the obligation to so procure, ensure or cause the performance of such obligation shall not be discharged by any amendment or variation to the Project Work Order, or any waiver, forbearance, relaxation, indulgence or delay by either party under the Project Work Order;
(b)
the Party obligated to so procure, ensure or cause the performance of such obligation shall remain the primary obligor with respect to procuring, ensuring or causing the performance of such obligation; and
(c)
to the extent that any such obligation is amended or varied from time to time, the obligation of Molina or the Service Provider, as the case may be, to procure, ensure or cause the performance of such obligation by such Molina Company or Service Provider Company shall extend to such amended or varied obligation.
3.
IN THIS AGREEMENT
"Acceptance" means that Molina confirms in writing via a Milestone Acceptance Certificate, that the Acceptance Criteria has been fully satisfied in respect of the relevant Acceptance Tests and "Accept" and "Accepted" shall be construed accordingly;
"Achieved", in respect of a Milestone, means that all of the Deliverables corresponding to that Milestone have been Passed and "Achievement" shall be construed accordingly;
"AD Service Provider" means each Other Service Provider that carries out development (including Modification) and/or integration of Software for Molina or any other Molina Company from time to time;
"Affected Services" means the identified Services influenced or touched by an external factor;

-4-

"Affiliate" means, in relation to a Party, each entity that it Controls or is under common Control with that Party;
"Agreed Cost Standards" means the standards specified in Schedule 3 (Pricing and Invoicing), which are to be applied to any proposed Charge Adjustment, Benchmarking Adjustments and/or one-off fees resulting from an Agreement Change during the Term;
"Agreed Form Non-Disclosure Agreement" or "Agreed Form NDA" means an agreement in the form of Schedule 19 (Agreed Form Non-Disclosure Agreement);
"Agreed Interest Rate" is the rate of [redacted];
"Agreement" means these terms and conditions of this Master Services Agreement which include the recitals, the attached schedules, appendices and annexes, together with any Statements of Work or Project Work Orders and any incorporated documents (and, as the context requires, shall include the same as they are incorporated into a Statement of Work or Project Work Order in conjunction with the terms of such Statement of Work or Project Work Order);
"Agreement Change" means an MSA Change or a Project Change including any of the Schedules and the Appendices to the Schedules, or any other document incorporated into this Agreement or any Project Work Order, but does not include any change to any of the Policies (the term "Change" shall have the same meaning);
"Aggregated Amount Invoiced" has the meaning given in Schedule 3 (Pricing and Invoicing);
"Agile Delivery Model" refers to the Agile software development methodology;
"Allocation" means the amount or portion of a resource assigned to a recipient;
"Allocation of Pool Percentage" means the portion of the Pool Percentage Available for Allocation allocated to a given Service Level in Appendix 3-A (Service Level Matrix);
"AM Service Provider" means each Other Service Provider that carries out the maintenance, management and/or operation of Software for Molina or any other Molina Company from time to time;
"Analysis" means the detailed examination of the elements or structure of something complex to understand its nature or to determine its essential features;
"Annual Invoice" means the annual Charges accrued in each Contract Year;
"Applicable Law" means:
(a)
laws, rules, regulations, regulatory guidance and regulatory requirements; and
(b)
any form of secondary legislation, resolution, policy, guideline, concession or case law of the relevant jurisdiction having the force of law;
in each case, that are relevant to the provision, receipt or use of the Services;

-5-

"Application" means any Software whether owned by or licensed to Molina, including associated configuration and parameterization and all associated data created or processed by such Software;
"Approved Service Delivery Locations" means the locations (including the locations of a Subcontractor) approved by Molina for delivery of the Services and listed in Schedule 10 (Approved Service Delivery Locations) from time to time;
"Approved Subcontractors" means those Subcontractors listed in Schedule 11 (Approved Subcontractors);
"Asserted Tax Liability" has the meaning given in Clause 43.5(b);
"Assets" means Software, Systems, Materials and all other assets that are involved in the delivery of the Services or otherwise used in relation to this Agreement;
"Asset Register" means the register of the Intellectual Property Rights, systems and other assets used by the Service Provider to provide the Services and perform its obligations under the Agreement;
"Asset Transfer Expenses" has the meaning given in Schedule 3 (Pricing and Invoicing);
"Assumption" means a statement of fact on which the provision of the Services, including the Deliverables, under a Project Work Order is dependent, as set out in that Project Work Order;
"At Risk Amount" means the [redacted];
At Risk Percentage” has the meaning given in Schedule 6 (Service Levels and Service Credits);
"Authorized User" means a user of Services within and outside of Molina, including but not limited to Molina Healthcare, Third Parties, customers, contractors, Molina divested entities, and joint ventures;
"Authorized Persons" means, in relation to either Party, any director, officer, employee, representative or professional adviser (such as lawyers, accountants and consultants) of a Party (or in the case of Molina, of a Molina Company, and in the case of Service Provider, a Service Provider Company), to whom disclosure of Confidential Information is necessary to fulfil the Permitted Purpose and in relation to professional advisers only those who have entered into agreements containing confidentiality terms no less stringent than those set out in this Agreement or are subject to professional obligations no less stringent than those in this Agreement;
"Average Amount" has the meaning given within Schedule 6 (Service Levels and Service Credits);
"Baselines" has the meaning given in Schedule 3 (Pricing and Invoicing);

-6-

"Baseline Unit" means the benchmark that is used as a foundation for measuring or comparing current and past values as it relates to the Services;
"Baselining Period" has the meaning given to it in Paragraph 9 of Schedule 6 (Service Levels and Service Credits);
"BAU Personnel" means Service Provider Personnel who are not part of the Service Provider's Incident Response Team and who are involved in the provision of the Services on a day–to–day basis;
"BCP/DR Plan" means the business continuity and disaster recovery plan set out in or required by Schedule 23 ;
"Benchmarking Threshold" an amount, as determined on a Service Bundle by Service Bundle basis, that is [redacted].
"Benchmarking Adjustment" means a reduction in the Charges in accordance with paragraph 9 of Schedule 5 (Benchmarking);
"Benchmarking Process" has the meaning given in paragraph 3.1 of Schedule 5 (Benchmarking);
"Benchmarking Termination Fee" means [redacted] of the fee that would be payable by Molina as a Termination for Convenience fee had Molina terminated pursuant to Clause 55 (Termination for Convenience) of the Agreement;
"Business Continuity Plan" means the BC/DR Plan;
"Business Days" means those days deemed by Molina to be standard working days according to Molina's business operations and designated holidays both globally and within a given jurisdiction (e.g., Region, country, city). For the avoidance of doubt, weekends, public holidays, and Service Provider-designated holidays shall not be considered Business Days unless otherwise designated by Molina;
"Change Control Process" means the process for agreeing Agreement Changes, as described in Schedule 9 (Change); (the term "Change Procedure" shall have the same meaning);
"Change Management" means the process for controlling the lifecycle of all changes to Applications, reports, contractual documents, and any other Services, Deliverables, or work products under this Agreement. The primary objective of Change Management is to enable beneficial changes to be made, with minimum disruption to IT services and Applications in accordance with the Molina Change Management policy;
"Change Notice" means the formal record of an Agreement Change constituting the complete statement of the required amendment to this Agreement or a Project Work Order, and Charge Adjustments or one-off fees or any combination of the two relating to this Agreement or Project Work Order, which, in the case of an MSA Change shall be in substantially the same form as the template contained at Appendix 9C (Change Notice) to

-7-

Schedule 9 (Change), and in the case of a Project Change, shall be a Project Change Request that is executed by both Parties and that attaches a conformed copy of the relevant Project Work Order;
"Change of Control" means a change in Control of the Service Provider, other than a listing on a recognized stock exchange;
"Change Request" or "CR" has the meaning given in paragraph 6.2 of Schedule 9 (Change);
"Change Start Date" means the date on which an Agreement Change takes effect;
"Charge Adjustment" means an increase or decrease to the Charges, an additional Charge, a one-off fee or the removal of an existing Charge, in accordance with the Change Control Process;
"Charge Deductions" means Service Credits, and Delivery Credits;
"Charges" means the charges set out in and/or calculated pursuant to Schedule 3 (Pricing and Invoicing);
"Charges Commencement Date" means, in respect of each Service, the date on which the Service Provider is entitled to commence issuing Official Invoices in respect of such Service, as set out in Appendix 3-A of Schedule 3 (Pricing and Invoicing);
"Claim" means any demand, or any civil, criminal, administrative, or investigative claim, action, or proceeding (including arbitration), or any allegation, in each case, made, asserted, commenced or threatened by a third party, including any demand, or any civil, criminal, administrative or investigative claim, action, proceeding, or any allegation made, asserted, commenced or threatened by any Regulatory Authority;
"Claiming Party" has the meaning given in Clause 60.12;
"Co-Location Data Centers" means a data center facility in which a business can rent space for servers and other computing hardware and where the building, cooling, power, bandwidth, and physical security are provided;
"Compute Capacity" means the physical or logical allocation of storage or processing power;
"Confidential Information" means this Agreement and all information of a confidential nature that is marked with a restrictive legend of the disclosing Party (or a member of its Group), or that is clearly identified as confidential at the time of disclosure, or that is manifestly of a confidential nature, disclosed (by whatever means, directly or indirectly) by either Party (or the disclosing Party's subcontractors, agents, consultants or employees) to the other Party (or that receiving Party's subcontractors, agents, consultants or employees) and which relates to the disclosing Party's (or any member of its Group's) business, including any information of a confidential nature relating to the products, operations, processes,

-8-

plans, intentions, product information, market opportunities or business affairs of the Party making the disclosure or its contractors, suppliers, customers, clients or other contacts;
"Configuration Management Database" means a repository that acts as a data warehouse for information technology installations and that holds data relating to the configuration of IT assets;
"Consents" means all approvals, consents, licenses, permissions and authorizations required from any government or similar body or any regulatory authority;
"Consultants" has the meaning given in Clause 49.1;
"Continuous Process Improvement" means the ongoing effort to improve products, services, or processes;
"Contract Year" means the period starting on the Effective Date and ending on the first anniversary of that date, and each successive period of twelve (12) months thereafter;
"Control" means the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of a Party, whether through the ownership of voting securities, by contract, or otherwise, and "Controls" and "Controlled" shall be construed accordingly;
"Controlled Items" has the meaning given in Clause 8.11(a);
"Controls Audit Report" has the meaning given in Clause 38.13
"Converged IT" means grouped information technology (IT) components in a single, optimized computing package, including servers, data storage devices, networking equipment and software for IT infrastructure management, automation, and orchestration;
"Critical Service Levels" or "CSLs" means the Service Levels identified as such in Schedule 6 (Service Levels and Service Credits) or any Local Agreement or Services Order;
"Core Working Hours" means the hours that the Service Provider is expected to provide support and availability to Molina counterparts
"Customer" means the person or organization that buys or received goods or services from Molina;
"Customer Precise Equipment" means a telephone, terminal, router or associated equipment located at Molina premises connected with carrier's telecommunication circuits;
"Customized Software Deliverable" has the meaning given in Clause 16.2;
"Data" means Molina Data and Service Provider Data;
"Data Definition Language" means a syntax similar to a computer programming language for defining data structures, especially database schemas;

-9-

"Data Enrichment" means the method of preparing data so that it is ready for analysis and exploitation;
"Data Network" means a digital telecommunications network which allows access points (nodes) to share resources and data through data switching, system control, and interconnection transmission;
"Data Protection Laws" has the meaning given in Clause 34.1(a);
"Debugging" means the process of finding and resolving defects or problems within a computer program that prevent correct operation of computer software or a system;
"Dedicated Equipment" means the Assets used by the Service Provider to perform the Terminating Services and for no other purpose;
"Default" means, in relation to this Agreement, any act, statement or omission on the part of the Party in breach of this Agreement or any tortious act or omission in connection with, or in relation to, the subject matter of a transaction under this Agreement in respect of which the Party in breach is liable to the other in contract or the Party that committed the tortious act is liable to the other in tort.
"Delay Payments" means payments due from the Service Provider to Molina pursuant to Schedule 4 (Transition and Transformation) and/or as set out in any Services Order or Local Agreement;
"Deliverable" means each System, document or other item or deliverable that the Service Provider delivers or is required to deliver under this Agreement, a Project Work Order or Transition Project, and includes any such System, document or other item or deliverable that is a Modified form or a derivative work of, or that incorporates, an Input Deliverable;
"Delivery Credit Milestone" means any Transition Milestones which, if the Service Provider fails to achieve it, will result in the payment of Delivery Credits by the Service Provider as set out in Schedule 4 (Transition and Transformation);
"Delivery Credits" means credits against the amounts that must be paid or credited to Molina by the Service Provider if the Service Provider fails to meet a Delivery Credit Milestone in accordance with, as applicable, Schedule 4 (Transition and Transformation) or the applicable Project Work Order;
"Delivery Date" means the date on which a Deliverable is required to be delivered to Molina by the Service Provider, as set out in, as applicable, Schedule 4 (Transition and Transformation) or the applicable Project Work Order;
"Deployment Plan" means the plan that defines the sequence of steps or activities that must be carried out to execute change in the target environment;
"Depot Services" means the services performed on end user devices requiring exchange, repair, shipping, receiving, or storage as detailed within Exhibit 2-C (End User Services);

-10-

"Disaster" means an unplanned event affecting services or Systems which prevents Molina from providing critical business functions, and the resulting interruption is causing or is likely to cause: material financial losses to any Molina Company; legal or regulatory compliance failure; and/or loss of life or creation of patient safety risks;
Disaster Recovery” means the documented processes, or set of technical procedures, to Recover the impacted part of the Systems, following a Disaster, and includes the Restoration of:
(a)
Services, so that they are provided in accordance with all Molina requirements specified in this Agreement; and
(b)
Systems so that they are provided in accordance with all applicable specifications;
"Disaster Recovery Plan" means a BCP/DR Plan;
"Disaster Recovery Services Management" means the management of the delivery of Services as they relate to Disaster Recovery;
"Disclosing Party" has the meaning given in Clause 30.1;
"Dispute" has the meaning given in Clause 74.1;
"Dispute Resolution Procedure" has the meaning given in Schedule 7 (Governance);
"Divested Affiliate" means any entity that was a member of Molina's Group as at the Commencement Date but which ceases to be a member of Molina's Group at any time during the Term;
"Due Date" has the meaning given within Schedule 3 (Pricing and Invoicing);
"Effective Date" means the date that this Agreement was entered into;
"Embedded Service Provider IP" means any Service Provider IP that is incorporated within a Deliverable;
"Emergency Software" or "Patches" means releases that contain files to a small number of urgent problems;
"End User" means, in respect of any Service, the employees, officers, agents and contractors of a Molina Company or of an External User;
"Endpoint Encryption Services" means the services used to encrypt the end user devices in order to protect the data and ensure regulatory compliance;
"Enhancements" means changes or additions, other than New Versions or Modifications, to the Software (or any constituent parts thereof) that improve or add new functions;
"Equipment" means any and all computing, networking and communications equipment procured, provided, operated, supported, or used by a party or its Personnel or users in connection with the Services, including:

-11-

(a)
mainframe, midrange, server and distributed computing equipment and associated attachments, features, accessories, peripheral devices, and cabling;
(b)
personal computers, laptop computers, terminals, workstations, personal data devices and associated attachments, features, accessories, printers, multi-functional printers, peripheral or network devices, and cabling; and
(c)
voice, data, video and wireless telecommunications, network and monitoring equipment and associated attachments, features, accessories, peripheral devices, cell phones and cabling;
"Excusing Cause" has the meaning given in Clause 60.2;
"Existing Service Provider" means an entity providing services to be substituted by all or part of the Services;
"Exit Criteria" means the criteria to be satisfied to demonstrate that the Acceptance Tests have been successful completed;
"Exit Milestone" means a state of affairs as described in the Exit Plan;
"Exit Milestone Date" means the date by which the associated Exit Milestone must have been achieved, as specified in the Exit Plan;
"Exit Period" has the meaning given in Schedule 8 (Termination Assistance and Exit);
"Exit Plan" means each plan that the Service Provider is required to make available and maintain under Schedule 8 (Termination Assistance and Exit);
"Expected Service Level Target" means the higher performance requirement of Service Provider as detailed within Schedule 6 (Service Levels and Service Credits);
"Expiry Date" means the Initial Expiry Date or, if this Agreement is extended in accordance with Clause 4 (Extension of the Term), the date set out in the most recent Renewal Notice from time to time;
"Extended Term" has the meaning given in Clause 4.3;
"External Users" means any third party with whom Molina has a research, marketing or development or collaboration or supply relationship (that is related to the core business of Molina) that is not a Molina Company and that Molina nominates to receive any of the Services;
"Facilities" or "Facility" means all Approved Locations;
"Fail" means that a Deliverable has not Passed, and "Failed" shall be interpreted accordingly;
"Fair Market Price" means the median of the market range of prices for services against which the Benchmarker compares the Benchmarked Services;

-12-

"FDA" means the U.S. Food and Drug Administration;
"Financial Responsibility Matrix" has the meaning given in Schedule 3 (Pricing and Invoicing);
"Final Milestone" means the final Milestone under a Project Work Order;
"Final Payment Milestone" means the final Payment Milestone under a Project Work Order;
"Final Transition Milestone" means the Milestone labeled as such in Schedule 4 (Transition and Transformation) or the Detailed Transition Plan;
"First Call Resolution" means properly addressing the end user's need the first time they call, thereby eliminating the need for the end user to follow up with a second call;
"First Go Live Date" means the first date the Service Provider assumes operational responsibility for the performance of the Services.
"Fixed Fee" means those Charges that are set at a fixed and defined amount and are not subject to adjustment except as otherwise specified in Schedule 3 (Pricing and Invoicing) or a Work Order under the Agreement;
"Flexible Asset Resource Unit" means the units of measurement for the delivery of resources applicable to the Services which is only for provision of any Equipment, Software, systems or other commodities and appliances for which distinct volumes are measured and charging rates or other charging mechanisms apply. The particular Resource Units applicable under the Agreement shall be set forth in Schedule 3 (Pricing and Invoicing) of the Agreement;
"Force Majeure Event" means:
(a)
fire, flood, earthquake, tsunami, element of nature or act of God;
(b)
war, explosion, acts or threatened acts of terrorism, riot, civil disorder, rebellion or revolution;
(c)
epidemic or pandemic directly affecting a Party's personnel;
(d)
actions of government that prevent a Party from performing its obligations, or transport or communication services or energy supply within a country becoming generally unavailable for reasons outside the Party's control,
but in each case only if and to the extent that the non-performing Party is without fault in causing the breach or delay, and the breach or delay could not have been prevented without unreasonable expense by reasonable precautions and measures and cannot reasonably be circumvented by the non-performing Party at its expense through the use of alternate sources, work around plans or other means. A strike or other employment dispute of either Party's personnel that affects only such Party's employees shall not be deemed a Force Majeure Event for that Party;

-13-

"FTE" means full time equivalent;
"Function-as-a-Service" or "FaaS" means a category of cloud computing services that provides a platform allowing customers to develop, run, and manage application functionalities without the complexity of building and maintaining the infrastructure typically associated with developing and launching an application;
"Go Live" means assumption by the Service Provider of operational responsibility for the performance of the Services;
"Go Live Date" means a date on which the Service Provider actually assumes operational responsibility for the performance of the Services;
"Go Live Milestone" means a Milestone by which the Service Provider is to Go Live, as specified in Schedule 4 (Transition and Transformation) or any Services Order;
"Good Industry Practice" means in respect of each individual Service that level of skill, care, prudence, judgment, foresight, integrity and diligence that would be reasonably expected of a global market leading provider of services similar to the Services;
"Governance Board" or "Governance Body" means a committee described in and established pursuant to Schedule 7 (Governance);
"Group" means either or both of the Molina Group and the Service Provider Group as the context requires;
"Hardware" means a physical item of computer equipment, including laptops, desktops and tablet devices, servers and network and communications equipment, as well as peripherals that can be connected to a computer including keyboards, mice, monitors and printers;
"Harmful Code" has the meaning given in Clause 27.1(a);
"Import/Export Laws" has the meaning given in Clause 8.11(a);
"Incident" means any event which is not part of the standard operation of any System and which causes, or may cause, an interruption or a reduction of the quality of that System;
"Incident Detection, Analysis and Response" means the process to determine whether the incident is occurring, analyze the nature of the incident, notify stakeholders of the occurrence, and develop a mitigation plan;
"Incident Management" means the process for managing the lifecycle of all Incidents. The primary objective of Incident Management is to return the Application to full operation as quickly as possible;
"Incident Response Team" means the Service Provider's team responsible for the resolution of Major Incidents;

-14-

"Incident Triage and Escalation" means the first post-detection incident response process to structure a mitigation plan;
"Indemnified Party" has the meaning given in Clause 58.3;
"Indemnifying Party" has the meaning given in Clause 58.3;
"Independent Expert" means a Third Party that is agreed by the Parties to serve as an independent expert with respect to the matters set out in Clause 60 (Excusing Causes) of the Agreement;
"Information Security Policy" means the security-related policies as set out in Schedule 24 (Certain Security Requirements) to the Agreement;
"Information Technology Service Management" means the entirety of activities – directed by policies, organized and structured in processes and supporting procedures – that are performed by an organization to design, plan, deliver, operate and control information technology (IT) services offered to customers;
"Infrastructure" means the basic, underlying framework or features of a system or organization;
"Initial Expiry Date" means the date three (3) years after the Effective Date;
"Initial Term" means the period commencing on the Effective Date and ending on the Initial Expiry Date;
"Innovation Fund" has the meaning given within Schedule 3 (Pricing and Invoicing);
"Innovation Fund Rate Card" has the meaning given in Schedule 3 (Pricing and Invoicing);
"Input Deliverable" means a System or a Material that has been created by Molina, an Other Service Provider or by the Service Provider, identified as such in a Project Work Order;
"In-Scope Personal Data" has the meaning given in Clause 34.1(d);
"Insurance" and "Insurances" have the meaning given in Clause 59.1(a);
"Insurance Limits" has the meaning given in Clause 59.1(b);
"Insurer" has the meaning given in Clause 59.1(c);
"Integration Testing" means the phase in software testing in which individual software modules are combined and tested as a group;
"Intellectual Property Rights" or "IPR" means patents, registered designs, trademarks and service marks (whether registered or not), copyright, database right, design right and moral right, in each case existing in any jurisdiction in the world, and other property rights in other jurisdictions that grant similar rights as the foregoing, including those subsisting

-15-

in inventions, drawings, performances, software, databases, semiconductor topographies, business names, goodwill and the style of presentation of goods and services and in applications for the protection thereof;
"IPR Claim" means an IPR Claim against Molina or an IPR Claim against the Service Provider as the case may be;
"IPR Claim Against Molina" means any claim against Molina or another Molina Company or to which Molina or another Molina Company is joined that alleges infringement of a Third Party's Intellectual Property Right however arising as a result of or in connection with the provision or authorized use of:
(a)
the Services;
(b)
any Software, System or Materials made available by the Service Provider or a Subcontractor to     any Molina Company in connection with this Agreement; or
(c)
any System, Software and/or Modification created by the Service Provider or a Subcontractor,
provided, in the case where the Intellectual Property Right is a patent, that that patent had been filed in a country that was a signatory to the Patent Cooperation Treaty as at the date on which the Services, Software, Materials, System or Modification was provided to Molina (or, where such provision occurred on more than one date, on the latest such date);
"IPR Claim Against the Service Provider" means any claim against the Service Provider or another Service Provider Company or to which the Service Provider or another Service Provider Company is joined that alleges infringement of a Third Party's Intellectual Property Right however arising as a result of or in connection with the provision or authorized use of:
(a)
any Molina IP (other than Molina IP created or Modified by the Service Provider in the     performance of the Services);
(b)
any use mandated by Molina, as set out in any Project Work Order, of any Software owned or licensed by Molina in accordance with the instructions of Molina; or
(c)
any Third Party Software provided by Molina to the Service Provider for the Service Provider to use in the performance of the Services,
provided, in the case where the Intellectual Property Right is a patent, that: (i) in the case of (a) or (c), that patent had been filed in a country that was a signatory to the Patent Cooperation Treaty as at the date on which the Molina IP or Third Party Software (as the case may be) was provided to the Service Provider (or, where such provision occurred on more than one date, on the latest such date); and (ii) in the case of (b), that patent had been filed in a country that was a signatory to the Patent Cooperation Treaty as at the date on which the Project Work Order was executed;

-16-

"Judgment Payment Dispute" means any dispute, difference, controversy or claim between a judgment creditor and judgment debtor with respect to any money (including interest and costs) due under an unsatisfied judgment, including: (i) a failure to pay on demand any sum of money remaining due under a judgment on or after the date on which that sum becomes due; and (ii) the inability or unwillingness of the judgment debtor to pay the outstanding portion of the judgment sum within the time demanded, but excluding any dispute about the formal validity or substantive merits of the judgment.
"Key Performance Indicators" or "KPIs" means the Service Levels identified as such in Schedule 6 (Service Levels and Service Credits) or any Local Agreement or Services Order;
"Key Person" means a person occupying a Key Service Provider Position from time to time including but not limited to those listed in Appendix 15A (Key Personnel) to Schedule 15 (HR Matters and Key Personnel) or, in respect of a Project Work Order, in the relevant Project Work Order, in each case as amended from time to time in accordance with the provisions of Schedule 15 (HR Matters and Key Personnel), and "Key Personnel" shall be interpreted accordingly;
"Key Service Provider Position" means a position or role within the Service Provider Group that is considered by Molina critical to the support of Services and which positions or roles are identified in Appendix 15A (Key Personnel) to Schedule 15 (HR Matters and Key Personnel), or, in respect of a Project Work Order, in the relevant Project Work Order, in each case as amended from time to time in accordance with the provisions of Schedule 15 (HR Matters and Key Personnel);
"Laws" means any applicable law, statute, by law, regulation, order, regulatory policy (including any requirement or notice of any regulatory body), guidance or industry code of practice, rule of court or directives, delegated or subordinate legislation in force from time to time;
"Level 1" means a category of Services which resolve Requests and Incidents which are known issues which can be resolved through the use of Knowledge Base articles or other previously created documentation;
"Level 2" means a category of Services which resolve Requests and Incidents which are known issues which require further triage, investigation, and in some cases configuration changes beyond what is performed at Level 1;
"Level 3" means a category of Services which resolve Requests and Incidents which are not known issues which require code changes or interfacing with a Third Party;
"Linked Project" means each group of Project Work Orders that are Linked to one another (and, in the case of a Project Work Order that is not Linked to any other Project Work Order, that Project Work Order is itself a Project);

-17-

"Local Business Day" means, in respect of any act to be performed under this Agreement or any Project Work Order, a day on which banks are open for general non-automated business in the country in or from which that act is required to be performed;
"Losses" means any and all damages, fines, penalties, deficiencies, losses, liabilities (including settlements and judgments) and expenses (including interest, court costs, reasonable fees and expenses of attorneys, accountants and other experts or other reasonable fees and expenses of litigation or other proceedings or of any claim, default or assessment);
"Major Enhancement" means an Application activity or set of activities within the scope of Services or related to the Services that requires more than 200 hours of effort;
"Major Incident" means any Incident that Molina declares to be a Major Incident in accordance with the Policies, and may include, without limitation: (i) hostile code attacks; (ii) denial of service attacks; (iii) physical destruction of key elements of Molina's Systems, Applications or information stored in electronic form; and (iv) hacking (whether external or internal);
"Master Services Agreement" or "MSA" means this Agreement;
"Material" means any material in whatever form (including documentary, magnetic, electronic, graphic or digitized), including any methodologies, processes, reports, specifications, business rules or requirements, user manuals, user guides, operations manuals, training materials and instructions;
"Measurement Period" means the period of time in respect of the Service Provider's performance against the Service Levels will be measured, and in the absence of anything to the contrary will be a calendar month;
"Milestone" means:
(a)
a milestone associated with the Project Services and identified in a Project Work Order; or
(b)
a milestone associated with a Transition Project and identified in the applicable Transition Plan;
"Milestone Acceptance Certificate" means a certificate issued by Molina confirming that a Milestone has been Achieved;
"Milestone Achievement Date" means the date on which a Milestone is actually Achieved;
"Milestone Charge" means the monetary amount which is associated with the respective Milestone which Molina is responsible for paying to Service Provider upon Acceptance of that Milestone;
"Milestone Date" means a date identified in a Project Work Order or Transition Plan by which one or more Deliverables must have been Passed by Molina;

-18-

"Milestone Payments" means the percentage of the fee of the project that the client pays over the course of the project for the Service Provider delivering identified Milestones;
"Minimum Service Level Target" means the minimum service level in respect of each Service Level set out in Schedule 6 (Service Levels and Service Credits) or any Services Order or Local Agreement;
"Minor Enhancement" means an Application activity or set of activities within the scope of Services or related to the Services that requires less than or equal to [redacted]of effort;
"Modify" means to add to, enhance, reduce, change, vary or create a derivative work of and "Modification" and "Modified" have corresponding meanings;
"Molina Authorized Representative" means the employee or officer of Molina who is designated by Molina from time to time as its representative, and of whom the Service Provider has been notified in writing;
"Molina Change Management Policy" means the Molina policy document of this name as may be updated from time to time;
"Molina Company" means a member of the Molina Group;
"Molina Competitor" means any enterprise that is involved in the healthcare or health plan industry;
"Molina Data" means data relating to the business, customers or operations (including the operation and performance of the Services) of any member of the Molina Group, whether generated or produced:
(a)
by or for Molina;
(b)
by the Service Provider or any Subcontractor in or in relation to the provision of the Services; or
(c)
automatically by any Software or Systems,
and shall include all derivatives of and Modifications to any such information;
"Molina Environment" means the combination of hardware, software, telecommunications links and other material (or any of its constituent parts) made available by Molina or as used by or interfaced to by the Service Provider;
"Molina Facilities" means:
(a)
those facilities identified in Schedule 13 (Access to Molina Facilities); and
(b)
those facilities identified in any Project Work Order as facilities that are required to be provided by Molina in order for the Service Provider to perform the Services under that Project Work Order;
"Molina Group" means Molina and its Affiliates from time to time;

-19-

"Molina Indemnified Party" has the meaning given in Clause 58.1;
"Molina IP" means the Molina Software, Molina Materials, Molina Work Product and Molina Data and any other resources or items provided to the Service Provider by or for Molina or any other Molina Company at any time to perform the Services and includes any Modifications to the same;
"Molina Location" means each location set out in Schedule 18 (Countries, Regions and Molina Locations) and each other location from which any Molina Company carries on any business or operations from time to time;
"Molina Materials" means any Materials owned by Molina or any other Molina Company that are used by the Service Provider or any Subcontractor to perform the Services, and includes any Modifications to such Materials;
"Molina Premises" means premises owned, controlled or occupied by Molina or a member of Molina's Group which are made available for use by the Service Provider or its Sub-Contractors for the provision of the Services (or any of them) on the terms set out in the Agreement or any separate agreement or license;
"Molina Responsibilities" means:
(a)
the obligations of Molina in respect of the Services and Deliverables provided by the Service     Provider pursuant to a Project Work Order as expressly set out in that Project Work Order;
(b)
the obligations of Molina as expressly set out in Schedule 16 (Dependencies);
(c)
the obligations of Molina as set out in Appendix 13A (Resources Schedule) of Schedule 13 (Access to Molina Facilities);
(d)
the obligations of Molina as set out in the Financial Responsibility Matrix; and
(e)
the obligations of Molina as set out in any Exit Plan; and
(f)
any obligation of Molina set out in the Agreement;
"Molina Service Leads" means the IT managers and leads for the individual services under each Tower;
"Molina Sites" means the Molina locations at which the services will be delivered;
"Molina Software" means any Software owned by Molina or any other Molina Company which is used by the Service Provider or any Subcontractor to perform the Services, and includes any Modifications to the same;
"Molina PWO Party" means, in respect of any Project Work Order, the Molina Company that is a party to that Project Work Order in accordance with Clause 13 (Project Work Orders);
"Molina Work Product" means:

-20-

(a)
any Deliverables (other than any Service Provider IP incorporated in any Deliverable);
(b)
any Modifications to the Molina IP;
(c)
to the extent permitted by the terms of any governing Third Party Software licenses, any Modifications to any such Third Party Software; and
(d)
any other Software or Materials specifically created or developed by the Service Provider for Molina and required to be delivered to Molina in the course of providing the Services,
together with all copies made thereof, that are developed or otherwise created pursuant to this Agreement, whether solely or jointly by the Service Provider, the Subcontractors or any other Third Parties;
"Modifications" means any maintenance releases, modifications or revisions other than Enhancements or New Versions to the Software that correct defects, support new releases of the operation system on which the Software operates, support new input/output devices or provide other incidental updates and corrections;
"Monitoring Interval" means the period of time in which a Service Level is measured, as detailed within Schedule 3 (Service Levels and Service Credits);
"Monthly Charges" means, for any given month, the total invoice amount for all Charges for all Services provided by Service Provider under this Agreement;
"Monthly Invoice" means the invoice for all Monthly Charges for the Services;
"Monthly Performance Report" means the report provided by Service Provider to Molina each month to verify Service Provider's performance and the supporting data, calculation, and analysis performed by Service Provider to develop such report;
"MSA Change" means a change to any of the terms of this Agreement, including any of the Schedules and the Appendices to the Schedules, or any other document incorporated into this Agreement, but does not include any change to any of the Policies or a Project Change;
"Network" means a group of two or more devices that can communicate, usually comprised of a number of different computer systems connected by physical and/or wireless connections;
"Network Equipment" means physical devices required for communication and interaction between devices on a computer network;
"New Version" means any new version of the Software which from time to time is publicly marketed and made available for purchase by the Service Provider in the course of its or its Sub Contractors' normal business where the purchase or operation of the new version does not require the purchaser already to possess a version of the Software;

-21-

"Nonconformity" means an incidence of a Deliverable not meeting the Assurance Criteria;
"Official Invoice" means the invoice issued by the Service Provider each month in accordance with Schedule 3 (Pricing and Invoicing);
"Offshore Ratio" means the number of supplier resources supporting from offshore to the total number of supplier resources supporting the Molina engagement;
"Off the shelf Packages" means standard, "shrink wrap" or "clickwrap" Software packages generally available from Third Parties or from Sub Fs (other than members of the Service Provider's Group);
"Open Source Software" means Software that is licensed by a Third Party on terms that place restrictions on the terms on which any Software incorporating that Software or derived from that Software may be licensed, sold or distributed, or which require a person licensing, selling or distributing Software incorporating or derived from that Software to grant any right to any person, including without limitation any Software licensed under the GNU General Public License (GPL), the GNU Lesser General Public License (LGPL) or any other license issued or approved by the Free Software Foundation or the Open Source Initiative;
"Operational Change" means any activity involving the introduction, updating, modification, or retirement of a System or Application, including any planned activity that has an impact or potential impact on the availability or performance of a System or Application;
"Operational Loss" means any Losses as a result of any overpayment, underpayment, incorrect payment or non-payment by the Service Provider or resulting from a default on the part of the Service Provider pursuant to its performance of the Services;
"Operational Review Board" has the meaning set out in Schedule 7 (Governance).
"Other Service Provider" means each other provider of services, Software or goods to any Molina Company and any Software Vendor;
"Other Services" means services provided by the Other Service Providers;
"Outline Transition Plan" has the meaning given to it in Schedule 4 (Transition and Transformation);
"Parties" means Molina and the Service Provider, and "Party" means either of them;
"Pass" shall mean confirmation from Molina that a Deliverable does not materially deviate from the applicable requirements set out in the relevant Project Work Order and meets the applicable Assurance Criteria, as evidenced by the issue by Molina of an Assurance Certificate, and "Passed" shall be interpreted accordingly;

-22-

"Patching" means the action of performing non-Release level changes, including electronic software updates ("ESUs"), software action requests ("SARs"), and service packs (i.e., cumulative releases ("CUMs")) or their equivalent in Applications;
"Payment Milestone" means a Milestone the Achievement of which results in certain Charges (or a portion of those Charges) becoming payable to the Service Provider;
"Performance Category" means the category in which Service Levels are grouped within Appendix 6-A (Service Level Matrix);
"Performance Management" has the meaning given within Schedule 6 (Service Levels and Service Credits);
"Period" means each calendar month during the Term;
"Permitted Purposes" means the performance of the relevant Party's obligations under this Agreement, and, where the relevant person is Molina it also means:
(a)
the receipt and use of the Services; and
(b)
the provision of services to (or within) the Molina Group and the procurement of services from Third Parties and Other Service Providers;
"Personal Data" has the meaning given in Clause 34.1(b);
"Personnel" means Service Provider Personnel;
"Policy" means all policies, procedures and standards adopted by Molina or any other Molina Company from time to time;
"Policy Change" means a change to a Policy or the implementation of a new Policy;
"Policy Change Effective Date" has the meaning given in Schedule 9 (Change);
"Policy Change Notice" has the meaning given in Schedule 9 (Change);
"Pool Percentage Available for Allocation" has the meaning given in Schedule 6 (Service Levels and Service Credits);
"Prior Damages" means, when calculating the liability cap available in respect of a particular claim or cause of action, all damages paid by, plus all damages awarded against, the Party seeking to rely on that liability cap to limit its liability, in respect of all prior claims and causes of action that accrued against that liability cap;
"Problem" means:
(a)
a cause of one or more Incidents;
(b)
a reoccurring service disruption in an Application;
(c)
a single service disruption in an Application where such disruption is expected to reoccur; or

-23-

(d)
a major disruption to Molina's IT environment;
"Problem Management" means the process for managing the lifecycle of all Problems. The primary objective of Problem Management is to return the Application to full operation without recurrence of the Problem or associated Incidents;
"Procedures Manual" means the list of specific methods employed to express policies in action in day-to-day operations of the organization;
"Productive Hours" means the hours during which resources from the supplier would be productively working;
"Project" is an activity or set of activities within the scope of Services or related to the Services that requires more than 200 hours of effort. A Project may be a Chargeable Project or Non-Chargeable Project depending on whether it fits the applicable definition;
"Project Change" means a change to any of the terms of any Project Work Order, or any other document incorporated into any Project Work Order, but does not include any change to any of the Policies;
"Project Charges" means the Charges payable for Project Services, as set out in Schedule 3 (Pricing and Invoicing);
"Project Services" means those services provided by a Service Provider Group Company to a Molina Company under a Project Work Order, as set out in Clause 13.4;
"Project Support" means support provided by the Service Provider to deliver the services;
"Project Statement of Work" means the Services Order which is agreed between the parties for a separate Project;
"Project Work Order" or "PWO" means an agreement between Molina (or a Molina Company) and the Service Provider (or a Service Provider Company) in a form agreed by the Parties, made and constituted in accordance with Clause 13 (Project Work Orders);
"Prudent Service Provider" has the meaning given in Clause 59.1(d);
"Quarter" means January to March (inclusive), April to June (inclusive), July to September (inclusive) and October to December (inclusive);
"Rate Card" means the rate card set out in Schedule 3 (Pricing and Invoicing);
"Receiving Party" has the meaning given in Clause 30.1;
"Record" means recorded information, regardless of medium or characteristics, made or received by an organization that is evidence of its operations;
"Regulated System" means any System that is, or that is required to be, subject to Validation and/or Qualification;

-24-

"Regulatory Authority" means any authority, agency or other body with regulatory jurisdiction over any Molina Company or any business conducted by any Molina Company from time to time;
"Regulatory Change" means any change to an Applicable Law;
"Regulatory Change Effective Date" has the meaning given in paragraph 5.2 of Schedule 9 (Change);
"Related Documentation" means, with respect to Software and Software development tools, all materials, documentation, specifications, technical manuals, user manuals, flow diagrams, file descriptions and other written information that describes the function and use of such Software or Software development tools, as applicable;
"Release" means one or a series of Operational Changes to be implemented on a specific date;
"Relief Event" means a failure by Molina to comply with an Molina Responsibility;
"Replacement Services" means services similar to the Services (or part of the Services) that are provided in replacement for the Services (or part of the Services) following the termination (including partial termination) or expiry of this Agreement or any Project Work Order;
"Replacement Service Provider" means any Third Party supplier of Replacement Services appointed by Molina or Molina, as the case may be;
"Reports" means the reports that the Service Provider is required to produce as set out in Schedule 7 (Governance);
"Representatives" has the meaning given in Clause 38.1;
"Renewal Notice" has the meaning given in Clause 4.2;
"Required Service Levels" means the Service Levels identified as such in Schedule 6 (Service Levels and Service Credits) or any Services Order or Local Agreement;
"Resolution" means the act of fixing an Incident such that its original or similar symptoms are no longer present for the reporting user or system and "Resolve" and "Resolved" shall be construed accordingly. Such incidents or requests are agreed to be Resolved as per schedule 3 and its related Appendices;
"Resource Baseline" means the assumed quantity of an individual Resource Unit that may be consumed or utilized in each month as specified in Appendix 3-A to Schedule 3 (Pricing and Invoicing);
"Resource Rates" means the daily rates for Service Provider Personnel set out in Appendix 3-A to Schedule 3 (Pricing and Invoicing);

-25-

"Resource Units" means the units of resource set out in Appendix 3-A to Schedule 3 (Pricing and Invoicing) that are counted to measure the use of, or demand for, each Service or part of a Service (as defined in Appendix 3-A to Schedule 3 (Pricing and Invoicing));
"Resource Unit Data Source" has the meaning given within Schedule 3 (Pricing and Invoicing);
"Resource Unit Rates" has the meaning given within Schedule 3 (Pricing and Invoicing);
"Resource Unit Record" means the records of all Resource Units within the Resource Unit Data Source;
"Resources" means personnel, facilities, Systems, procedures, electronic communications and network management processes and other resources;
"Responsible Party" has the meaning given in Clause 8.11(d);
"RFP" has the meaning given in paragraph (B) of the Introduction to this Agreement;
"RFP Proposal" means the Service Provider's response to the RFP, which the Service Provider provided to Molina in August 2018;
"Root Cause Analysis" or "RCA" means the analysis of the underlying cause of an Incident, Problem, unsuccessful Operational Change or Release from which effective actions can be defined to Resolve and prevent reoccurrence;
"RRC" or "Reduced Resource Credit" means a credit against the Base Charges, at the rates stated in Appendix 3-A to Schedule 3 (Pricing and Invoicing), for the consumption or utilization of Resource Units in the performance of the related Service during any month less than anticipated by the applicable Resource Baseline;
"Run Services" means the services described in Schedule 2 to this Agreement;
"Sarbanes-Oxley" or "SOX" means the Sarbanes-Oxley Act of 2002;
"Security Policy" means Molina's security policy, guidelines and requirements notified to the Service Provider;
"Security Service Catalog" means the comprehensive list of IT security services maintained by Molina;
"Service Bundle" means each of the following groupings of the Services:
(a)
core infrastructure (as described in Schedule 2);
(b)
end user services (as described in Schedule 2);
(c)
security (as described in Schedule 2); and
(d)
any other Service or grouping of Services identified in a Change Notice or SoW, as applicable, as constituting a “service bundle” apart from those listed in clauses (a) through (c) above.

-26-

"Service Catalog" means a list of pre-defined Deliverables that may be ordered by Molina from the Service Provider in accordance with Schedule 2 (Service Description);
"Service Commencement Date" means each date on which the Service Provider is required to commence the provision of certain Run Services, as set out in Schedule 4 (Transition and Transformation);
"Service Credits" means the credit against the Charges (of an amount calculated in accordance with Schedule 6 (Service Levels and Service Credits)) to be applied by the Service Provider if it fails to meet or exceed one or more Service Levels (and "Service Level Credits" shall have the same meaning);
"Service Element" means each Service (or group of Services) identified as a 'Service Element' in the applicable Statement of Work;
"Service Failure" means a failure to meet any of the Service Levels and/or any other failure to provide any of the Services in accordance with the Agreement;
"Service Fees" means Charges which are incurred for the delivery of Services according to Schedule 3 (Pricing and Invoicing);
"Service Level" or "Service Levels" means the service levels set out in Schedule 6 (Service Levels and Service Credits) or any Services Order or Local Agreement;
"Service Level Component" means an aspect of a Service Level which defines the requirement for that Service Level, as included in Appendix 3-A (Service Level Matrix);
"Service Level Default" has the meaning given in Schedule 6 (Service Levels and Service Credits);
"Service Level Matrix" has the meaning given in Schedule 6 (Service Levels and Service Credits);
"Service Level Performance" means, in respect of each Service Level or Key Performance Indicator (KPI), the Service Provider's actual performance of the Services against such Service Level or KPI in the relevant Period;
"Service Level Report" shall have the meaning set out in Schedule 6 (Service Levels and Service Credits);
"Service Level Target" means the minimum level of performance for a Service Level;
"Service Provider" means the entity which is contracted via the Agreement to provide the Services;
"Service Provider Authorized Representative" means the employee or officer of the Service Provider who is designated by the Service Provider from time to time as its representative, and of whom Molina has been notified in writing;
"Service Provider Commercially Sensitive Information" means:

-27-

(a)    financial information relating to the Service Provider's profits;
(b)    Service Provider Data;
(c)    information that is confidential to the Service Provider's other customers;
"Service Provider Company" means a member of the Service Provider Group;
"Service Provider Data" means data relating to the business, customers or operations of any Service Provider Company, whether generated or produced by any Software or Systems during the course of delivering the Services and shall include all derivatives and Modifications to any such information but does not include Molina Data;
"Service Provider Delivery Lead" has the meaning set out in Schedule 7 (Governance);
"Service Provider Group" means the Service Provider and its Affiliates from time to time;
"Service Provider Indemnified Party" has the meaning given in Clause 58.2;
"Service Provider IP" means the Service Provider Software, Service Provider Materials, Service Provider Data, Service Provider Methods and any Modifications to any of the same;
"Service Provider Materials" means any Material made available by the Service Provider (or any member of the Service Provider Group) and/or used by or on behalf of the Service Provider to perform the Services and including any Modifications to the same;
"Service Provider Methods" means any methods, processes and business rules that are used by or on behalf of the Service Provider to perform the Services and the performance of which would, without a license from the Service Provider or any Service Provider Company or Subcontractor, infringe any Intellectual Property Right of the Service Provider or any Third Party;
"Service Provider Personnel" means employees and contractors, and employees of Subcontractors, of the Service Provider and each Service Provider Group company engaged in the provision of the Services and "Service Provider Person" shall be interpreted accordingly;
"Service Provider Premises" means any premises in the possession or control of the Service Provider or any Sub Contractor (which are not Molina Premises) from which the Services are delivered, in whole or in part or in which records relating to the Services are kept;
"Service Provider Software" means any Software (and any Modifications to that Software) made available by the Service Provider (or by any other Service Provider Company) and/or used by or on behalf of the Service Provider to perform the Services (for purposes of clarity, Service Provider Software does not include Molina Software);
"Service Provider PWO Party" means, in respect of any Project Work Order, the Service Provider Company that is a party to that Project Work Order in accordance with Clause 13 (Project Work Orders);

-28-

"Service Provider Technical Solution" means Schedule 21 (Service Provider Technical Solution);
"Service Relocation Costs" has the meaning given in Clause 50.4;
"Service Relocation Plan" has the meaning given in Clause 50.2(a);
"Service Remedies" shall have the meaning given to it in Schedule 6 (Service Levels and Service Credits);
"Service Request" means a request from an Authorized User for information, or advice, or for a standard change or for access to an IT Service, such as to reset a password or to provide standard IT services for a new Authorized User;
"Service Tower" means an individual tower as defined by scope Exhibits for which Services are provided (e.g. Infrastructure, Applications, End User Services);
"Services" means:
(a)    the Catalog Services;
(b)    the Run Services;
(c)    the Project Services;
(d)    the Transition Services;
(e)    during an Exit Period, the Termination Assistance; and
(f)    the performance of all other obligations of the Service Provider under this Agreement.
"Severity" means:
(a)
Severity 1 - Critical (Tier 1 Application Outage/Data Center Outage that has Impact);
(b)
Severity 2 - High (a large number/region of users are impacted/Financials missing Month End Close Business Process/Microsoft O365 outage). Tier 1 Applications Degraded Performance - Intermittent Outage, Errors or user impacting latency;
(c)
Severity 3 - Medium (Some Users are impacted or some functionality is impacted/User productivity impacted);
(d)
Severity 4 - Low (Content issue on website/Some users are unable to log in, but most users are able to access the website);
(e)
Severity 5 - Information (monitoring issues/no impact to users, website degraded performance/redundancy impaired);
"Site" means an Molina owned location at which Service Provider provides Services according to the Agreement;

-29-

"Site Systems" means those Systems owned or leased by the Service Provider that the Service Provider needs to install at any Molina Facility in order to deliver the Services;
"Skill Grade" means each grade of Service Provider Personnel set out in Appendix 3-A of Schedule 3 (Pricing and Invoicing);
"Software" means the versions of any applications, programs, operating system software, computer software languages, utilities and Related Documentation, in whatever form or media, including the tangible media upon which such applications, programs, operating system software, computer software languages, utilities and Related Documentation are recorded or printed, together with all corrections, improvements, Modifications, updates and releases thereof;
"Software Auditor" means an auditor representing the Federation Against Software Theft or the Business Software Alliance or equivalent body that may from time to time audit or review the type and manner of use of any Software by any Molina Company;
"Software Components" means software programs, code, routines and sub routines that perform specific functions, that are independent copyright works and are used by or on behalf of the Service Provider in the development of the Bespoke Software but that pre date or are not created specifically for the purposes of the Agreement;
"Software Vendor" means a Third Party from which Molina or the Service Provider licenses any Software;
"Solvency Ratio" means the outcome of the following equation: net borrowings net of cash / EBITDA;
"Source Code" means Software in an eye-readable form and in such a form that it can be compiled or interpreted into equivalent object code or byte code, together with all technical information and documentation necessary for the Use, reproduction, Modification, build, compilation, installation, enhancement and support of Software without recourse to any other document, materials or person;
"Stage" means each discrete stage set out in the Projects Statement of Work;
"Statement of Work" or "SoW" means each statement of work set out in Schedule 2 (Statements of Work);
"Start Time" means, for the purposes of determining a response time, when a ticket is opened in respect of an Incident;
"Step-In Agent" means Molina or a Third Party appointed by Molina pursuant to Clause 48.1 (Instigation of Step-In);
"Step-In Costs" has the meaning given in Clause 48.4(e);
"Step-In Event" has the meaning given in Clause 48.1(a);
"Step-In Notice" has the meaning given in Clause 48.2(d);

-30-

"Step-Out Date" has the meaning given in Clause 48.3(f)(ii);
"Step-Out Notice" has the meaning given in Clause 48.3(c);
"Step-Out Plan" has the meaning given in Clause 48.3(d);
"Subcontract" means a contract between the Service Provider and a Subcontractor;
"Subcontractor" means a subcontractor of the Service Provider of any Service Provider Company, appointed (directly or indirectly) to perform any of the Service Provider's obligations under this Agreement;
"Sub-Tower" means each group of Services forming the entirety of a Statement of Work;
"Successor Supplier" means any Third Party or Molina Company that provides Replacement Services;
"Supporting" or "Support Services" means the activities required for successful execution of a product, program, or process;
"System" or "Systems" means an interconnected grouping of manual or electronic processes, Equipment, Hardware, Firmware, protocols and Software and associated attachments, features, accessories, peripherals and cabling, and all additions, modifications, substitutions, upgrades or enhancements to the extent a party has financial or operational responsibility for such System or System components under this Agreement;
"System of Record" means the System which is Molina's authoritative source for a particular function, process, or data;
"Tax" and "Taxation" mean all sales, use, property, ad valorem, value added or similar taxes;
"Tax Authority" or "Tax Authorities" means any government, state or municipality, or any local, state, federal, national or other fiscal, revenue, customs, or excise authority, body or official anywhere in the world, authorized to levy Tax;
"Tax Claims Notice" has the meaning given in Clause 43.5(b);
"Term" means the term of this Agreement which is determined by Clause 3 (Term) and Clause 4 (Extension of the Term);
"Terminating Services" means:
(a)
in respect of a termination of this Agreement or a PWO in whole or in part, those Services for which a Party has issued a formal notification of termination but which continue to be provided during an Exit Period; and
(b)
in respect of the expiry of this Agreement or the termination of this Agreement in whole, all of the Services;

-31-

"Termination Assistance" means the assistance the Service Provider shall provide Molina in order for the Service Provider to transfer responsibility for delivery, performance and management of the Terminating Services, as set out in Schedule 8 (Termination Assistance and Exit) and each Exit Plan;
"Termination Assistance Period" means a period of time commencing upon the earlier of Service of a notice to terminate or when requested by Molina;
"Termination Date" means the date on which any notice of termination of this Agreement or a Project Work Order takes effect, as determined in accordance with Clause 56 (The Effective Date of Termination);
"Termination for Convenience" means the termination of the contract by Molina at any time with or without giving any justification;
"the Act" means the Employment Rights Act 1996 (as amended);
"Third Party" means a person that is not a Party, a Molina Company, a Service Provider Company or a Subcontractor;
"Third Party Agreements" means the agreement between Molina or the Service Provider and a third party;
"Third Party Manager" has the meaning given in Clause 65.1;
"Third Party Software" means any Software other than Molina Software and Service Provider Software, and related Material that is otherwise used in the performance of the Services and includes Software provided under license or lease that is used to provide the Services;
"Threat Management" means protecting a business from security threats, including computer security and information security;
"Tollgate" means the checkpoints specified as such in a Transition Plan;
"Traditional Delivery Model" refers to the waterfall software development methodology;
"Transfer" means the transfer of the provision of any Services from the Service Provider to Molina or a Successor Supplier on the termination (in whole or in part) or expiry of this Agreement or any Project Work Order;
"Transfer Fee" means the Charges associated with transferring an asset as detailed within the Wind-Down Expenses;
"Transformation Deliverables" means those Deliverables that are generated as an output of the Transformation Services;
"Transformation Period" means in respect of each Transformation Project, the period commencing on the start of the Transformation Services to the date of Acceptance of the final Transformation Milestone;

-32-

(a)
Transformation Plan" means either the Outline Transformation Plan or the Detailed Transformation Plan;
(b)
Transformation Services" means the services that relate to paragraph 7 of Schedule 4 (Transition and Transformation);
"Transition Deliverables" means those Deliverables that are generated as an output of the Transition Services;
"Transition Charges" means the charges for Transition set out in a Project Work Order for each relevant Transition Project;
"Transition Milestone" means a Milestone relating to Service Provider's obligations to complete certain Transition Services on specified dates in accordance with the Transition Plan;
"Transition Period" means the period from the Commencement Date to the final Go Live Date;
"Transition Plan" means the plan for the conduct of each Transition Project, as set out in, as applicable, the Initial Transition Plan, the Detailed Transition Plan, and, as applicable, a Project Work Order entered into in connection with the applicable Transition Project;
"Transition Project" means each project to be completed by the Service Provider in connection with Transition, as set out in the Detailed Transition Plan or the Service Provider Technical Solution, as applicable;
"Transition Services" means the services, functions, roles and responsibilities to be performed by the Service Provider under each Transition Project, in accordance with Schedule 4 (Transition and Transformation) and each Project Work Order for each Transition Project;
"Trend Identification" means assessing tickets or events in order to identify a common Root Cause among multiple, repetitive issues;
"Triage" means the process of assessing an issue to determine the appropriate Severity, Priority, and ownership group in order to carry the issue to resolution;
"Unified Communication" means the Services associated with providing enterprise communications infrastructure;
"Unified Compute" means the Services associated with providing Security, Storage, Network, and Compute;
"Unit Testing" means the process of testing individual units of an Application to ensure proper functioning and fulfilment of requirements;
"Unplanned Downtime" means downtime that occurs as a result of a failure (for example, a hardware failure or a system failure caused by improper server configuration);

-33-

"Upgrade" means any update, upgrade, enhancement or change to an Application or System including a Patch or Release;
"Use" means to load, execute, display and perform (and to copy for these purposes);
"User" means the equivalent of "Authorized User";
"User Acceptance Testing" means the last phase of Software testing process in which users ensure that the Software meets business process requirements;
"VIP User" means a user as identified in Schedule 14 (Molina Policies);
"Voice Network" means a group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks;
"Volume Discounts" means the discount percentages Service Provider shall credit Molina based on incremental aggregate (for that Contract Year) Monthly Charge dollars invoiced by and paid to the Service Provider under this Agreement, not inclusive of Transition Charges, or Approved Out-of-Pocket Expenses, in accordance with Schedule 3 (Pricing and Invoicing);
"Vulnerability" means a Security flaw or weakness in a System which may cause such System to be open to a cyber-attack;
"Wave" means each group of Services the provision of which, or the provision of which to one or more Molina Companies or in one or more Countries, is to commence together, as set out in Schedule 4 (Transition and Transformation);
"Work Order" means a written agreement between Molina and Service Provider for the performance of projects;
"Workaround" means a method of restoring:
(a)
access to the affected System; and
(b)
the affected System to the functionality and performance required by the applicable specifications,     without necessarily Resolving the underlying Problem;
"Working Day" means a period of eight (8) hours in the United States, or 8.8 hours offshore; and
"Year" means each consecutive twelve (12) month period commencing on the Effective Date and each anniversary of the Effective Date and the terms; and "First Year", "Second Year" etc., and so forth shall be construed accordingly.



-34-


SCHEDULE 2
SERVICE DESCRIPTION




CONTENTS

Clause
 
Page
1.
Definitions
1
2.
Introduction; Services Description Structure
1
3.
Services Requirements of General Application
1


(i)


1.
DEFINITIONS
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) to this Agreement.
2.
INTRODUCTION; SERVICES DESCRIPTION STRUCTURE
This Schedule sets out the description of the Services. The Services descriptions have been arranged in the following manner:
(a)
certain Services requirements of general applicability to all Services are set out in this Schedule 2; and
(b)
the following Appendices to this Schedule set out Services in a grouped manner:
(i)
Appendix 2-A (Infrastructure);
(ii)
Appendix 2-B (Security Services);
(iii)
Appendix 2-C (End User Services); and
(iv)
Appendix 2-D (Pro Forma Project Work Order).
3.
SERVICES REQUIREMENTS OF GENERAL APPLICATION
3.1
The Service Provider shall perform its obligations pursuant to the Agreement, including the performance of the Services as set out in this Schedule and the Appendices hereto, in accordance with the following:
(a)
With respect to any Service performed in accordance with this agreement under which Molina is to provide services specifically directed toward the State of Texas Medicaid program (or its regulatory bodies, administrative agencies, health plans, or any member of any such health plan) or with respect to the Texas marketplace, the Service provider shall ensure that (i) its performance of such Service in accordance with the Agreement shall occur at locations [redacted] and (ii) no Confidential Information of Molina (including any confidential information of the State of Texas (or its regulatory bodies, administrative agencies, health plans, or any member of such health plan) or information that relates to the Texas marketplace) shall be [redacted]. For purposes of clarity, the Parties agree that Services model described in the Agreement (including the Schedules thereto) as of the Effective Date are in compliance with the foregoing restrictions as of the Effective Date].


 
 
 











Appendix 2-A INFRASTRUCTURE
MILBANK, TWEED, HADLEY & McCLOY LLP London




CONTENTS
Clause
 
Page
1.
Introduction
1
2.
Data Center Requirements
1
3.
Data Center Services
1
4.
General Requirements – Server, Storage, Database, and Network
3
5.
Server Services
10
6.
Storage and Database Services
12
7.
Database Services
14
8.
Network Infrastructure Services
14
9.
Telephony
18
10.
Business Continuity Planning
21
11.
Disaster Recovery
21
12.
Data Center Requirements (Conditional)
22
13.
Responsibility Matrix
25


(i)



1.
INTRODUCTION
1.1
This Appendix 2-A (Infrastructure) Services forms part of the Agreement. All terms and conditions of the Agreement shall apply to this Appendix 2-A and any attachments hereto.
2.
DATA CENTER REQUIREMENTS
2.1
Service Provider shall coordinate where applicable with Molina or Molina’s Datacenter provider for service described in this section. Service Provide will provide hands and feet support for infrastructure components (compute, storage, network, backup) only.
2.2
Service Provider shall be responsible for fulfillment of the requirements specified as Service Provider’s in this Exhibit.
General Requirements
2.3
All data center supporting Equipment shall and maintained according to the respective manufacturers' specifications.
2.4
Service Provider shall support Molina server architecture, including “hot aisle” and “cold aisle” cabinet configurations and environmentally friendly cooling design (e.g., “free air” /open-air cooling if applicable based on proposed Data Center Co-Lo facility locations), where possible.
2.5
Service Provider shall service each data center per Molina's requirement.
2.6
Service Provider shall provide remote access to equipment that will meet Molina's security standards.
2.7
Service Provider shall use existing web-based monitoring System for the environmental variables in any data center available to Molina.
3.
DATA CENTER SERVICES
3.1
Service Provider shall provide and where required, coordinate with Molina’s team or its Third Party suppliers to provide all the data center Services described herein, including:
Receiving and Staging Services
3.2
Service Provider shall stage all Equipment, including:
(a)
Dockside pickup and relocation;
(b)
Setting up racks;
(c)
Power distribution units;
(d)
Routers;
(e)
Switches;

 
 
 



(f)
Fiber cabling to storage/tape; and
(g)
Other necessary data center components.
Installation Services
3.3
Service Provider shall perform cabinet installations with necessary power, cooling, network, and redundancy requirements, including:
(a)
Coordinating with other vendors as required;
(b)
Rack mounting servers and networking Equipment in Molina specified rack locations;
(c)
Performing basic router and firewall configuration and routing to allow servers to be network accessible and ensuring routers are placed in the appropriate virtual local area networks, including demilitarized zones;
(d)
Configuring all servers to a network accessible state;
(e)
Coordinating with network Service Providers for all circuit installations (e.g., internet, primary office, disaster recovery site, and home office), and cross‑connects required to reach target devices;
(f)
Ensuring new Equipment is powered up within two (2) business days of receipt, or as agreed with Molina, and acceptance by the Data Center;
(g)
Providing patch, panel, cabling, device, and power labeling documentation for all Molina Equipment with name and power source indications;
(h)
Planning and installing Equipment, including cabling, consumables and any and all other Equipment required to support the installation;
(i)
Using Molina’s existing vendor for  cabling, consumables and any and all other Equipment required to support the installation; and
(j)
Testing, returning, and managing replacement of non-performing Equipment and/or Software as per Service Provider support contractual terms.
LAN Operations Services
3.4
Service Provider shall monitor and manage per Molina requirements the data center local area network (LAN) as an end-to-end Service, from the wide area network (carrier demarcation point) to each installed Molina device, including:
(a)
Provide network management and monitoring services per Molina requirements, including ensuring the proper operation (as per performance SLAs) and full functionality for all ports.
Data Center to Data Center WAN Operations Services

-2-


3.5
Service Provider shall monitor and manage the data center WAN per Molina requirements as an end-to-end Service in conjunction with the local Service Provider(s), from the external internet connection to the Local Area Network, including:
(a)
Monitoring quality-of-Service mechanisms across any Service Provider Services or other telecommunications Agreements, to support data, voice and video traffic as well as latency and jitter sensitive applications to all Molina sites;
(b)
Monitoring and providing real time network capacity reports;
(c)
Monitoring, supporting, and otherwise ensuring the proper operation of internal and external domain name Service (DNS) and dynamic host configuration protocol (DHCP) Services per Molina specifications;
(d)
Monitoring, supporting, and otherwise ensuring the proper operation (as per performance SLAs) of internal and external firewalls, demilitarized zones, load balancer, and other security and privacy related network components;
(e)
Ensuring high availability of WAN Services, including:
(i)
High availability and performance (as per performance SLAs) of WAN Equipment;
(ii)
High availability and performance (as per performance SLAs) of load balanced WAN links;
(f)
Performing quarterly performance and failover tests of WAN links as directed by Molina as per BC/DR plan testing; and
(g)
Performing monthly performance and failover tests of regional WAN links as directed by Molina in addition to any BC/DR plan testing.
General Services
4.
GENERAL REQUIREMENTS – SERVER, STORAGE, DATABASE, AND NETWORK
General Requirements
4.1
Service Provider shall be responsible for fulfillment of the requirements specified as Service Provider’s in this Exhibit.
4.2
Service Provider shall perform activities across all of Molina's technology and business partners, including Molina's Service Desk, other Service Provider teams, Third Party Sub-contractors or other third parties as required by Molina.
4.3
Service Provider shall support Molina with respect to its in project that are in-flight as of the Effective Date, in each case in accordance with the in-flight project support provisions as set out in the Service Provider Technical Solution.
Services Requirements

-3-


4.4
Service Provider shall adhere to all Molina's server, storage, database, and network requirements, including:
(a)
Complying with or improving (subject to Molina's approval) Molina's current and future Equipment, Software, and network architecture technical specifications as necessary to deliver the Services.
(b)
Following all Molina policies including but not limited to Molina change management policies and approved Service Provider policies as applicable.
(c)
Ensuring resources are available and staff is properly and continuously trained to provide appropriate levels of SME coverage and support.
(d)
Ensuring that, to the extent possible and as approved by Molina, tools utilized by Service Provider to perform the Services shall be commercially available (e.g., shrink-wrap Software) and non-proprietary technologies; and, in those instances where it is not possible to utilize commercially available technologies, gaining Molina approval prior to implementing such tools.
(e)
Ensuring Service Provider Services comply with all local and regional regulatory requirements including but not limited to privacy, data retention, encryption, financial, auditing, and security.
(f)
Ensuring Service Provider Services are consistent with the Master Services Agreement, and adhere to all Molina policies related to provided services.
(g)
Following all original equipment manufacturer (OEM) standards and industry best practices.
(h)
Ensuring that all equipment is maintained according to manufacturer specified guidelines, and maintains Service Provider device support coverage.
(i)
Notifying Molina on major events and incidents as per Molina’s notification procedure, until resolution.
(j)
Coordinating with teams, as agreed upon between Parties, to support, maintain, and troubleshoot server, storage, database, and network equipment (e.g., file/print servers, local servers, switches, routers, access points) at remote and campus sites.
(k)
Using existing documentation and updating (within forty-eight (48) hours of all changes) to provide required Molina documentation including site-specific information, such as diagrams of LANs and Customer Premise Equipment (CPE), hardware configurations, Software releases, and routing tables.
Administrative Services
4.5
Service Provider shall administer and be responsible for access to and access control for Molina's server, storage, database, and network environments, including:

-4-


(a)
Maintaining privileged System accounts including but not limited to administrator and root, access control strings, and delegating access to Molina Authorized Users upon request per Molina policies.
(b)
Administering IDs to ensure that only those privileges and authorities required for such IDs are provided to personnel, per Molina specifications and policies, and provide notifications to Molina every time an ID is administered.
(c)
Recording the activities of all users, including privileged System accounts, for eighteen (18) months, and providing such records (e.g., domain administrator logs, System logs, etc.) to Molina within forty-eight (48) hours, as permitted by local and regional regulatory specifications. In the event of a security breach, Service Provider to provide such records within two (2) hours.
(d)
Assigning and managing access permissions (including role-based access) associated with user IDs.
(e)
Assigning and managing access rights to all System-wide objects within Service Provider's scope of responsibilities.
(f)
Reporting Unauthorized Users for management review and action per Molina's security policy.
(g)
Rescinding access privileges upon termination or request by authorized Molina personnel.
(h)
Proactively auditing activity records to identify any deviation from practice and immediately raising awareness of any deviations to Molina, per Molina requirements.
(i)
Obtaining appropriate authorization prior to granting non-expiring password in accordance with Molina's information security policies.
(j)
Logging into infrastructure using standard admin access tools, as specified as Appendix 6-D (Tools Inventory).
(k)
Logging into servers using network accounts where possible and using local admin account as a last resort.
(l)
Maintaining control of master passwords in accordance to Molina’s policies and specifications.
Installation, Provisioning, and Retirement Services
4.6
Service Provider shall deploy, provision, and retire Systems in server, storage, database, and network environments, including:
(a)
Providing sufficient space, in existing Molina’s Data Center using its existing contracts / facilities temporary and long term, to house any and all Molina, Service Provider, or Third Party Equipment.

-5-


(b)
Staging Equipment, including:
(i)
Dockside pickup and relocation,
(ii)
Setting up racks,
(iii)
Power distribution units,
(iv)
Switches, controllers, WAN optimization devices, routers, access points, hubs, firewalls, and other network Equipment,
(v)
Other necessary components, and
(vi)
Network connections.
(c)
Support the installation of Equipment, including cabling, consumables and any and all other Equipment and/or Software required to support the installation.
(d)
Testing, returning, and managing replacement of non-performing and/or unused Equipment and/or Software as per Service Provider support contractual terms.
(e)
Provisioning infrastructure services, including Systems, virtual machines, network access layer, load balancers, and security policies, to meet application deployment readiness
(f)
Executing the retirement and replacement of Equipment, including:
(i)
Purging data and Software per Molina policies and procedures.
(ii)
Upgrading any Molina Equipment that is intended to be redeployed, according to Molina specifications.
(iii)
For Molina Equipment at end of lease, taking such steps as are necessary to return such leased Equipment to lessors in accordance with lessor guidelines and requirements.
(iv)
Preparation for disposal of any Equipment that shall not be redeployed, according to Molina policies, and contacting Molina or its Third Party supplier, as applicable, to schedule disposal.
(v)
Scheduling test and turn-up of sites utilizing Molina Equipment following Molina confirmation of the installation of access and Equipment.
(vi)
For Molina-owned, Service Provider-managed Equipment, ensuring refresh procedures are carried out according to the defined refresh plans, per Molina approval.
(vii)
For Service Provider-owned Equipment only, ensuring refresh procedures are carried out according to agreed upon refresh plans (proposed by Service Provider).
(viii)
Verifying remote connectivity and access to equipment.

-6-


Monitoring and Resolution Services
4.7
Service Provider shall monitor for and respond to issues with servers, storage, and database performance (or degradation thereof) twenty-four (24) hours per day every day of every year including:
(a)
Performing proactive, reactive, and real-time troubleshooting to effectively identify potential incidents, and attempting to eliminate incidents before they occur.
(b)
Monitoring and managing the Infrastructure for Service degradation including detecting, isolating, diagnosing and recommending corrective actions, including Systems capacity reporting.
(c)
Monitoring the performance and availability of the Services from an end user perspective (for example, monitoring performance at the input and output (“IO”) path level from a server to associated storage as a means of identifying and subsequently resolving congestion from the back end of a System to the end user).
(d)
Using Molina approved tools that incorporate machine learning (where applicable) and dynamic performance thresholds (minimum and maximum) based on requirements from Molina, provide automated alarms and indication of incidents when mutually agreed upon thresholds are exceeded (e.g., utilization parameters, memory limits).
(e)
Implementing a method (as approved by Molina) for automatically detecting and creating an incident ticket for any issue, with automated resolution capability.
(f)
Following, reporting, and executing corrective action procedures approved by Molina.
(g)
Reporting overall availability, key performance metrics, device trends, one-off and recurring issues, corrective action recommendations, Third Party performance metrics, and other key System attributes indicated by Molina on a daily, weekly, and monthly basis, including historical data.
Support Services
4.8
Service Provider shall perform support Services for Molina's server, storage, database, and network environments, including:
(a)
Performing Equipment and Software maintenance in accordance with manufacturer warranty and Molina requirements.
(b)
Correcting incidents associated with failure or degradation of the performance of Equipment and Software, and providing break-fix support, advice and assistance in accordance with manufacturer warranty and Molina requirements.

-7-


(c)
Performing System remediation to ensure compliance to Molina standards such that non-standard alterations to Systems are identified during Service calls and remediated upon Molina approval.
(d)
In the event Service Provider must replace Equipment and/or Software in order to conduct a repair, restoring the environment to the previous state including configuration and data, and providing Equipment and/or Software that is an identical or an improved model, as per Molina approval.
Operations Services
4.9
Service Provider shall operate Molina server (physical and virtual), storage, database, and network environments, including:
(a)
Performing necessary System administration, including but not limited to:
(i)
Performing patching (application/OS layer/hardware) as per Molina defined schedule, including but not limited to bug-fixes, security issues, and firmware.
(ii)
Performing proactive, reactive, and real-time troubleshooting to effectively identify potential incidents, and attempting to eliminate incidents before they occur.
(iii)
Supporting, creating, testing, and implementing scripts.
(b)
Performing health check on all environments to generate compliance, usage and capacity reports on a daily basis, and provide long-term capacity reporting and forecasting trends, including but not limited to fail-over tests.
(c)
Installing Equipment and infrastructure Software and customizing infrastructure Software, including writing scripts, customizations, and interfaces; loading applications; or other activities as required to ensure the proper operation of all Equipment and Software.
(d)
Managing file Systems, including optimizing logical and physical attributes.
(e)
Running or terminating utilities to minimize the impact to Molina end users.
(f)
Configuring and reconfiguring Equipment and Software as required or requested by Molina, including any required Third Party support.
(g)
Modifying infrastructure Software to provide interfaces between Molina Systems while maintaining any existing special user interfaces.
(h)
Engaging third parties (as approved by Molina) necessary to complete the requests within the defined Service Level, including but not limited to the following tasks:
(i)
Connecting with relevant third parties when an incident arises.
(ii)
Working with relevant third parties until incidents are resolved.

-8-


(iii)
Communicating with relevant third parties to understand the root cause of an incident.
(iv)
Collaborating with relevant third parties to implement a solution that will prevent future incidents from occurring.
(v)
Following up with relevant third parties to implement a workaround.
(vi)
Following up with relevant third parties to understand when a fix will be available, and informing Molina accordingly.
(i)
Following the completion of the Transition, the Service Provider will perform patch implementation work as part of the Services using Service Provider Personnel, utilizing the patch baseline and backlog to be shared by Molina within two (2) weeks after the Effective Date. In the event Molina seeks to materially alter the backlog patch management plan and process (as used by Molina as of the Effective Date or, to the extent applicable, as modified pursuant to the Detailed Transition Plan), the Service Provider may propose to implement such changes via a chargeable Project to accelerate the application of patches and reduce the backlog. With the exception of planned patches that were not implemented on-time based on Service Provider’s error or omission, the risks associated with security and operational vulnerabilities created by the backlog of unapplied patches remains with Molina. The Service Provider will be excused from its obligations to meet Service Levels to the extent a Service failure results from the backlog of unapplied available patches, in each case except to the extent that the reason the applicable patch was not applied is the result of Service Provider’s error, omission or delay.
Back-up and Recovery Services
4.10
Service Provider shall administer and monitor back-up and recovery Services, including but not limited to:
(a)
Backup report management to include access, bundling, de-duplication, replication, retention, splitting, encryption, distribution, and backups.
(b)
Back-up processes, procedures, schedules and timeframes in compliance with Molina specifications (for example OS file Systems and OS System image, Molina exclusion lists at the Service Level, etc.) including off-site production mirrors.
(c)
Online report management to include access, indexing, retention, distribution, archiving, viewing, splitting, and backup Systems that include multiple tier viewing Systems.
(d)
Recovery procedures, including online, partial or other recovery procedures.
(e)
Supporting on and off-site retention per Molina policies.
(f)
Performing on-going (per Molina’s schedule) inter-site transfers of secure data in case of disaster.

-9-


(g)
Performing ad-hoc backups on demand.
(h)
Performing full or partial recovery on demand (and as required by any regulatory requirements).
(i)
Managing exclusion lists (as directed and/or provided by Molina policy) at the server level.
(j)
Configuring and scheduling backup and recovery tools.
(k)
Developing for Molina approval and implementing data migration, archival, backup, catalogue maintenance, and retention management procedures.
(l)
Implementing and ensuring the successful completion of backup procedures, including installing and configuring components, testing restoration integrity, scheduling backups, and executing on-demand backups.
(m)
Implementing and ensuring the successful completion of archival procedures, including installing and configuring components, scheduling archival processes, and executing on-demand archivals.
(n)
Implementing and ensuring the successful completion of recovery procedures, including online, partial, or other recovery procedures.
5.
SERVER SERVICES
Operations Services
5.1
Service Provider shall operate Molina server environments (physical and virtual), including:
(a)
Managing file transfer with third parties including but not limited to FTP, SFTP.
(b)
Implementing and testing high availability and load balancing for Servers (e.g., server farms).
5.2
Service Provider shall schedule and monitor approved jobs as per Molina approved schedule. Service Provider shall escalate any issues leading to delays, failure or schedule conflicts of jobs to relevant technical teams following appropriate ticketing and escalation processes.
5.3
Service Provider shall perform following tasks related to enterprise scheduling
(a)
Monitoring batch processing jobs utilizing Molina approved and/or provided tools and complying with all Molina standards, procedures, and time frames.
(b)
Implementing processing schedules to meet Molina's guidelines and fulfill the Services.

-10-


(c)
Informing/escalating to the relevant teams for Resolving scheduling conflicts, enhancing critical path and otherwise integrating the schedules in accordance with all Molina policies and as necessary to deliver Services.
(d)
Running, monitoring, and maintaining processing tasks (including production, development, quality assurance and other processing tasks) according to the established schedules.
(e)
Completing processing within Molina specified and Service Provider published time frames, in the approved sequence, and fulfilling requests for expedited and/or special processing needs by Authorized Users, while achieving successful batch throughput, according to Molina specifications.
(f)
Assisting relevant teams in Performing trend analysis to highlight production problems; planning and implementing solutions to remediate and prevent issues proactively.
(g)
Providing Molina with proactive and timely notifications and updates on any issues that may affect the completion of batch jobs.
(h)
Providing access to Third Party suppliers to schedule and monitor jobs per Molina’s guidelines.
(i)
Service Provider to repair and resolve abnormal batch terminations when possible using SOPs (including Molina and/or application team provided SOPs), communicating terminations to Molina Authorized Users and performing job restarts with Molina’s acknowledgement and approval.
(j)
Configuration and management of lights out interfaces (e.g., iLOs)
5.4
Virtualization Services – in addition to other requirements for all servers above, Service Provider shall perform further operational tasks, functions, and activities related to Molina's virtual server environment, including:
(a)
Performing physical to virtual migrations as directed by Molina.
(b)
Supporting, creating, testing, upgrading, and monitoring host servers.
(c)
Supporting, creating, testing, upgrading and monitoring guest servers.
(d)
Supporting, creating, testing and monitoring remote, virtual application presentation, or other servers in Molina's environment, including:
(i)
Maintaining and managing published virtual applications.
(ii)
Performing workload management of virtualized environment.
(iii)
Managing guest balancing optimization
(iv)
Managing application administrative roles.

-11-


(v)
Managing and reporting on usage (e.g., license utilization or other key indicators), performance forecasting, and other metrics identified to Service Provider by Molina.
6.
STORAGE AND DATABASE SERVICES
Operations Services
6.1
Service Provider shall support storage and database environments per Molina policy, including:
(a)
Modifying infrastructure Software to provide interfaces between Molina Systems while maintaining any existing special user interfaces.
(b)
Managing Molina's capacity quotas and notifying authorized internal or external users and end users per Molina's specifications.
(c)
Managing storage in a manner that maintains the availability and protects the integrity of such data to meet Molina requirements, including:
(i)
Managing, monitoring, optimizing and controlling storage performance including but not limited to multiple tiers.
(ii)
Ensuring that storage Systems are optimized per original equipment manufacturer (“OEM”) recommendations and best practices.
(iii)
Allocating, de-allocating, and re-allocating storage as required or requested by Molina.
(iv)
Migrating data as required or requested by Molina.
(v)
Recommending and implementing Molina security practices (e.g., logical unit masking) to prevent unauthorized storage access.
(vi)
Managing and enforcing Molina data retention policies.
(d)
Supporting and ensuring access to environments, including administrative activities required to add or delete access.
(e)
Planning and coordinating Software moves between environments (development, quality assurance, test, and production) as required to meet Molina specified timelines and to meet the Service Levels.
(f)
Managing remote function call (RFC) interfaces to ensure that all Systems are operating correctly and are fully functional.
(g)
Providing data recovery assistance for problem resolution and contingency testing.
(h)
Providing testing support for Molina Application development Projects including:
(i)
Operating and loading development, test, and staging environments.

-12-


(ii)
Testing test plans and scripts; generating, loading and refreshing test data; unit testing; System testing; integration testing; regression testing; performance testing; stress testing and supporting user acceptance testing (UAT).
(i)
Providing guidance and coordination for all activities during Software installations and routine maintenance including interfacing with and, as appropriate, managing Molina groups, Other Service Providers and other relevant groups.
(j)
Participating in incident and crisis management activities including interfacing with and, as appropriate, managing Molina groups, Third Party suppliers and other relevant groups.
(k)
Managing and installing Software and customizing Software, including writing scripts, customizations, interfaces, or other activities as required to ensure the proper operation of all Equipment and Software.
(l)
Interfacing with Molina to ensure storage is available and provisioned on time.
(m)
Promoting objects from pre-production to production.
(n)
Performing update activities, at the direction of Molina, including:
(i)
Installing and/or applying patches and/or fixes based on Molina security standards.
(ii)
Performing database management Systems (DBMS) upgrades as directed by Molina.
(o)
Performing database optimization and tuning support activities per Molina requirements including:
(i)
Assisting development teams in optimizing SQL statements (indexes, selects, etc.).
(ii)
Assisting development teams in optimizing the database.
(iii)
Implementing database Application schema and/or changes.
(iv)
Managing and, upon approval from Molina, correcting System and DBMS performance issues.
(v)
Recommending and implementing database reorganization strategies.
(vi)
Tuning database Application level performance (e.g., SQL/Oracle Query optimization, NoSQL, Hadoop).
(vii)
Reporting database capacity constraints and growth requirements when internal thresholds are exceeded, as thresholds are defined on an ongoing basis in various monitoring tools.

-13-


(viii)
Tuning database System level performance (e.g., performance ratios, I/O load balancing, memory buffers).
(ix)
Updating database clusters.
(x)
Managing workloads.
(xi)
Adding and/or removing nodes.
Back-up and Recovery Services
6.2
Service Provider shall perform all back-up and recovery Services for the storage and database environment, including but not limited to:
(a)
Implementing procedures for recycling media regularly, managing media replacement, and recopying media to provide data integrity and quality.
(b)
Implementing procedures for encrypting media per Molina specifications.
(c)
Implementing procedures for recopying storage media as necessary to minimize errors.
(d)
Implementing procedures for retrieving backed-up and archived storage media (onsite or offsite) as requested by Molina, and if not otherwise requested by Molina, as required to support the Services.
(e)
Implementing a procedure for retrieving randomly selected backed-up and archived data sets, as specified by Molina and representing a significant amount of data, on a regular basis as a test and verifying that the data can be restored in a usable fashion.
(f)
Monitoring and providing a monthly report to Molina on the number and types of back-up failures and storage System usage parameters.
(g)
Developing and implementing plans to eliminate back-up failures as required or requested by Molina.
7.
DATABASE SERVICES
Environment Control and Scheduling Services
7.1
Service Provider shall perform job management activities across all environments (e.g., production, test, development) including:
(a)
Characterizing the workload of production jobs.
(b)
Designing and managing concurrent queues.
(c)
Creating and maintaining concurrent job schedules.
(d)
Monitoring concurrent job schedule execution.
8.
NETWORK INFRASTRUCTURE SERVICES

-14-


Services Requirements
8.1
Service Provider shall be responsible for fulfillment of the requirements specified as Service Provider’s in this Exhibit, including:
(a)
Maintaining and updating (as required to document changes in Molina’s Network) Molina’s repository of Molina’s Network topology, applications, connectivity, projected traffic flows, and performance data/documentation based upon Molina provided information and Molina-specified requirements.
(b)
Validating network design including hardware, software and network platforms and utilizing Molina-provided testing and troubleshooting criteria.
(c)
Maintaining and updating documentation provided by Molina with regard to the network addressing plans, logical network device assignments and logical parameters for network management connectivity to Molina's network.
(d)
Assisting in auditing Molina’s transport network and Customer Premise Equipment (CPE) devices using Molina provided documentation.
Monitoring and Resolution Services
8.2
Service Provider shall monitor for and provide Incident resolution Services for Molina’s network on a twenty-four (24) hours per day and three hundred sixty-five (365) days per year basis, including:
(a)
Monitoring and reporting regularly on the WAN performance (quality of Service indicators), and forecasting recommendations to Molina for capacity add and business justification, and coordinating with WAN service provider for non‑Molina managed routers.
(b)
Monitoring quality of Service reports that contain all information required by Molina (e.g., load indicators per location, CPU utilization, access link load, LAN segment load, router availability, traffic volume).
(c)
Providing proactive surveillance and monitoring Services for all Molina sites, including:
(i)
Providing fault reference information to Molina.
(ii)
Providing trouble shooting results, including but not limited to packet capture analysis.
(iii)
Dispatching faults to the appropriate entities.
(iv)
Providing periodic updates to Molina on the progress of fault resolution.
(v)
Minimizing the number of duplicate cases opened and recommending process changes to consolidate duplicates.

-15-


(d)
Monitoring and monthly report generation for voice over IP (“VoIP”) usage and quality of Service with executive summary, location of equipment, voice quality indicators, and performance indicators.
Support Services
8.3
Service Provider shall perform support Services for Molina's LAN, WAN, and perimeter environments, including:
(a)
Resolving incidents, performing change requests, performing Service Requests, and maintaining reports.
Operations Services
8.4
Service Provider shall operate Molina LAN, WAN, and perimeter environments and perform required activities, including:
(a)
Dispatching spares, and/or field Services engineers to Molina Sites if replacement parts, or on-site repair or technical support are needed.
(b)
Supporting Molina network Services including:
(i)
Third Party suppliers in transporting voice, data, and video protocol from the LAN to the WAN and perimeter environments and between sites.
(ii)
Secure internet communications and terminations per Molina specifications and standards.
(iii)
High availability and load balancing of network ports as designated by Molina, and maintaining, as need Molina’s firewall and load balancing configurations.
(c)
Supporting wireless local area network (“WLAN”) Services and devices in Molina Sites including:
(i)
Securing WLAN access points for internal Molina users per Molina's standards.
(ii)
Securing WLAN access points for guest (non-Molina) users per Molina's standards.
(iii)
Periodically reviewing usage data and the performing of Service optimization for employee-level Services (remote access dial plans, network bandwidth etc.).
(d)
Utilizing a Molina-provided database of specific information regarding the logical address configuration(s) of the Service Provider Customer Premise Equipment (CPE) and Molina Equipment and associated Software specifications, including:

-16-


(i)
Administering changes made to access lists, device passwords, and using secured community strings for simple network management protocol (“SNMP”) access.
(ii)
Performing configuration changes due to maintenance and moves, adds, changes, deletes or similar changes in the database and reloading router configurations from the database and initiating Software updates to Molina Equipment with prior notification to Molina.
(iii)
Performing switch, wireless controller, and wireless access point upgrades and configuration, standardized (to Molina specification).
(iv)
Performing router, load balancer, and WAN optimization device upgrades and configuration, standardized (to Molina specification).
(v)
Performing firewall and other perimeter device upgrades and configuration, standardized (to Molina specification)
(e)
Implementing Molina’s videoconferencing traffic within the network by:
(i)
Ensuring dedicated access for video and a predetermined bandwidth per Molina policies.
(ii)
Connecting videoconferencing devices and supporting endpoints.
(f)
Providing WAN operational support regarding the internal Molina Network, including:
(i)
Maintaining the secure perimeter structure to comply with Molina's security policy.
(ii)
Monitoring internet access points of presence in multiple geographically diverse data center sites.
(iii)
Administering IP address management System (e.g., DNS, and DHCP).
(iv)
Procuring via Molina’s procurement team, resizing and decommissioning network circuits and access points as per Molina requirements.
(g)
Administering quality-of-Service mechanisms, across telecommunications paths to support data, voice and video traffic as well as latency and jitter sensitive applications to Molina.
(h)
Coordinating dispatch of support specialists as necessary to provide Authorized Users with operational and technical support and to meet required Service Levels.
(i)
Coordinating install, move, add and change of data and voice Services with Molina, Service Service Provider, and Third Party suppliers.
(j)
Coordinating PBX/Voice Mail/CMS backups of the voice equipment, and maintaining backup logs according to Molina processes.

-17-


(k)
Performing Network Equipment loads and configuration.
(l)
Implementing work around and resolution activities with Molina, Service Provider, and Third Party suppliers as required.
(m)
Collaborating with Third-Party Service and maintenance suppliers as necessary to keep voice and data Equipment and Software in good working order.
(n)
Coordinating dispatch of support specialists (Molina, Service Provider, and Third Party supplier) as necessary to resolve Network Incidents or Problems.
(o)
Participating in Third Party supplier management Services:
(i)
Incident management with Carriers including triage and restoration Services.
(ii)
Coordination of Root Cause Analysis (RCA) process with Carriers.
(iii)
Participation in monthly review forums with Carriers.
(iv)
Coordination of dispatch Services and/or contact relevant Third Party supplier(s) when Problems cannot be resolved remotely.
(v)
Verifying restoration of availability following Incidents with Data Network, Voice Network and/or Network Equipment.
(vi)
Support Molina with managing existing Third Party supplier service levels to ensure proper problem acknowledgment, and status responses.
9.
TELEPHONY
9.1
Service Provider shall provide for the administration of Molina’s Voice Network infrastructure, as well as provide telephony managed Services to all in-scope Molina sites.
(a)
Supporting Voice telephony Services including:
(i)
Coordinating with existing Voice/Telephony Service Provider for inbound/outbound national and international calls.
(ii)
Voice mail, including:
(A)
Customizable user level voice mail account options, including user greetings, notifications delivered to external phone Systems, fast forwarding and reversing settings, message skipping, enterprise and group message delivery, message sending, forwarding.
(B)
Interfacing with Molina's internal communications groups to coordinate enterprise voicemail broadcasts and ensure compliance with internal communications standards.
(C)
Ensuring an easy-to-use, intuitive interface for setting user level voice mail account options and making user training available as required.

-18-


(iii)
Enforcing Molina's security policy including sensible password rules.
(iv)
Fixed-to-Mobile call direction.
(v)
Desk sharing (user specific Services) and number portability.
(b)
Providing access to all statutory geographic specific emergency Services, including 911, 999, 112, and location origination tracking.
(c)
Reviewing all transport Service Provider charges.
(d)
Validating that only valid toll charges have been applied to Molina.
(e)
Reviewing and reporting abuses of long distance Services.
(f)
Investigating whenever Molina exceeds Molina designated thresholds and coordinating activities with the transport Service Provider, including conferencing charges (e.g., bridge calls).
(g)
Monitoring and reporting toll usage and toll fraud, and proposing cost savings opportunities (e.g., VoIP vs. traditional PSTN)
(h)
Monitoring end user usage to detect termination of potentially unresolved calls due to issues such as poor audio quality.
(i)
Managing Molina applications used for video conferencing (e.g., Cisco WebEx, Slack, etc.).
(j)
Working with Molina approved Third Party suppliers for managing tele/video conferencing on ad hoc basis as required by Molina.
(k)
Monitoring telephony circuit usage and provide recommendations on capacity changes and/or decommission.
(l)
Recovering extension numbers upon receiving notices of termination, long-term disability, retirements, and other notices from HR.
(m)
Complying with all Molina policies regarding international, federal, and state regulations.
(n)
Complying with all Molina policies regarding federal and state “Do not Call” regulations.
(o)
The Service Provider shall perform and administer voice systems, including participation in:
(i)
Incident resolution,
(ii)
Package administration,
(iii)
Supplier (OEM) coordination,
(iv)
Root cause analysis,

-19-


(v)
Change management,
(vi)
Operating System (OS) and patch management, and
(vii)
Capacity planning.
(p)
The Service Provider shall manage Cisco UCCE contact center technology platform, including IVR for agent routing, skilling, and delivery of Omni-channel contact interactions and administer voice systems, including:
(i)
Reskilling/routing management as needed by business demand
(ii)
Maintaining business open / close hours rules, including holiday exceptions
(iii)
Maintaining FAD agent desktop technology/upstream works gadgets for agent interactions, and other technologies defined
(iv)
Building and maintaining CUIC and other reporting mechanisms on demand for business need
(v)
Recommending upgrade/patch/break-fix as needed
(q)
The Service Provider shall manage contact center productivity tools like the NICE suite, including:
(i)
Voice analytics
(ii)
Engage call recording
(iii)
IEX workforce management
(r)
Implementing voice links against different PBX's and Network elements.
(s)
Supporting integration with any Molina specified call center technology applications
(t)
Operating Molina’s voice telephony environment, and perform required activities, including:
(u)
Passively monitoring each conference by utilizing monitoring tools that allow the operator to view conference statistics (e.g., packet loss, jitter etc.) without being an active participant in the meeting via audio or video
(v)
Monitoring Customer Premise Equipment (CPE) interfaces within the Service boundary in-band and out-of-band
(i)
Performing diagnostic testing of CPE interfaces and isolate, sectionalizing and identifying faults as being physical or logical in nature
(ii)
Identifying sites that are trending toward or operating above threshold levels so that Molina can consider network upgrades or changes
(iii)
Working with Molina in reviewing the exception analyses and performance capacity reviews

-20-


(iv)
Maintaining the performance Capacity Management performance thresholds
(w)
Coordinating with remote field Services teams to performing Install, Move, Add, Change and De-Install (IMACD) Services.
(x)
Installing Equipment, consumables and all other equipment and/or Software required to support the Services
(y)
Supporting the retirement and replacement of equipment, including:
(i)
Purging data and Software per Molina requirements and specifications.
(z)
Participating in Third Party supplier management Services:
(i)
Escalation of Carrier performance issues.
(ii)
Incident Management with Carriers include triage and restoration Services.
(iii)
Coordinating Root Cause Analysis (RCA) process with Carriers.
(iv)
Participating in monthly review forums with Carriers.
(v)
Coordinating dispatch Services and/or contact relevant Third Party supplier(s) when Problems cannot be resolved remotely.
(vi)
Verifying restoration of availability following Incidents with Data Network, Voice Network and/or Network Equipment.
10.
BUSINESS CONTINUITY PLANNING
10.1
The Service Provider shall comply with BCP/DR policies in Schedule 14 (Molina Policies) and Schedule 23 (Business Continuity and Disaster Planning) of the Agreement, and additionally Service Provider shall test all redundant infrastructure devices in alignment with Molina patching schedule and coordinate maintenance windows to minimize business impact.
10.2
For each incident with business impact, Service Provider shall notify Molina management as per Molina tiered notification requirements.
11.
DISASTER RECOVERY
11.1
Service Provider shall comply with BCP/DR policies in Schedule 14 (Policies and Procedures) and Schedule 23 (Business Continuity and Disaster Planning) of the Agreement, and additionally Service Provider shall support Disaster Recovery Services Management so as to reduce IT related risk to Molina's’ business as it pertains to other Service Provider responsibilities and including:
(a)
Participate with all other teams as required, both internal to Service Provider and to Molina, to provide all disaster recovery management and recovery of Services herein.

-21-


(b)
Follow a prioritized Service list based on a business impact analysis review and approval for the Service recovery class, as provided by Molina.
(c)
Working with Molina on the creation of recovery plans, including developing Services and plans.
(d)
Monitoring, tracking, and reporting, with Molina teams, updates to Disaster Recovery environments and Disaster Recovery testing environments, as required, and based on all approved Changes.
(e)
Reporting DR metrics as specified by Molina.
(f)
Escalating any questions or issues to Molina.
(g)
Processing recovery classification requests for updating Configuration Management Database (“CMDB”) with approved classification indicators (as identified in a Molina approved business impact assessment).
(h)
Documenting all disaster recovery procedures according to Molina specifications, policies and procedures.
(i)
Updating and archiving DR documentation as required by Molina.
(j)
Assisting with all documentation related to disaster recovery management and recovery in a centralized location according to Molina specifications policies and procedures.
(k)
Participating in Projects to on-board new or upgrading applications and Services into Disaster Recovery Services program as specified by Molina.
(l)
Notifying Molina and coordinating updates to disaster recovery plans and documentation for applications and Services marked for retirement.
(m)
Executing the disaster management and recovery plans and activities according to Molina specified criteria for exercise/testing, including:
(i)
Validating the disaster management and recovery plans as required by Molina.
(ii)
Participating in disaster simulation exercise with Molina once per year.
(iii)
Participating in disaster simulation exercise with Molina as dictated by individual state requirements and per Molina instructions.
12.
DATA CENTER REQUIREMENTS (CONDITIONAL)
12.1
The Data Center requirements captured in this section only applies if the Service Provider provides the data center (owned or Co-Lo) at any point during the life of the contract.
(a)
Service Provider shall, in as many locations as necessary (pursuant to Molina policies, regulations, end user considerations, latency considerations, etc.), provide data center Services in data centers with a minimum rating of “tier 3” as defined by TIA-942

-22-


(www.upsite.com) data center standards, or the latest published standards of a similar nature approved by Molina, that, at a minimum, enables compliance with the Service Levels.
(b)
Service Provider shall provide Molina with a geographical map of the environment surrounding the proposed Data Center Co-Lo facility locations that contains information including but not limited to any historical natural disasters, and proximity to major public cloud suppliers locations.
(c)
Each Data Center facility will provide certification/documentation proving compliance with all required standards and industry conventions, at a minimum to include SSAE16 and ISO 27001 standards.
(d)
Service Provider shall provide secure contiguous space in a facility that meets Molina architectural requirements.
(e)
All facilities hardware (electrical, mechanical and environmental) shall be supported by valid maintenance contracts.
(f)
Service Provider shall provide functional phone lines, not dependent on shared infrastructure.
(g)
Service Provider shall provide internet access for Molina personnel.
(h)
Service Provider shall ensure the distance to the telecommunications room from all Molina Equipment will be in accordance with manufacturer specification and leading practices based on cable utilized (e.g., UTP fiber).
(i)
Service Provider shall provide Molina with a work area, power, network access and phones for Molina to perform on-site activities related to Molina Equipment within 24 hours of communicated arrival at Service Provider provided facility.
(j)
Service Provider shall provide sufficient space to meet all server requirements including application, storage and networking (voice and data).
(k)
Data center walls and entry points shall be of solid and secure construction with a minimum use of windows and complete facility reinforcement using code recommended bracing Systems.
(l)
Service Provider shall provide a Data Center capacity plan each year on the anniversary of the commencement date and will plan any future capacity upgrades for contiguous space, servers, storage, and network equipment.
(m)
A fire suppression System shall be utilized in accordance with Molina requirements.
(n)
Providing sufficient physical storage, temporary and long term, to house any and all Molina, Service Provider, or Third Party Equipment.

-23-


Power Systems
(o)
Primary power shall be available through correctly sized circuits to support maximum device loads (both startup and running).
(p)
All high voltage and low voltage wiring shall be installed and maintained according to all applicable IEEE, IEC, NEMA and TIA/EIA standards.
(q)
Dual independently pathed and separately ingressed electrical and network feeds shall be maintained into all cabinets and Equipment (where supported), and other secure areas from the electrical grid.
(r)
Service Provider shall ensure that all standard 120/220/380 volt device redundant power connections are provided.
(s)
Each data center (i) shall be equipped with a backup generator with a fuel tank capacity and fuel delivery arrangement large enough to ensure running at full load for at least 7 days, or as specified by Molina BCP/DR policies and requirements, and that supports the entire data center, including but not limited to critical Services such as HVAC, lighting; (ii) shall meet all disaster recovery and business continuity requirements; and (iii) shall have a running failover test successfully performed quarterly.
(t)
Redundant power connections shall be made available as per Molina requirements.
(u)
Redundant power shall be supplied by the backup generator as per Molina requirements.
(v)
Providing continuous power of fifteen (15) minutes, or as specified by Molina BCP/DR policies, to ensure successful power transfers between uninterruptable power supplies and other back-up Systems.
(w)
Uninterruptable power Systems and surge protection shall be in place to prevent power surges and ensure seamless failover to the generator.
(x)
Standard ground fault interrupter switching shall be maintained for all premises meeting Molina requirements.
Telecommunication Systems
(y)
Service Provider shall verify that dual, independently pathed, and separately ingressed telecommunication (both voice and data) circuits shall be utilized which are engineered to provide full carrier diversity at the local level.
(z)
Service Provider shall maintain the capability to increase / decrease access, port speed, and quality of Service mechanisms integrated with Molina's network environment, all as requested by Molina.

-24-


Cable Management
(aa)
Service Provider shall, with respect to each Data Center, utilize either ‘access flooring’ or ‘overhead cable management Systems’ for all new and existing cable and power distribution conduits, piping, and other carrier Systems (which shall all be in accordance with and approved pursuant to local building, electrical and code regulations, in addition to Molina requirements).
(bb)
Latest IEEE/EIA/TIA industry cable standards shall be followed in all instances.
(cc)
All cables shall be organized, easily traceable, and appropriately dressed, to meet Molina’s needs, and the Service Provider shall provide photographic evidence following each change.
(dd)
Cables shall be properly organized and located below the raised floor or in overhead cable trays.
HVAC
(ee)
Service Provider shall ensure that redundant air handling equipment is installed to ensure that in no case, including in the event of a single unit failure, either head or roof, the temperature shall remain within an acceptable range in all locations within the data center and shall not exceed 26 degrees Celsius.
(ff)
Service Provider shall cause air handling equipment to produce the necessary tons of air based on wattages per square foot for electronic equipment and free space to maintain an average temperature of 21 degrees Celsius in all locations within the data center.
(gg)
Service Provider to cause water detection and humidity detection devices to be installed around all air conditioning and other environmental units (and any other possible water entry points).
13.
RESPONSIBILITY MATRIX
The Service Provider shall perform the Services in a manner which complies with the responsibility matrix set out below. The table below is a RACI matrix in which:
R corresponds to “responsible” – the Party indicated is responsible for doing work as needed to complete the task;
Ÿ
A corresponds to “accountable” – the Party indicated is responsible for the correct completion of the task, which may be carried out through advance planning, oversight, or post-completion verification
Ÿ
C corresponds to “consulted” – the Party indicated is one whose opinions are to be solicited by the other parties indicated with an R or A
Ÿ
I corresponds to “informed” – the Party indicated is to be kept up to date by the other parties indicated with an R or A

-25-


Service
Detailed Task Description
Molina
Infosys
Documentation – SOPs, Procedures
Maintain documentation related to operational activities (escalation instructions, contingencies, etc.)
 
RA
Policies & Procedures
Review and approve documentation related to operational activities (escalation instructions, contingencies, etc.)
RA
 
Incident management
Incident handling and Coordination
 
RA
New Tools & Technology
Propose new or alternate technology solutions for Molina Review
C
RA
New Tools & Technology
Approve the proposed new or alternate technology solutions
RA
 
Monitoring, reporting
Proactive response to automated alerts, take action within established SLA's for availability, response times, etc.
 
RA
Monitoring, reporting
Periodic review of activities that were performed as a result of direct response to alerts.
C
RA
Monitoring, reporting
Review systems logs (manual or via automation tools) and report on anomalies and concerns.
 
RA
System Administration
Install, Update and Configure system software.
 
RA
System Administration
Inform Molina team regarding upcoming critical patches and plan/schedule new upgrade/patch rollout.
 
RA
Audit & compliance
Deliver evidence for requests for information, such as from regular formal audit reviews.
C
RA
Incident and Problem Management
Resolve incidents per agreed upon SLA's, etc. Perform troubleshooting and any necessary escalation within appropriate groups.
C
RA
Incident and Problem Management
Perform root cause analysis and deliver report.
C
RA
Incident and Problem Management
Handle escalations with 3rd party vendors within parameters of established maintenance/support contracts.
C
RA
Incident and Problem Management
Send out regular updates to keep Molina informed on current status.
 
RA
Incident and Problem Management
Handle problem management tasks (e.g. root cause analysis, follow-up fixes, etc.) as directed by Molina.
 
RA
Incident and Problem Management
Conduct performance analyses as required, per incident or otherwise (e.g. study based on reported trends or user experience, etc.).
 
RA
Access Management
Manage and maintain access to infrastructure management systems.
C
RA
Trending and capacity planning
Harness and extend monitoring and reporting capabilities, producing regular meaningful projections for Molina review. Includes resource usage as well as regular build activities.
C
RA
Trending and capacity planning
For all managed technologies, deliver regular report on system capacity and projections based on recent usage and/or growth trends.
 
RA
Change requests
Create, properly document, and execute changes in strict adherence with Molina change control processes
 
RA
Change requests
Report on changes and attend regular Change Advisory Board meetings
C
RA

-26-


Molina IT standards and policies
Adhere with any standards and policies set by Molina across services, providing feedback on standards and policies.
C
RA
Process improvement
Assess current processes and propose new recommendations that maximize efficiency, consistency, and accuracy of service/task delivered.
 
RA
Disaster recovery Maintenance, Management, and Testing
Execute annual DR testing activities including documentation of tests.
C
RA
Update DR documentation as necessary.
Service systems dedicated to DR (in accordance to technology specific indications as listed in other areas).
License Management
Report on license usage and inventory status to establish awareness towards renewals, etc. within established time frame for advance notice.
 
RA
Licenses Management
Procuring and renewing licenses
RA
 
Asset Management
Document and maintain accurate inventory of all hardware at covered data centres and branches.
 
RA
Asset Management
Reports on supported hardware warranty status establish awareness towards renewals, etc. within established time frame for advance notice.
 
RA
Innovation and architecture
Work closely with Molina technical governance team, to support Molina innovation initiatives such as Proof Of Concepts for new technologies, via architecture assessments, test implementations, test documentation, and provide recommendations and feedback.
 
 
Innovation and architecture
Provide Molina with operationalization plans for new technology.
C
RA
Third party management
Work with 3rd Party vendor for Problem resolution
C
RA
Third party management
Implement 3rd party vendor performance reporting
RA
 
Third party management
Work with Vendors on enablement, communicate processes and procedures in operational interactions
C
RA
Third party management
Work with Vendors on contractual interactions
AR
 
Third party management
Vendor Escalation management
A
R



-27-










Appendix 2-B SECURITY SERVICES
MILBANK, TWEED, HADLEY & McCLOY LLP London





CONTENTS
Clause
 
Page
1.
Introduction
1
2.
Managed Security Services
1


(i)


1.
INTRODUCTION
1.1
This is Appendix 2-B (Security Services) Services forms part of the Agreement. All terms and conditions of the Agreement shall apply to this Appendix and any attachments hereto.
1.2
Service Provider shall provide 24x7x365 security monitoring and real time security analytics with escalation to and coordination with Molina teams as required.
1.3
Service Provider shall recommend improvements to Molina security technologies and processes, provide documentable assurance reports, and implement intelligent automation where possible to help improve Molina’s security posture.
1.4
Service Provider shall work within [redacted] environment and tools including but not limited to [redacted].
1.5
Service Provider shall support identity management process and supporting Tools.
2.
MANAGED SECURITY SERVICES
Services Requirements
2.1
Service Provider shall adhere to all Molina security requirements, including:
(a)
Enforcing all current and future Molina policies and procedures as communicated to Service Provider.
(b)
Ensuring Services comply with all local and regional regulatory requirements applicable to the Services in accordance with the Agreement, including but not limited to privacy, data retention, encryption, financial, auditing, and security.
(c)
Ensuring all Molina policies are adhered to and auditing such adherence as required by Molina regulatory and compliance policies.
(d)
Complying with Molina’s technical Security specifications.
(e)
Following all OEM standards and industry best practices for security incident management.
(f)
Creating and maintaining all documentation related to security incident management policies, procedures, Equipment, and Software in accordance with all requirements communicated to Service Provider from Molina, including:
(i)
Maintaining and reporting on log of incident types.
(ii)
Maintaining and reporting on incident identification plans, including responsibility and routing matrices between Molina and Service Provider.
(iii)
Maintaining and reporting on incident response plans, including normal prioritization and response processes, responsibility matrices between Molina and Service Provider, and response procedures to non-typical incidents.
(iv)
Maintaining and updating, as required by Molina, incident run books.
(v)
Maintaining and updating Service Provider contact lists and rosters.
(vi)
Maintaining and updating incident escalation processes.
(vii)
Maintaining and reporting on a log of threat types (e.g., Trojan, Key logger, Hacktivism).
(viii)
Maintaining and reporting on threat classification plans.
(ix)
Maintaining and reporting on vulnerability service levels and other metrics as defined by Molina in accordance with Molina policies.
(x)
Maintaining and updating vulnerability response plans as defined by Molina.
Administrative Services
2.2
Service Provider shall administer and provide access controls and auditing for Molina’s security incident management environment at Molina’s directions according to Molina’s auditing policies and standards as indicated in Schedule 14 (Molina Policies), including:
(a)
Maintaining ownership of privileged system accounts and delegating access to authorized users upon a request per Molina policies. This will include but is not limited to (i) using PAM for managing local admin access on all workstations and servers, and (ii) the use of a privileged access control system for system accounts, administrative (i.e. Domain accounts) accounts, and (iii) DBA accounts.
(b)
Administering IDs to ensure that only those privileges and authorities required for such IDs are provided to personnel, per Molina specifications.
(c)
Recording the activities of all users, including privileged system accounts, and providing such records (e.g., domain administrator logs, system logs, etc.) to Molina as permitted by local and regional regulatory specifications.
(d)
Reporting unauthorized users for management review and action per Molina policies.
(e)
Rescinding access privileges upon termination or request by authorized Molina personnel.
Monitoring and Resolution Services
2.3
Service Provider shall monitor Molina’s environment to identify potential security incidents, including:
(a)
Allowing Molina application and infrastructure teams to initiate on-demand vulnerability scans on applications, databases, and servers during development activities occurring within the application development or project lifecycle.
(b)
Providing access to Systems and Equipment as required by Molina teams. Molina retains the ownership of the software and execution function for scanning.



(c)
Scanning Molina technology for indicators of vulnerability, missing patches, and misconfigurations, including but not limited to:
(i)
Scanning web applications for indicators of vulnerability, missing patches, misconfigurations.
(ii)
Scanning applications and infrastructure components for indicators of vulnerability, missing patches, and misconfigurations.
(iii)
Scanning databases for indicators of vulnerability, missing patches, and misconfigurations.
(iv)
Scanning physical infrastructure components (e.g., servers, routers, switches, wireless controllers, non-superseded Microsoft patches, and operating systems such as Linux, Unix, and Windows) for indicators of vulnerability, missing patches, and misconfigurations.
(v)
Scanning mobile devices for indicators of vulnerability, missing patches, and misconfigurations.
(vi)
Scanning Molina’s code based solutions for indicators of vulnerability, missing patches, misconfigurations. This includes but not limited for the scanning of source code for any custom developed changes to applications and systems to identify malformed code.
(d)
Performing infrastructure, database, application, and operating system penetration tests as required by regulatory requirements in accordance with the Agreement. Molina may conduct these with 3rd parties to the Service Provider and will require support and timely remediation of any identified issues of concern.
(e)
Providing the capability to allow Molina to perform on-demand and independent scans. Molina may conduct these with 3rd parties to the Service Provider and will require support and timely remediation of any identified issues of concern.
(f)
Providing scan results consultation, remediation guidance and recommendations when needed by Molina. The cadence for this work and reporting will be determined by Molina, but likely to involve weekly activities.
Support Services
2.4
Service Provider shall perform all security incident, threat, and vulnerability management support services, in accordance with Molina’s policies (i.e. Incident Response Plan) including:
(a)
Supporting Molina regarding a security incident, threat, phishing attempt or vulnerability being identified.
(b)
Investigating active incidents and alerts.

-2-


(c)
Containing and resolving security incidents and events assigned to Service Provider based on a Molina approved security incident prioritization process.
(d)
Handling false positives.
(e)
Rule tuning.
(f)
Supporting triage of a security incidents or escalating appropriately as defined in Molina's incident escalation process.
(g)
Supporting containment, eradication, and recovery services for security incidents.
(h)
Gathering evidence of security incidents for future investigation and analysis.
(i)
Coordinating with Molina to investigate the origin of security incidents.
(j)
Recommending and executing Molina approved post event remediation activities.
(k)
Participating in post mortem reviews as per Molina processes.
(l)
Monitoring, triaging, investigating and responding to incidents and/or security events on the PhishMe triage platform, including but not limited to:
(i)
Active incident and alert investigation based on PhishMe inbox emails.
(ii)
Proper classification and remediation of non-malicious emails.
(iii)
Incident tracking.
(iv)
Remediation and support of incidents/events.
(v)
Rule and recipe creation/tuning.
(vi)
Escalation of incidents as per Molina requirements.
(vii)
Documenting lessons learned from each security incident handled, making data available to Molina upon request and make recommendations for where Molina can improve its security posture.
(m)
Coordinating with Molina approved Third Party software vendors to gather security threat and vulnerability intelligence.
Consult with Molina CDC L2/L3 resources on containment and eradication strategy for priority zero and priority 1 incidents.
(n)
Providing on-demand vulnerability information to collaborate with Molina defined security and incident response teams (e.g., for zero day attacks, supervisory control and data acquisition (“SCADA”) exploits, threat management processes and services), including:
(i)
Building an internal threat intelligence program for threats that Service Provider detects that are targeted at Molina Systems.

-3-


(ii)
Associating vulnerability information to Molina defined risk levels and ratings.
(iii)
Communicating information and risk levels to Molina stakeholders as defined.
Operations Services
2.5
Service Provider shall perform all security incident management operations services, including:
(a)
Security incident monitoring, identification, and response.
(b)
Triage tickets raised by the Symantec Managed Service as possible incidents.
(c)
Support for 3rd party audits and performance of audit of controls in accordance with regulatory requirements such as HIPAA Security Rule and NIST SP 800-53.
(d)
Performing quality reviews, with Molina, of security incident processes.
(e)
Participating in security incident management simulations and exercises.
(f)
Reporting on security incident statistics, trends, and lessons learned.
(g)
Recommending enhancements to proactively avoid vulnerabilities.
(h)
Recommending security incident and vulnerability management process improvements for Molina review and approval.
(i)
Recommending updates to patches or other security measures to proactively avoid future security incidents.
(j)
Assisting with deployment of patches or other security measures.
(k)
Support the analysis of trends in threats and incidents (e.g., spikes in network activity, root cause analyses for repeat offenders, patient zero analysis for worm activity, account lockouts).
(l)
Ensuring that retention schedule complies with Molina requirements.
(m)
Support vulnerability management activities on hosts, network devices and off‑the-shelf applications that can be found in:
(i)
OS software
(ii)
Firmware
(iii)
Commercial applications.
(iv)
Custom-written and partner-written applications.
(v)
Misconfigured security safeguards.
(vi)
Unauthorized applications. Service Provider will assist with removal of unauthorized applications upon notification from Molina of their presence.

-4-


(n)
Service Provider shall support Molina's security information and event management (SIEM) environment in a manner that meets all Molina requirements, including:
(i)
Support tuning activities to avoid false positives.
(ii)
Providing log management capabilities, including:
(A)
Maintaining chain of custody on data.
(B)
Support the ability to search log data, run reports, specify data retention periods, and specify compression of log data.
(C)
Maintaining ability to offload and store log data to an external data store (e.g., NAS, SAN).


-5-


Appendix 2-C END USER SERVICES
MILBANK, TWEED, HADLEY & McCLOY LLP London


 
i
 



CONTENTS
Clause
 
Page
1.
Introduction
1
2.
General Service Desk Services
1
3.
General End User Computing Services
8
4.
Endpoint Security
16
5.
Responsibility Matrix
17


(i)


1.
INTRODUCTION
1.1
This is Appendix 2-C (End User Services) forms part of the Agreement. All terms and conditions of the Agreement shall apply to this Appendix.
2.
GENERAL SERVICE DESK SERVICES
2.1
Service Provider shall provide Service Desk services in accordance with this Attachment, which Services shall be the single Level 1 point of contact for Users regarding tickets, which include events that cause or may cause an interruption or reduction of Services, as well as for requests for information and requests for Services relating to all of Molina’s IT Services.
2.2
Service Provider shall provide 24x7 hours of operation Sunday through Saturday of each week in the following languages: English.
2.3
Service Provider shall staff twenty-four (24) hours per day every day of every year a single point of contact for internal and external Users through a country-specific, central telephone number capable of routing callers to the appropriate Service Provider Personnel in the most efficient manner practicable (a “Service Desk”).
2.4
Service Provider shall manage the Service Desk and the ticket management process including:
(a)
Recording issues and work orders in a Molina approved ticketing System.
(b)
Performing contact prioritization and regularly (as directed by Molina and based upon Molina-provided Priority level definitions) informing Users of ticket status.
(c)
Providing Users with a ticket reference number associated with such issue or work order until such Users agree it is resolved.
(d)
Transferring the ticket per Molina approved escalation criteria and procedures to another Service Provider support group (e.g., server support) or another Third Party (if allowed pursuant to Molina approved procedures) as required.
(e)
If unresolved within a Molina specified and approved timeframe, transferring tickets to a higher level of support, per Molina standards and processes.
(f)
Maintaining incident ownership for the resolution and closure of the ticket even if support is performed by others, per the requirements set forth by the Service Levels in Appendix 6-A (Service Level Matrix).
(g)
Performing First Call troubleshooting and Resolution (“FCR”) of tickets, including but not limited to password resets, e-mail, office productivity tools, logon issues, shrink-wrap Software, custom applications (including complying with Molina provided scripts) and other First Call Resolution issues directed by Molina.
(h)
Resolving issues related to the Services.

-1-


(i)
Ensuring Service Desk personnel possess the appropriate customer service and technical skills and qualifications to provide technical Service Desk Services, including effective oral and written communication skills and a customer-focused attitude (e.g., correct, polite, helpful, understanding, clear and understandable language speaking, listening and writing skills) with specific requirements to be determined during Transition.
(j)
Ensuring Service Desk personnel have ongoing adequate training and documentation to stay current on new products, Services, Equipment, Software and technologies used by Molina.
(k)
Providing Level 1 support for all Molina IT environments, including:
(i)
Equipment, including but not limited to desktops, laptops, mobile devices.
(ii)
Infrastructure, including but not limited to voice and data network and Systems.
(iii)
Applications, including but not limited to productivity tools and business applications.
(l)
For those incidents which cannot be resolved by the Service Desk, Service Provider shall escalate to the appropriate Level 2 or 3 teams, whether Molina, Service Provider, or Third Party.
(m)
Defining a methodology for interfacing with Molina Level 2 and 3 support teams or external teams required to resolve an issue or provide a workaround.
(n)
Receiving phone calls, chats, and web-based incident submissions.
(o)
Complying with applicable regulations and data privacy laws and Molina policies relating thereto.
(p)
Providing self-help (self-service) support, including:
(i)
A web-based ticketing system (approved by Molina) including automated ticket registration by Users and capabilities for Users and Authorized Users to check status of specific tickets or groups of tickets based on Molina provided access control lists.
(ii)
Providing and updating a list of frequently asked questions (FAQs) and potential workarounds as approved by Molina and in compliance with Molina requirements.
(iii)
Create knowledge articles subject to Molina review and consideration for approval.
(q)
Complying with Molina requirements to accommodate Molina provided and Molina administered surveying and sentiment analysis, including providing a compatible call recording capability:

-2-


(i)
Jointly developing user survey questions and ratings with Molina.
(ii)
Conducting monthly satisfaction surveys and reporting on results and resolution time metrics.
(iii)Following up with Users on all negative surveys and sentiment analysis scoring and providing Molina a detailed plan within ten (10) days after completion of the survey or sentiment analysis to correct the causes of such dissatisfaction.
(iv)Complying with all performance management requirements associated with surveys and sentiment analysis.
(r)
Ensuring security processes are in place such that Service Desk calls are authenticated and users are correctly identified.
(s)
Identifying opportunities to improve Service Desk Services (e.g., automation, self-service, etc.) and making recommendations to Molina.
Technical Requirements
2.5
Service Provider shall support Molina in integrating Molina’s information technology Service management (“ITSM”) tools with Service Provider’s and Service Provider’s third parties' Systems (as directed by Molina) in a manner that ensures end-to-end Service management and seamless integration from an end user's perspective.
2.6
Service Provider shall accommodate multiple technology channels (inbound or outbound) to communicate with the Users (e.g., phone calls, chats, web-based), including:
(a)
Providing automatic call distributor (“ACD”) capabilities and reporting capabilities, all of which meet Molina specifications.
(b)
Pre-screening and appropriately routing caller based upon issue.
2.7
Service Provider shall perform chat Services in accordance with Molina specifications that will include the following:
(a)
Access to Molina chat Software to initiate chat sessions with Service Provider help desk personnel.
2.8
Service Provider shall provide Molina consultation regarding technology requirements (DSL, cable, etc.) when standard secure connectivity (e.g., VPN) is not available.
2.9
Service Provider shall provide Molina with forward looking view of advances in contact channels such that planning and implementing new contact channels may be considered for implementation on an annual basis according to Molina annual planning cycle.
Ticket Management
2.10
Service Provider shall perform ticket and ticket management, including:

-3-


(a)
For each Service Request or ticket reported, assigning a unique ticket number for tracking.
(b)
Assigning ticket Priority Levels to all tickets as defined by Molina's policies, procedures, and Service Level agreements as specified in this Agreement.
(c)
Maintaining ownership of the ticket (regardless of disposition and in a manner that provides a seamless experience for all Users) through closure.
(d)
Providing Resolution for tickets the Service Desk owns, including, and in accordance with the Service Levels in Appendix 6-A (Service Level Matrix):
(i)
Updating the ticket work log with all relevant status updates and troubleshooting steps taken.
(ii)
Providing root cause analysis activities and proposing changes to the environment to eliminate future tickets from being reported when possible; creating relevant knowledge articles and/or contributing to existing knowledge base.
(e)
Engaging appropriate support teams for resolution in order to meet Service Level targets in accordance with the Service Levels in Appendix 6-A (Service Level Matrix).
(f)
Integrating the Service Desk with Molina’s functions, tools, and processes.
(g)
Supporting Molina as required in identifying, reviewing, tracking and communicating patterns and trends that are causing issues and escalating trends to appropriate groups as needed.
(i)
Obtain open lines of communication with appropriate escalation groups such that status and remediation from escalated pattern and trends can be communicated to Molina.
(h)
Providing special or very important person (VIP) Users (as designated by Molina) with priority service including accelerated response time for issues and access to the trouble System and ticket escalation.
(i)
Providing 24x7 support and VIP User support Service, including:
(A)
Meetings setup and associated support
(B)
MAC computer support
(C)
Mobile device support
(D)
WebEx and telepresence troubleshooting
(E)
Special event support (e.g., annual shareholders meeting)
(F)
Wireless access support, printing, and other technology support

-4-


(G)
Traveling with Molina executives (as per Molina directions) to provide technology support. Any travel, lodging & boarding expenses incurred for VIP support will be borne by Molina, in each case subject to the provisions of the Agreement regarding reimbursement of Service Provider expenses.
(ii)
Allowing Molina to reasonably nominate, at its sole discretion, VIP Users who will require VIP User support Services.
(iii)
Verifying that tickets to the Service Desk from VIP Users are recognized as such at the receipt of the ticket to provide VIP Users with the response from the Service Desk specified in the Service Levels.
(iv)
Notifying Molina using the approved process of all tickets generated from the VIP Users, including ticket status and other details as directed by Molina.
(i)
Closing tickets with defined category levels for reporting, analysis and tracking ticket results for process and knowledge improvement.
(j)
Proactively confirming with the affected User(s) that the problem has been satisfactorily resolved and closing the ticket after driving the ticket to complete resolution.
(k)
Ensuring that tickets are closed (pursuant to actual resolution of tickets) within the defined Service Level targets as specified within the Service Levels in Appendix 6-A (Service Level Matrix).
(l)
Provide the ability to discern and open additional tickets when a User(s) communicates a new issue arising from a closure contact.
2.11
Service Provider shall provide a Service Desk with that is in compliance with Molina processes for Service delivery and Service management, and is ITIL-conformant.
User Complaint Management
2.12
Service Provider shall respond to Users as well as Molina teams expressing concerns with Service provided during a call or otherwise, including:
(a)
Working with Molina in defining the procedures to be followed when complaints are raised, including:
(i)
Logging, tracking and reporting complaint remediation.
(ii)
Ensuring Molina is aware of complaints that may have financial or reputation implications.
(iii)Ensuring corrective actions are completed at all levels of Service Desk personnel.
(iv)Ensuring appropriate changes to processes are put in place.

-5-


(v)
Providing written communication to the User(s) logging the complaint, as appropriate.
Escalation Management
2.13
Service Provider shall escalate identified ticket resolution issues to the appropriate Molina management team(s) or support partners for tickets where the Molina team(s) owns the resolution activity, including:
(a)
Tracking tickets and ensuring that Service Provider provides periodic updates and ticket status, including:
(i)
Working with Molina in defining the criteria to escalate for a lack of ticket updates by the Service Provider teams.
(ii)
Maintaining and updating Molina's contact, VIP, and escalation lists on a regular basis.
2.14
Working with Molina to define the escalation process based on Molina business requirements, including but not limited to “internal warm transfers” or “external warm transfers.”
2.15
Service Provider shall ensure User(s) can be transferred to appropriate Molina Supervisor or equivalent based on the defined escalation process.
Communication
2.16
Service Provider shall support Molina-provided methods and tools to announce outages, un-scheduled downtime and/or special announcements affecting Users (including any outages, un-scheduled downtime, and/or special announcements related to Third Party Services).
2.17
Service Provider shall notify Molina management wherever reasonably possible when Service Level targets related to issue resolution are at risk of being missed; this is above and beyond the reporting requirement as specified in Schedule 6 (Service Levels and Service Credits).
2.18
Service Provider shall promote self-help (Self-Service) support and educated Users to increase adoption of self-help (Self-Service) support.
Knowledge Management
2.19
Service Provider shall compile lists of knowledge articles where recommended solutions can be made available to the Service Desk and Users to increase the ability to resolve tickets.
2.20
Service Provider shall provide knowledge articles in a format for publication on Molina’s internal Systems and/or contribute knowledge articles in Molina Service Management tools (e.g., ServiceNow)

-6-


2.21
Service Provider shall identify members on the Service Provider's team(s) to act as subject matter experts (SME) to:
(a)
Increase First Call Resolution (FCR).
(b)
Identify problems needing attention by higher level support teams.
(c)
Provide training to Service Desk teammates.
(d)
Provide quality reviews of new knowledge, training, processes.
Reporting / SLA Management
2.22
Service Provider shall comply with Molina’s monthly Service Level tracking and reporting requirements.
2.23
Service Provider shall provide real-time and ad-hoc reporting as required by Molina, including:
(a)
Providing daily status report on Molina daily production status call including the previous 24-hour significant issues, remediation of significant issues and any extra-ordinary ticket volume. This reporting will be compliant with Molina requirements, in accordance with the Service Levels in Appendix 6-A (Service Level Matrix).
2.24
Service Provider shall participate in weekly Molina IT infrastructure and business application deployment conference calls, including:
(a)
Providing feedback on ticket trends related to deployments.
(b)
Proactively informing Molina on User issues related to active deployments.
(c)
Proactively informing Molina of backlogs or pending items that may impact the Services and proposing means to reduce such backlogs or mitigate such pending items.
2.25
Service Provider shall provide ad-hoc individual ticket root cause analysis (RCA) and closed loop corrective actions in regards to issues raised by Molina.
Molina Satisfaction
(a)
Service Provider shall leverage Molina-provided sentiment analysis and customer satisfaction survey tools as the foundation for delivering, measuring, and improving ongoing Services.
(b)
Service Provider shall utilize results from sentiment analysis and customer survey to initiate a review process to determine the reason and remediation for those results.
(c)
Service Provider shall develop survey parameters and content, which in each case shall be subject to Molina’s prior written approval:
(i)
Targeted users – any User that contacts the survey desk for assistance.

-7-


(ii)
Intervals – how often Users will be surveyed.
(iii)
Invitation rate – the number of surveys that Molina may be subject to in a specified period.
(iv)
Expiration period – the time period during which the User may respond to the survey before it expires.
Quality Management and Continuous Improvement
2.26
Service Provider shall support process improvement initiatives or activities as required by Molina.
2.27
Service Provider shall provide internal coaching and share lessons learned among Service Provider team members to promote Service improvements.
2.28
Service Provider shall proactively conduct incident analysis per the parameters outlined by Molina.
2.29
Service Provider shall proactively conduct knowledge analysis.
2.30
Service Provider shall facilitate advisory board events, including but not limited to meetings, calls, requests for information, as required by Molina.
2.31
Service Provider shall deploy best-in-class industry leading Service Desk quality management practices in compliance with Molina certification requirements, which will be subject to Molina audit requirements.
Business Continuity
2.32
The Service Provider shall comply with BCP/DR policies in Schedule 14 (Molina Policies) and Schedule 23 (Business Continuity and Disaster Recovery) of the Master Services Agreement, as part of which Service Provider shall develop a business continuity plan to ensure uninterrupted Service Desk Services during a disaster or outage for Molina review and consideration for approval. During an outage or disaster, Service Levels will not apply unless the Disaster Recovery Plan specifies otherwise; provided, however, that the Service Levels shall apply in any event where the Disaster Recovery Plan was enacted in response to a breach of the Agreement by the Service Provider (as opposed to being enacted in response to a Force Majeure Event).
2.33
The Service Provider shall comply with BCP/DR policies in Schedule 14 (Molina Policies) and Schedule 23 (Business Continuity and Disaster Recovery) of the Master Services Agreement, as part of which Service Provider shall develop a Disaster Recovery Plan for an outage of Service Desk Services for Molina review and consideration for approval. During any outage or disaster, Service Levels will not apply unless the Disaster Recovery Plan specifies otherwise; provided, however, that the Service Levels shall apply in any event where the Disaster Recovery Plan was enacted in response to a breach of the Agreement by the Service Provider (as opposed to being enacted in response to a Force Majeure Event).

-8-


2.34
Service Provider shall notify Molina management of unresolved tickets relevant to a disaster recovery situation within a Molina specific time frame, including:
(a)
Advising Molina of the impact, initial assessment and recommended actions to maintain and restore Services.
2.35
Molina must be notified if calls are switched between locations within a timeframe agreed with Molina of a declared disaster recovery situation, per Molina policies.
3.
GENERAL END USER COMPUTING SERVICES
General End User Computing Services
3.1
Service Provider shall perform the in-scope Services for the in-scope Equipment as designated by Section 1 of the TSD.
3.2
Service Provider shall provide and manage life-cycle Services including asset management, installation management, license management reporting, warranty support using existing Molina’s contracts, recovery, redeployment, preparation for disposal, and on-site support for Equipment while complying with Molina specified processes and policies or working with Molina designated Third Parties.
Services Requirements
3.3
Service Provider shall perform image deployment Services that adhere to all Molina End User Computing requirements, including:
(a)
Complying with or improving (subject to Molina's review and consideration for approval) Molina's current and future Equipment and Software technical specifications, including changes and refreshes of technology (hardware, components, or Software) by Equipment and Software Service Providers. Changes will be completed within Molina guidelines, at or before due date and in compliance with Molina change management process.
(b)
Coordinating with internal or Third Party Service Providers to provide remote “hands and feet” support for network and local file and print server issues.
(c)
As applicable, managing and integrating with Service Providers of Equipment for effective roadmap plans and resolution of technical issues, in in accordance with the Service Levels in Appendix 6-A (Service Level Matrix).
Administrative Services
3.4
Service Provider shall administer, manage, and execute requests for Molina Equipment, and software submitted by Molina Users in accordance with Molina policies and procedures, including:
(a)
Verifying User entitlement to the requested Molina Equipment or software and advising Molina management on any non-conformance issues relating to entitlement.

-9-


(b)
Providing life-cycle support from procurement to end-of-life disposal, including:
(i)
Validating entitlements to, sourcing, installing, tracking, recovering, redeploying and disposing of assets.
Deployment and Retirement Services
3.5
Service Provider shall provide or oversee, as appropriate, all installations, de-installations, cascades, moves, adds, changes and deletions (IMACDs) for all Molina Equipment, Software, and related Services at designated Molina Sites, including:
(a)
Coordinating, planning, and scheduling IMACDs with all affected IT functions, Molina Personnel, Third Party contractors and Users (whether the function is included within the Services provided by Service Provider, as a Molina-retained function, or a Third Party) to achieve high-quality execution of the IMACDs, (including scheduling and dispatching of appropriate Molina, Service Provider and/or Third Party Contractor technicians) to meet Service Levels and to minimize business impact on Users and any operational interruption to Molina.
(b)
On receiving and verifying a valid IMACD request, performing all necessary pre-work before an IMACD is executed.
(c)
Communicating with Users if there is any issue with an IMACD request.
(d)
Providing a mechanism for expedited handling of IMACDs and Project IMACDs that are of high business Priority to Molina, such that all IMACDs are completed within the required timeframe.
(e)
Creating and documenting the processes to enable IMACD execution for each Molina Software and/or Equipment component, and obtain Molina’s approval for such processes and documentation.
(f)
As applicable, conducting or confirming a Site survey to determine the location of the IMACD and coordinate any special requirements at the location.
(g)
Providing the necessary technical support to complete the IMACD, including on-site support during normal business hours for Molina Locations identified by Molina in Molina's sole discretion.
(h)
Remotely conducting all IMACDs for Molina Equipment and Software where practicable.
(i)
Confirming that all Molina Equipment, Software, parts, Network, cabling, or any other Services necessary to execute the IMACD will be available as of the date scheduled for the IMACD.
(j)
Confirming the new and/or existing configuration of Molina Equipment and Software associated with performing the IMACD. Service Provider will conform to configurations approved by Molina.

-10-


(k)
Confirming the installation and/or de-installation procedures associated with performing the IMACD, including backup, contingency, and test procedures.
(l)
Coordinating the scheduling and dispatching of appropriate technicians, including Third-Party Service Providers.
(m)
Coordinating with Molina so that as required, Molina can place orders for the installation of Equipment.
(n)
Providing depot Services using Molina’s existing depots in support of IMACD activity for Equipment.
(o)
Supporting Third-Party Service Providers in the execution of IMACDs, and coordinating such activities with the applicable Molina personnel or Third-Party Service Providers.
(p)
Performing any required backup procedures in accordance with Molina policies and processes.
(q)
De-installing and re-installing any existing Equipment, Software, or other related Services as necessary to execute the IMACD.
(r)
For multiple Users sharing workstations:
(i)
Supporting workstation sharing among multiple Users.
(ii)
Supporting multiple accounts on single workstations.
(iii)
Making available the User-specific Software configurations of all installed Applications.
(s)
Confirming correct implementation of the IMACD with the designated Molina personnel as appropriate.
(t)
Coordinating Molina’s Third party vendors for disposal, in accordance with Molina policies and procedures.
(u)
Supporting Molina in monitoring Molina satisfaction and Service Levels throughout the IMACD activity and following the delivery.
(v)
Tracking the IMACD request from initiation to completion, using the Molina System defined to track IMACD activity.
(w)
Providing a single point of contact for Users and the Service Desk for activities associated with each individual IMACD.
(x)
Providing close coordination and support to the Service Desk for all matters pertaining to IMACD requests and status reports.

-11-


(y)
Performing IMACDs for Service Provider Personnel without additional charge to Molina, and without including such IMACDs when comparing actual IMACD volume to any Resource Baseline.
(z)
Updating the Molina System of record to reflect any new information upon completion of the IMACD and/or as specified by Molina.
3.6
Service Provider shall assist User with migration of data from the malfunctioning unit to the replacement unit, assist with any required application installation and/or configurations, and perform gathering and migration of data for Molina Equipment.
3.7
Service Provider shall provide support to the User in order to enable the data to be copied, and send any necessary media that facilitates the copying of data along with the replacement. Service Provider shall ensure that, after any User Equipment changes, Users have all functionality provided on prior Equipment, that all data has been migrated from the prior Equipment to the new Equipment, all applications have been migrated and updated if appropriate (per Molina specifications), and that all such Equipment changes are fully tested according to Molina specifications.
3.8
Service Provider shall develop and execute managed refresh plans for Molina Equipment (subject to review and consideration for approval by Molina), including developing contingency plans and out-of-warranty repair processes.
3.9
Service Provider shall coordinate efforts with Third Party service and maintenance Service Providers as necessary to keep EUC Equipment and Software in good working order, and perform these responsibilities regardless of the Party (Service Provider or Molina) that has financial responsibility for the underlying asset and maintenance expenses.
3.10
Service Provider shall perform all maintenance of Molina Equipment and Software in accordance with Molina change management procedures, and schedule this maintenance to minimize disruption to Molina’s business.
3.11
Service Provider shall coordinate recovery activities for Molina Equipment and Software (e.g., lost and stolen assets) in accordance with all Molina policies (including IT security policies).
3.12
Service Provider shall provide such maintenance as necessary to keep the assets in good operating condition and in accordance with the manufacturer’s specifications, or other Agreements as applicable, so that such assets will qualify for the manufacturer’s standard maintenance plan upon sale or return to a lessor. Service Provider will provide support with enhanced SLA expectations for response per Molina specifications.
Support Services
3.13
Service Provider shall perform all support Services, including:
(a)
Notifying Molina IT of outages related to Service Provider’s Services.

-12-


(b)
Providing break-fix support, advice and assistance in accordance with manufacturer warranties.
Providing advanced notification in accordance with Molina policies for any planned or unplanned down time, including planned preventative maintenance.
(c)
Providing IT walk-up support for locations as identified by Molina and according to agreed specifications.
(d)
Providing remote or dispatched support by qualified specialists as necessary or requested by Molina in all Molina locations.
(e)
Providing Depot support by qualified specialists as necessary for Molina locations where remote or dispatched service is not required (as directed by Molina). In those cases where Service Provider Personnel are not qualified to perform dispatched, depot, or remote support, Service Provider shall manage, dispatch, and maintain financial responsibility for qualified third party technicians.
(f)
Correcting all incidents associated with failure or degradation of the performance of Molina Equipment and Software.
(g)
Integrating across areas (including local support organizations) to support a seamless IT environment across all Molina teams and Molina’s Third Party Contractors and external business connections.
(h)
Implementing patches (only to Molina approved patch levels) and applying Molina approved Software updates, including maintaining the capability to test new patches and Software updates.
(i)
Assisting with connectivity to Molina's network environments, including but not limited to remote and off-site personnel accessing the Molina internal networks and applications.
(j)
Performing System remediation to ensure compliance to Molina standards such that non-standard alterations to systems are identified during service calls and remediated upon Molina approval.
(k)
In the event of Molina Equipment failure, coordinating with Third Party Contractors to determine root cause, appropriate fix, and warranty and expense implications.
(l)
Creating and maintaining support knowledge articles and documentation in the Molina knowledge base.
(m)
Creating and maintaining Site and Molina Equipment inventory lists in the Molina System of Record.
(n)
Supporting (by phone, on the ground, or with training manuals as appropriate) to enable the correct use of Molina Equipment and Software and of related technologies and services.

-13-


Operations Services
3.14
Service Provider shall perform all operations Services and provide related reports as dictated by Molina, including:
(a)
Testing all non-performing Molina Equipment and Software.
(b)
Returning all non-performing Molina Equipment and Software to the warranty provider.
(c)
Replacing all non-performing Molina Equipment and Software under warranty.
(d)
Repairing all non-performing Molina Equipment and Software that is not under warranty.
(e)
Managing Molina Third Party Contractors to resolve issues with non-performing Molina Equipment and Software within Molina's required timelines.
3.15
As directed by Molina, Service Provider shall maintain, control and report an inventory of spare Molina Equipment at Molina locations and provisioning such devices as necessary to Users.
3.16
Service Provider shall provide End Point Encryption Services using existing Molina provided tools/solutions.
Delivery and Staging
3.17
The Service Provider’s responsibilities include the following:
(a)
Providing Depot Services using Molina’s existing depots in support of IMACD activity.
(b)
Preparing and coordinating the shipping and receiving of Molina Equipment and Software that are delivered in accordance with procurement orders from Molina.
(c)
Receiving Molina Equipment as necessary at Molina Sites.
(d)
Verifying that all contents of the delivery are included according to the procurement order.
(e)
As appropriate and required, notifying representatives from Molina, the Service Provider or any Third-Party Service Providers that the order has been received, as well as completing and forwarding any required paperwork associated with verifying the receipt and contents of the order to the appropriate Molina, Service Provider, or Third-Party Service Provider personnel.
(f)
Providing timely input into Molina Systems to provide accurate billing and order/inventory management.
(g)
After receipt at the initial Site, moving or shipping all Molina Equipment and Software (if necessary) to the staging Site (and a location within the Site) on a

-14-


scheduled delivery date that is agreed to with the appropriate User or Third-Party Service Provider.
(h)
Arranging and preparing for shipping to and from Sites, as required.
(i)
Verifying that the Molina Equipment and Software are stored in a secure area and are not subject to undue heat, cold, or dampness.
(j)
Providing all logistics Services (provisioning, Site preparation, etc.) associated with the movement of Molina Equipment or Software from Third-Party Service Providers to staging facilities.
(k)
After the Molina Equipment and/or Software has reached its final staging destination and prior to its actual installation, the Service Provider has the following responsibilities (as necessary based on an agreed installation date and plan):
(i)
Unloading, uncrating, and/or removing the packaging that was used to ship and contain the product.
(ii)
Assembling and/or testing the product, including assembling a complete or partial configuration, if required by the agreed installation plan.
(iii)
Providing the specific configuration required to complete the assembly and/or installation of the Molina Equipment and Software.
(iv)
Using the Molina standard deployment tools and configuration for the underlying Molina Equipment and/or Software for all new Molina Equipment and Software, unless otherwise approved by Molina.
(v)
Preparing and delivering quality review processes to the Service Provider's personnel or Third-Party Service Provider in electronic format and/or paper copy as needed.
(vi)
Providing all parts and materials necessary for proper assembly and installation of Molina Equipment, Software and Services, exclusive of electrical power and environmental resources and any other materials specifically agreed with Molina or a Third-Party Service Provider.
(vii)
Coordinating with all Third-Party Service Providers that are supplying peripheral or ancillary Molina Equipment or Software.
Patch and Software Distribution Support
3.18
Service Provider shall perform all patch and Software distribution operations Services, including:
(a)
Performing Software distribution and patch management.
(b)
Supporting patch distribution services for multiple operating system configurations.

-15-


(c)
Determining patch distribution schedules and methods, according to Molina policies and procedures.
(d)
Providing ongoing notification processes to Service Desk services, informing them of patches and patch schedules.
(e)
Reporting patch and Software distribution status and progress against planned or advertised schedules, and providing risk mitigation plans where exceptions arise, per Molina requirements.
(f)
Implementing a method and a process for testing patch and Software releases prior to general deployment, including testing and, where necessary, coordinating the testing certification of patches within Molina Equipment.
(g)
Obtaining Equipment, Software and BIOS inventory, including reporting on historical PC and BIOS inventory information for Software license verification.
Back-up and Recovery Services
3.19
Service Provider shall support Molina’s back-up and recovery activities, including:
(a)
Supporting the configuring and scheduling backup and recovery tools.
(b)
Supporting the development of data migration, archival, backup, and retention management procedures.
(c)
Supporting the implementation and management of backup procedures, including installing and configuring components, scheduling backups, and executing on-demand backups.
(d)
Supporting the implementation and management of archival procedures, including installing and configuring components, scheduling archival processes, and executing on-demand archrivals.
(e)
Supporting the implementation of recovery procedures, including online, partial, or other recovery procedures, per Molina policies and processes.
End User Training
3.20
Service Provider shall perform end user training related to the Services, including:
(a)
Providing train-the-trainer training and associated documentation for products and Services delivered by Service Provider.
(b)
Providing end users with feature overview and product update documentation, and user guide documentation whenever Service Provider Software releases are implemented.
(c)
Providing computer-based, documentation-based, and/or web-based orientation training for end users, inclusive of all new Service Provider Equipment, Service Provider Software, and/or Service Provider Services, pending Molina’s approval.

-16-


4.
ENDPOINT SECURITY
Host-Based Firewalls
4.1
Service Provider shall provide backup and recovery firewall policies and configurations.
Host-based Intrusion Protection System (IPS)
4.2
Service Provider shall support global IPS on end user devices across Molina assets.
4.3
Service Provider shall monitor all IPS devices from the central logging System, and provide appropriate response to health alerts.
4.4
Service Provider shall review IPS rule updates, determine risk and recommend priority for deployment for Molina’s review and approval.
Endpoint Detection and Response (EDR) Solution
4.5
Service Provider shall be responsible for the proper installation of security Software distribution. Service Provider shall deploy approved product updates in the case of individual Software distribution(s).
4.6
Service Provider shall provide hands and feet or remote support services for non-contained Molina Equipment in the event of suspicious activities and issues on hosts and endpoints at Molina corporate locations.
Antivirus and Malware Protection for Endpoints
4.7
Service Provider shall be responsible for the proper installation of security Software distribution of such production as antivirus. Service Provider shall deploy antivirus patterns in the case of individual Software distribution(s).
5.
RESPONSIBILITY MATRIX
The Service Provider shall perform the Services in a manner which complies with the responsibility matrix set out below. The table below is a RACI matrix in which:
Ÿ
R corresponds to “responsible” – the Party indicated is responsible for doing work as needed to complete the task;
Ÿ
A corresponds to “accountable” – the Party indicated is responsible for the correct completion of the task, which may be carried out through advance planning, oversight, or post-completion verification
Ÿ
C corresponds to “consulted” – the Party indicated is one whose opinions are to be solicited by the other parties indicated with an R or A
Ÿ
I corresponds to “informed” – the Party indicated is to be kept up to date by the other parties indicated with an R or A

-17-


#
Activity
Detail
Sub-Activity
Molina
Infosys
Third Party
1
General
Act as first point of contact to support user IT related incidents/ service requests through phone call, chat and web tickets.
Provide end user facing 24x7 IT Service Desk support in English
I,C
R
 
2
Provide initial training to Infosys on functions, features and configuration of all the Molina supported environment (IT Infrastructure and Business Applications)
R
A
 
3
Provide existing documentation on Molina's Service Desk tools and processes to Infosys
R
A
 
4
Respond to contacts via Telephone, Chat and Web Portal
I,C
R
 
5
Resolve Incidents, escalate to resolver group as applicable to meet Service Level Targets
I,C
R
 
6
Ensure that all staff are fully trained and experienced in the resolution of first time fixes and ensure that service levels are achieved
I,C
A, R
 
7
Ensure that all Service Desk staff are familiar with Molina’s relevant policies and procedures
I,C
A, R
 
8
Develop, document and maintain the Service Desk operational procedures for each of the Services/Sub-Services defined in the SoW
I,C
R
 
9
Implement quality management practices in compliance with Molina requirements
I,C
R
 
10
Continuously identify and implement opportunities for improvement
I,C
R
 
11
Identify and report trends in incidents and requests and propose solutions to reduce overall cost
I,C
R
 

-18-


#
Activity
Detail
Sub-Activity
Molina
Infosys
Third Party
12
Incident Management
Troubleshoot and resolve L1 incidents and escalate to respective L2/ L3 resolver groups where resolution is not possible within Molina defined timeframe
Establish/ Define Incident classification by priority
A,R
C,I
 
13
Establish Incident workflow, escalation, communication and reporting processes that help to achieve required Service Levels
I,C
RA
 
14
Review and approve Incident classification, prioritization and workflow, communication, escalation and reporting processes
R
A
 
15
Molina to extend ITSM & other operational tools to Infosys as is the case in the current business
R
I,C
 
16
Manage entire Incident lifecycle including detection, escalation, diagnosis, status reporting, repair and recovery
I,C
R
 
17
Provide a satisfactory response to each contact made, providing the End User at all times with a clear method of resolving the Incident or Service Request
I,C
R
 
18
Initiate the process of ticket closure so that the closure notices can be routed automatically to the end-user
I,C
R
 
19
Resolve incidents at first contact, otherwise escalate to appropriate Level 2 resolver groups within Infosys or to other resolution groups in other Parties
I,C
R
I
20
Determine the allocation to other resolver groups of Incidents that cannot be resolved on first contact
I,C
R
 
21
Troubleshoot Incidents using the relevant knowledge databases (e.g. KEDB and CMDB), knowledge articles provided by other Parties
I,C
R
 
22
Document and update solutions to Resolved Incidents in knowledge database for Service Desk continual improvement
I,C
R
 
23
Manage efficient workflow of Incidents including the involvement of third parties and initiate broadcast of outages in accordance with Molina's approved procedures
I,C
R
I,C

-19-


#
Activity
Detail
Sub-Activity
Molina
Infosys
Third Party
24
Verify acceptance of resolution by contacting the End-User to confirm through any channel (Phone/Email/Chat) and record results. Ticket closure does not occur until End User confirmation is completed and recorded
I,C
R
 
25
Service Desk owns each Incident through to resolution, to the satisfaction of the user, regardless of OEM and Component ownership
I,C
R
I,C
26
Capture data required for KPIs pertaining to volumes for all Incident types such as by hour per day; Service Desk call/chats abandonment rate, telephone call/Chats lengths, time-to-answer rates for telephone calls/chats, etc.,
I,C
R
 
27
Categorize, prioritize and log all Service Desk contacts along with resolution activities in the ITSM Tool (Service Now).
I,C
R
 
28
Collate Incident information from End Users regarding suggested improvements to the Infosys’s Services
I,C
R
 
29
Ensure that resolution of Service Desk contacts are based on priority and impact levels as defined and agreed by both Molina and Infosys
I,C
R
 
30
For Major Incidents, the service desk will initiate the incident management process and assign the tickets to the respective resolver groups
I,C
R
I

-20-


#
Activity
Detail
Sub-Activity
Molina
Infosys
Third Party
31
Service Request Management
Resolve service requests and escalate to respective L2/ L3 resolver groups where the required rights, skill set are not available with L1 team for resolution.
Identify and document Service Request priority types, response and Resolution targets for all the standard Service Requests
I,C
A,R
 
32
Extend ITSM system to Infosys to document, manage and track all Service Desk communication and Service Requests and inquiries regardless of the means by which the Service Request is submitted (e.g., telephone, web)
R
I,C
 
33
Log and prioritize all Service Requests based on service catalog
I,C
R
 
34
Where Service Requests are non-standard, proactively manage these calls with resolver groups to track that they are resolved within service standards
I,C
R
 
35
Log all non-standard Service Requests that cannot be handled by the Service Desk and hand over to the appropriate parties to fulfill
I,C
R
I, C
36
Manage all standard Service Request escalations in accordance with the agreed procedures
I,C
R
 
37
Work closely with all resolver groups & service delivery partners to proactively identify additional standard Service Requests. Agree the take-on of these with Molina ensuring that they are fully documented in the Knowledge Management Repository, and the Service Desk staff are appropriately briefed and trained
I,C
R
C
38
Knowledge Management
Identify opportunity for creation of Service Desk/ user facing knowledge articles and support in creation of the same in specified format.
Co-ordinate and maintain knowledge management repository for all Service Desk issues, including knowledge articles containing first time fixes & standard Service Requests, and with auditable access to Molina
I,C
R
 
39
Maintain a list of all resolutions (Incident & Request) that can and should be resolved by the Infosys at first contact.
I,C
R
 
40
Work closely with all service delivery partners and resolver groups to continuously identify suitable resolutions, first time fixes for the knowledge management repository
I,C
R
C

-21-


#
Activity
Detail
Sub-Activity
Molina
Infosys
Third Party
41
Customer Satisfaction Management
Leverage Molina-provided sentiment analysis and customer satisfaction survey tools as the foundation for delivering, measuring, reporting, and improving ongoing Services.
Collate, analyze results, and tabulate trends from returned CSAT and sentiment analysis surveys
I,C
R
 
42
Provide performance reports as requested by Molina on a regular basis categorized by service and resolver group
I,C
R
 
43
Review the results of the satisfaction process with Molina and work with Molina and other Third parties to assimilate feedback into continuous improvement processes
I,C
R
C
44
Log, track and report user complaint, initiate remediation and implement the required corrective actions across process and personnel
I,C
R
 
45
Identify opportunities for continuous improvement within the Infosys Services, agree with Molina and implement
I,C
R
 
46
Service Level Management
Monitor and track adherence to Molina SLAs and share pre-defined, ad-hoc reports with Molina as requested.
Manage and meet Service Level Targets as defined and agreed by both Molina and Infosys
I,C
R
 
47
Share Service Level reports with Molina at pre-agreed frequency
I,C
R
 
48
Meet with Molina every 6 months to suggest changes to Service Levels including new Service Levels and increase in Service Levels that the Infosys believes would benefit Molina
I,C
R
 
49
Technical Requirements
 Support in integrating Molina’s infrastructure with Infosys and its third parties' systems (as directed by Molina) in a manner that ensures end-to-end Service management and seamless integration from an end user's perspective.
Own and manage the IT infrastructure deployed at Infosys delivery center
I,C
A, R
 
50
Provide the required data connectivity bandwidth
I,C
R
 
51
Multi-Channel Services hosted on ServiceNow platforms
R
I,C
 
52
Provide pre-screening and automatic call distributor (“ACD”) capabilities along with provision for call reporting capabilities.
I,C
R
 
53
Provision and provide technical support for the local desktops and monitors and the required hardware such as Head Sets deployed within the Molina ODC
I,C
R
 


-22-


Activity
RACI
Infosys
Molina
Desktop Engineering
 
 
Deployment of Operating System, SW packages and patches on the end client machines using MS SCCM
RA
IC
Upgrade and maintenance of the Standard Operating Environments (SOEs)
RA
IC
Coordination with third party vendors for the Third Party tools integration with Molina AD, ADFS DHCP etc.
RA
IC
Manage and Maintain the Self- Help portal and User Account management
RA
I
Management of the Service Request system for any kind of HW or SW IMAC requests
RA
I
Creation, Deletion and update of User accounts through AD
RA
IC
Manage and Maintain SW License Inventory using the ServiceNow & MS SCCM tools
RA
I
Endpoint Antivirus Management on the end user devices
RA
I
End Point Hard Disk Encryption Management
RA
IC
Standard Operating Environment Image to be maintained as per the Industry best practices and Molina Business requirements
RA
CI
Scheduled upgrade of the Reference point with the security Patches, HW drivers and applications (including third party applications)
RA
CI
Third party vendor Coordination for HW Imaging, Asset Disposal, HW Inventory Management
RA
CI
HW Inventory Management using ServiceNow ITSM tool
RA
I
Remotely control the End User devices for Incident resolution using existing Molina Bomgar tool
RA
I
To deploy the OS & SW packages and as per the user accounts
RA
I
Support the Microsoft operating systems currently deployed on desktop and Laptops for Molina users (Win 7 and Win 10)
RA
I
Provide necessary Microsoft patches/service for desktops and laptops as required
RA
CI
Provide the Application Packaging services as per the requests raised by Molina Application Team (MSI packages)
RA
I
Provide application installer files for packaging
I
RA
Testing the Application Packages in the Test environment before deployment
RA
CI
Provide test scenarios for business applications
C
RA
Deployment of Software Patches, Application Packages to Molina End Devices within Molina’s intranet.
RA
I
 
 
 

Mobile Device Management (MDM)

-23-


Activity
RACI
Infosys
Molina
MDM service request management
RA
I
Support for self-service portal and tool
RA
I
Maintenance of Communication templates related to MDM service
RA
I
Support for specific tasks such as allow/deny access, enable/disable particular capability
RA
I
Administration of the MDM service platform
RA
CI
To provide resolution for the MDM service environment related incidents and service tickets
RAC
I
Manage Documentation – Provide FAQs, User guides, Standard Operating Procedures (SOPs),
RA
CI
Resolution of the device enrollment and enrollment related issues
RA
CI
To perform device status monitoring and dashboard administration
RA
I
MDM incident and service tickets resolution
RA
I
Modify/New policy information for specific user groups or devices.
RA
CI
Application onboarding process definition and support
RA
I
Support for MDM service related processes and compliance
RA
CI
Compliance of the MDM service solution with security guidelines provided Molina Enterprise Security Framework
RA
CI
Monitor Mobile Iron for Enterprise solution system parameters
RA
CI
Maintaining inventory data of devices, users, status, last connect.
RA
I
Document and track the device management life cycle of standard end user devices
RA
CI
Generate Status report on ticket (incident/service request) resolution
RA
CI

Field Support Services
Activity
RACI
Infosys
Molina
Coordination with OEM vendors for break-fix and AMC related matters
RA
CI
Escorting OEM/Vendor team at Customer site
RA
CI
Local incident Resolution
RA
CI
Desktop field services (Repair, swap)
RA
CI
Break fix and Hard IMAC
RA
CI
Provide tech bars support at Dedicated sites
RA
CI
Coordination with Purchase for refilling of stock
RA
CI
Physical verification and reconciliation for HW
RA
CI
Manual Image, patch installation on low bandwidth network machines
RA
CI
Connection of Machine to network and establish remote connectivity with offshore
RA
CI
Desk-side/onsite repair (component swap)
RA
CI
Desktop/Laptop and parts inventory update and asset up keep
RA
CI
Physical device/asset decommissioning
RA
CI
Consumable Replacement (spare acquisition)
A
RCI



-24-


APPENDIX 2-D
PRO FORMA
PROJECT WORK ORDER

This Project Work Order, between [Molina entity] (“Molina PWO Party”) and [Service Provider entity] (“Service Provider PWO Party”) is entered into pursuant to the Master Services Agreement between [Molina MSA Party] and [Service Provider MSA Party] effective [date] (the “MSA”). The terms and conditions of the MSA, the Schedules and the Appendices thereto, are hereby incorporated into this Project Work Order and subject to any variations to such terms and conditions set out below.

Molina Reference Number: [●]

Service Provider Reference Number: [●]


The parties hereto, each by a duly authorized representative, have executed this Project Work Order as of the date set out below and this Project Work Order is effective as of the Commencement Date:
[Molina Entity]: [●]
[Service Provider Entity]: [●]
By:

By:

Signed:

Signed:

Title:

Title:

Date:

Date:


Where Molina Head of IS Vendor and Supplier Management signature is required:
[Molina Entity]: [●]
By:

Signed:

Title: Molina Head of IS Vendor and Supplier Management

Date:




1



1
Project Name / Program Name
 
 


2
Project Managers
 
Molina Project Manager
 
Service Provider Project Manager
 


3
Commencement Date
 
Day
Month
Year
 
 
 
 
 
 
 


4.1
Project Description
 
 
 
 
 
 


4.2
Risks
 
The following description of business and/or operational risks associated with this Project is intended for operational use only, is not legally binding, neither does it affect, waiver or amend any of the rights or obligations set out in this Project Work Order:
 
 
 
 


5
Stage and Description
 
[Stage Name and Description]
[Stage Name and Description]
[Stage Name and Description]
[Stage Name and Description]
[Stage Name and Description]

6
Molina Requirements
 
 

7
Acceptance Criteria
 
 

2




8
Molina Personnel Authorized to sign off that Acceptance Criteria have been met in respect of each Stage or Deliverable
 
Name of Person authorized to sign off Deliverables/Stages on behalf of the Molina PWO Party

9
Charging Mechanism
Select One Only
Complete paragraph:
 
Role Based Time and Materials
 
11
 
Capped Time and Materials
 
12
 
Fixed Price
 
13

10
Invoice Currency
 
[USD]

11
Role Based Time and Materials
 
Name
[Note: Name may sometimes be required where identity of person is important to Molina.] 
Skill Grade
Home Location
Work Location
Language
Resource Unit Rate
Start Date
End Date
Estimated Cost
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 


3



12.1
Capped Time and Materials – Estimate
 
Month
Estimated Charges incurred by Service Provider in that Month

Estimate of Time Based Payment Amount
[Month]
 
 
[Month]
 
 
[Month]
 
 
...
 
 
Total Estimated Charges for the PWO
 
 

12.2
 
Capped Time and Materials
 
Stage
Payment Milestone /
Decision Point
Date
Estimated Retained Amount
T&M Cap per Stage
[Stage]
Milestone 1
 
 
 
 
Milestone 2
 
 
 
 
Milestone 3
 
 
 
 
....
 
 
 
 
Final Payment Milestone
 
 
 
 
Totals – [Stage]
 
 
 
Authority To Proceed
 
 
 
[Stage]
Milestone 4
 
 
 
 
Milestone 5
 
 
 
 
Milestone 6
 
 
 
 
....
 
 
 
 
Final Payment Milestone
 
 
 
 
Totals – [Stage]
 
 
 
Authority To Proceed
 
 
 
[Stage]
Milestone 7
 
 
 
 
Milestone 8
 
 
 
 
Milestone 9
 
 
 
 
...
 
 
 
 
Final Payment Milestone
 
 
 
 
Totals – [Stage]
 
 
 
[Stage]
Milestone 10
 
 
 
 
Milestone 11
 
 
 
 
Milestone 12
 
 
 
 
...
 
 
 
 
Final Payment Milestone
 
 
 
 
 
Authority To Proceed
 
 
 
 
 
Totals – [Stage]
 
 

4


 
[Stage]
Milestone 13
 
 
 
 
Milestone 14
 
 
 
 
Milestone 15
 
 
 
 
...
 
 
 
 
Final Payment Milestone
 
 
 
 
 
Authority To Proceed
 
 
 
 
 
Totals – [Stage]
 
 

12.3
Capped Time and Materials – Resource Profile from Quote
 
Skill Grade
Number of Individuals
Home Location
 
 
 
 
 
 
 
 
 
 
 
 

12.4
Project Structure
 
[Include arrangements describing how Service Provider Personnel will be structured and managed]
 
 
 
 



5


13
Fixed Price
 
Stage
Payment Milestone /
Decision Point
Date
Estimated Retained Amount
T&M Cap per Stage
[Stage]
Milestone 1
 
 
 
 
Milestone 2
 
 
 
 
Milestone 3
 
 
 
 
....
 
 
 
 
Final Payment Milestone
 
 
 
 
Totals – [Stage]
 
 
 
Authority To Proceed
 
 
 
[Stage]
Milestone 4
 
 
 
 
Milestone 5
 
 
 
 
Milestone 6
 
 
 
 
....
 
 
 
 
Final Payment Milestone
 
 
 
 
Totals – [Stage]
 
 
 
Authority To Proceed
 
 
 
[Stage]
Milestone 7
 
 
 
 
Milestone 8
 
 
 
 
Milestone 9
 
 
 
 
...
 
 
 
 
Final Payment Milestone
 
 
 
 
Totals – [Stage]
 
 
 
[Stage]
Milestone 10
 
 
 
 
Milestone 11
 
 
 
 
Milestone 12
 
 
 
 
...
 
 
 
 
Final Payment Milestone
 
 
 
 
 
Authority To Proceed
 
 
 
 
 
Totals – [Stage]
 
 
 
[Stage]
Milestone 13
 
 
 
 
Milestone 14
 
 
 
 
Milestone 15
 
 
 
 
...
 
 
 
 
Final Payment Milestone
 
 
 
 
 
Authority To Proceed
 
 
 
 
 
Totals – [Stage]
 
 





6



14 Deliverables
 
Stage
Deliverable
Input / Output
If Input, does it contain Molina Requirements (Y/N)?
Document Version Number
Acceptance Criteria

Delivery Date
Milestone Number
Milestone Date
Payment Milestone (Y/N)?
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 


7

16
Molina Responsibilities
Date Required
 
 
 
 
 
 
 

17
Molina Locations and Approved Service Delivery Location
 
 
 
 

18
Additional Service Provider Key Personnel for this Project Work Order
 
Name
Title
 
 
 
 

19
Assumptions
 
 

20
Other Service Providers
 
 
 
 

21
Service Provider Software
 
 
 
 

22
Third Party Software
 
 
 
 

23
Open Source Software
 
 
 
 


8


23
Site Systems
 
 
 
 

24
Molina Software to be provided by Molina
 
 
 
 

25
Project Governance
 
 
 
 


26
Molina Policies

 
[Note: Identify which non-mandatory Molina Policies do not apply to this Project Work Order]
 
 


27
Additional Terms and Conditions
 
 
 
 
 
Molina Legal Approval
 
Name:
Title:
Date:
Signed:
 
Service Provider
 
Name:
Title:
 
Date:
Signed:

29
Linked Project Work Orders
 
The following Project Work Orders are Linked to this Project Work Order:
 
 
 
 



9














SCHEDULE 3 PRICING AND INVOICING




CONTENTS
Clause
 
Page
 
 
 
1.
Definitions
2
2.
Introduction
2
3.
Agreed Cost Standards
3
4.
Appendices
4
5.
Intentionally Omitted
5
6.
On-Going Services Charges
5
7.
Supplemental Project Charges
7
8.
Transition Charges
8
9.
Discounts
8
10.
Inflation Adjustments and Foreign Exchange
9
11.
Invoices and Payments
9
12.
Disputed Invoices
10
13.
Service Credits
11
14.
Delivery Credits
11
15.
Expenses
12
16.
Financial Responsibility for Non-Service Expenses
12
17.
Additional Commitments by Service Provider
12
18.
Transformation Credit
13


(i)

1.
Definitions
1.1
All terms and conditions of the Agreement will apply to Schedule 3 and any Appendices hereto, and capitalized terms not defined in Schedule 3 will have the meanings given to them in the Agreement. Section references used herein will refer to the applicable section in Schedule 3, except as otherwise set forth herein.
2.
Introduction
2.1
This Schedule sets out the requirements as to pricing and invoicing with which the Service Provider must comply in connection with the Services.
2.2
No other Charges
The Service Provider shall not be entitled to impose or pass on any fees, charges, taxes, duties or expenses for the Services unless there is a specific charge set out in this Schedule or unless specifically permitted to do so in this Agreement.
Notwithstanding any other provision of this Agreement, if there are no specific fees, charges or expenses identified within this Schedule for a particular activity which the Service Provider is required to perform under this Agreement, then the Charges already incorporate a fee, charge or expense for that activity. The absence of a specific fee, charge or expense for a particular activity does not mean that, and may not be used to support any argument that, the particular activity does not form part of the Services.
Without limiting the paragraphs of this Section 2.2 set out above, the Service Provider shall provide or have provided all of the Systems (and be responsible for all of the costs of provisioning, commissioning, maintaining, refreshing (to the extent sent out in the applicable SoW) and installing those Systems), licenses, contracts, premises (other than the facilities to be provided by Molina as set out in Schedule 15 (Access to Molina Facilities)), personnel, consumables, peripherals, processing and storage capacity and all other resources, capital and skills necessary to provide the Services (unless any such activities are a Molina Responsibility) and to procure the performance of all of the Service Provider’s obligations set out in the Agreement, for the Charges.
2.3
Late Payment Interest
The Service Provider shall be entitled to invoice Molina for accrued late payment interest at the Agreed Interest Rate in accordance with Clause 41 (Late Payment) of the Agreement.
2.4
General Principles
Subject to Section 10, the Charges for all Services are inclusive of all disbursements, administrative expenses, allowances and other costs and expenses incurred in, or in connection with, the provision of the Services, including the cost of:
(a)
connectivity required by any Service Provider Person to enable that Service Provider Person to perform his or her duties in relation to the Project Services;

-2-

(b)
personal tools required by the Service Provider Person to enable that Service Provider Person to perform his or her duties in relation to the Services, unless any such tools are described as Molina’s responsibility in Appendix 3-A-1. (Financial Responsibility Matrix), Schedule 13 (Access to Molina Facilities), Schedule 16 (Dependencies), or as Molina Responsibility in a Project Work Order;
(c)
all necessary employment visas required to work in a country for an extended period and other permits, licenses (except Software licenses) and consents necessary for any Service Provider Person to carry out any work in any location;
(d)
overhead and organizational infrastructure for a Service Provider Person needed to deliver the Services (including human resources, finance, tax and legal functions or services);
(e)
any translation to or from English of documentation required to perform, or to report performance of, any of the Services; and
(f)
in the case of Project Charges, the performance of all the activities set out in the Projects Statement of Work.
3.
Agreed Cost Standards
3.1
Introduction
The determination of whether Charge Adjustments may be made, the amount of any Charge Adjustments, and the calculation of Charges for Project Services shall be made in accordance with the principles set out in this Section 3. The Service Provider shall ensure that the Charges (and its preparation of the Charges) at all times comply with the Agreed Costs Standards.
3.2
Interaction with Benchmarking
The Agreed Cost Standards do not in any way limit or affect the outcomes of the Benchmarking Process. The Agreed Cost Standards shall not require the Service Provider to adjust the Charges where it does not agree to do so under the Benchmarking Process. Any adjustments to the Charges following the Benchmarking Process shall be made in accordance with the Agreed Cost Standards.
3.3
Enforcement and Verification
The Service Provider shall provide a confidential letter addressed to the members of the Head of IS Vendor and Service Provider Management, no later than 14 Business Days after the end of each Contract Year, to state that each Charge Adjustment assessed and invoiced in that Contract Year was assessed and invoiced in accordance with the Agreed Cost Standards.
3.4
The Agreed Costs Standards

-3-

Principle of Fairness – All Charge Adjustments and Charges for Project Services shall be fair and reasonable both to Molina and the Service Provider.
Principle of Proportionality – Subject to the principles that follow, all Charge Adjustments, Benchmarking Adjustments and Charges for Project Services shall be in proportion to the increase or decrease in the costs and/or risk that the Service Provider requires to deliver the Services.
Principle of Similar Charging Methodology – The methodology for calculating Charge Adjustments shall be based wherever practical upon the same methodology as applies to the Charges.
Principle of Auditable Pricing – The Service Provider may not impose any Charge for Project Services or make any Charge Adjustment unless that adjustment is supported by reasonable supporting documentary evidence. Not all the supporting evidence need be disclosed to Molina but it must be sufficient to allow Molina to make a meaningful assessment of the reasons for any Charge Adjustment or Charge for Project Services. However, all supporting evidence, whether disclosed to Molina or not, must be maintained in such a form as to allow an auditor or other expert appointed pursuant to Clause 38 (Audit and Information Access) of this Agreement to conduct an audit referred to in that Clause.
4.
Appendices
4.1
The following Appendices are attached to Schedule 3 and shall apply to the Exhibits, as applicable:
(a)
Appendix 3-A. (Pricing Matrix) sets forth the pricing framework, matrix and constructs for all functions.
(b)
Appendix 3-A-1. (Financial Responsibility Matrix) sets forth whether Service Provider or Molina shall be financially responsible for the expenses associated with Personnel, Software, Equipment, Facilities, Systems and other expenditures related to the provision of Services during the SOW Term.
(c)
Appendix 3-A-2. (Transition Charges) sets forth the charges associated with Transition Services, which shall be invoiced on a Fixed Fee, per milestone basis.
(d)
Appendix 3-A-3 (Termination Charges) sets forth charges in the event of Termination for Convenience.
(e)
Appendix 3-A-4. (Volume Discounts) sets forth the discount percentages Service Provider shall credit Molina based on all Services provided by Service Provider in a given period.
(f)
Appendix 3-A-5. (Invoicing Structure) sets forth the invoice structure to be used by the Service Provider.

-4-

(g)
Appendix 3-A-6. (Infrastructure Pricing) sets forth the Resource Units and corresponding Infrastructure Monthly Charges that are chargeable to the Molina for in-scope Infrastructure Services.
(h)
Appendix 3-A-7. (Security Pricing) sets forth the Security Monthly Charges that are chargeable to the Molina for in-scope Security Services.
(i)
Appendix 3-A-8. (EUS Pricing) sets forth the Resource Units and corresponding End User Services Monthly Charges that are chargeable to the Molina for in-scope End User Services.
(j)
Appendix 3-A-9. (Applications Development Committed Capacity) sets forth the approved roles for Service Provider Personnel performing in-scope Services and the corresponding resource rates based on a committed capacity model.
(k)
Appendix 3-A-10. (Application Test Committed Capacity) sets forth the approved roles for Service Provider Personnel performing in-scope Services and the corresponding resource rates based on a committed capacity model.
(l)
Appendix 3-A-11. (Application Support Pricing Matrix) sets forth the Application categories and the corresponding Application Support Monthly Charges that are chargeable to Molina for Application Support Services for such Application category.
(m)
Appendix 3-A-12. (Resource Unit Definitions) sets forth the definitions for Resource Units as indicated in other pricing worksheets.
(n)
Appendix 3-A-13. (Supplemental Rate Card) sets forth the approved roles and rates for Service Provider personnel to be used in cases of Supplemental Project Charges
Resource Unit Rates” shall mean the rates on which the Service Fees shall be calculated,
4.2
Unless expressly agreed otherwise in a SOW, there shall be no increase to the Resource Unit Rates during the Term of the Agreement, and for the avoidance of doubt, there shall be no increase to the Resource Unit Rates as a result of exchange rate movements or inflation.
5.
Intentionally Omitted
6.
On-Going Services Charges
6.1
For ongoing services set forth in Appendices 3-A-6 (Infrastructure), 3-A-7 (Security Services), and 3-A-7 (End User Services), the total allowable Charges for each Resource Unit shall be calculated as A x B, where:
6.2
A = the Resource Unit Rate for such Resource Unit.
6.3
Certain Resource Unit Rates incorporate annual productivity improvements as set forth in Appendices 3-A-6 (Infrastructure), and 3-A-7 (End User Services).

-5-

6.4
B = the total actual volume of such Resource Unit in the applicable month, subject to the following:
(a)
Service Provider shall not invoice for more than one Resource Unit if a device or Service fits within the definition of more than one Resource Unit.
(b)
In the event that a device or Service fits within the definition of more than one Resource Unit, the Parties will refer the matter to the applicable Operational Review Board to determine which Resource Unit applies to such device or Service.
(c)
Where the volume of Resource Units is not cumulative (as determined by Molina) (e.g., FTE hours is a cumulative Resource Unit and desktops supported is a non-cumulative Resource Unit), the volume of Resource Units shall be calculated as the average daily volume of the number of Resource Units for the Period. For cumulative Resource Unit, the volume of Resource Units shall be calculated as on the end of the month.
(d)
For a period of three months from the First Go Live Date of the Agreement and until such time the actual Resource Unit count is determined, invoicing shall be based on the Baseline Units, as set out in the Summary of Projected Charges tab of appendix 4 B (Pricing Matrix) as “Projected Monthly Service Volumes”. Thereafter, once the actual count is completed, a retrospective adjustment shall be carried out to the charges in the subsequent invoice. In such case, Service Provider shall not retrospectively adjust charges for services related Resource Units for which the actual count is within [redacted] of the Baseline Unit count. Molina and Service Provider will complete joint inventory tracking during transition period.
(e)
For the fourth and subsequent months, the parties shall agree the actual volume of any Resource Unit, for the purposes of invoicing within the first 10 days after the month for which the invoice had to be raised. In the event the parties do not agree within 10 days the invoicing will be done based on the last invoiced volume count of Resource Units, and when agreement is reached, any variation shall be credited against the subsequent invoice.
(f)
The term “Resource Unit Data Source” means a database or repository designated by Molina as the repository of all Resource Unit Records that shall track chargeable Resource Units. No Resource Unit Record may be added to the Resource Unit Data Source without Molina's prior agreement. No Resource Unit Record will be deemed a chargeable Resource Unit for a month unless (i) it is listed in the Resource Unit Data Source and (ii) Service Provider provided Services (other than removal) with respect to such Resource Unit Record during a month.
(g)
For avoidance of doubt, the Resource Unit Data Source is for invoicing purposes only and omission of an item from the Resource Unit Data Source shall not affect or reduce Service Provider's responsibility under Schedule 2 (Services) and/or the Exhibits thereto to provide Services with respect to that item.

-6-

(h)
In the event that an item designated as a Resource Unit is replaced by a new item, the Parties will refer the matter to the applicable Operational Review Board (i) to designate an existing Resource Unit that will be associated with such replacement item, (ii) to determine that the replacement item is not relevant for pricing purposes (and thus will not be counted when determining the number of Resource Units), or (iii) to determine that providing Services with respect to the new item requires a new Resource Unit, in which case Service Provider will submit a new Charges proposal to perform Services with regard to such item pursuant to Schedule 2 (Services) or an amendment, as determined by Molina.
(i)
In the event of a change in the amount of a Resource Unit, any change of [redacted] (or such other percentage as the parties specify in the Agreement) of the total amount of such Resource Unit will result in the completion of a formal Change Request.
6.5
The total allowable On-Going Services Charges for Services in connection with a Service Tower shall be the sum of all On-Going Services Charges for Resource Units associated with such Service Tower.
6.6
Service Provider shall measure and report to Molina monthly on the number and type of Resource Units actually utilized by Molina.
6.7
To the extent the Service Provider is responsible for Hardware and Software refresh as set out in the applicable SoW, such refresh shall be at no additional Charge in accordance with the Services, except, in each case subject to agreement by Molina and Service Provider, to the extent Molina requires an accelerated refresh of Molina Hardware and Software in addition to (a) refresh as set out in the SoW or (b) refresh as may be required for Service Provider to fulfil its obligations set out in the Agreement.
6.8
Service Provider may only begin charging Molina for On-Going Service Charges for a Service when all corresponding Transition Milestones for that Service are met.
7.
Supplemental Project Charges
7.1
For a project priced on a time and materials basis outside the scope of Services, the formula for calculating such “Supplemental Project Charges” for each Project Rate for each month shall be calculated as (D x E), where:
(a)
D = the Supplemental Project Rate set forth in Appendix 3-A-13 (Supplemental Rate Card), as applicable in such month, or such lower rate as may be specified in the applicable project statement of work.
(b)
E = Number of Project Productive Hours provided by Service Provider Personnel in the role associated with such Supplemental Project Rate during such month.
7.2
The total allowable Supplemental Project Charges in connection with a project statement of work priced on a time and materials basis shall be the sum of all Supplemental Project Charges for each Supplemental Project Rate associated with such project statement of work without any supplemental amounts, up-charges, or any other fee.

-7-

7.3
For a project statement of work priced on a basis other than time and materials, the Charges shall be set forth in such project statement of work.
8.
Transition Charges
8.1
All Charges for Services performed by Service Provider under Schedule 4 (Transition and Transformation) shall be as set forth in Appendix 3-A-2 (Transition Charges); such Charges shall be fixed, regardless of actual effort undertaken and shall be invoiced by Service Provider to Molina on a Fixed Fee basis in accordance with Appendix 4-B (Milestones).
8.2
For the avoidance of doubt, all costs in connection with providing Transition Services shall be Service Provider's responsibility and include but are not limited to:
(a)
Service Provider Equipment costs
(b)
Training and on-boarding of resources that shall become Service Provider Personnel to charge Productive Hours
(c)
Travel and expense costs
(d)
All Service Provider Equipment, Software and Systems inherent to delivering Transition Services and achieving Service Provider commitments
(e)
Costs associated with providing System access, as specified in the Appendix 4-B-1 (Financial Responsibility Matrix)
(f)
Expense associated with integration of Systems as required by Service Provider to provide Services under the SOW
(g)
Expense associated with the migration of data between Systems (e.g., the transfer of tickets to new queues)
(h)
Service Provider’s costs associated with knowledge transfer
(i)
Any other costs associated with modifying the Services as they are performed on the SOW Effective Date
8.3
If Service Provider fails to achieve acceptance of a Milestone for Transition by its Milestone Date, Service Provider shall be liable for delay payments in accordance with Schedule 4 (Transition and Transformation). The applicable Transition Fee less that total amount of the Delay Payment shall be considered to be the “Adjusted Transition Fee” for that Transition. The total amount of the Adjusted Transition Fee for a Transition may be invoiced by the Service Provider upon Acceptance of the final Transition Milestone for that Transition in accordance with Schedule 4 (Transition and Transformation).
8.4
In the event that Go Live for any Transition does not occur on the relevant Milestone Date any costs incurred by Service Provider shall be borne by the Service Provider and the Transition Charges shall not vary.
9.
Discounts

-8-

Volume Discount. At the end of each annual period, Service Provider shall reimburse Molina an amount calculated as K x L = M, where:
(a)
K = discount percentage as determined pursuant to Appendix 4-B-4 (Volume Discounts) as applicable to the Charges for such period.
(b)
L = the total On-Going Services Charges, Committed Capacity Charges, and Supplemental Project Charges for such period
(c)
M = Discount amount due Molina for such period.
(d)
Volume Discounts and any additional discounts shall be applied, simultaneously with the issuing of the last invoice of each Contract Year.
10.
Inflation Adjustments and Foreign Exchange
All inflationary adjustments, indexation and foreign exchange risk shall be incorporated into the Resource Unit Rates for the Term of the Agreement (including any renewal terms). Commencing on the second anniversary of the Effective Date, and again as of each anniversary of the Effective Date thereafter during the Term, the Service Provider may notify Molina that Supplier wishes to implement a CPI adjustment on the Project Rates; provided however, that (i) onsite Project Rates will not increase by more than the lesser of (a) [redacted] and (b) the Consumer Price Index for All Urban Consumers (CPI-U) as released by the U.S. Department of Labor, Bureau of Labor Statistics for the year prior to the date on which the applicable adjustment is made in accordance with this paragraph and (ii) offshore Project Rates will not increase by more than the lesser of (a) [redacted] and (b) the All India Consumer Price Index for Urban Non-Manual Employees CPI(UNME) (http://Mospi_New/site/home.aspx) for the year prior to the date on which the applicable adjustment is made in accordance with this paragraph. Any adjustment to the Project Rates as set out in this paragraph shall be prospective and shall apply as of the applicable anniversary of the Effective Date.
11.
Invoices and Payments
11.1
All invoices shall be in accordance with the MSA and Schedule 3. Unless otherwise specified, the Service Provider shall submit invoices on a monthly basis in respect of the Services provided in the immediately preceding month. Service Provider may provide separate invoices by Service Bundle. Molina shall pay properly submitted and valid invoices within [redacted] days of the date on which Molina receives the relevant invoice ("Due Date"). Service Provider will provide invoices to Molina in accordance to a mutually agreed Form of Invoice. The Service Provider shall ensure for each invoice:
(a)
Specifies the period to which the invoice relates;
(b)
Specifies the Services to which the invoice relates;
(c)
Sets out the calculations used to reach the amount of the Charges that are being invoiced;

-9-

(d)
Separately itemizes any expense or taxes said to be payable by Molina;
(e)
Specifies the Service Provider's tax number;
(f)
Specifies the relevant purchase order number; and
(g)
Contains any other information reasonably required by Molina, from time to time.
11.2
Service Provider shall perform all services and record all Productive Hours within the Molina system of record for Third Parties.
11.3
The Service Provider shall maintain complete and accurate records of, and supporting documents for, the amounts billable to and payments made by Molina under the Agreement in accordance with generally accepted accounting principles, applied on a consistent basis, for a minimum period of seven (7) years (unless a longer period is required by law or regulation in which case such longer period shall be deemed to apply) following the end of the Term or the Termination Assistance Period, whichever is the later
11.4
The Service Provider will provide Molina with all such documentation and other information as Molina may reasonably require with respect to each invoice to verify its accuracy and compliance with the provisions of the Agreement.
11.5
Without prejudice to paragraph 9.4, Molina may at any time require the Service Provider to provide with every invoice a schedule of supporting information relating to that invoice.
11.6
Without prejudice to any Milestone Payments, if the Service Provider does not invoice Molina within 120 days of the end of the month in which such Services were performed, the Service Provider shall be deemed to have waived its right to be paid for such Services.
12.
Disputed Invoices
12.1
If there is a dispute about any Charge in an invoice that is raised before an invoice is issued, no Charge reflecting the amount in dispute shall be included within an invoice.
12.2
Molina may dispute any Charges appearing in an invoice, provided it does so on reasonable grounds and provides a written explanation of those grounds to the Service Provider. Upon receipt of Molina’s written explanation, the Service Provider shall initiate the Fast-Track Dispute Resolution Procedure and the parties shall resolve the dispute using that procedure. If Service Provider has concerns about delays in payment of undisputed amounts resulting from this process, Service Provider may raise such concerns as part of the meetings of the applicable Operational Review Board.
12.3
If a Charge based on a disputed amount that was raised by Molina prior to the issue of an invoice appears in an invoice, or if Molina disputes any Charges appearing in an invoice in accordance with this Section 11, Molina may reject the entire invoice. If Molina does so, and there remain any undisputed amounts in the rejected invoice:
(a)
the Service Provider shall reissue (within five (5) Business Days) the invoice without the amounts in dispute; and

-10-

(b)
the time that Molina has to pay the undisputed amounts shall be calculated, in accordance with Section 9.1, from the date the second (and undisputed) invoice is received (provided the Service Provider reissues the invoice).
12.4
The Service Provider may provide a separate invoice to reflect the Charges in dispute in order to document the disputed Charges (a “Holding Invoice”). Molina has no obligation to pay any Charges in a Holding Invoice until the dispute is resolved.
13.
Service Credits
13.1
If the Service Provider is liable to allow any Molina Company any Service Credits:
(a)
those Service Credits shall be issued as a credit note, which Service Provider shall identify as applicable only as a credit credited against the Charges in a future invoice issued by the Service Provider to Molina for the Services; or
(b)
if there are no further invoices to be issued by the Service Provider, or if no further invoice is issued by the Service Provider within sixty (60) days from the date on which the Service Credits are incurred, the Service Provider shall pay an amount equal to those Service Credits to Molina as a liquidated sum within thirty (30) days from receipt of written notice from Molina.
13.2
If the Service Provider is liable to allow any Molina Company any Service Credits, and Local Services Agreements have been entered into pursuant to the Agreement, Molina shall specify the Local Services Agreement(s) in respect of which Molina requires the Service Provider to issue the Service Credit, and the amount of the Service Credit which Molina requires to be allocated to each Local Services Agreement. Such amounts shall be credited to the relevant Molina LSA Party in accordance with the preceding paragraph.
14.
Delivery Credits
14.1
If the Service Provider is liable to allow any Molina Company any Delivery Credits:
(a)
those Delivery Credits shall be issued as a credit note, which Service Provider shall identify as applicable as a credit against the Charges in a future invoice issued by the Service Provider to Molina for the Services; or
(b)
if there are no further invoices to be issued by the Service Provider, or if no further invoice is issued by the Service Provider within sixty (60) days from the date on which the Delivery Credits are incurred, the Service Provider shall pay an amount equal to those Delivery Credits to Molina as a liquidated sum within thirty (30) days from receipt of written notice from Molina.
14.2
If the Service Provider is liable to allow any Molina Company any Delivery Credits, and Local Services Agreements have been entered into pursuant to the Agreement, Molina shall specify the Local Services Agreement(s) in respect of which Molina requires the Service Provider to issue the Delivery Credit, and the amount of the Delivery Credit which Molina

-11-

requires to be allocated to each Local Services Agreement. Such amounts shall be credited to the relevant Molina LSA Party in accordance with preceding paragraph.
15.
Expenses
Save as provided in this paragraph, the Service Provider shall not be entitled to charge nor to invoice Molina for travel and/or accommodation costs or other expenses incurred in the provision of the Services. Accordingly, such Service Provider expenses are not separately reimbursable by Molina unless, on a case by case basis for unusual expenses, Molina has agreed in advance and in writing to reimburse the Service Provider for a particular expense and such expenses are incurred in accordance with Molina's travel and expenses policy as updated by Molina from time to time and provided that:
(a)
The expense is a necessary (as determined by Molina) part of satisfying a requirement the Services and is incurred by the Service Provider during providing Services;
(b)
The amount charged to Molina is no greater than the actual documented cost incurred by the Service Provider;
(c)
The amount charged is supported by an original proof of purchase.
(d)
The amount of any travel and/or living expenses charged to Molina is no greater than the travel and/or living expenses cap communicated to the Service Provider by Molina; and
(e)
The amount charged was not incurred as part of participation in scheduled governance meetings as contemplated by schedule 7 (Governance).
16.
Financial Responsibility for Non-Service Expenses
16.1
Appendix 3-A-1 (Financial Responsibility Matrix) indicates whether Service Provider or Molina is financially responsible for:
(a)
Personnel,
(b)
Software,
(c)
Equipment, and
(d)
Facilities.
16.2
Where responsibility is indicated as being Service Provider's responsibility, the Service Fees include all costs related to the provision of such service, Software, Equipment or other item.  
17.
Additional Commitments by Service Provider
17.1
As of the Service Commencement Date, the Service Provider shall fully fund an innovation fund (the “Innovation Fund”) in an amount totalling [redacted]. After the total Charges under this Agreement have exceeded [redacted], then additional amounts shall accrue in the Innovation Fund monthly at the [redacted] of the monthly Charges.

-12-

17.2
Amounts in the Innovation Fund may be used only to fund time and materials projects in connection with the Services under this Agreement by the application of Service Provider Personnel time against the Innovation Fund using the applicable rates listed in Appendix 3-A-13 with a [redacted] discount. In order to use the Innovation Fund, the applicable Project Work Order shall state that it will be funded by the Innovation Fund.
17.3
Amounts in the Innovation Fund must be used during the Term and will be utilized on a first-in-first-out basis (i.e., the amounts first accrued will be treated as the first spent). Amounts that are not used the Term shall be treated as expired, and shall no longer be available.  For purposes of clarity, the balance of the Innovation Fund may not be utilized as a credit or set-off against amounts due under the Agreement (other than Project Work Orders expressly agreed to be Innovation Fund Project Work Orders), and any unused amounts will not be paid out in the form of cash or any similar remuneration. Amounts accrued in the Innovation Fund may be used only as described herein.
18.
Transformation Credit
18.1
If the Service Provider fails to achieve Acceptance of all of the following (collectively, the “Transformation Milestones”), each of which is a Milestone, by the close of business hours at Molina’s corporate headquarters on the date that is [redacted] after the Service Commencement Date (which is the applicable Milestone Date), then Service Provider shall pay the applicable Monthly Transformation Credit on the first day of each calendar month until the Aggregate Transformation Credit is paid in full:
(a)
Migration of Non-production Servers – [redacted] which the Service Provider is to prepare pursuant to Section 7 (Transformation) of Schedule 4 (Transition and Transformation) have been Accepted by Molina for lift and shift type of migration;
(b)
Migration of Production Servers – [redacted] which the Service Provider is to prepare pursuant to Section 7 (Transformation) of Schedule 4 (Transition and Transformation) have been Accepted by Molina for lift and shift type of migration].
The volume of VMs that are pertinent for the percentages set out in the Transformation Milestones above will be finalized at the end of assessment phase, in accordance with Schedule 4 (Transition and Transformation).
18.2
For the avoidance of doubt, in the event the Service Provider fails to achieve all of the Transformation Milestones by the applicable Milestone Date, the Service Provider shall pay the entirety of the Aggregate Transformation Credit to Molina even if the Service Provider later completes all of the Transformation Milestones before the Service Provider pays to Molina the final Monthly Transformation Credit.
18.3
The Service Provider shall pay each Monthly Transformation Credit to Molina as a Service Credit, as contemplated in paragraph 13.1.
18.4
“Monthly Transformation Credit” means (a) with respect to the first such amount payable by the Service Provider, [redacted] and (b) with respect to each such amount payable by

-13-

the Service Provider thereafter, [redacted]. “Aggregate Transformation Credit” means [redacted].

APPENDIX 3A – PRICING MATRIX
[See Attached]


-14-




CONFIDENTIAL TREATMENT REQUESTED


cfinal.jpg

-1-
CONFIDENTIAL TREATMENT REQUESTED




Pricing Workbook Instructions
Table 1. Instructions
 
1
Suppliers to fill ONLY cells in PURPLE
 
2
Commercials are based on information provided in RFP/Client Document
 
3
The charges are specified in USD currency
 
4
Count of devices for the purpose of determining actual units for invoicing, will happen on 1st of every month.
Table 2. Appendix Table of Contents
Pricing Matrix:
 
Appendix Reference
Appendix Title
Description
 
Appendix 3-A
Pricing Matrix Summary
Sets forth the pricing framework, matrix and constructs for all functions.
 
Appendix 3-A-1
Financial Responsibility Matrix (FRM)
Sets forth whether Supplier or Molina shall be financially responsible for the expenses associated with Personnel, Software, Equipment, Facilities, Systems and other expenditures related to the provision of Services during the SOW Term.
 
Appendix 3-A-2
Transition Charges
Sets forth the charges associated with Transition Services, which shall be invoiced on a Fixed Fee, per milestone basis.
 
Appendix 3-A-3
Termination Charges
Sets forth charges in the event of Termination for Convenience.
 
Appendix 3-A-4
Volume Discounts
Sets forth the discount percentages Supplier shall credit Molina based on all Services provided by Supplier in a given period.
 
Appendix 3-A-5
Invoicing Structure
Sets forth the invoice structure to be used by the Supplier.
 
Appendix 3-A-6
Infrastructure Pricing
Sets forth the Resource Units and corresponding Unified Compute Monthly Charges that are chargeable to the Molina for in-scope Infrastructure Services.
 
Appendix 3-A-7
Security Pricing
Sets forth the Security Monthly Charges that are chargeable to the Molina for in-scope Security Services.
 
Appendix 3-A-8
EUS Pricing
Sets forth the Resource Units and corresponding End User Services Monthly Charges that are chargeable to the Molina for in-scope End User Services.
 
Appendix 3-A-12
Resource Unit Definitions
Sets forth the definitions for Resource Units as indicated in other pricing worksheets.
 
Appendix 3-A-13
Supplemental Rate Card
Sets forth the approved roles and rates for Supplier personnel to be used in cases of Supplemental Project Charges
 
Appendix 3-A-14
Molina Requirements
Sets forth the list of requirements expected of Molina in the case that they are not met, may have qualitative or financial implications.
Pricing Changes:
 
Tab Reference
Tab Title
Description
 
EUS Steady State
[redacted]
Details the changes in pricing for [redacted].
 
EUS Transition
[redacted]
Details the changes in pricing for [redacted].
 
Core Infra Steady State
[redacted]
Details the changes in pricing for [redacted].
 
Core Infra Transition
[redacted]
Details the changes in pricing for [redacted].
 
Security Steady State
[redacted]
Details the changes in pricing for [redacted].
 
Security Transition
[redacted]
Details the changes in pricing for [redacted].


-2-
CONFIDENTIAL TREATMENT REQUESTED


Summary Results

Molina-Owned Assets
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Year 1 TCO
Year 2 TCO
Year 3 TCO
Year 4 TCO
Year 5 TCO
Year 1 Units
Year 2 Units
Year 3 Units
Year 4 Units
Year 5 Units
Units
 
 
Year 1 Pricing
Year 2 Pricing
Year 3 Pricing
Year 4 Pricing
Year 5 Pricing
Year 1 Productivity
Year 2 Productivity
Year 3 Productivity
Year 4 Productivity
Year 5 Productivity
1. Infrastructure
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Server Services (MHI)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Physical (Non-Virtualized) Servers
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Physical (Virtualized) Servers
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
VM Ware ESX Virtualization
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Others (Nutanix)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Storage Services
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
SAN/NAS Storage
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
SAN-Only
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
NAS-Only
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Object
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Storage Services - Remote
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
NAS
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Optimization Appliance
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Backup Technology/Hardware
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Appliance Count
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Storage Capacity
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Data Throughput
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Network Hardware
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Access Point
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Switches
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Routers
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Firewalls and other Perimeter Device
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Load Balancers
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Other Devices
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
LAN Controllers
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Meraki Gateways
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Meraki Remote Z1
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Data Circuits
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Voice Circuits
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Gateways (Analog/Fax)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Network Software
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Voice Gateways
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
DB Services
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
DR
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Production
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Non-Production
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Middleware
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
SQL Server
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Oracle ODA
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
Oracle Exadata
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
Oracle PCA
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 

-3-
CONFIDENTIAL TREATMENT REQUESTED


Molina-Owned Assets
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Netezza
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
WebLogic
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Jump Servers
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
IIS
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
MariaDB
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
MySQL
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Oracle Server
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Citrix
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
ADFS
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
BizTalk
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Exchange
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Cloudera - does not yet factor Cloud
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Pivotal (Hortonworks)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Active Directory
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Delphix
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Data Collection Tools/Software
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Asset Management
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Collaboration
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Configuration Management
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Data Management
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Endpoint Management
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Hypervisor
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Load Balancing
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Operations Monitoring/Metircs
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
QA
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Security
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Service Management
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Storage & Backup
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Other Supplier Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Other Charges (Supplier to Specify)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Single Service Pricing (See Infrastructure Pricing Tab)
 
 
Single Service Pricing
2. Security Services
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Security Services
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Single Service Pricing (See Security Pricing Tab)
 
 
Single Service Pricing
3. End User Services
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Level 1 Service Desk
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
End Users (Corporate Offices)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
End Users (VIP)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
End User Computing
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Desktops
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Laptops
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Tablets
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Desktop Phones
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Mobile Phones
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
End Users (White Glove Service)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
End User Supported Software
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Utility and Device
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Development
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Network Application/Management
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

-4-
CONFIDENTIAL TREATMENT REQUESTED


Molina-Owned Assets
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Content Authoring and Management
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Data Management and Query
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Information Exchange
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Security and Protection
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Industry-Specific
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Business Function
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Operating Environment
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Education and Reference
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Finance
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Other
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Other Supplier Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Other Charges (Supplier to Specify)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Transition Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Transition Fees (All Towers)
2018
2019
2020
2021
2022
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Infrastructure Transition Fees
$-
$-
$-
$-
$-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
EUS Transition Fees
$-
$-
$-
$-
$-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Security Transition Fees
$-
$-
$-
$-
$-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Total Transition Fees
$ -
$ -
$ -
$ -
$ -
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Termination Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Termination Fees (All Towers)
2019
2020
2021
2022
2023
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Infrastructure Termination Fees
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
EUS Termination Fees
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Security Termination Fees
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Total Termination Fees
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Cost of Transformation
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2019 Cost of Transformation
2020 Cost of Transformation
2021 Cost of Transformation
2022 Cost of Transformation
2023 Cost of Transformation
5 Years Total
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Discount
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Net Price
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 



-5-
CONFIDENTIAL TREATMENT REQUESTED


Financial Responsibility Matrix


Facilities
 
 
Asset and Expense Allocation: Capital / Expense / Lease Cost
 
 
 
 
Key
 
 
 
 
 
Current Assets
Refresh
Upgrade / Enhance
Growth
 
Client
Client financially responsible
 
Client Facilities
[redacted]
[redacted]
[redacted]
[redacted]
 
Supplier
Supplier financially responsible
Supplier Facilities
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
Data telecommunications service and access fees
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
Telecommunication circuit provisioning
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
Long-Distance Phone Calls
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
Local Phone Calls
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
Use of Office Space
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
Use of Office Supplies
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
Use of Other Office Equipment
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
All Resource Categories
 
 
 
 
 
 
 
 
 
Supplier Staff on Client Premises
 
 
 
 
 
 
 
 
 
 
Long-Distance Phone Calls
[redacted]
N/A
N/A
N/A
 
 
 
 
 
 
Local Phone Calls
[redacted]
N/A
N/A
N/A
 
 
 
 
 
 
Use of Office Space
[redacted]
N/A
N/A
N/A
 
 
 
 
 
 
Use of Office Supplies
[redacted]
N/A
N/A
N/A
 
 
 
 
 
 
Use of Other Office Equipment
[redacted]
N/A
N/A
N/A
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Approved Supplier Facilities
Pursuant to Section [TBD - Supplier Facilities] the following locations are approved for the provision of Services
 
 
 
 
 
Location 1
Location 2
Location 3
Location 4
Location 5
Location 6
 
 
Primary Contact Phone Number
91 80 285 20261
91 172 669 8000
 
 
 
 
 
 
Address Line 1
Infosys Ltd.
Infosys Ltd.
Infosy Ltd.
 
 
 
 
 
Address Line 2
Electronics City, Hosur Road
Plot# I-3, IT City, Sector 83 Alpha, SAS Nagar
604 Pine Avenue
 
 
 
 
 
Address Line 3
Bengaluru
Mohali
Long beach
 
 
 
 
 
State/Province
Karnataka
Punjab
CA 90802
 
 
 
 
 
Routing Number
 
 
 
 
 
 
 
 
Country
India
India
USA
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Software
 
 
Asset Allocation: License / Lease Cost
 
 
 
 
Contract Expenses
 
 
Resource Category:
 
 
Current License
Replacement SW
SW Currency
Release/Upgrade
Growth
Maintenance
 
 
Infrastructure at Supplier Facilities
 
 
 
 
 
 
 
 
 
All basic personal computer Software
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
 
All application development Software tools
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
 
All server, networking, and management Software
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
 
All other Software
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
Infrastructure at Client Facilities
 
 
 
 
 
 
 
 
 
All basic personal computer Software
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
 
All application development Software tools
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
 
All server, networking, and management Software
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
 
All remote access (e.g. Citrix) Software
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
 
All other Software
[redacted]
[redacted]
n / n-1
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 

-6-
CONFIDENTIAL TREATMENT REQUESTED


Facilities
 
 
Asset and Expense Allocation: Capital / Expense / Lease Cost
 
 
 
 
Key
 
 
Equipment
 
 
Asset Allocation: Capital / Lease Cost
 
 
 
 
Contract Expenses
 
 
Resource Categories
 
 
Current Assets
Refresh
Cycle
Upgrade / Enhance
Growth
Maintenance
 
 
Infrastructure at Supplier Facilities
 
 
 
 
 
 
 
 
 
All personal computing Equipment
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
All telecommunications Equipment
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
All server, networking, and management Equipment (Public Cloud / Traditional)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
All server, networking, and management Equipment (Private Cloud)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
All other Equipment
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
Infrastructure at Client Facilities
 
 
 
 
 
 
 
 
 
All personal computing Equipment
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
All telecommunications Equipment
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
All server, networking, and management Equipment
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
All other Equipment
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
Supplier Personnel
 
 
Salary & Benefits
Travel
Training
Relocation
Staffing Incr. / Decr.
Severance
Retention Payments
 
Transitioned Employees
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Transitioned Contractors
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Third-Party Service Contracts
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Supplemental Supplier Personnel
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 



-7-
CONFIDENTIAL TREATMENT REQUESTED


Transition Fees

 
 
 
 
 
 
 
 
 
Transition Fees Year 1
Transition Fees Year 2
Transition Fees Year 3
Transition Fees Renewal Year 4
Transition Fees Renewal Year 5
 
 
 
 
 
 
 
 
 
 
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 5
Year 5
Year 5
Year 5Year 5 Year 5 Year 5 Year 5 Year 5 Year 5 Year 5 Year 5
 
Expense Line Items
 
Description / Inputs
 
Unit
Currency
Total Fees
 
Month 1
Month 2
Month 3
Month 4
Month 5
Month 6
Month 7
Month 8
Month 9
Month 10
Month 11
Month 12
Month 13
Month 14
Month 15
Month 16
Month 17
Month 18
Month 19
Month 20
Month 21
Month 22
Month 23
Month 24
Month 25
Month 26
Month 27
Month 28
Month 29
Month 30
Month 31
Month 32
Month 33
Month 34
Month 35
Month 36
Month 37
Month 38
Month 39
Month 40
Month 41
Month 42
Month 43
Month 44
Month 45
Month 46
Month 47
Month 48
Month 49
Month 50
Month 51
Month 52Month 53 Month 54 Month 55 Month 56 Month 57 Month 58 Month 59 Month 60
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
                
Infrastructure Transition Fees
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Transition Start Date
[Insert Date]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Commencent of Services Date
[Insert Date]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Number of Provider Personnel Onsite
[Insert Justification]
 
Personnel
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onsite FTE Rate (per month)
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onsite Personnel Fees
[Insert Justification]
 
Fees
 
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Number of Provider Personnel Offshore
[Insert Justification]
 
Personnel
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore FTE Rate (per month)
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore Personnel Fees
[Insert Justification]
 
Fees
 
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Software Investments
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Hardware Investments
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Facilities
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Travel & Expenses
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Connectivity
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Other
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Total Non-Personnel Transition Fees
 
 
Total Fees
USD
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
                
EUS Transition Fees
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Transition Start Date
[Insert Date]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Commencent of Services Date
[Insert Date]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Number of Provider Personnel Onsite
[Insert Justification]
 
Personnel
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onsite FTE Rate (per month)
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onsite Personnel Fees
[Insert Justification]
 
Fees
 
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Number of Provider Personnel Offshore
[Insert Justification]
 
Personnel
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore FTE Rate (per month)
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore Personnel Fees
[Insert Justification]
 
Fees
 
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Software Investments
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Hardware Investments
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Facilities
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Travel & Expenses
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Other
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Total Non-Personnel Transition Fees
 
 
Total Fees
USD
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Security Transition Fees
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Transition Start Date
[Insert Date]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Commencent of Services Date
[Insert Date]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Number of Provider Personnel Onsite
[Insert Justification]
 
Personnel
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onsite FTE Rate (per month)
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onsite Personnel Fees
[Insert Justification]
 
Fees
 
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Number of Provider Personnel Offshore
[Insert Justification]
 
Personnel
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore FTE Rate (per month)
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore Personnel Fees
[Insert Justification]
 
Fees
 
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Software Investments
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Hardware Investments
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Facilities
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Travel & Expenses
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Other
[Insert Justification]
 
Fees
USD
0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Total Non-Personnel Transition Fees
 
 
Total Fees
USD
0.00
 
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.000.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Number of Months Required for Termination
>
[Insert Number of Months]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 1
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 2
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 3
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 4
Year 5
Year 5
Year 5
Year 5Year 5 Year 5 Year 5 Year 5 Year 5 Year 5 Year 5 Year 5
 
Expense Line Items
 
Description / Inputs
 
Unit
Currency
Total Fees
 
Month 1
Month 2
Month 3
Month 4
Month 5
Month 6
Month 7
Month 8
Month 9
Month 10
Month 11
Month 12
Month 13
Month 14
Month 15
Month 16
Month 17
Month 18
Month 19
Month 20
Month 21
Month 22
Month 23
Month 24
Month 25
Month 26
Month 27
Month 28
Month 29
Month 30
Month 31
Month 32
Month 33
Month 34
Month 35
Month 36
Month 37
Month 38
Month 39
Month 40
Month 41
Month 42
Month 43
Month 44
Month 45
Month 46
Month 47
Month 48
Month 49
Month 50
Month 51
Month 52Month 53 Month 54 Month 55 Month 56 Month 57 Month 58 Month 59 Month 60
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
infrastructure Termination Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Labor Fees not to Exceed
Free Transition and Wind down cost
 
Rate/Month
USD
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Asset Fees not to Exceed
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Infrastructure Termination Fees
Free Transition and Wind down cost
 
Fees
 
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
EUS Termination Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Labor Fees not to Exceed
Free Transition and Wind down cost
 
Rate/Month
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Asset Fees not to Exceed
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
EUS Termination Fees
Free Transition and Wind down cost
 
Fees
 
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

-8-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
 
 
 
 
 
 
Transition Fees Year 1
Transition Fees Year 2
Transition Fees Year 3
Transition Fees Renewal Year 4
Transition Fees Renewal Year 5
 
Security Termination Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Labor Fees not to Exceed
Free Transition and Wind down cost
 
Rate/Month
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
Asset Fees not to Exceed
[Insert Justification]
 
Rate/Month
USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Application Termination Fees
Free Transition and Wind down cost
 
Fees
 
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]



-9-
CONFIDENTIAL TREATMENT REQUESTED


Discount Schedule
 
 
 
% Discount
Total Incremantal Charges ($)
 
 
 
Year 1
Year 2
Year 3
Year 4
Year 5
 
 
 
 
(1st 12 Months)
(2nd 12 Months)
(3rd 12 Months)
(4th 12 Months)
(5th 12 Months)
>
0
and <
5,000,000
 
 
 
 
 
>
5,000,000
and <
10,000,000
 
 
 
 
 
>
10,000,000
and <
15,000,000
 
 
 
 
 
>
15,000,000
and <
20,000,000
 
 
 
 
 
>
20,000,000
and <
25,000,000
 
 
 
 
 
>
25,000,000
and <
30,000,000
 
 
 
 
 
>
30,000,000
and <
35,000,000
 
 
 
 
 
>
35,000,000
and <
40,000,000
 
 
 
 
 
>
40,000,000
and <
45,000,000
 
 
 
 
 
>
45,000,000
and <
50,000,000
 
 
 
 
 
>
50,000,000
and <
55,000,000
 
 
 
 
 
>
55,000,000
and <
60,000,000
 
 
 
 
 
>
60,000,000
and <
65,000,000
 
 
 
 
 
>
65,000,000
and <
70,000,000
 
 
 
 
 
>
70,000,000
and <
75,000,000
 
 
 
 
 
>
75,000,000
and >
 
 
 
 
 
 




-10-
CONFIDENTIAL TREATMENT REQUESTED


 
Invoice Description
Services In Scope
Invoicing Entity Name
Invoicing Entity Country
Invoicing Entity State
Invoicing Entity City
Invoiced Entity
Invoiced Entity Country
Invoiced Entity State
Invoiced Entity City
Percentage of Total Fees
Frequency of Invoice
Currency of Pricing
Currency of Invoicing & Payment
Payment Receipt Entity
1. Infrastructure
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Towards Server and DC Support services rendered for the month of < Month Invoiced>
Support
Infosys Limited
India
TamilNadu
Chennai
[redacted]
United States
Long Beach
California CA US 90801-5813
[redacted]
Monthly
USD
USD
Invoicing Entity
 
 
 
 
 
 
 
 
 
 
 
 
 
USD
USD
Invoicing Entity
2. End User Services
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Towards End User Devices and Softwares support services rendered for the month of < Month Invoiced>
Support
Infosys Limited
India
TamilNadu
Chennai
[redacted]
United States
Long Beach
California CA US 90801-5813
[redacted]
Monthly
USD
USD
Invoicing Entity
 
 
 
 
 
 
 
 
 
 
 
 
 
USD
USD
Invoicing Entity
3. Security
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Towards Infrastructure security support services rendered for the month of < Month Invoiced>
Support
Infosys Limited
India
TamilNadu
Chennai
[redacted]
United States
Long Beach
California CA US 90801-5813
[redacted]
Monthly
USD
USD
Invoicing Entity




-11-
CONFIDENTIAL TREATMENT REQUESTED


Infrastrucutre Pricing
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Note: Year 1 begins on the Commencement Date, after completion of Transition
All Resource Unit Rates in USD (United States Dollars)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onshore/Offshore Ratios
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Percentage Onshore:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onshore Location:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Percentage Offshore:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore Location:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
RU Exceptions to Onshore Ratio
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 


 
Designated Service Tower
 
Measurement Unit
 
Units
Pricing
 
 
 
 
 
 
Year 1
Year 2
Year 3
Year 4
Year 5
 
Year 1
Year 2
Year 3
Year 4
Year 5
 
 
 
 
 
 
 
(1st 12 Months)
(2nd 12 Months)
(3rd 12 Months)
(4th 12 Months)
(5th 12 Months)
 
(1st 12 Months)
(2nd 12 Months)
(3rd 12 Months)
(4th 12 Months)
(5th 12 Months)
 
 
Molina Owned Assets
 
 
 
Unit Count
Unit Count
Unit Count
Unit Count
Unit Count
 
Unit Price
Unit Price
Unit Price
Unit Price
Unit Price
Additional Pricing Guidance
 
Server Services (MHI)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Physical (Non-Virtualized) Servers
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
 $ [redacted]
 $ [redacted]
 $ [redacted]
 $ [redacted]
 
 
 
Physical (Virtualized) Servers
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
 $ [redacted]
 $ [redacted]
 $ [redacted]
 $ [redacted]
 
 
 
VM Ware ESX Virtualization
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
 $ [redacted]
 $ [redacted]
 $ [redacted]
 $ [redacted]
 
 
 
Others (Nutanix)
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
 $ [redacted]
 $ [redacted]
 $ [redacted]
 $ [redacted]
 
 
Storage Services
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
SAN/NAS Storage
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
SAN-Only
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
NAS-Only
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Object
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
Storage Services - Remote
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
NAS
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Optimization Appliance
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
Backup Technology/Hardware
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Appliance Count
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
Storage Capacity
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 $ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Data Throughput
 
TB per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
Network Hardware
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Access Point
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Switches
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Routers
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Firewalls and other Perimeter Device
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Load Balancers
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Other Devices
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
LAN Controllers
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Meraki Gateways
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Meraki Remote Z1
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Data Circuits
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Voice Circuits
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Gateways (Analog/Fax)
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Network Software
 
Releases per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Voice Gateways
 
Units per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
DB Services
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
DR
 
Instances per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Production
 
Instances per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Non-Production
 
Instances per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
Middleware
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
SQL Server
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
Oracle ODA
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Oracle Exadata
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 

-12-
CONFIDENTIAL TREATMENT REQUESTED


 
Designated Service Tower
 
Measurement Unit
 
Units
Pricing
 
 
Oracle PCA
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Netezza
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
WebLogic
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Jump Servers
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
IIS
 
Servers per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
MariaDB
 
Instances per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
MySQL
 
Instances per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Oracle Server
 
Instances per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Citrix
 
Nodes per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
ADFS
 
Nodes per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
BizTalk
 
Nodes per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Exchange
 
Nodes per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Cloudera - does not yet factor Cloud
 
Nodes per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Pivotal (Hortonworks)
 
Nodes per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Active Directory
 
Domain components per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Delphix
 
OVA appliances per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
Data Collection Tools/Software
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Asset Management
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Collaboration
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Configuration Management
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Data Management
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Endpoint Management
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Hypervisor
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Load Balancing
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Operations Monitoring/Metircs
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
QA
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Security
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Service Management
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Storage & Backup
 
Tools per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
Other Supplier Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onsite Command Center
 
Single cost per year
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Azure Foundation & Implementation
 
Single cost per year
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
 
 
 
 
 
 
 
Azure Migration
 
Single cost per year
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
 
 
 
 




-13-
CONFIDENTIAL TREATMENT REQUESTED


 
[redacted]
 
 
 
 
Onshore/Offshore Ratios
 
 
 
 
 
 
 
 
 
 
 
 
 
Percentage Onshore:
 
 
 
 
 
 
Onshore Location:
 
 
 
 
 
 
Percentage Offshore:
 
 
 
 
 
 
Offshore Location:
 
 
 
 
 
 
RU Exceptions to Onshore Ratio
 
 
 
 
 
 
 
 
 
Security
 
Services Charges
Total Charges
 
Year 1
Year 2
Year 3
Year 4
Year 5
 
 
(1st 12 Months)
(2nd 12 Months)
(3rd 12 Months)
(4th 12 Months)
(5th 12 Months)
Item 1
[Security Managed Service]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
Item 2
 
 
 
 
 
 
Item 3
 
 
 
 
 
 
Item 4
 
 
 
 
 
 
Item 5
 
 
 
 
 
 
Item 6
 
 
 
 
 
 
Item 7
 
 
 
 
 
 
Item 8
 
 
 
 
 
 
Item 9
 
 
 
 
 
 
Item 10
 
 
 
 
 
 
Item 11
 
 
 
 
 
 
Item 12
 
 
 
 
 
 
Item 13
 
 
 
 
 
 
Item 14
 
 
 
 
 
 
Item 15
 
 
 
 
 
 
Item 16
 
 
 
 
 
 
Item 17
 
 
 
 
 
 
Item 18
 
 
 
 
 
 
Item 19
 
 
 
 
 
 
Item 20
 
 
 
 
 
 
Item 21
 
 
 
 
 
 
Item 22
 
 
 
 
 
 
Item 23
 
 
 
 
 
 
Item 24
 
 
 
 
 
 
Item 25
 
 
 
 
 
 
Item 26
 
 
 
 
 
 
Item 27
 
 
 
 
 
 
Item 28
 
 
 
 
 
 
Item 29
 
 
 
 
 
 
Item 30
 
 
 
 
 
 
Item 31
 
 
 
 
 
 



-14-
CONFIDENTIAL TREATMENT REQUESTED


Note: All Resource Unit Rates should be monthly and in USD
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onshore/Offshore Ratios
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Service Desk
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Percentage Onshore:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Onshore Location:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Percentage Offshore:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore Location:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
RU Exceptions to Onshore Ratio
 
 
 
 
 
 
 
 
 
 
 
End User Services
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Percentage Onshore:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Location:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Percentage Offshore:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Offshore Location:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
RU Exceptions to Onshore Ratio
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Units
Pricing

 
Designated Service Tower
Measurement Unit
 
Year 1
Year 2
Year 3
Year 4
Year 5
 
Year 1
Year 2
Year 3
Year 4
Year 5
 
 
 
 
 
 
(1st 12 Months)
(2nd 12 Months)
(3rd 12 Months)
(4th 12 Months)
(5th 12 Months)
 
(1st 12 Months)
(2nd 12 Months)
(3rd 12 Months)
(4th 12 Months)
(5th 12 Months)
 
 
 
 
 
 
Unit Count
Unit Count
Unit Count
Unit Count
Unit Count
 
Unit Price/Mo.
Unit Price/Mo.
Unit Price/Mo.
Unit Price/Mo.
Unit Price/Mo.
Additional Pricing Guidance
 
Level 1 Service Desk (Model 1)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
End Users (Corporate Offices)
Users per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
End Users (VIP)
Users per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
End User Computing
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Desktops
Devices per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Laptops
Devices per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Tablets
Devices per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Desktop Phones
Devices per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Mobile Phones
Devices per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
End Users (White Glove Service)
Users per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
End User Supported Software
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Utility and Device
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Development
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Network Application/Management
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Content Authoring and Management
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Data Management and Query
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Information Exchange
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Security and Protection
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Industry-Specific
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Business Function
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Operating Environment
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Education and Reference
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Finance
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
 
Other
Programs per month
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
$ [redacted]
 
 
Other Charges
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Other Supplier Charges
Single cost per year
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
Other Supplier Charges
Single cost per year
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
Other Supplier Charges
Single cost per year
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
 

-15-
CONFIDENTIAL TREATMENT REQUESTED


Resource Unit Definitions
 
 
 
 
 
 
 
 
 
 
 
 
 
 
End User Services
 
End Users (Corporate Offices)
[redacted]
 
Level 1 Ticket
[redacted]
 
Level 2 Ticket
[redacted]
 
Desktops and Laptops
[redacted]
 
Mobile Devices
[redacted]
 
Desktop Phones
[redacted]
 
Infrastructure
 
Physical (Non-Virtualized) Servers
[redacted]
 
Physical (Virtualized) Servers
[redacted]
 
Other (e.g., VM Ware ESX) Servers
 
 
SAN / NAS / File Services
[redacted]
 
LAN Switches and other LAN Device
[redacted]
 
WAN Routers and other WAN Equipment
[redacted]
 
Firewalls and other Perimeter Device
[redacted]
 
Telephony Services
[redacted]
 
Security
[redacted]
 
Web Application Scanning
[redacted]
 
SQL Server
[redacted]
 
Oracle
[redacted]
 
Other
[redacted]



-16-
CONFIDENTIAL TREATMENT REQUESTED


Supplemental Rate Card
 
 
 
 
 
 
Note: [redacted]
 
 
 
 
 
Role
Role Description
Traditional
Offshore Agile
Near-Shore Agile
 
 
Server Admin
Responsible for Server issues, performs administration and routine support, execution of processes, services. Determines escalation to higher levels.
[redacted]
[redacted]
 
 
 
Server SME
Subject Matter expert, highly skilled and is sought out by team members to advise, peer review, and has knowledge of all technology related products.Has ability to interact with clients at all levels including members of senior leadership.
[redacted]
[redacted]
 
 
 
Infra Admin
Responsible for administration and routine support for Infrastructure, execution of processes and services. Determines escalation to higher levels.
[redacted]
[redacted]
 
 
 
Infra SME
Subject Matter expert, highly skilled and is sought out by team members to advise, peer review, and has knowledge of all technology related products.Has ability to interact with clients at all levels including members of senior leadership.
[redacted]
[redacted]
 
 
 
SQL Admin
Responsible for managing SQL related issues, performs administration and routine support, execution of processes, services. Determines escalation to higher levels.
[redacted]
[redacted]
 
 
 
SQL SME
Subject Matter expert, highly skilled and is sought out by team members to advise, peer review, and has knowledge of all technology related products.Has ability to interact with clients at all levels including members of senior leadership.
[redacted]
[redacted]
 
 
 
Oracle Admin
Responsible for managing Oracle related issues, performs administration and routine support, execution of processes, services. Determines escalation to higher levels.
[redacted]
[redacted]
 
 
 
Oracle SME
Subject Matter expert, highly skilled and is sought out by team members to advise, peer review, and has knowledge of all technology related products.Has ability to interact with clients at all levels including members of senior leadership.
[redacted]
[redacted]
 
 
 
Exadata Admin
Responsible for managing Exadata related issues, performs administration and routine support, execution of processes, services. Determines escalation to higher levels.
[redacted]
[redacted]
 
 
 
Exadata SME
Subject Matter expert, highly skilled and is sought out by team members to advise, peer review, and has knowledge of all technology related products.Has ability to interact with clients at all levels including members of senior leadership. Provides expertise and hands on implementation in specific areas
[redacted]
[redacted]
 
 
 
Network Data - Admin
Responsible for Installing, Maintaining and troubleshooting network and computer systems.Diagnosing and fixing problems or potential problems with the network and its hardware, software and systems. Monitoring network and systems to improve performance.
[redacted]
[redacted]
 
 
 
Network Data - SME
Subject Matter expert, highly skilled and is sought out by team members to advise, peer review, and has knowledge of all technology related products. Provides expertise and hands on implementation in specific areas.
[redacted]
[redacted]
 
 
 
Network Voice - Admin
Responsible for Installing, Maintaining and troubleshooting voice devices. Identifying and fixing problems or potential problems with the voice network and its hardware, software and systems. Monitoring voice systems to improve performance.
[redacted]
[redacted]
 
 
 
Network Voice - SME
Subject Matter expert, highly skilled and is sought out by team members to advise, peer review, and has knowledge of all technology related products. Has ability to interact with clients at all levels including members of senior leadership. Provides expertise and hands on implementation in specific areas. Wide range of experience on design, implementation and support of Avaya & Cisco Unified Communication & Contact center technologies.
[redacted]
[redacted]
 
 
 
Enterprise Architect
Design and implementation of systems to support the enterprise infrastructure. Ensuring all systems work at optimal levels and support the development of new technologies and system requirements. Manage, architect, and implement infrastructure components for the global enterprise to improve business processes and achieve significant cost reductions.
[redacted]
[redacted]
[redacted]
 
 
Project Manager
Managing very large complex project work with executive level clients to drive projects and business organisations toward achieving the intended business results
[redacted]
[redacted]
[redacted]
 
 
Program Manager
Managing complex, transformational programs with executive level clients to drive projects and business organizations toward achieving the intended business results
[redacted]
[redacted]
 
 
 
Sr. Technology Architect
Design, manage, architect, and implement complex systems and components leveraging Digital Technolgies (Big data, Data Science, IOT, etc.)
[redacted]
[redacted]
[redacted]
 
 
Solution Architect
Design, architect, and implement components across technology stacks. Works as expert developer in critical project requirements
[redacted]
[redacted]
[redacted]
 
 
Sr. Analyst - Niche
Senior analyst with 3+ years of experience in developing/configuring systems and components across niche technologies areas such as - Big Data, IOT, Digital, COTS Products, QNXT, ERP, Full stack development (including MEAN/MERN, Web/Micro Services, Databases)
[redacted]
[redacted]
[redacted]
 
 
Analyst - Niche
Analyst with up to 3 years of experience in developing/configuring systems and components across niche technologies areas such as - Big Data, IOT, Digital,COTS Products, QNXT, ERP
[redacted]
[redacted]
[redacted]
 
 
Test Process Consultant
Setting up Test Maturity Assessment and development of roadmap for process improvements.
Assist in the TCoE Transition for the Testing function of applications to Testing Center of Excellence
Conduct automation feasibility for existing application portfolio and develop a roadmap and strategy for maturing the automation of the QA organization
Provide leadership to Functional Testing teams providing testing services
[redacted]
[redacted]
[redacted]
 
 
Specialized Tester
Provide guidance for specialized test (Performance/ test data management/ test environment management/ security testing/ API testing )
Act as dedicated (virtual) support for different specialized testing services mentioned above
Analysis of business requirements for specialized testing services mentioned above
Review of Test Plan & preparation of Test Cases for specialized testing services
Report test results and defects detected for specialized testing services
[redacted]
[redacted]
[redacted]
 
 
Healthcare Industry Principal
Strategic Consulting, Product Evaluation and recommendation, Product fitment and gap analysis, Stakeholder Management, Plan and manage critical programs for product implementation and support. As a Design Thinking Coach – Plan, Lead and Conduct Design Thinking workshops to partner with stakeholders to identify, define and prototype solutions
[redacted]
[redacted]
[redacted]
 
 
Sr. Healthcare Consultant
Product Evaluation and recommendation, Product fitment and gap analysis, Stakeholder Management, Plan and manage critical programs for product implementation and support
[redacted]
[redacted]
[redacted]
 
 
Digital Strategist
Strategic consultant - helps create and deliver enterprise / regional digital strategies. Applies design thinking to business innovation, transforming outdated, vulnerable models into more sustainable and adaptable ones able to navigate the markets of tomorrow.
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Security
Role
Traditional
Offshore Agile
Near-Shore Agile
 
 
Sr. Admin
Configure Role Association Type focused on debug incidents related to user identity provisioning / de-provisioning, user account reconciliation, user authentication, authorization, and session management.
[redacted]
[redacted]
 
 
 
Lead Developer
Daily monitoring and Ongoing maintenance, Config Mgmt. SoD and Policy Roll-out. Product Administration, Application Integration. Plug-in and Workflow customization. Web Access Mgmt
[redacted]
[redacted]
 
 
 
Admin
Responsible for IAM Service Monitoring. User provisioning and administration tasks. Password management and operational reporting. Incident handling & Closure
[redacted]
[redacted]
 
 
 
Consultant
Provide security design and vendor configuration reviews for project implementation, including SaaS and offsite hosting applications.
Administration of Molina's information and data security policies and practices to ensure authorised users can readily access information and that the information is protected in terms of confidentiality, integrity and availability
[redacted]
[redacted]
 
 
 
Security Mgr
Responsible for monitoring the security operations, implement security policies, regulations, rules, and norms and ensures that the IT environment is secure. Handle escalations. Participate on discussion with Molina. Participate in regular practiced drills for security incident response.
SLA tracking, SLA monitoring. Share analysis report. Take appropriate action to respond to weekly/monthly reporting and alerted incidents
[redacted]
[redacted]
 

-17-
CONFIDENTIAL TREATMENT REQUESTED


 
 
Sr. Engineer
Engineering, implementing and monitoring security measures for the protection of computer systems, networks and information. Designing computer security architecture and developing detailed cyber security designs.
[redacted]
[redacted]
 
 
 
SOC Lead
Lead and manage Security Operations Center. Primarily responsible for security event monitoring, management and response. Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
[redacted]
[redacted]
 
 
 
Sr. Analyst
Front lines fighting against cyber attacks and analyzing threats, implementing security measures as dictated by management. Stay up-to-date on the latest intelligence, including hackers' methodologies, in order to anticipate security breaches
[redacted]
[redacted]
 
 
 
Sr. Engineer
Evaluate the security of applications through design and code reviews, adherence to application security standards, and application vulnerability assessments, Conduct web application security scans, analyze results for false positives, prioritize vulnerabilities, and research and propose remediation steps.
[redacted]
[redacted]
 
 
 
Architect
Subject matter expert consultant role responsible for architecting, designing and implementing a variety of identity and access management solutions. Being the face of client delivery and managing client expectations day-to-day.
[redacted]
[redacted]
 
 
 
Lead Developer
Responsible for the ongoing development, deployment, and support of the  evolving IAM systems. The IAM System Developer identifies business needs, collects the requirements, provides project management and hands-on implementation support for new IAM applications, administers the IAM components and overall system, and resolves complex system problems.
[redacted]
[redacted]
 
 
 
Lead Developer
The IAM BA/Lead Developer identifies business needs, collects the requirements, provides project management and hands-on implementation support for new IAM applications, administers the IAM components and overall system, and resolves complex system problems.
[redacted]
[redacted]
 
 
 
Program Manager
Managing complex, transformational programs with executive level clients to drive projects and business organizations toward achieving the intended business results
[redacted]
[redacted]
 
 
 
Senior Industry Consultant - Security
 
[redacted]
[redacted]
 
 
 
Industry Consultant - Security
 
[redacted]
[redacted]
 
 
 
Cloud Technology Roles
 
[redacted]
[redacted]
 
 
 
Enterprise Architect
 
[redacted]
[redacted]
 
 
 
Senior Technology Architect
 
[redacted]
[redacted]
 
 
 
Technology Architect
 
[redacted]
[redacted]
 
 
 
Lead Consultant
 
[redacted]
[redacted]
 
 
 
Senior Consultant
 
[redacted]
[redacted]
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
EUS
Role
Traditional
Offshore Agile
Near-Shore Agile
 
 
Desktop Engineer
Desktop Engineer responsible for all in scope end user device related issues that can be resolved remotely.
Performs general preventative maintenance tasks.
[redacted]
[redacted]
 
 
 
Field Services - Desktop Engineer
Desktop Engineer operating from customer site responsible for all in scope end user device related issues including IMAC. Performs general preventative maintenance tasks. Performs work in compliance within specified warranty requirements.
[redacted]
[redacted]
 
 
 
Image Deployment
Responsible for Image deployment. Troubleshooting Image deployment issues. Sound knowledge of Image deployment through LANDesk/ SCCM
[redacted]
[redacted]
 
 
 
L2 Service Desk
Responsible for handling application and installation related issues, logging all incidents and requests; triaging, and follow up on pending issues. Provides basic application support and responsible for installation desk activities
[redacted]
[redacted]
 
 
 
Service Desk - English
Responsible for handling issues from users through Call/ mail/ web, logging all incidents and requests; triaging, and follow up on pending issues. Creates a positive customer support experience by providing necessary and accurate information consistently. Provides support for basic/ SOP based issues.
 
 
[redacted]
 
 
Service Desk Lead
Service Desk Lead responsible for ensuring SLA adherence, consistent performance, monitoring high priority tickets, review Service desk analyst performance
 
 
[redacted]
 
 
Service Desk Manager
Responsible for monitoring the overall Service desk operations, reviewing team performance, ensuring Service Desk readiness. Handle escalations. Participate on discussion with Molina. SLA tracking, SLA monitoring. Share analysis report. Take appropriate action to respond to weekly/monthly reporting and alerted incidents
 
 
[redacted]
 
 
Software dist & Patching
Responsible for Software distribution and Patch Management. Troubleshooting Software distribution and patching issues. Sound knowledge of Software distribution and patching through LANDesk/ SCCM
[redacted]
[redacted]
 
 
 
Tools & Automation Roles
 
 
 
 
 
 
Senior Architect
 
[redacted]
[redacted]
 
 
 
Technology Arhcitect
 
[redacted]
[redacted]
 
 
 
Principal Consultant
 
[redacted]
[redacted]
 
 
 
Lead Consultant
 
[redacted]
[redacted]
 
 
 
Senior Consultant
 
[redacted]
[redacted]
 
 
 
[ As needed Supplier Added Role 7]
 
 
 
 
 
 
[ As needed Supplier Added Role 8]
 
 
 
 
 
 
[ As needed Supplier Added Role 9]
 
 
 
 
 
 
[ As needed Supplier Added Role 10]
 
 
 
 




-18-




CONFIDENTIAL TREATMENT REQUESTED


Molina Requirements
 
 
 
 
 
 
All pricing indicated within this Appendix 3-A (Pricing Matrix) is assumed as the Supplier's bid. Supplier may indicate any exception to pricing with regards to Molina requirements to the delivery of services below.
 
 
 
 
#
Requirement
Qualitative Implication(s)
Potential Financial Impact
1
 
 
 
2
 
 
 
3
 
 
 
4
 
 
 
5
 
 
 
6
 
 
 
7
 
 
 
8
 
 
 
9
 
 
 
10
 
 
 
11
 
 
 
12
 
 
 
13
 
 
 
14
 
 
 
15
 
 
 
16
 
 
 
17
 
 
 
18
 
 
 
19
 
 
 
20
 
 
 
21
 
 
 
22
 
 
 
23
 
 
 


-19-




CONFIDENTIAL TREATMENT REQUESTED



[redacted](1) 







































 
1 Sixteen (16) pages have been redacted in their entirety.

-20-
CONFIDENTIAL TREATMENT REQUESTED






SCHEDULE 4 TRANSITION AND TRANSFORMATION






CONFIDENTIAL TREATMENT REQUESTED



CONTENTS
Clause
 
Page
 
 
 
1.
Definitions
2
2.
Introduction; Charges
2
3.
Performance of Transition Services
2
4.
Transition Team
3
5.
Transition Plan
3
6.
Transition Services
5
7.
Transformation
6
8.
Wind-down of Transition Services
7


(i)




CONFIDENTIAL TREATMENT REQUESTED


1.
DEFINITIONS
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation).
2.
INTRODUCTION; CHARGES
This Schedule 4 (Transition and Transformation) sets the process for transferring responsibility for the performance of the Services to the Service Provider in readiness for Go Live. No Charges shall be payable by Molina in connection with the Transition Services.
3.
PERFORMANCE OF TRANSITION SERVICES
3.1
The Service Provider shall provide the Transition Services and the Transition Deliverables in accordance with the Transition Plan or as set out in a Services Order or Local Agreement and, in any event, so as to achieve the Milestones by the Milestone Dates;
3.2
The Service Provider shall perform such other tasks and provide such other outputs as are required to achieve the Milestones by the Milestone Dates, and so that the Service Provider is ready to perform the Services in accordance with the terms of the Agreement from the Go Live Date(s); and
3.3
The Service Provider shall perform the activities described in paragraphs 3.1 and 3.2 above causing only minimal and non-adverse impact to Molina and its other service providers.
3.4
Subject to paragraph 3.5 below, the Service Provider shall effect the transition to it of the Services and shall be in a position to provide the Services in accordance with the terms of the Agreement from the Service Commencement Date(s). Service Provider shall manage and be responsible for the Transition Services and shall comply with its obligations under the Transition Plan.
3.5
The Service Provider shall execute all Transition Services and Molina will be responsible for any Molina Responsibilities in relation to the Transition Services that are identified in the relevant Transition Plan.
3.6
The Service Provider shall manage issues and risks during the period of transition and escalate any issues and risks to Molina as appropriate.
3.7
Throughout the period of transition, and without limiting Service Provider’s obligations under the Agreement, Service Provider shall comply with all relevant Molina policies and standards, including network and data security requirements provided to the Service Provider in writing.
3.8
The Service Provider shall provide a written description of the Service Provider's solution during Transition Period in accordance with the timescale agreed in the Transition Plan. For the avoidance of doubt, the solution will supplement and not in any way reduce the scope of the Services or conflict with any provision of this Agreement.
3.9
The Service Provider shall promptly notify Molina if it reasonably believes it will not be able to meet its obligations under this schedule.
3.10
In the event of a delay during transition due to fault of the Service Provider, any costs incurred by the Service Provider shall be borne by the Service Provider, and any costs incurred by Molina to the extent such costs would otherwise constitute damages that Molina is permitted to recover under the Agreement shall be borne by Service Provider.
4.
TRANSITION TEAM

-2-




CONFIDENTIAL TREATMENT REQUESTED


4.1
Service Provider shall assign a Transition Services team headed by an experienced transition manager (“Service Provider Transition Lead”) who shall be a member of the program team until steady-state implementation is complete.
4.2
The Service Provider Transition Lead shall be responsible for developing the Transition Plan and managing all Transition Services covered within this Schedule 4.
4.3
The Transition Services team shall perform all functions, tasks, and responsibilities to plan and execute a successful and smooth transition, including:
(a)
program administration and management for all Transition Services for Service Provider and Molina;
(b)
establishing and documenting Service Provider’s procedures for change management, communications, escalation, and Problem Management;
(c)
maintaining and updating the Transition Plan;
(d)
executing the Transition Plan; and
(e)
managing to the Transition Plan through successful transition of the Services, including reporting to Molina on status, issues, and risks.
5.
TRANSITION PLAN
5.1
Within 10 Working Days of the Commencement Date the Service Provider shall propose to Molina a high level Initial Transition Plan that describes in reasonable detail how it will affect the transition contemplated in this Schedule. The written “Initial Transition Plan” shall be subject to Molina’s approval and, at minimum, shall include:
(a)
a description of all Deliverables to be provided pursuant to Transition Services and specifying the date such Deliverables will be provided
(b)
a description of the specific methods to be employed to perform the Transition Services and all resources required, both Service Provider Personnel and Molina personnel;
(c)
a description of the "Current State" of Molina's environment and the anticipated "Steady State" of Molina's environment after the completion of Transition Services, and all significant changes anticipated to achieve such environment, including:
(i)
proposed changes to delivery locations;
(ii)
proposed changes to delivery methods, processes, standards, or approaches;
(iii)
proposed changes to applications used to provide Services, including but not limited to Service Request Systems, Project request Systems, Incident Management Systems, monitoring tools and Systems, and programming tools and interfaces;

-3-




CONFIDENTIAL TREATMENT REQUESTED


(iv)
a detailed description of the efficiency levers and the impact to FTEs, tools, and assets. Such description shall also clearly describe any investments being made by Service Provider;
(v)
the process, tools, and timing required to support current Molina Critical Service Levels and achieve the Critical Service Levels to be met by Service Provider; and
(vi)
a description of all proposed Projects to be completed during the transition timeframe; and
(d)
all other aspects and criteria relating to the transition contemplated in this Schedule as set out in the Service Provider Technical Solution as of the Effective Date (except to the extent the relevant provisions of the Service Provider Technical Solution has been amended by the Parties through an amendment to the Agreement, or as set out in a Change Notice executed in accordance with Schedule 9 (Change)).
5.2
Within ten (10) Working Days of Acceptance of the Initial Transition Plan, Service Provider shall propose to Molina a Detailed Transition Plan that describes in greater detail how it will affect the transition contemplated in this Schedule.
5.3
Once the Detailed Transition Plan has been Accepted by Molina it shall constitute the Transition Plan and shall, subject to paragraph 5.4 below, supersede and replace the Initial Transition Plan.
5.4
The written “Detailed Transition Plan” shall be subject to Molina's approval and sole discretion and, at minimum, shall include:
(a)
a description of various items required for transition, including items related to Equipment, Software, Third Party Contracts, human resources transition, in-flight and pending Projects, Service Request Systems, and related applications, processes and technology;
(b)
a detailed transition schedule for all Transition Services;
(c)
a detail of all expected knowledge transfer activities;
(d)
details of any transition testing to be performed;
(e)
detailed planning to minimize downtime during transition;
(f)
detailed and continuous issues and risk assessments and contingency planning activities; and
(g)
a description of Exit Criteria that must be accomplished prior to wind-down of the Transition Services (“Exit Criteria”), which Exit Criteria shall include Molina’s final confirmation that the transition Deliverables have been accepted and the Transition Milestones have been completed, all in accordance with the Detailed Transition Plan and the Agreement.

-4-




CONFIDENTIAL TREATMENT REQUESTED


(h)
a description of all major Transition Milestones, together with dates for the completion of such Transition Milestones is set forth in the Initial Transition Plan and, as applicable, the Service Provider Technical Solution.
5.5
Subject to paragraph 5.10, the Detailed Transition Plan shall not alter any Milestone Date, required Go Live Date or impose any obligations on Molina or give rise to any further dependencies or assumptions in excess of those set out in the Agreement, and any attempt to do so shall be void and deemed not incorporated into the Detailed Transition Plan.
5.6
Acceptance and approval of the Transition Services, the Transition Deliverables and the Service Provider's readiness to Go Live will be conducted in accordance with the Detailed Transition Plan and the Agreement (including, to the extent applicable, the Service Provider Technical Solution).
5.7
If the Service Provider does not achieve a Milestone by its Milestone Date, then Service Provider shall be liable to Molina for a Delay Payment as specified in paragraph 8 of this Schedule.
5.8
The provisions of paragraphs 5.6 and 5.7 shall be deemed revised to apply to any amended Milestone Dates where extensions of time have been granted or agreed, whatever the reason for such extensions of time including a Relief Event. The payment of Delay Payments operate as a price reduction to reflect the reduced value of the Transition Services to Molina. Accordingly, the parties agree that they are not in any way compensatory but instead operate as a price adjustment and the claiming and payment of these is without prejudice to any other right and remedies that Molina might have.
5.9
The parties will comply with their respective obligations set out in the Transition Plans.
5.10
Any changes to the Transition Plan must be agreed in writing between the parties in accordance with a Change Procedure.
6.
TRANSITION SERVICES
6.1
Transition Services shall include activities necessary to complete the transition as detailed in the Transition Plan, including:
(a)
creating and executing the Transition Plan and meeting all Transition Milestones;
(b)
identifying and managing interdependencies of executing tasks during transition;
(c)
performing required site readiness activities;
(d)
identifying and onboarding resources required for Transition Services, both Service Provider’s and Molina’s resources;
(e)
collecting, reviewing and confirming user onboarding and access requirements required for delivery of Services;
(f)
verification and testing of transition changes, subject to Molina review and consideration for approval;

-5-




CONFIDENTIAL TREATMENT REQUESTED


(g)
validating migrated data;
(h)
managing quality on all aspects of the transition including, but not limited to, documentation, knowledge transfer activities, quality gate reviews;
(i)
establishing and executing governance model to be used during transition;
(j)
monitoring, tracking and reporting against the various tasks which need to be completed by all teams;
(k)
creating and executing a ramp-up plan that aligns with the Transition Plan;
(l)
setup of post go-live and ongoing production support processes and organizations;
(m)
providing information and data to Molina, and coordinating with and participating in (as requested by Molina), the completion of all applicable Exit Criteria; and
(n)
updating the Technical Solution Document to reflect any changes in the delivery solution made and approved by Molina during the transition contemplated in this Schedule.
6.2
The Service Provider shall perform the Transition Services as set out in Appendix 4A (Transition).
7.
TRANSFORMATION
7.1
Transformational Milestones are as set out in Appendix 4B (Transformation) and as agreed in writing by the Parties. These will be subject to Delay Payments if the Service Provider fails to achieve Milestones. The Service Provider shall transform the Services on a timeline approved by Molina and, in each case, (a) in accordance with Appendix 4B (Transformation), with the actual actions to be undertaken by the Service Provider being subject to Molina’s written approval, and (b) as otherwise agreed by the Parties.
7.2
In addition to the above, from time to time, the Service Provider will recommend transformational initiatives over the duration of contract to further improve Molina operating efficiency, reliability, scale, speed to delivery, and customer satisfaction while reducing costs, including at a minimum all aspects and criteria relating to transformation as set out in the Service Provider Technical Solution as of the Effective Date (except to the extent the relevant provisions of the Service Provider Technical Solution has been amended by the Parties through an amendment to the Agreement, or as set out in a Change Notice executed in accordance with Schedule 9 (Change)). Service Provider shall demonstrate through governance meetings how these initiatives might be integrated to ongoing operations and for bringing new ideas and approaches to Molina in support of their transformation.
7.3
Transformational Initiatives for Infrastructure


-6-




CONFIDENTIAL TREATMENT REQUESTED


Project Scope: Any project less than [redacted] will be supported / executed by [redacted]; to the extent it does not [redacted]. Any additional project effort will be via separate SOW. These hours will be [redacted].

During Transition, the Parties will evaluate the progress of existing projects, assess what work remains to be completed and make a plan for completion using business as usual resources or the Innovation fund, any other commercial means. Alterations to schedule or scope will be implemented through CR. The transformational initiatives include but are not limited to:
(a)
[redacted];
(b)
[redacted];
(c)
[redacted];
(d)
[redacted];
(e)
Service Provider will also provide support of projects related to current, on-going transformation efforts; such support will consist of attending meetings, providing data, and similar tasks (provided that such support shall be provided on a time and material basis or as a chargeable Project to the extent that the support constitutes out-of-scope activities); the parties will refer concerns over the level of support requested to the Operational Review Board.
(f)
improve incident and event frameworks, integrate problem management into development and support lifecycles, and enhance visibility into issues, impacts and resolution;
(g)
[redacted];
(h)
[redacted];
(i)
[redacted].
8.
WIND-DOWN OF TRANSITION SERVICES
8.1
Service Provider shall notify Molina when it believes it has completed the Transition Services. Service Provider shall document and demonstrate that the Deliverables and Transition Milestones constituting Exit Criteria have been fulfilled.
8.2
Upon Molina’s confirmation of completion, Service Provider shall commence the orderly cessation and removal of tasks and materials specific to the Transition Services, with minimal disruption to Molina’s operations or Service Provider’s ongoing Services.
8.3
If the Service Provider does not successfully achieve Acceptance of the Exit Criteria for:
(a)
any Transition completion by the applicable Milestone Date by more than [redacted], then the Service Provider shall be liable to pay to Molina the sum of $[redacted] for

-7-




CONFIDENTIAL TREATMENT REQUESTED


each week of delay (or part week of delay) capped at $[redacted] until such Exit Criteria are Accepted.
8.4
The provisions of paragraph 8.3 shall apply to any amended Milestone Dates where extensions of time have been granted or agreed, whatever the reason for such extensions of time including a Relief Event.
8.5
The payment of Delay Payments operates as a price reduction to reflect the reduced value of the Transition Services to Molina. Accordingly, the parties agree that they are not in any way compensatory but instead operate as a price adjustment and the claiming and payment of these is without prejudice to any other right and remedies that Molina might have.


-8-




CONFIDENTIAL TREATMENT REQUESTED



APPENDIX 4A
TRANSITION    

Proposed Tools and Timeline for Implementation

[redacted]

[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


Commitments for Day 1 and Outcomes for Day 30, 60, 90, 120, and Beyond

While the overall transformation will be presented separately, this section will particularly deal with what we would propose/look after under the day to day operations or as separately priced project once we complete the transition [redacted].
Below we have presented some of the activities that we are intended to take once the transition is over. These are indicative and may or may be completely relevant depending upon the observations after the transition phase.
[redacted]. This will be discussed and agreed with Molina, followed by the detailed implementation plan.
[redacted]

Transition Milestones & Dependencies

Transition Milestones
The table below details the critical milestones we propose for the transition.
[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 1. Transition Milestones
Transition Plan
We recognize Molina’s desire for an efficient, effective and risk-free transition of this very important strategic initiative. While in today’s world IT services have been industrialized to the extent where combination of technology and process can ensure [redacted]. It is the combination of structured processes, leverage of in-house tools specifically for [redacted].
[redacted].
Based on our understanding of your evaluation criteria, [redacted].
Service Provider’s key transition design principles used to develop the plan are: [redacted].

-9-




CONFIDENTIAL TREATMENT REQUESTED


Figure 1. Key Transition Design Principles
Transition Wave Plan
We have customized our patented [redacted]. We have designed a right aligned transition which provides Molina with a right balance between speed to value, appetite-for-risk and people management and quality planning considerations. The transition timeline is based on the [redacted].
Our proposed transition solution for Molina is based on: [redacted]

Service Transition Timeline
The following diagrams depicts overall Service Transition [redacted]
Figure 2. Overall Transition Timeline

Transition Contingency Plan
Infosys Transition Center of Expertise (TCOE) has successfully completed in excess of [redacted] without a failed transition. Infosys TCOE is committed to bringing to bear any resources and leadership required to ensure successful completion of the transition.
However, in the unlikely event that the [redacted]. Because this plan is likely to have [redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 2.    Quality Check points
In addition to the quality assurance [redacted].
Each member in this team is personally incentivized to continuously improve the way we approach transition. Therefore, our methodology is constantly evolving to incorporate new knowledge and best practices.
Our methodology is based on [redacted].
Figure 3. End-to-End Transition Methodology
Transition is, as mentioned above, the [redacted].
Figure 4. Service Execution Work Stream Approach

[redacted].

[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
Table 3. Pre-Planning Activities
[redacted].
Transition Planning

-10-




CONFIDENTIAL TREATMENT REQUESTED


The transition planning phase clearly details the plan to successfully execute the remaining phases of transition. It is a collaborative effort between Infosys and Molina to [redacted] making transition a success.
Following table specifies activities performed by [redacted]:
[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
Table 4. Transition Planning Activities

Knowledge Transfer (KT)
Knowledge Transfer (KT) is approached top down from business knowledge down to technical knowledge; the knowledge is landed in teams comprised of functional, technical and domain experts.
There are several ways in which [redacted].

Key Knowledge transfer activities, deliverables and acceptance criteria are listed below: [redacted].

Figure 5. Knowledge Transfer – Activities, Deliverables and Acceptance Criteria
Secondary Support (SS)
The Secondary Support phase of the [redacted].
Figure 6. Secondary Support – Activities, Deliverables and Acceptance Criteria
Primary Support (PS)
The main objective of Primary Support phase is to [redacted]. During this phase, [redacted] if the need arises.
Key primary phase activities, deliverables and acceptance criteria are listed below: [redacted]

Figure 7. Primary Support – Activities, Deliverables and Acceptance Criteria

[redacted]
Pre-process Training:
[redacted]
Onsite Knowledge Transfer:
[redacted]
Offshore Knowledge Transfer Training:
[redacted]
Parallel Run/Primary Support:
During this phase:
[redacted]
-
This phase ensures that [redacted].
-
Also ensures that quality of service is maintained at highest level, right from the start of engagement. Parallel run volume ramp-up and communication strategy will be finalized during process definition stage.
Transition Governance Structure
A key factor to the success of any major transition program is effective governance. Infosys believes in bringing everybody to the table through robust, yet transparent, leadership and governance. [redacted]. In line with our transition approach, we will have Transition Leads [redacted].

-11-




CONFIDENTIAL TREATMENT REQUESTED


Figure 8. Transition Governance Model
Infosys recommends [redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 5. Transition Management Functions
Transition Metrics
The following Metrics will be reported as part of the Transition Status Report. During Transition planning the methodology for reporting these statistics [redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 6. Transition Metrics
Transition Meetings
The proposed governance structure will be supported by a comprehensive governance schedule that will facilitate the clear direction of the transition program and ensure clear, unambiguous communication across all levels of the governance structure. Given the multiple threads that that need to be managed, we recommend [redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 7. Meeting Cadence
Reporting during transition will be centralized and managed from the TMO.
[redacted]
The following table shows the resource [redacted]. There will be weekly reporting to reflect progress against the Staffing Plan.

-12-




CONFIDENTIAL TREATMENT REQUESTED


[redacted]

Figure 9. Resource Ramp Up

Transition Staffing
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
Table 8. Transition Roles and Responsibilities

Requirements on Molina Personnel

Approximate maximum effort required per day from Molina personnel [redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 9. Requirements on Molina Personnel
[redacted]. It introduces unnecessary risks to make process, standards and tool changes in the midst of a services transition.
It is recognized that [redacted].

Other Information on Transition
Transition Risks and Mitigation Process
Infosys follows a structured Risk Management framework. Risk management is a key focus area under our core transition approach strategy. The objective of this framework is to identify and develop mitigation plans for potential risks which may impact the success of the engagement. The following diagram illustrates the Risk Management Framework:

[redacted]

-13-




CONFIDENTIAL TREATMENT REQUESTED


Figure 10. Risk Management Framework
The refinement of risks already identified will be carried out via a joint risk workshop prior to the commencement of transition during the planning phase. This risk register will be a running document and inputs to this will get added be the based on risks identified by Molina and Infosys during the transition execution process.
We have dedicated focus at the program level to manage the risk mitigation plan and report findings, risk management is pushed down to each and every work stream and cluster lead/transition lead.
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 10. Transition Risk Management

Transition Risks and Mitigations
[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Table 11. Transition Risks
Transition Enablement (Cross Functional) Teams
[redacted]
Infrastructure
[redacted]

IT Service Process
[redacted]

Access and On Boarding
[redacted]

Policies and Procedures
[redacted]

SLA Tools
[redacted]


-14-




CONFIDENTIAL TREATMENT REQUESTED





APPENDIX 4B
TRANSFORMATION
Core Infrastructure Transformation
While the overall transformations will be presented / discussed in the session for “Transformational Initiatives”, this section will particularly deal with operational transformation ideas under day-to-day operations. The idea is to understand and take over the operations in its existing shape, identify / document the gaps and take the services to the next level.

Below we have presented some of the operational transformations that we intend to start working post takeover of services. These are indicative based on our current understanding of Molina infrastructure landscape. Once, we have more details of the landscape, we will refine these as appropriate.

This will be [redacted].
The transformation activities are explained below with the potential benefits:

[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

-15-




CONFIDENTIAL TREATMENT REQUESTED


[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Contact Center Transformation

[redacted]

The aforesaid areas, can be planned for long term objectives as each one of them takes significant amount of time and requires a detailed analysis in the current setup as part of the [redacted]

[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 12. [redacted]

-16-




CONFIDENTIAL TREATMENT REQUESTED


Figure 11. [redacted]
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 13. [redacted]
Infosys recommends [redacted]
To implement [[redacted]

Analysis
Infosys will [redacted]

Figure 12. [redacted]
[redacted]

Figure 13. [redacted]

Once all meta data information is collected, [redacted].
[redacted]

Figure 14. [redacted]
[redacted]
Figure 15. [redacted]

Migrate
[redacted]
Co-ordinating across the stakeholders requires a multi-tier/multi-party governance - domain level execution, program board level and executive level, driven from a centralised command center to deliver a frictionless workflow.


-17-




CONFIDENTIAL TREATMENT REQUESTED


[redacted]
Figure 16. [redacted]
[redacted]
Figure 17. [redacted]
[redacted]
Figure 18. [redacted]
[redacted]
Figure 19. [redacted]
[redacted]

[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Below table depicts [redacted]

[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 14. [redacted]

-18-




CONFIDENTIAL TREATMENT REQUESTED


Transformational Initiatives
As per our discussion with Molina as part of different meetings and sessions, we understand the importance of [redacted].
This section will detail [redacted]:
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
 
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 

[redacted]


[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

-19-




CONFIDENTIAL TREATMENT REQUESTED


 

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 15. [redacted]
[redacted]

Figure 20. [redacted]
[redacted]
Figure 21. [redacted]
[redacted]

Figure 22. [redacted]
[redacted]

Figure 23. [redacted]
[redacted]



1.1.1.1
Timeline for Implementation
Timelines for implementation of our approach is as depicted in the diagram below: [redacted]

Figure 24. Implementation Timeline
The above approach and timelines is considering the fact [redacted]

[redacted]

1.1.2
[Redacted]


[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


-20-




CONFIDENTIAL TREATMENT REQUESTED


1.1.2.1
[redacted]
Cloud computing benefits organizations by giving them the ability to trade capital expense for variable expense, gain advantage from massive economies of scale, make agile capacity decisions, increase business speed and agility, stop spending money running and maintaining data centers, and go global quickly. At the same time, cloud adoption represents a major IT transformation, a shift in culture and a new way of financing your infrastructure. Cloud introduces a significant shift in how technology is procured, used, and managed. It presents new cost and security challenges, requiring governance and control across the organization. And it also needs a proactive team to take ownership and direction of the migration process. [redacted]
Figure 25. [redacted]
[redacted]

1.1.2.2
[redacted]

Figure 26. [redacted]
[redacted]
 

1.1.2.3
[redacted]
[redacted]

[redacted]

Figure 27. [redacted]
[redacted]
Figure 28. [redacted]
[redacted]
The below diagram provides [redacted].

[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


-21-




CONFIDENTIAL TREATMENT REQUESTED


[redacted]

[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 16. [redacted]
[redacted]
1.1.2.1
[redacted]

[redacted]

[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]
Figure 29. [redacted]
[redacted]

Figure 30. [redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

Figure 31. [redacted]

-22-




CONFIDENTIAL TREATMENT REQUESTED


[redacted]
Figure 32. [redacted]
[redacted]

Figure 33. [redacted]
[redacted]

Figure 34. [redacted]

[redacted]
Figure 35. [redacted]
[redacted]

Figure 36. [redacted]
[redacted]

Figure 37. [redacted]
[redacted]

Figure 38. [redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 17. [redacted]










-23-



SCHEDULE 5
BENCHMARKING




CONTENTS
Clause
 
Page
1.
Definitions
1
2.
Introduction
1
3.
Benchmarking Generally
1
4.
Selection of Benchmarker
1
5.
Timing
1
6.
Process
2
7.
Benchmarking Report
2
8.
Final Benchmarking Report
3
9.
Consequences of Final Benchmarking Report
3


(i)



1.
DEFINITIONS
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) to this Agreement.
2.
INTRODUCTION
This Schedule defines the way in which Benchmarking shall be implemented under the Agreement.
3.
BENCHMARKING GENERALLY
3.1
Each Benchmarking shall comprise a mutually agreed objective measurement, applicable metrics and comparison process that compares the Charges with the price of services that are:
(a)
substantially similar to the Benchmarked Services (as defined below) in scope, specification, volume and geographical coverage, time period and provided on similar terms and conditions;
(b)
provided by outsourcing service providers substantially similar to the Service Provider; and
(c)
provided to outsourcing services clients substantially similar to Molina,
(the “Benchmarking Process”).
3.2
The Service Provider shall cooperate with Molina in relation to any Benchmarking.
4.
SELECTION OF BENCHMARKER
4.1
Molina shall have the right to select any of the following as the “Benchmarker” to conduct the Benchmarking Process:
(a)
Gartner;
(b)
ISG; or
(c)
Maturity.
4.2
As an alternative to Molina selecting the Benchmarker under paragraph 4.1, the Parties may jointly agree to select another provider of benchmarking services to conduct the Benchmarking Process. Nothing in this paragraph 4.2 limits Molina’s right to make a selection under paragraph 4.1.
4.3
The Parties shall enter into an agreement with the Benchmarker (the “Benchmarking Agreement”), in substantially the same form as Appendix 5A (Agreed Form Tri-Partite Benchmarking Agreement).
5.
TIMING

 
-1-
 



5.1
Molina may engage in Benchmarking in respect of any Service Bundle only after six (6) months following the end of Transition of that Service Bundle. No Service Bundle shall be benchmarked more than twice during the Term.
5.2
Molina may notify the Service Provider that it wishes to conduct a Benchmarking by providing the Service Provider with thirty (30) days’ written notice of its intention to do so (the “Benchmarking Notice”).
6.
PROCESS
6.1
Each Benchmarking Notice shall set out:
(a)
the Service Bundle and associated Resource Rates in respect of which Molina wishes to conduct the Benchmarking (the “Benchmarked Services”); and
(b)
the identity of the Benchmarker Molina has chosen in accordance with paragraph 4.1 above.
6.2
Throughout the Benchmarking, all instructions to the Benchmarker will be given solely by Molina and shall be disclosed to the Service Provider and will be consistent with and relate to the topics agreed pursuant to paragraph 6.3 below.
6.3
Molina, the Service Provider and the Benchmarker shall in good faith agree to the methodology that will be used to conduct or support the specific Benchmarking and the normalization processes that will be applied, including, without limitation, at least four (4) comparable outsourcing transactions (not counting this Agreement) to allow a valid Benchmarking to be conducted (the “Benchmarking Methodology”).
6.4
Where during the Term, the Parties and a Benchmarker agree a Benchmarking Methodology and apply that Benchmarking Methodology, that Benchmarking Methodology shall, unless otherwise agreed, be valid for all future Benchmarkings for the Services that are part of the Benchmarked Services.
6.5
The Service Provider shall cooperate to facilitate the Benchmarking and shall reasonably meet with Molina and the Benchmarker prior to and throughout the Benchmarking.
6.6
The Benchmarker shall conduct the Benchmarking in a manner that does not unreasonably interfere with the Service Provider's ongoing service operations.
6.7
The Parties shall agree a timetable for the Benchmarking that provides for the Benchmarking to be completed as soon as reasonably practicable and sets a deadline by which the Benchmarking must be complete and the Benchmarking Report must be delivered to the Parties (the “Report Deadline”).
6.8
The fees, costs and expenses of any Benchmarker shall be borne by Molina, and each Party shall bear its own costs of compliance with this Schedule.
7.
BENCHMARKING REPORT
7.1
Within ten (10) days after the completion of the Benchmarking but in any event no later than the Report Deadline, the Benchmarker shall deliver to Molina and the Service Provider

-2-

the final results of the Benchmarking in a written report, including any supporting documentation required to interpret or validate the report (the “Benchmarking Report”).
7.2
Within thirty (30) days following the date of the issuance of a Benchmarking Report:
(a)
Molina and the Service Provider shall review the Benchmarking Report results; and
(b)
the Parties and the Benchmarker shall review the Benchmarking Report and the Benchmarking Methodology to confirm that the Benchmarking Process was followed.
7.3
If either Party has reason to believe that the Benchmarking Report contains material errors, it shall notify the Benchmarker of the information being contested along with such documentation as is necessary to support the claim and copy the other Party on all such correspondence.
8.
FINAL BENCHMARKING REPORT
8.1
The Benchmarker shall review any claims made by a Party pursuant to paragraph 7.3 and meet with both Parties to address any such matters and make any necessary adjustments to its findings prior to the Benchmarking Report being considered final (the “Final Benchmarking Report”).
8.2
If there is any dispute between the Service Provider and Molina in relation to the application of the Benchmarking Process or the determinations of the Benchmarker in the Final Benchmarking Report then the matter shall be referred to the Operational Review Board.
9.
CONSEQUENCES OF FINAL BENCHMARKING REPORT
9.1
If a Final Benchmarking Report indicates that the Charges attributable to the Benchmarked Services exceed the Benchmark Threshold, then the remainder of this paragraph 9 shall apply.
9.2
In this paragraph 9, the “Benchmark Difference” (“BD”) shall be calculated, in monetary terms, as follows:
BD = X – B
Where:
X = the Charges applicable in the Contract Year in which the Final Benchmarking Report is issued (or, if the Contract Year is not complete, the estimated Charges based on the actual Charges invoiced at the time of the Final Benchmarking Report); and
B = the Benchmark Threshold.
9.3
The Service Provider shall, by no later than ten (10) Business Days following the date on which the Final Benchmarking Report is issued, provide written notice to Molina:
(a)
setting out how the Service Provider proposes to address the Benchmark Difference; and

-3-

(b)
providing an assurance from the Service Provider that this proposal complies with the Agreed Cost Standards.
9.4
Molina shall, by no later than ten (10) Business Days following receipt by it of a written notice under paragraph 9.3, provide written notice to the Service Provider stating whether Molina agrees that the proposal in that notice complies with the Agreed Cost Standards.
9.5
If:
(a)
the Service Provider does not provide written notice in accordance with paragraph 9.3 within the timeframe specified in that paragraph; or
(b)
Molina notifies the Service Provider under paragraph 9.4 that it does not agree with the Service Provider’s proposal under paragraph 9.3,
then Molina may terminate the Agreement immediately upon notice to the Service Provider, with payment of the Benchmarking Termination Fee.
9.6
[redacted] agreed by the Parties pursuant to this Schedule shall be [redacted] and shall be incorporated as an amendment to Schedule 3 (Pricing and Invoicing) without the need for an Agreement Change.
9.7
A Benchmarking shall not in any circumstances result in an increase in any of the Charges or any of the rates by which the Charges are calculated.


-4-






APPENDIX 5A

AGREED FORM TRI-PARTITE BENCHMARKING AGREEMENT





TRI-PARTITE BENCHMARKING AGREEMENT




1)        [MOLINA]
2)        [SUPPLIER]
3)        [BENCHMARKER]









THIS AGREEMENT is made on     [●]
BETWEEN:
[●] (“Molina”);
[●] (the “Supplier”); and
[●] (the “Benchmarker”),
(hereinafter each of the above shall be referred to individually as a “Party” and collectively as the “Parties”).
AND CONSISTS OF THE FOLLOWING:
This Agreement.
Attachment 1 – The Terms of Reference.
Attachment 2 – Confidentiality Agreement.
Attachment 3 – Schedule 2 (Statements of Work) and Schedule 6 (Service Levels and Service Credits) of the Master Services Agreement and all Statements of Work.
Attachment 4 – Types of Benchmark Data.
Attachment 5 – Benchmarking Steering Group.
Attachment 6 – The Benchmarking Charges.
Attachment 7 – Description of Comprehensive Benchmark.
Attachment 8 – Benchmark Plan.
(collectively, all of the above shall be referred to as the “Benchmarking Agreement”).
WHEREAS:
(A)
Molina and the Supplier entered into the framework Master Services Agreement dated [●] (the “Master Services Agreement”).
(B)
The Parties have agreed to enter into this Benchmarking Agreement to govern the conduct of the Benchmark Process as and when invoked by Molina (pursuant to the Master Services Agreement).
(C)
The Benchmark Process shall, depending on the Benchmarked Services, determine the Fair Market Price.
(D)
The Benchmarker is instructed by Molina, as the client of the Benchmarker, to carry out each Benchmark.
1.    DEFINITIONS AND INTERPRETATION
1.1
Definitions:
In this Benchmarking Agreement the following words and phrases have the meanings set out below unless a contrary intention appears:
Affiliate” means in relation to a Party, each entity that it Controls or is under common Control with that Party;

1    


Benchmark” means the application of the Benchmark Process in order to identify the Fair Market Price for the Benchmarked Services;
Benchmark Data” means the data submitted by Molina and the Supplier to the Benchmarker as validated by the Benchmarker as set out in Attachment 4 (Types of Benchmark Data);
Benchmark Deliverables” means the Initial Benchmark Report and the Final Benchmark Report;
Benchmark Milestones” means the dates set out in the Benchmark Plan by which certain deliverables and obligations as set out in the Benchmark Plan must be met;
Benchmark Notice” means the notice issued by Molina to the Supplier and the Benchmarker invoking the Benchmark Process in relation to the Benchmarked Services set out in the notice;
Benchmark Plan” means the plan set out in Attachment 8 (Benchmark Plan) pursuant to which the Benchmark will be performed;
Benchmark Process” means the Benchmarker’s methodology, database and corresponding process, as set out in Attachment 7 (Description of Comprehensive Benchmark), to be followed in accordance with the Benchmarker’s standard practice as amended in accordance with this Benchmarking Agreement;
Benchmarked Services” means the services provided under the Master Services Agreement or any Statement of Work and/or Resource Rates in respect of which Molina wishes to conduct the Benchmark, as identified by Molina in a Benchmark Notice;
Benchmarker Materials” means the tools, methodologies, questionnaires, responses, proprietary research and data, software, software documentation and other materials (other than Party Materials) generated by the Benchmarker in the course of performing the Benchmark in each case, whether in hard copy, electronically or otherwise, together with all intellectual property rights in the Benchmarker Materials;
Benchmarking Charges” means the agreed upon payment for the Benchmarking Services, comprising the applicable fees set out in Attachment 6 (The Benchmarking Charges);
Benchmarking Services” means the services as set out and referred to in this Benchmarking Agreement and provided by the Benchmarker in order to perform the Benchmark;
Benchmarking Steering Group” means the group comprised of no more than four named representatives (or their deputies) from each of the Benchmarker, the Supplier and Molina. The members of the Benchmarking Steering Group as at the date of this Benchmarking Agreement are listed in Attachment 5 (Benchmarking Steering Group);
Business Days” means those days deemed by Molina to be standard working days according to Molina’s business operations and designated holidays both globally and within a given jurisdiction;
Comparable Services” means the services provided by the Peers that the Benchmarker selects for comparison with the Benchmarked Services;

2    


Comparative Suppliers” means the service providers (no fewer than four) considered by the Benchmarker to be within the Supplier’s peer group at the time of the Benchmark;
Confidential Information” has the meaning given to it in Clause 5.1;
Control” means the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of a Party, whether through the ownership of voting securities, by contract, or otherwise and “Controls” shall be construed accordingly;
Expiry Date” means four (4) years from the date of this Benchmarking Agreement, unless extended in accordance with Clause 4.2;
Fair Market Price” means the median of the market range of prices for services against which the Benchmarker compares the Benchmarked Services;
Final Benchmark Report” means the Benchmarker’s final written report setting forth the Fair Market Price, including all supporting calculations, mapping matrices, agreed assumptions and documentation (including an explanation of any Normalization in different Benchmarks during the term of this Benchmarking Agreement) to the extent allowable by the Benchmarker’s non-disclosure agreements, that will be provided by the Benchmarker simultaneously to Molina and the Supplier in hardcopy format (or as agreed by the Benchmarking Steering Group);
Financial / Contract Questionnaire” or “FCQ” means the financial / contract questionnaire used by the Benchmarker in connection with the Benchmark;
Good Industry Practice” means in respect of each individual Benchmarking Service that level of skill, care, prudence, judgement, foresight, integrity and diligence that would be reasonably expected of a global market leading provider of services similar to the Benchmarking Services;
Initial Benchmark Report” means the initial output from the Benchmark Process, including all supporting calculations, mapping matrices, agreed assumptions and documentation (including any explanation of any Normalization in different Benchmarks during the term of this Benchmarking Agreement), to the extent allowable by any confidentiality obligations of the Benchmarker, that will be provided by the Benchmarker simultaneously to Molina and the Supplier in hardcopy format (or as agreed by the Benchmarking Steering Group) during the initial Benchmark Report review meeting;
Molina Group” means Molina and its Affiliates from time to time;
Molina Group Company” means a member of the Molina Group;
Normalization” means the process by which the Benchmarker adjusts each of the Peer Group Data as part of the Benchmark Process to match the Benchmarked Services and the Benchmark Data in order to enable a “like for like” comparison between the Benchmarked Services and the Peer Group Data for the purpose of the Benchmark, and “Normalized” shall be construed accordingly;
Normalization Factor” means an individual component of normalization which adjusts for a specific aspect of service, scope, terms, volume or charge, including the

3    


scope of services, volume of services, technical constraints, service levels and any onshore/offshore requirements;
Party Materials” has the meaning given to it in Clause 10.7;
Peer” and “Peers” shall mean a member or members of the Peer Group respectively;
Peer Group” means the group of Comparative Suppliers selected by the Benchmarker in connection with the performance of the Benchmark;
Peer Group Data” means the data related to the Peer Group held by the Benchmarker and used during the Benchmark Process;
Personal Data” means information which relates to or would identify an individual;
Resource Rates” means the daily rates for Supplier personnel, as set out in the Master Services Agreement or any Statement of Work;
Review Period” has the meaning given to it in Clause 3.7;
Standard Collection Templates” means the standard collection templates set out in Attachment 4 (Types of Benchmark Data);
Statement of Work” means a statement of work for Services under the Master Services Agreement;
Supplier Group” means the Supplier and its Affiliates from time to time;
Supplier Group Company” means a member of the Supplier Group; and
Terms of Reference and “ToR” means the description of the way in which the Benchmark will be conducted as described in Attachment 1 (The Terms of Reference).
1.2
Headings are for convenience only and shall not affect the interpretation of this Benchmarking Agreement.
1.3
References to the singular include the plural and vice versa, and references to one gender include the other gender.
1.4
Any reference to persons includes natural persons, firms, partnerships, limited liability partnerships, companies, corporations, unincorporated associations, local authorities, governments, states, foundations and trusts (in each case, whether or not having separate legal personality) and any agency of any of the above.
1.5
In the event of any conflict between this Benchmarking Agreement and the terms of any other consultancy and/or professional service agreement executed between the Benchmarker and the Supplier or Molina relating to the subject of this Benchmarking Agreement, the terms of this Benchmarking Agreement shall take precedence unless otherwise agreed in writing after the date of this Benchmarking Agreement.
2.
INTRODUCTION
2.1
Molina and the Supplier have agreed in the Master Services Agreement that a Benchmark may be carried out from time to time and have agreed to appoint the Benchmarker to perform the Benchmarks as and when required pursuant to the Master Services Agreement.
2.2
The Benchmark Process shall be commenced by Molina issuing the Supplier and the Benchmarker a Benchmarking Notice, in accordance with the Master Services Agreement.
2.3
The Benchmark Notice shall set out the number of Benchmarks that shall be performed and the Benchmarked Services that shall be the subject of those Benchmarks.

4    


2.4
A single Final Benchmark Report shall be prepared by the Benchmarker for all of the Benchmarks invoked in the same Benchmark Notice.
2.5
The Benchmarker is not granted exclusive supplier status by this Benchmarking Agreement.
2.6
This Agreement does not give to the Benchmarker any right to a minimum level or volume of services or revenue.
3.
PROVISION OF BENCHMARKING SERVICES
3.1
The Benchmarker shall undertake the Benchmarks in respect of the Benchmarked Services when requested by Molina by means of a Benchmark Notice.
3.2
The Benchmarker shall perform the Benchmark in accordance with the terms of this Benchmarking Agreement and the Benchmark Plan. Notwithstanding anything else in this Benchmarking Agreement, the Benchmark Milestones in the Benchmark Plan must be met for each Benchmark irrespective of any discussions about errors or failures to meet the Benchmark Process.
3.3
Molina and the Supplier shall meet their respective obligations by the dates set out in the Benchmark Plan.
3.4
The Benchmarker shall deliver a copy of any correspondence between the Benchmarker and either of Molina or the Supplier to all Parties at the same time except where stated otherwise in this Benchmarking Agreement.
3.5
The Benchmarker shall undertake the Benchmark in such a way so as to cause minimum disruption to the business of Molina and the Supplier during the performance of its obligations under this Benchmarking Agreement.
3.6
Following completion of the Benchmark (which shall be no later than the date determined by the Benchmark Plan), the Benchmarker shall promptly provide each of Molina and the Supplier with an Initial Benchmark Report and shall present such Initial Benchmark Report to the Parties at a workshop or meeting within five (5) Business Days of completing the Benchmark.
3.7
Within thirty (30) days following the issuance of the Initial Benchmark Report (the “Review Period”), Molina and the Supplier shall identify any errors or omissions of fact or failures to comply with the Benchmark Process that they individually reasonably believe may have been made in compiling the Initial Benchmark Report or clarification (to aid understanding) that may be necessary to the Initial Benchmark Report. Molina and the Supplier shall set out in reasonable detail their reasons and supporting data for why the findings should be amended or reviewed and provide that information to the Benchmarker and the other Party.
3.8
The Benchmarker shall take account of any submissions made by the Parties during the Review Period and shall provide a written explanation in respect of any decision to accept or reject any correction, clarification or comments from any Party, but the Benchmarker is not obliged to make any clarification or apply any comments from any Party in the Final Benchmark Report.
3.9
The Benchmarker shall produce a Final Benchmark Report within two (2) weeks following the end of the Review Period.

5    


3.10
The Final Benchmark Report shall be final and binding upon the Parties except to the extent that there is fraud, a manifest error of fact or material failure by the Benchmarker to follow the Benchmark Process which impacts the validity of the Final Benchmark Report.
3.11
If the Final Benchmark Report contains findings that were not contained in the Initial Benchmark Report and those findings do not relate to any of the submissions made by a Party pursuant to Clause 3.8, then the Final Benchmark Report shall be considered as an Initial Benchmark Report and the steps in Clauses 3.7 to 3.10 shall be repeated, however the Review Period shall be seven (7) days only and the Benchmarker shall produce a Final Benchmark Report within seven (7) days following the end of that Review Period.
4.
CONTRACT TERM
4.1
This Benchmarking Agreement shall commence on the date of this Benchmarking Agreement and expire at 11:59 pm and 59 seconds Pacific Time on the Expiry Date, unless terminated earlier in accordance with Clause 4.4, Clause 4.5 and Clause 4.6.
4.2
Molina may extend the term of this Agreement, as a single extension of two (2) years, by giving notice of the extension in writing to the Benchmarker and the Supplier at least three (3) months prior to the Expiry Date.
4.3
The Benchmarker acknowledges that it has not been given any assurance nor has the Benchmarker any legitimate expectation that the term of this Benchmarking Agreement will be extended under Clause 4.2.
4.4
Molina may decide to terminate this Benchmarking Agreement for convenience without penalty or charge, subject to Clause 4.9 and Clause 4.10.
4.5
Each Party may terminate this Benchmarking Agreement by giving written notice to the other Parties if any other Party is in material breach of any of its obligations under this Benchmarking Agreement and either that breach is incapable of remedy or the other Party shall have failed to remedy that breach within twenty (20) Business Days after receiving written notice requiring it to remedy that breach.
4.6
Without limiting Clause 4.5, Molina may terminate this Benchmarking Agreement by giving written notice to the other Parties, if the steps in Clauses 3.7 to 3.10 have been repeated two or more times pursuant to Clause 3.11.
4.7
Any term of this Benchmarking Agreement that by its nature extends beyond the expiry or earlier termination of this Benchmarking Agreement remains in effect until fulfilled, and shall apply to respective successors and assignees.
4.8
If this Benchmarking Agreement is terminated during the conduct of a Benchmark but prior to completion of the Benchmark Process due to material breach by a Party other than the Benchmarker, the Benchmarker shall be entitled to issue an invoice to reflect all the work performed up to the date that the termination takes effect.
4.9
If Molina decides to terminate this Benchmarking Agreement for convenience pursuant to Clause 4.4, or this Benchmarking Agreement or the Master Services Agreement is terminated for the breach of either Molina or the Supplier, then Molina shall give the

6    


Supplier and the Benchmarker at least ten (10) Business Days’ written notice (“Termination Notice”).
4.10
If the Termination Notice is received during the conduct of a Benchmark, the Benchmarker shall use its best efforts to redeploy the consultants deployed on that Benchmark. The only amounts Molina shall be liable to pay in relation to the termination for convenience exercised during the conduct of a Benchmark is:
(a)
an amount equal to the value of the work performed to the date of the expiry of the Termination Notice; and
(b)
any outstanding Benchmarking Charges related to the period between the expiry of the Termination Notice and the end of the Benchmark Process which Benchmarking Charges shall be reduced on a pro rata basis to reflect the number and seniority of the consultants redeployed and when they were redeployed.
5.
EXCHANGE OF INFORMATION
5.1
All information exchanged by the Parties pursuant to this Benchmarking Agreement or in relation to the Benchmark Process, including, without limitation, the Benchmark Data and the Benchmark Deliverables and the Benchmarker Materials (the “Confidential Information”) is confidential and each Party shall comply with the confidentiality terms set out in Attachment 2 (Confidentiality Agreement). The provisions in Attachment 2 (Confidentiality Agreement) are without prejudice to, and shall not limit, any other confidentiality agreements or understandings between any of the Parties.
5.2
The Parties will not publicize the terms of this Benchmarking Agreement, or the relationship, in any advertising, marketing, promotional or any other materials without prior written consent of the other Parties, except as may be required by law.
5.3
The Benchmarker may use the information and data provided under this Benchmarking Agreement only for the purpose of performing a Benchmark under this Benchmarking Agreement and as provided for in Clause 5.4.
5.4
The Benchmarker may include Molina’s data and the Supplier’s data provided in Attachment 3 (Schedule 2 and Schedule 6 of the Global Framework Agreement and all SOWs) and Attachment 4 (Types of Benchmark Data) in the Benchmarker’s database and such data:
(a)
may be used only by the Benchmarker for future consulting and benchmarking engagements in compliance with this Clause 5 and Clause 10; and
(b)
shall be coded by the Benchmarker to preserve the Supplier’s, Molina’s and other third parties’ anonymity.
5.5
Except for the data retained in accordance with Clause 5.4 and any other information that the Benchmarker is required by law to retain, on the completion of each Benchmark undertaken by the Benchmarker under this Benchmarking Agreement, the Benchmarker shall return to the Supplier and Molina all information (whether in hard or soft form) provided by those Parties, respectively, during the course of the Benchmark, or on request confirm that all such information has been destroyed.

7    


6.
BENCHMARKING CHARGES
6.1
Molina shall pay the Benchmarking Charges for the Benchmarking Services in accordance with the provisions of this Clause 6 (Benchmarking Charges).
6.2
The Benchmarker shall issue an invoice to Molina for the Benchmarking Charges (including any agreed travel and subsistence expenses referred to in Clause 6.7) payable in accordance with Clause 6.8.
6.3
Except for expenses as specified in Clause 6.7 below and the relevant taxes as required by applicable law, the Benchmarking Charges will constitute the entire fee due to the Benchmarker from Molina for completion of the Benchmarking Services provided hereunder.
6.4
The Benchmarker shall invoice out-of-pocket expenses related to reasonable travel and subsistence, where the need for incurring such expenses has been pre-agreed with Molina, (and such expenses are not included in the Benchmarking Charges). The Benchmarker will invoice monthly for any agreed travel and subsistence expenses incurred in the prior month, in accordance with the terms of Clause 10.2 and Clause 6.2.
6.5
The Benchmarker shall be entitled to issue invoices for the Benchmarking Charges in accordance with the terms of Clause 10.2 and Clause 6.2 and in the following stages:
(a)
[30]% on the receipt of the Benchmark Notice; and
(b)
[70]%, ten (10) Business Days after delivery of the Final Benchmark Report.
6.6
Payment of the Benchmarking Charges will be due from Molina within sixty (60) days of the date on which Molina receives the relevant invoice.
6.7
[Without prejudice to its other rights and remedies, the Benchmarker may charge, and Molina shall pay, interest, accruing daily from the due date to the date of actual payment, on any overdue amounts owed by Molina under this Benchmarking Agreement at the rate of [●] percent ([●]%) per annum.]
7.
BENCHMARKER AND BENCHMARKER PERSONNEL
7.1
Each of the Benchmarker, Molina and the Supplier is an independent contractor and this Benchmarking Agreement does not create an agency relationship between any of the Parties.
7.2
None of the Parties assumes liability or responsibility for any of the other Party’s personnel.
7.3
Each Party will:
(a)
ensure it and its personnel are in compliance with all laws, regulations, ordinances and licensing requirements that apply to its activities under this Benchmarking Agreement;
(b)
be responsible for the supervision, control, compensation, withholdings, health and safety of its personnel; and
(c)
inform the other Parties if one of their former employees will be assigned work under this Benchmarking Agreement, such assignment to be subject to the relevant Party’s approval.

8    


8.
ON PREMISES GUIDELINES
8.1
Access to Premises. If the Benchmarker is required to enter onto the premises of another Party, the Benchmarker will ensure that its personnel assigned to work on the Supplier’s or Molina’s premises will comply with all notices and requirements regarding security and other matters that are made known to the Benchmarker and its personnel.
8.2
If the Benchmarker is required to enter onto the premises of another Party it shall:
(a)
maintain a current and complete list of the names of the Benchmarker personnel working on the premises;
(b)
obtain from the Supplier or Molina, as applicable, a valid identification badge for each member of its personnel and ensure that it is displayed to gain access to and while on the relevant Party’s premises;
(c)
comply with Molina’s and Supplier’s (as applicable) health and safety requirements;
(d)
ensure that each person with regular access to the Supplier’s and Molina’s premises complies with all parking restrictions and with vehicle registration requirements if any;
(e)
at the Supplier’s or Molina’s reasonable request, remove its personnel from the Supplier’s and/or Molina’s premises, as applicable, and not reassign such personnel to work on those premises; and
(f)
promptly notify the Supplier or Molina, as applicable, upon completion or termination of any assignment on a Party’s premises and return the relevant Party’s identification badge. Upon the relevant Party’s request, the Benchmarker will provide documentation to verify compliance with this Clause 8.2(f).
8.3
General Business Activity Restrictions. If the Benchmarker is required to enter onto the premises of another Party it:
(a)
will not conduct any business activities (such as interviews, hirings, dismissals or personal solicitations) or other activities that are not reasonably related to the provision of the Benchmarking Services on the Party’s premises;
(b)
will not conduct any of its own personnel training, except for on-the-job training on the Party’s premises;
(c)
will not attempt to participate in the benefit plans or activities of the Party on whose premises they are providing the Benchmark;
(d)
will not send or receive any mail through the Party’s mail systems that is unrelated to the provision of the Benchmark;

9    


(e)
will not sell, advertise or market any products or distribute printed, written or graphic materials on the Party’s premises without the Party’s written permission; and
(f)
will remain in authorized areas only (limited to the work locations, cafeterias, rest rooms and, in the event of a medical emergency, the Party’s medical facilities).
8.4
The Benchmarker will promptly notify the affected Party of any accident or security incidents involving loss of or misuse of or damage to the Party’s intellectual or physical assets, physical altercations, assaults, or harassment and provide the Party with a copy of any accident or incident report involving the above. The Benchmarker shall co-ordinate with the Party any necessary access to the Party’s premises during non-regular working hours.
9.
WARRANTIES
9.1
The Parties make the following ongoing representations and warranties:
(a)
each Party warrants that it has the right to enter into this Benchmarking Agreement and that, in the performance of its obligations under this Benchmarking Agreement, it will comply, at its own expense, with any law, regulation or ordinance to which it is or becomes subject;
(b)
each of Molina and the Supplier warrants that the information it individually contributes for the purposes of the Benchmark does not infringe any privacy, publicity, reputation or intellectual property right of a third party;
(c)
the Benchmarker warrants that the Benchmark Deliverables, the Benchmark Process and the Benchmark Data do not infringe any privacy, publicity, reputation or intellectual property right of a third party (except where such infringement is due to the information provided by Molina or the Supplier, as applicable);
(d)
the Benchmarker warrants that the Benchmark Process and the production of the Benchmark Deliverables will be performed using reasonable care and skill and in accordance with Good Industry Practice;
(e)
each Party warrants that it will not use, disclose, or transfer across borders any information that is processed for the Parties that includes Personal Data, except to the extent necessary to perform the Benchmark under this Benchmarking Agreement;
(f)
each Party warrants that, as relevant to its rights and obligations under this Benchmarking Agreement, it will comply with all applicable data privacy laws and regulations, it will implement and maintain appropriate technical and other protections for the Personal Data, and it will co-operate fully with the other Parties’ reasonable requests for access to, correction of, and destruction of Personal Data in its possession;

10    


(g)
each of the Parties warrants that it has no agreement, settlement, order, award or understanding (outside this Benchmarking Agreement) that would prejudice the outcome of the Benchmark or that would have the effect of preventing the Benchmarker carrying out any Benchmark or from preparing a complete and accurate Initial Benchmark Report or Final Benchmark Report;
(h)
each of the Parties warrants that it is not aware of any agreement, settlement, order, award or understanding that would prevent the Benchmarker from considering any information in the Benchmarker’s possession and applying that information for the purposes of a Benchmark;
(i)
the Benchmarker warrants that, as of the date of this Benchmarking Agreement, there are a sufficient number of Peers to enable a Benchmark to be conducted; and
(j)
the Benchmarker warrants that it shall follow and comply with the Benchmarker’s methodology set out in Attachment 7 (Description of Comprehensive Benchmark).
9.2
THERE ARE NO WARRANTIES BY EITHER PARTY, EXPRESS OR IMPLIED (INCLUDING THOSE WARRANTIES OR CONDITIONS OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE), OTHER THAN THOSE SET FORTH IN THIS BENCHMARKING AGREEMENT.
10.
INTELLECTUAL PROPERTY
10.1
The Benchmarker shall retain sole and exclusive ownership of the Benchmarker Materials.
10.2
The Benchmarker shall own the intellectual property rights in the format and presentation of the Benchmark Deliverables but Molina shall own that part of the Benchmark Deliverables that document, reproduce or represent information provided by, and relating to, Molina and the Supplier shall own that part of the Benchmark Deliverables that document, reproduce or represent information provided by, and relating to, the Supplier.
10.3
With respect to any Benchmarking Services performed by the Benchmarker, the Parties acknowledge that:
(a)
the contents of the Initial Benchmark Report and Final Benchmark Report (and other deliverables) are based upon information which is proprietary to the Benchmarker and contained in the Benchmarker’s proprietary database as well as information which is proprietary to Molina and the Supplier; and
(b)
except for Molina’s data and the Supplier’s data, the contents of the Benchmarker’s database and any copyright or database rights or other intellectual property rights in the Benchmarker’s database belong to the Benchmarker solely.
10.4
Molina grants the Benchmarker a worldwide, non-exclusive, royalty-free, paid-up perpetual license to use Molina’s data provided in Attachment 3 (Schedule 2 and Schedule 6 of the Master Services Agreement and all SOWs) and Attachment 4 (Types of Benchmark Data):

11    


(a)
for the purposes of carrying out its obligations under this Benchmarking Agreement; and
(b)
for the purpose set out in Clause 5.4,
provided that, in each case, the Benchmarker complies with Clause 5, Clause 10 and its obligations of confidence both in equity and as set out in this Benchmarking Agreement and in any confidentiality agreement between the Benchmarker and any of the Parties.
10.5
The Supplier grants the Benchmarker a worldwide, non-exclusive, royalty-free, paid-up perpetual license to use the Supplier’s data provided in Attachment 3 (Schedule 2 and Schedule 6 of the Master Services Agreement and all SOWs) and Attachment 4 (Types of Benchmark Data):
(a)
for the purposes of carrying out its obligations under this Benchmarking Agreement; and
(b)
for the purpose set out in Clause 5.4,
provided that, in each case, the Benchmarker complies with Clause 5, Clause 10 and its obligations of confidence both at equity and as set out in this Benchmarking Agreement or in any other confidentiality agreement between the Benchmarker and any of the Parties.
10.6
A Party shall retain its intellectual property rights in all proprietary materials that the Party supplies to the Benchmarker. In particular, Molina and the Supplier retain sole and exclusive ownership of their respective information provided in Attachment 3 (Schedule 1 and Schedule 7 of the Global Framework Agreement and all SOWs) and Attachment 4 (Types of Benchmark Data).
10.7
If a Party provides the Benchmarker with materials owned by or licensed to that Party (the “Party Materials”), that Party grants to the Benchmarker a non-exclusive, royalty-free, paid-up license to use the Party Materials for the purpose of fulfilling its obligations under this Benchmarking Agreement.
10.8
To the extent that any of the rights, title and interest in any materials do not vest by operation of law in the Party that this Clause 10 (Intellectual Property) indicates should own that material, then the Party that owns that material by operation of law hereby irrevocably assigns, transfers and conveys to the Party (which for copyright shall be an assignment of future rights) that this Clause 10 (Intellectual Property) indicates should own the material, without further consideration, all such rights, title and interest.
10.9
The Parties shall not be restricted in their use of ideas, concepts, know-how, data and techniques acquired or learned in the course of a Benchmark, provided that the Parties shall not use or disclose any of the other Parties’ Confidential Information.
11.
USE OF DELIVERABLES
11.1
The Benchmarker grants to the Supplier (and the Supplier Group) and Molina (and the Molina Group), for each of their internal purposes only, a worldwide, non-exclusive,

12    


royalty-free, perpetual license to use, reproduce, display, distribute copies of, and prepare derivative works of the Benchmark Deliverables.
11.2
No Party shall make the Benchmark Deliverables available, in whole or in part, to any person outside that Party or quote excerpts from the Benchmark Deliverables to any such person, without the prior written consent of the other Parties, except that the Supplier and Molina may make the Benchmark Deliverables available to other Supplier Group Companies and Molina Group Companies respectively for internal purposes only.
11.3
Notwithstanding the foregoing, each Party may disclose the Benchmark Deliverables to:
(a)
its external professional advisers as reasonably required in relation to this Benchmarking Agreement; and
(b)
any governmental or competent regulatory authority as required by law or regulation.
12.
LIMITATION OF LIABILITY
12.1
None of the Parties excludes or limits its liability for fraud or for death or personal injury caused by its negligence or that of its employees, agents or sub-contractors or for any breach of the confidentiality or intellectual property provisions set out in this Benchmarking Agreement. No limit on liability shall apply to claims for loss and/or damage relating to breach of confidentiality in Clause 5 (Exchange of Information).
12.2
Subject to Clause 12.1, the Benchmarker’s liability to another Party and that other Party’s liability to the Benchmarker under or in connection with this Benchmarking Agreement, whether arising from negligence, breach of contract or otherwise, in respect of all the events that give rise to a liability, is limited in aggregate to an amount equivalent to the Benchmarking Charges paid or payable by Molina under this Benchmarking Agreement.
12.3
The liability of Molina to the Supplier and the liability of the Supplier to Molina under or in connection with this Benchmarking Agreement, whether arising from negligence, breach of contract or otherwise shall be dealt with and addressed under the Master Services Agreement. Molina and the Supplier shall not be liable to each other separately under this Benchmarking Agreement for loss or damage that can be recovered under the Master Services Agreement.
12.4
The Benchmarker shall not be liable to any other Party, and those other Parties shall not be liable to the Benchmarker, for events arising out or in relation to this Benchmarking Agreement for (a) loss of profits, revenues or contracts, business interruption, loss or corruption of data or (b) indirect, special or consequential loss or damage, even if that loss was reasonably foreseeable and whether arising from negligence, breach of contract or otherwise.

13    


13.
GENERAL
13.1
Amendments
This Benchmarking Agreement may be amended only by a written agreement of all the Parties specifically referencing this Benchmarking Agreement, which written agreement has been duly signed by authorized representatives of each of the Parties.
13.2
Assignment
(a)
If the Master Services Agreement is transferred (in accordance with the provisions of the Master Services Agreement), then this Benchmarking Agreement may similarly be transferred to the same counterpart.
(b)
Subject to Clause 13.2(a), no Party will assign its rights or delegate or subcontract its duties under this Benchmarking Agreement to any other Party or third party or affiliate without the prior written consent of the other Parties, such consent not to be unreasonably delayed or withheld. Any unauthorized assignment of this Benchmarking Agreement is null and void.
13.3
Law and Jurisdiction
This Benchmarking Agreement and the performance of the Benchmarking Services and other transactions under this Benchmarking Agreement will be governed by and construed in accordance with the substantive law of the State of New York, without giving any effect to any contrary choice of law or conflict of law provision or rule (whether of the State of New York or any other jurisdiction). Any claim or action brought by a Party in connection with this Benchmarking Agreement, or any part hereof, will be brought in the appropriate federal or state court located in the State of New York, New York County, and the Parties irrevocably consent to the exclusive jurisdiction of such courts. The United Nations Convention on Contracts for the International Sale of Goods and New York conflict of law rules do not apply to this Benchmarking Agreement or its subject matter. In any action relating to this Benchmarking Agreement, each of the Parties irrevocably waives the right to trial by jury.
13.4
Communications
All communications between the Parties regarding this Benchmarking Agreement will be conducted through the Parties’ representatives as specified in Attachment 5 (Benchmarking Steering Group) or as otherwise agreed by the Parties.
13.5
Counterparts
This Benchmarking Agreement may be signed in one or more counterparts, each of which will be deemed to be an original and all of which when taken together will constitute the same agreement. Any copy of this Benchmarking Agreement made by reliable means (for example, photocopy or facsimile) is considered an original.
13.6
Freedom of Action
This Benchmarking Agreement is non-exclusive and any of the Parties may design, develop, manufacture, acquire or market competitive products or services.

14    


13.7
Prior Communications
This Benchmarking Agreement, and any other documents incorporated into this Agreement, constitutes the entire understanding between the Parties with respect to its subject matter, and supersedes all prior proposals, marketing materials, negotiations, representations (whether negligently or innocently made), agreements and other written or oral communications between the Parties with respect to the subject matter of this Agreement.
13.8
Severability
If any term in this Benchmarking Agreement is found by competent judicial authority to be unenforceable in any respect, the validity of the remainder of this Benchmarking Agreement will be unaffected, provided that such unenforceability does not materially affect the Parties’ rights under this Benchmarking Agreement.
13.9
Waiver
An effective waiver under this Benchmarking Agreement must be in writing signed by the Parties waiving their right. A waiver by any Party of any instance of another Party’s non-compliance with any obligation or responsibility under this Benchmarking Agreement will not be deemed a waiver of subsequent instances.


15    


Attachment 1
Terms of Reference
Introduction
These Terms of Reference (hereinafter “ToR”) set out the principles and processes which the Benchmarker, with the assistance of Molina and the Supplier will provide as part of the Benchmarking Services.
Governance
Project Management
The Parties shall agree, within five (5) Business Days of receipt of a Benchmark Notice from Molina, upon a project management system to be utilized to manage the Benchmarking Services in respect of that Benchmark Notice. This project management system will incorporate, at a minimum, roles and responsibilities, key milestones and decision points, a meeting system, data exchange and repository provisions, and an agenda structure. A failure to agree any project management system shall not delay the conduct of the Benchmark that shall be carried out, irrespective of whether a project management system is agreed by the Parties. If the Parties do not agree within a timeframe that would not delay the Benchmark, the Benchmarker may amend the Benchmark Process as needed to specify its preferred project management system, which the Parties shall thereafter utilize.
Review Meetings
The Benchmarking Steering Group will review benchmark project progress and status [every two weeks] from the date of the execution of this Benchmarking Agreement.
Communications
All material communications relating to any Benchmark shall be shared between all the Parties except where explicitly stated otherwise in this Benchmarking Agreement.
The Benchmark Process
The Benchmark Process will be conducted by the Benchmarker in accordance with the requirements as set out within this Benchmarking Agreement. In the event the Parties agree to request that the Benchmarker address matters that the Parties agree do not relate to the Benchmark Process, the terms of that engagement shall be as agreed by the Parties.
Benchmark Scope and Period
A Benchmark relates to identifying the Fair Market Price for the Benchmarked Services.
When providing the Benchmark, the Benchmarker may not, without the consent of both the Supplier and Molina, take into consideration any elements other than the ones stated in this Benchmarking Agreement.
Benchmark Approach
The Benchmarker shall follow the Benchmark Process.
The Parties shall complete the Standard Collection Templates and the FCQ.
The Benchmarker shall invite the Supplier and Molina to make individual confidential disclosures to the Benchmarker regarding the items they each believe the Benchmarker should take into consideration in its approach to Normalization.

16    


Following the confidential disclosures made to the Benchmarker, the Benchmarker shall consider the submissions made by both Parties and, within five (5) Business Days, provide its feedback in writing to Molina and the Supplier. The Parties shall, within two (2) Business Days of receiving the feedback, meet to review the Benchmarker’s feedback. The Benchmarker shall, following the meeting, confirm in writing its decision to include or disregard any disclosure from a Party that may be a combination of any of the following:
the disclosure is not a price driver and so should not be considered for the purpose of the Benchmark;
the disclosure is a price driver, but the Benchmarker can take the disclosure into account through the Benchmarker’s Standard Collection Templates without Normalization;
the disclosure is a price driver, it is not included in the Standard Collection Templates, but is subject to Normalization and so can be included within the Benchmark; and
the disclosure is a price driver, but cannot be Normalized and so the price impact must be agreed between Molina and the Supplier separately from the Benchmark.
The Benchmarker is not obliged to accept any comments from any Party but shall provide a written explanation in respect of any decision to include or disregard any disclosure from a Party to the Party concerned.
The Benchmarker shall consider the Comparable Services provided by each of the Peers in carrying out the Benchmark.
The Benchmarker shall validate the Benchmark Data for clarity, completeness and lack of ambiguity and the Benchmark Data shall be used as part of the Normalization.
The Benchmarker shall select Peers for the Peer Group. The Benchmarker will provide a Peer Group for review and comment by the Benchmarking Steering Group and the Benchmarker will present its reasons for selecting the members of the Peer Group by providing contextual information about the Peer Group members to the Benchmarking Steering Group (to the extent it is able to, taking into account any confidentiality obligations owed to those Peer Group members). The Benchmarker is not obliged to accept any comments from any Party but shall provide an explanation in respect of any decision to include or disregard any comments from a Party to the Party concerned.
The Benchmarker will not share with either Party the identities of the Peer Group companies or the underlying proprietary algorithms supporting the Normalization Factors, but the Initial Benchmark Report and the Final Benchmark Report will contain a summary explanation of the Normalization applied by the Benchmarker.
Resources
Molina and the Supplier shall provide the Benchmarker with such information and data as is reasonably required for the conduct of a Benchmark.
Both the Supplier and Molina shall provide, as a minimum, a named individual as the ‘template lead’ for each of the Standard Collection Templates included in the Benchmark. This person (or a delegated nominee during periods of absence) shall be available throughout the Benchmark to assist the Benchmarker with the speedy and accurate execution of the

17    


Benchmark. In practice, this is likely to be a single individual from each of the Supplier and Molina, with support from subject matter experts as appropriate.
The Benchmarker will provide a primary point of contact for both of the Supplier and Molina.
Ongoing Adjustments
The Parties recognize that while the Benchmark Process is being undertaken the Benchmarked Services may be subject to change in respect of scope, volumes or terms under the Master Services Agreement and that such changes may impact the Benchmark Data.
If there is a material change to any of the Benchmark Data prior to the issue of the Final Benchmark Report, then either the Supplier or Molina may notify the other that it believes that the change would impact the Benchmark Process and the determination of the Fair Market Price for the Benchmarked Services.
If the Supplier and Molina both agree that the change would impact the Benchmark Process, then the Benchmarker shall, at a time to be jointly selected by Molina and the Supplier, take into account the adjusted information. If both the Supplier and Molina agree that the change would impact the Benchmark Process but cannot agree on the timing of a referral to the Benchmarker, the Benchmarker shall be consulted and determine the most efficient time to consider the adjusted information.
If Molina or the Supplier cannot agree that a change would result in the Fair Market Price for the Benchmarked Services, then either Party may elect to refer the matter to the Benchmarker to take the information into account in determining the Fair Market Price. If the Benchmarker levies an additional charge to remodel the Benchmark Data, then that charge shall be paid for by Molina, unless the Benchmarker confirms that the change has led to an adjustment in the Fair Market Price for the Benchmarked Services.


18    


Attachment 2
Conditions for Exchange of Confidential Information
The mutual objective of the Parties under this Benchmarking Agreement is to provide protection for Confidential Information (referred to in this Attachment as “Information”), while maintaining their ability to conduct their respective business activities. The following terms apply when one Party (the “Discloser”) discloses Information to any other Party (the “Recipient”). This Agreement applies only to the Information disclosed by the Discloser in connection with the Benchmarker performing a Benchmark of the Master Services Agreement.
1.    Disclosure
Information will be disclosed either:
(a)
in writing;
(b)
by delivery of items;
(c)
by initiation of access to Information, such as may be in a data base; or
(d)
by oral or visual presentation.
Information should be marked with a restrictive legend of the Discloser. If Information is not marked with such legend or is disclosed orally, the Information must be identified as confidential at the time of disclosure unless it is obvious from the context that the Information is confidential.
2.    Obligations
The Recipient agrees to:
(a)
use the same care and discretion to avoid disclosure, publication or dissemination of the Discloser’s Information as it uses with its own similar information that it does not wish to disclose, publish or disseminate; and
(b)
use the Discloser’s Information for the purpose for which it was disclosed or otherwise for the benefit of the Discloser.
3.    Confidentiality Period
Information disclosed under this Benchmarking Agreement will be subject to these confidentiality obligations for as long as the Information remains of a confidential nature.
4.    Exceptions to Obligations
(a)
The Recipient may disclose, publish, disseminate, and use Information that is:
(i)
already in its possession without obligation of confidentiality;
(ii)
developed independently;
(iii)
obtained from a source other than the Discloser without obligation of confidentiality;
(iv)
publicly available when received, or subsequently becomes publicly available through no fault of the Recipient; or
(v)
disclosed by the Discloser to another without obligation of confidentiality.
(b)
The Recipient may disclose, publish, disseminate, and use the ideas, concepts, know-how and techniques, related to the Recipient’s business activities, which are

23    


in the Discloser’s Information and retained in the memories of Recipient’s employees who have had access to the Information under this Benchmarking Agreement. Nothing in this paragraph gives the Recipient the right to disclose, publish, or disseminate:
(i)
the source of Information;
(ii)
any financial, statistical or personnel data of the Discloser; or
(iii)
the business plans of the Discloser.
(c)
The Recipient may disclose Information:
(i)
if the Benchmarker is the Recipient, to its employees who have a need to know;
(ii)
if Molina is the Recipient, to the Molina Group, and their employees;
(iii)
if the Supplier is the recipient, to the Supplier Group and their employees;
(iv)
in accordance with paragraphs 4(a), (b), (d) and (e); and
(v)
any other third party with the Discloser’s prior written consent.
Before disclosure to any of the third parties described in paragraph 4(c)(v), the Recipient will have a written agreement with the third party sufficient to require that party to treat Information in accordance with this Benchmarking Agreement.
(d)
Molina and the Supplier may disclose, publish, disseminate and use the Benchmark Deliverables in accordance with Clause 11.
(e)
The Recipient may disclose Information to the extent required by law. However, the Recipient will give the Discloser prompt notice to allow the Discloser a reasonable opportunity to seek a protective order.
5.    Disclaimers
The Discloser will not be liable for any damages arising out of the use of Information disclosed under this Benchmarking Agreement (and this Benchmarking Agreement only).
Neither this Benchmarking Agreement nor any disclosure of Information made under it grants the Recipient any right or license under any trademark, copyright or patent now or subsequently owned or controlled by the Discloser.
6.    General
The receipt of Information under this Benchmarking Agreement will not in any way limit the Recipient from:
(a)
providing to others products or services which may be competitive with products or services of the Discloser;
(b)
providing products or services to others who compete with the Discloser; or
(c)
assigning its employees in any way it may choose.
 

24    


Attachment 3
Schedule 2 and Schedule 6 of the Master Services Agreement, and all SOWs
[●]



26    


Attachment 4
Types of Benchmark Data
The Benchmark Data is the data collected in the attached templates.
[●]


27    


Attachment 5
Benchmarking Steering Group Members
[●]




28    


Attachment 6
Benchmarking Charges
[●]



29    


Attachment 7
Description of the Benchmark Process
[●]



30    


Attachment 8
Benchmark Plan
The detailed Benchmark Plan is set out below.
[●]

31    


Attachment 9
Supplier Competitors

[●]
[●]


32    


IN WITNESS WHEREOF, this Benchmarking Agreement has been signed by the duly authorized representatives of each of the Parties.
EXECUTED BY THE PARTIES:
EXECUTED by
[MOLINA]
 

)
by its duly authorized person
 
)
 
)
 
)
 
)
 
)
 
)


33    


EXECUTED by
[SUPPLIER]
 
)
by its duly authorized person
 
)
 
)
 
)
 
)
 
)
 
)


34    



EXECUTED by
[BENCHMARKER]
 
)
by its duly authorized person
 
)
 
)
 
)
 
)
 
)
 
)



35    



SCHEDULE 6

SERVICE LEVELS AND SERVICE CREDITS
 
 
 


36    



















SCHEDULE 6


SERVICE LEVELS AND SERVICE CREDITS




CONTENTS
 
 
Page
1.
Definitions
1
2.
Introduction
1
3.
Appendices
1
4.
Schedule 6 General Terms
1
5.
Measurement and Reports
2
6.
Service Level Defaults and Credits
4
7.
Changes to Service Levels
7
8.
Root Cause Analysis
7
9.
Annual Review and Continuous Improvement
8
10.
Adding or Modifying New Service Levels
9


 
(i)
 

CONFIDENTIAL TREATMENT REQUESTED




-1-

1.
DEFINITIONS
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation).
2.
INTRODUCTION
2.1
References.
All references in this Schedule to Sections and Appendices shall be to Sections and Appendices in this Schedule unless another reference is provided.
2.2
Completion.
No activity will be deemed to have been processed or completed for purposes of any Service Level unless Service Provider has correctly, accurately, and properly completed such activity in accordance with the Agreement and the Procedures Manual.
2.3
Reports.
All reports required under this Schedule shall be provided pursuant to Schedule 7 (Governance).
3.
APPENDICES
3.1
The following Appendices are attached to this Schedule, are incorporated by reference herein and shall apply to all Services under this SOW, as applicable:
3.2
Appendix 6-A (Service Level Matrix) sets forth the definitions, descriptions, Service Level Requirements, and calculation methods associated with Service Levels.
(a)
Each Service Level shall have a detailed description, Service Level Requirement, and calculation method as specified in Appendix 6-A (Service Level Matrix).
(b)
Each Service Level shall have an Allocation of Pool Percentage as specified in Appendix 6-A (Service Level Matrix) and as described below, which shall be used to determine the applicable Service Level Credit due by Service Provider to Molina in the event of a Service Level Default relative to that Service Level. Molina may allocate the Pool Percentage Available for Allocation across all Service Levels, with an Allocation of Pool Percentage to each Service Level.
4.
SCHEDULE 6 GENERAL TERMS
4.1
This Schedule 6 sets forth the Service Levels and other performance requirements that Service Provider is required to achieve in performing the Services and describes the method for calculating credits for Service Provider’s failure to meet a Service Level Requirement in the applicable reporting frequency (the “Service Level Credits”) that Service Provider shall credit on the next monthly invoice of Molina after such Service Level Credit is reported.

-1-

4.2
Service Level Matrix is mandatory and shall apply to all Services. All Service Levels shall have the components (collectively the “Service Level Components”) specified by Molina in Appendix 6-A (Service Level Matrix).
4.3
Additionally, Project Service Levels shall apply to Services if specified in a Project Statement of Work. All Project Service Levels shall have the Service Level Components specified by Molina in Project Statements of Work.
4.4
Subject to paragraph 5.3, each Service Level will come into effect on the Service Commencement Date for the SOW, and the Service Provider shall monitor and report its performance against that Service Level from that date, save that, for the purposes of this schedule, Service Level Credits shall only accrue in respect of Service Level Defaults, with effect from the date specified for that Service Level as the “Service Level Commencement Date” in the Service Level Matrix.
4.5
Except as otherwise specified, all references to hours will be to business hours during a calendar day; and all references to days, months, and quarters will be to calendar days, calendar months, and calendar quarters, respectively, unless otherwise specified.
4.6
All references to time will be to local time at the site at which the Service is being received. It will not be based on Service Provider headquarters or Molina headquarters time.
4.7
The objectives of the Service Levels are to ensure that the Services are of a consistently high quality, delivered to time and budget and meet the requirements of Molina.
5.
MEASUREMENT AND REPORTS
5.1
The methodology set out in this schedule will support the Service Level methodology cycle of agreeing, monitoring, reporting, and improving the delivery of the Services to the Molina.
5.2
Service Provider shall provide, implement, maintain, and support tools required or appropriate to measure and report on its performance of the Services against the Service Levels, and make them available to Molina on or before the applicable Service Level Commencement Date.
5.3
For any Service Level other than those that Molina has designated as not subject to Baselining in the columns titled “Subject to Baselining” in the Service Level Matrix prior to the Service Level Commencement Date of the SOW, the Service Provider shall be given a period of four (4) months following the relevant Service Level Commencement Date during which:
(a)
Service Provider will not be subject to Service Level Defaults;
(b)
Service Provider will report actual Service Level performance; and
(c)
Service Provider will use the four (4) month baselining period to meet the Expected Service Level Target, and

-2-

after the four (4) month baselining period, the Service Provider will become subject to Service Level Defaults, as defined in this schedule.
5.4
Service Provider shall provide detailed supporting information for each report as reasonably requested by Molina.
5.5
The raw data and detailed supporting information related to each Service Level report shall be deemed Confidential Information and shall be the property of Molina.
5.6
Regardless of data source, Service Provider is solely responsible for the underlying collection, measurement, and analysis of data pertaining to the Services and related Service Levels as reflected in any Service Level reports. Molina will make available the tools listed in Appendix 6-D, if any, for use by the Service Provider in the collection, measurement and analysis of the Service Levels, for which the Service Provider is responsible. The Service Provider shall make underlying data available to Molina by request.
5.7
Failure to submit Service Level reports when due, or to properly report performance with respect to any particular Service Level for any Monitoring Interval, shall be a Service Level Default for that Service Level.
5.8
For the avoidance of doubt, Molina retains the right to conduct its own reporting, which does not absolve the Service Provider of its responsibility under this clause; Molina retains the right to challenge if the Service Provider’s reporting conflicts with Molina’s reporting. Notwithstanding any other provision of this Agreement, in the event of a discrepancy between Molina’s reporting and the Service Provider’s reporting, the Parties will refer the matter to the Operational Review Board for resolution.
5.9
Failure to properly measure performance with respect to any Service Level for any thirty (30) day period will be deemed to be a Service Level Default with respect to such Service Level for such thirty (30) day period.
5.10
Service Provider shall prepare and submit for each Period of the SOW Term an accurate and complete Monthly Performance Report meeting Molina’s requirements, that shows the performance of all Service Levels; Service Provider shall submit the Monthly Performance Report to Molina no later than seven (7) Business Days after the close of each such Period.
(a)
The Monthly Performance Report shall include a set of online accessible reports to verify Service Provider Service Level Performance and compliance with the Service Levels. The reported metrics shall be in a report format as designated by Molina and calculated according to the System of Record as laid out in the Appendix 6-A (Service Level Matrix). Service Provider shall make such information available to Molina online on a 24 x 7 basis (excluding mutually-agreed-upon maintenance windows) using commonly available technology. Service Provider shall provide to Molina as part of Service Provider’s “Monthly Performance Reports”, a set of soft-copy reports to verify Service Provider’s performance and compliance with the Service Levels. A hard-copy report shall be made available at Molina’s request.

-3-

(b)
Service Provider is required to keep updated documentation of Services and how they are completed and shall be made accessible at Molina’s request.
5.11
In circumstances where the time allowed by a Service Level for an activity to be completed (such as the response to, or resolution of, an incident or problem) continues beyond the end of the Period in which that Service Level is measured, such activity shall be included in the Period during which Service Provider is to complete the activity within the time allowed for the applicable Service Level.
6.
SERVICE LEVEL DEFAULTS AND CREDITS
6.1
In addition to the other items deemed a Service Level Default hereunder, a “Service Level Default” shall be deemed to have occurred for a given Service Level when:
(a)
For a Critical Service Level, Service Provider fails to meet the applicable Expected Service Level Target and in the immediately previous [redacted] there have been at least [redacted] other months where the Service Provider’s performance failed to meet such Expected Service Level Target and that the failure is the [redacted] or more such failure in a rolling [redacted] month period (an “Expected Service Level Default”);
(b)
For a Critical Service Level, Service Provider fails to meet the applicable Minimum Service Level Target in respect to any month (a “Minimum Service Level Default”);
(c)
The Parties agree to a Service Level with respect to the Key Performance Indicators, as follows: If Service Provider fails to meet the applicable Minimum Service Level Target for [redacted] or more Key Performance Indicators in the same month it will be a Service Level Default. With respect to this particular Service Level, the allocation of the Pool Percentage shall not exceed [redacted]; or
(d)
For any Service Level, Service Provider fails to provide an accurate and complete Monthly Performance Report, in which case such failure shall be deemed a Service Level Default with respect to such Service Levels for such Period, if Service Provider has access to necessary data for such measurement. Service Provider shall promptly notify Molina if Service Provider does not have access to necessary data for such measurement.
6.2
In respect of each SOW, the Service Provider’s performance shall be measured and reported on separately and the calculation of any Service Level Credits payable in respect of any SOW, shall be calculated and operated on a per SOW basis. Each SOW has a separate Service Level Matrix applicable to it.
6.3
A “Service Level Credit” shall be applied to the relevant Monthly Invoice by Service Provider to Molina for any Service Level Default with respect to a Service Level in accordance with the following:
(a)
Service Level Credits shall apply with effect from the Service Level Commencement Date as specified in Appendix 6-A (Service Level Matrix).

-4-

(b)
Service Provider shall promptly notify Molina (no later than five (5) Business Days after the end of each Period) in writing if Molina becomes entitled to a Service Level Credit. Concurrent with delivering each Monthly Invoice, Service Provider shall deliver within the Monthly Performance Report a comprehensive report identifying any Service Level Defaults and corresponding Service Level Credits to which Molina is entitled at the time of such Monthly Invoice.
The formula for Service Level Credit calculation is
Service Level Credit = A x B x C; Where:
A = The At-Risk Fees
B = The At-Risk Percentage
C = The Allocation of Pool Percentage for the Service Level for which the Service Level Default occurred as shown in Appendix 6-A (Service Level Matrix).

For example, assume that Service Provider fails to meet the Service Level Requirement for a Service Level. Assume Service Provider’s At-Risk Fees for the month in which the Service Level Default occurred was [redacted] and that the At-Risk Percentage was [redacted].

Additionally, assume that the Allocation of Pool Percentage is [redacted]. The Service Level Credit due to Molina for such Service Level Default would be computed as follows:
A = the At-Risk Fees [redacted]
[redacted]
B = The At-Risk Percentage [redacted]
[redacted]
C = The Allocation of Pool Percentage for the Service Level for which the Service Level Default occurred as shown in Appendix 6-A (Service Level Matrix) to this Schedule [redacted]
= [redacted] the amount of the Service Level Credit).
6.4
The “At-Risk Fees” for a given SOW shall be the total Charges for the Period, excluding taxes, Project Charges (except to the extent the applicable Project Work Order specifies that the Charges payable with respect to the applicable Project shall be included in the At-Risk Fees) and pass-through expenses to be reimbursed by Molina under the Agreement.
6.5
The “At-Risk Percentage” for this SOW shall be [redacted].
6.6
The “Pool Percentage Available for Allocation” for a given SOW shall [redacted], which shall be allocable across all Service Levels as per Appendix 6-A (Service Level Matrix).
6.7
There shall be a cap on the “Allocation of Pool Percentage” for any Service Level under this SOW [redacted] (except the allocation contemplated in paragraph 6.1(c) regarding KPIs, which shall be capped at [redacted]), except that Molina may elect, at its sole discretion, up to two Service Levels to each have an allocation of greater than [redacted] and less than or equal to [redacted].
6.8
Service Level Credits shall be subject to acceleration (“Service Level Credit Acceleration”). For Critical Service Levels, there shall be an increasing level of Service

-5-

Level Credits if there is a consecutive recurring Minimum Service Level Default for the same Critical Service Level in consecutive Periods. For a second consecutive Minimum Service Level Default for a given Critical Service Level, there shall be an increase of [redacted] in the Service Level Credit payable, relative to the original Service Level Credit that would have otherwise been payable without the application of Service Level Credit Acceleration, for that Period. For a third consecutive Minimum Service Level Default, there shall be an increase of [redacted] in the Service Level Credit payable, relative to the original Service Level Credit, for that Period. For a fourth consecutive Minimum Service Level Default, there shall be an increase of [redacted] in the Service Level Credit payable, relative to the original Service Level Credit, for that Period. For example, if a Critical Service Level has the Service Level Credit Allocation of Pool Percentage set as [redacted], and if the Service Provider has a Minimum Service Level Default for that Critical Service Level, then in the first such instance, the corresponding Service Level Credit shall be computed using a Service Level Credit Allocation Percentage of [redacted]. However, if the Service Provider has a consecutively recurring Minimum Service Level Default for that Critical Service Level, then in the second such instance the Service Level Credit Allocation of Pool Percentage shall be increased to [redacted] of the previous month’s Service Level Credit Allocation of Pool Percentage. In this example, in the second month the Service Level Credits shall be computed using a Service Level Credit Allocation Percentage of [redacted] ([redacted]) rather than [redacted].
6.9
If [redacted] has occurred [redacted]. If a [redacted], Molina shall have the right to [redacted].
6.10
In no event shall the amount of Service Level Credits credited to Molina with respect to all Service Level Defaults occurring in a single Period exceed, in total, the At-Risk Amount.
6.11
The total amount of Service Level Credits with respect to Service Level Defaults occurring each Period, shall be reflected on the subsequent Monthly Invoice detailing the timing of the Service Level Default.
6.12
Service Provider acknowledges and agrees that the Service Level Credits shall not be deemed or construed to be liquidated damages or a sole and exclusive remedy or in derogation of any other rights and remedies, which Molina has under the Agreement, at law or in equity. Notwithstanding any language to the contrary contained herein, if Molina receives monetary damages from Service Provider because of Service Provider’s failure to meet a Service Level, Service Provider shall be entitled to set-off against such damages any Service Level Credits paid for the failure giving rise to such recovery.
6.13
If Molina elects to waive in writing a Service Level Credit, such waiver shall not be considered a waiver of the Service Level Default or other rights and remedies available to Molina in connection with the Agreement, including rights to seek to recover damage and to exercise termination rights, unless otherwise expressly stated in such written waiver.
6.14
Minimum Event Quantity” applies to a Critical Service Level or a Key Performance Indicator where a small number of occurrences in the measurement pool can result in a missed Service Level, except where the measured tasks are binary (either 0% or 100%) and the Service Level

-6-

has been set accordingly. The Minimum Event Quantity for a particular Target Service Level or a Critical Service Level is the quantity of occurrences in the measurement pool that would allow Service Provider to attain the Service Level even though there was one occurrence not meeting the applicable Critical Service Level or Key Performance Indicator.
7.
CHANGES TO SERVICE LEVELS
7.1
In accordance with the agreed upon Change Procedure and not more than once in the period of ninety (90) days:
(a)
Molina may modify or delete existing Service Levels.
(b)
Molina may re-distribute the Service Level Credit Allocation Percentage.
(c)
Molina may demote Critical Service Levels to Key Performance Indicators or promote Key Performance Indicators to Critical Service Levels.
7.2
Regarding the deletion of one or more Service Levels, there shall be no corresponding change in Service Fees as described in Schedule 3 (Pricing and Invoicing). Regarding the modification or addition of one or more Service Levels, the modification or addition shall be subject to a related change in the Charges for the Services measured by the applicable Service Level.
7.3
Any change (including but not limited to additions, modifications, or deletions) to Service Levels shall take effect thirty (30) calendar days after written notice of such change has been received by Service Provider.
7.4
Each notice shall include an updated Appendix 6-A (Service Level Matrix) applicable to the change made as specified above.
8.
ROOT CAUSE ANALYSIS
8.1
In addition to any Service Level Credits that may be due, Service Provider shall investigate and perform a Root Cause Analysis of each Service Level Default and provide Molina with a commercially reasonable and operationally viable written plan to permanently correct such root cause within thirty (30) calendar days of such occurrence to improve Service Provider’s performance with respect to such Service Level and prevent Service Level Defaults in the future.
(a)
Service Provider shall promptly implement such plan once it has been approved by Molina.
(b)
Successful execution and completion of such plan is subject to approval by Molina. In the event of such plan not being satisfactorily completed or the root cause of the Service Level Default not being resolved according to Molina standards, Molina reserves the rights to ask Service Provider for re-submission of the plan to address resolution of such issues.
(c)
Service Provider agrees that (i) failure to implement the plan shall be treated as a new Service Level Default regarding the same Service Level to which the Root Cause

-7-

Analysis relates, with such new Service Level Default being deemed to have occurred with respect to the Period in which Service Provider was due to delivery to Molina the applicable Root Cause Analysis and remediation plan, and (ii) such Service Level Default shall apply regardless of whether a Service Level Credit was incurred because of the initial Service Level Default.
9.
ANNUAL REVIEW AND CONTINUOUS IMPROVEMENT
9.1
The parties agree that the Service Levels shall be subject to continuous improvement and shall be modified as described below.
9.2
Beginning on the one-year anniversary of the Service Level Commencement Date, and annually thereafter, the parties shall adjust each Service Level using the method described below:
(a)
The parties will review:
(i)
The then-current Service Level Performance for Service Levels.
(ii)
The percentage difference between the average Service Level Performance and the Service Level Requirement for the duration of the previous Contract Year.
(iii)
The original Service Level Requirement as of the SOW Effective Date.
(iv)
Generally available information regarding industry-wide service levels and performance requirements for similar services.
(v)
Improved performance capabilities, including those associated with advances in technology and methods used to provide the Services.
(b)
Consistent with and using the information identified in the foregoing:
(i)
The parties shall attempt in good faith to agree on an improved Service Level Requirement for each of the Service Levels, based on the information collected. For avoidance of doubt, such improvement may be either an increase or decrease in the Service Level Requirement, as based on the metric applicable to perfect performance for the Service Level.
(ii)
If the parties fail to agree, then:
(A)
The Service Level Requirement will be reset based on averaging (i) the average of the Service Level Performance [redacted] of the previous Contract Year in which Service Provider had its highest level of performance (such average is the “Average Amount”), with (ii) the then-current Service Level Requirement, but only if the actual results for each of [redacted] the then current Service Level Requirement.
For example, assume that the current Service Level Requirement is [redacted]

-8-

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted].
(B)
Notwithstanding the abovementioned, no single increase or decrease in a Service Level Requirement for any Contract Year may exceed [redacted].
For example, assume that the current Service Level Requirement is at [redacted].
[redacted].
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
(iii)
Minimum Service Levels:
(A)
Each Minimum Service Level Target shall be reset by adding to the Minimum Service Level Target being adjusted a sum equal to [redacted] of the difference between [redacted] and [redacted] Minimum Service Level Target.
(B)
[redacted].
10.
ADDING OR MODIFYING NEW SERVICE LEVELS
10.1
If the Parties agree that it is appropriate between yearly adjustment periods to establish or baseline a new or modified Service Level, such Service Level shall be baselined during a period of stable activity, as determined at the reasonable discretion of Molina, as follows:
(a)
Molina shall identify and communicate in writing to the Service Provider the applicable Service Level Components for such new Service Level.
(b)
The Service Provider shall report to Molina its actual performance relative to that Service Level for the previous three (3) consecutive Periods, such that:
(i)
No Service Defaults shall be deemed to have occurred and no Service Level Credits shall be enforced for such Service Level during the Baselining Period.

-9-
CONFIDENTIAL TREATMENT REQUESTED


(ii)
The Service Level Target shall be set as the Service Provider’s average actual Service Level performance during the Baselining Period, and the Service Level shall be added and incorporated into the Service Level Matrix, with the start of the subsequent Period established as the Service Level Commencement Date.
(iii)
Unless otherwise specified within the Service Level Matrix, the Baselining Period shall consist of three (3) consecutive Periods; in no case shall the Baselining Period exceed six (6) months


APPENDIX 6-A – SERVICE LEVEL MATRIX
[See Attached]


-10-
CONFIDENTIAL TREATMENT REQUESTED


appendix6a.jpg

-1-
CONFIDENTIAL TREATMENT REQUESTED


pic13.jpg



-2-
CONFIDENTIAL TREATMENT REQUESTED


Pool Percentage for Allocation:

 
 
 
250%
 
 
 
 
 
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
1
Critical Service Level
First Contact Resolution
Measures the percentage of calls and chats resolved on first contact 

FCR is for Level 1 resolvable incidents and service requests based on the SOP & KB articles. It excludes third party, hardware, desk side related issues.
We will mutually define & agree upon resolvable incidents & service requests.
FCR roadmap:
Day 1: 75%, Day 30: 80% Day 60: 82%: Day 90:85%
Service Level = A / B
A = number of calls or chats resolved during a User’s first contact with the Service Desk
B = the total of all calls and chats to the Service Desk
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
FCR is for Level 1 resolvable incidents and service requests based on the SOP & KB articles. It excludes third party, hardware, desk side related issues.
We will mutually define & agree upon resolvable incidents & service requests.
FCR roadmap:
Day 1: 75%, Day 30: 80% Day 60: 82%: Day 90:85%

-3-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
250%
 
 
 
 
 
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
2
Critical Service Level
Same Day Resolution
Measures the percentage of calls and chats resolved during same day with the Service Desk 
 
Same day resolution is for 24 hours’ ticket resolution. This is for Level 1 resolvable issues based on SOPs, which couldn't be solved on the call and requires additional offline steps/coordination with resolver group. This excludes complex Level 2/Level 3 (based on deeper analysis), third party, hardware, desk side related issues.
Roadmap: 
 
Day 1: 75%, Day 30: 80% Day 60: 82%: Day 90:85%
Service Level = A / B
A = number of calls and chats resolved during same day
B = the total of all calls and chats to the Service Desk
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Same day resolution is for 24 hours’ ticket resolution. This is for Level 1 resolvable issues based on SOPs, which couldn't be solved on the call and requires additional offline steps/coordination with resolver group. This excludes complex Level 2/Level 3 (based on deeper analysis), third party, hardware, desk side related issues.
Roadmap:

Day 1: 75%, Day 30: 80% Day 60: 82%: Day 90:85%
3
Critical Service Level
Mean Time to Resolve (MTTR)
Measures the average time from when an incident is reported until the incident is resolved 
 
Excludes the time a ticket is waiting user input
Service Level = A / B
A = the total amount of time taken to resolve the cases
B = the total number of all cases resolved
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Excludes the time a ticket is waiting user input

-4-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
250%
 
 
 
 
 
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
4
Critical Service Level
Average Speed of Answer (ASA)
Measures the period of time a call or chat has been waiting prior to being answered by a Service Desk agent 
 
The measurement criteria and exclusions such as (i) Non-applicability for days where call or chat volumes are less than 100, (ii) Non-applicability during Major incidents or abnormal volumes, etc. will have to be defined.
Service Level = A / B
A = the total amount of time all calls and chats have been waiting prior to being answered by a Service Desk agent
B = the total number of calls and chats
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
The measurement criteria and exclusions such as (i) Non-applicability for days where call or chat volumes are less than 100, (ii) Non-applicability during Major incidents or abnormal volumes, etc. will have to be defined.
5
Critical Service Level
Abandonment Rate
Measures the percentage of calls and chats that are abandoned.
Service Level = A / B
A = number of calls and chats abandoned
B = the total of all calls and chats to the Service Desk
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
6
Critical Service Level
IMACD Completion
Measures the percentage of IMACD requests that are completed within the specified time frame.
Service Level = A / B
A = the number of IMACDs completed within the designated timeframe
B = the total of all IMACDs
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Except dispatch locations.
Service Catalogue to be defined and agreed with Molina.
7
Critical Service Level
Customer Satisfaction Survey
Measures the satisfaction of the Customer through surveying.
TBD
TBD
TBD
[redacted]
[redacted]
[redacted]
[redacted]
As determined by Molina
Monthly
Yes
Survey questionnaire, SLA calculation and measurement methodology will have to be mutually defined and agreed. The SLA targets will be baselined prior to finalizing the targets.
Applicable to service desk calls / chats only.
8
Critical Service Level
Sentiment Analysis
Measures the satisfaction of the Customer through sentiment analysis of both calls and chats.
TBD
TBD
TBD
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Infosys will develop a Emoji based survey mechanism
 
Critical Service Level
Response Time (Priority 1)
Measures the number of seconds or cycles it takes an End-User to connect with Supplier's contact center representative for priority 1 incidents.
Service Level = A / B
A = the number of cases responded to within the designated timeframe
B = the total number of all cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Redundant SLA, covered as part of Infra SLAs

-5-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
250%
 
 
 
 
 
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
 
Critical Service Level
Response Time (Priority 2)
Measures the number of seconds or cycles it takes an End-User to connect with Supplier's contact center representative for priority 2 incidents.
Service Level = A / B
A = the number of cases responded to within the designated timeframe
B = the total number of all cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Redundant SLA, covered as part of Infra SLAs
 
Critical Service Level
Response Time (Priority 3)
Measures the number of seconds or cycles it takes an End-User to connect with Supplier's contact center representative for priority 3 incidents.
Service Level = A / B
A = the number of cases responded to within the designated timeframe
B = the total number of all cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
SLA to be baselined prior to finalizing.
 
Critical Service Level
Response Time (Priority 4)
Measures the number of seconds or cycles it takes an End-User to connect with Supplier's contact center representative for priority 4 incidents.
Service Level = A / B
A = the number of cases responded to within the designated timeframe
B = the total number of all cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
SLA to be baselined prior to finalizing.
 
Critical Service Level
Resolution Time (Priority 1)
Measures the time elapsed from the initiation of the Service Desk Incident until the Priority 1 Incident is fixed.
Service Level = A / B
A = the number of cases resolved within the designated timeframe
B = the total number of all cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
This is for remote desktop support only while other issues will be covered under the different resolver group
 
Critical Service Level
Resolution Time (Priority 2)
Measures the time elapsed from the initiation of the Service Desk Incident until the Priority 2 Incident is fixed.
Service Level = A / B
A = the number of cases resolved within the designated timeframe
B = the total number of all cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
This is for remote desktop support only while other issues will be covered under the different resolver group
9
Critical Service Level
Resolution Time (Priority 3)
Measures the time elapsed from the initiation of the Service Desk Incident until the Priority 3 Incident is fixed.
Service Level = A / B
A = the number of cases resolved within the designated timeframe
B = the total number of all cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
10
Critical Service Level
Resolution Time (Priority 4)
Measures the time elapsed from the initiation of the Service Desk Incident until the Priority 4 Incident is fixed.
Service Level = A / B
A = the number of cases resolved within the designated timeframe
B = the total number of all cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
 
KPI
Backlog (Priority 1)
Measures the average age of all Priority 1 cases.
Service Level = A
A = the average age of cases for the designated priority level
N/A
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Should not be applicable
 
KPI
Backlog (Priority 2)
Measures the average age of all Priority 2 cases.
Service Level = A
A = the average age of cases for the designated priority level
N/A
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Should not be applicable
11
KPI
Backlog (Priority 3)
Measures the average age of all Priority 3 cases.
Service Level = A
A = the average age of cases for the designated priority level
N/A
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
For tickets for which Infosys has assumed primary responsibility

-6-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
250%
 
 
 
 
 
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
12
KPI
Backlog (Priority 4)
Measures the average age of all Priority 4 cases.
Service Level = A
A = the average age of cases for the designated priority level
N/A
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
For tickets for which Infosys has assumed primary responsibility
 
KPI
Case Chase/Follow-up (Priority 1)
Measures the average follow-up time of Priority 1 case requests
Service Level = A / B
A = the total time to execute case follow-up for the designated priority level
B = the total number of case follow-ups for the designated priority level
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Should not be applicable
 
KPI
Case Chase/Follow-up (Priority 2)
Measures the average follow-up time of Priority 2 case requests
Service Level = A / B
A = the total time to execute case follow-up for the designated priority level
B = the total number of case follow-ups for the designated priority level
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
13
KPI
Case Chase/Follow-up (Priority 3)
Measures the average follow-up time of Priority 3 case requests
Service Level = A / B
A = the total time to execute case follow-up for the designated priority level
B = the total number of case follow-ups for the designated priority level
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
For tickets for which Infosys has assumed primary responsibility
14
KPI
Case Chase/Follow-up (Priority 4)
Measures the average follow-up time of Priority 4 case requests
Service Level = A / B
A = the total time to execute case follow-up for the designated priority level
B = the total number of case follow-ups for the designated priority level
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
For tickets for which Infosys has assumed primary responsibility
 
KPI
Customer Case Update (Priority 1)
The average time required for updates and escalation execution.
Service Level = A / B
A = the total time for updates and escalation execution for the designated priority level
B = the total number of updates and escalation executions for the designated priority level
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
 
KPI
Customer Case Update (Priority 2)
The average time required for updates and escalation execution.
Service Level = A / B
A = the total time for updates and escalation execution for the designated priority level
B = the total number of updates and escalation executions for the designated priority level
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
 
KPI
Customer Case Update (Priority 3)
The average time required for updates and escalation execution.
Service Level = A / B
A = the total time for updates and escalation execution for the designated priority level
B = the total number of updates and escalation executions for the designated priority level
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
 
KPI
Customer Case Update (Priority 4)
The average time required for updates and escalation execution.
Service Level = A / B
A = the total time for updates and escalation execution for the designated priority level
B = the total number of updates and escalation executions for the designated priority level
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
15
KPI
Hierarchical Escalation
Measures the average time required for the initial response to a management escalation.
Service Level = A / B
A = the total time required for the initial response to a management escalation.
A = the total number of initial responses to management escalations
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
Molina to revert
16
KPI
Duplicate Incidents
Measures the percentage of cases for which there are duplicate records.
Service Level = A / B
A = the number of cases for which there are duplicate records
B = the total number of cases
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 

-7-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
250%
 
 
 
 
 
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
17
KPI
Average Contact Handle Time
Measures the total time that an agent spends on an inbound contact, including talk time, chat time, wrap time, and after call or after chat work time (ACW).
Service Level = A / B
A = the total time that agents spend on inbound contacts
B = the total number of inbound contacts
[redacted]
[redacted]
[redacted]
[redacted]
Each case
Monthly
Yes
 
18
Critical Service Level
Installation of Emergency Software or Patches
Percentage of End User Devices applied with Emergency Software or Patches for which the process was started immediately, and installed on those devices within the designated timeframe.
Service Level Achievement = A/B
A=Total number of Emergency Software/Patch installations required to be completed during the Measurement Period that are completed within the time allotted
B=Total number of Emergency Software/Patch installations required to be completed during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
Each patch or Software distribution to each Molina device
Monthly
Yes
Excludes devices not connected to network
19
KPI
Installation of Approved Software or Patches
Percentage of Approved Software or Patches installed on end user devices within the time allotted (as per Molina patching and installation scheduling requirements)
Service Level Achievement = A/B
A=Total number of Approved Software/Patch installations required to be completed during the Measurement Period that are completed within the time allotted
B=Total number of Approved Software/Patch installations required to be completed during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
Each patch or Software distribution to each Molina device
Monthly
Yes
Excludes devices not connected to network
20
KPI
VIP Incident Response
All tickets raised by or on behalf of a VIP are acknowledged to the customer by an analyst attending/remote intervention
Service Level Achievement = A/B
A = the number of VIP Incidents responded to within the designated timeframe
B = the total number of all VIP Incidents
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
Applicable at Corporate Offices
21
KPI
VIP Incident Resolution
All tickets raised by or on behalf of a VIP are resolved to the customer by an analyst attending/remote intervention
Service Level Achievement = A/B
A = the number of VIP Incidents resolved within the designated timeframe
B = the total number of VIP Incidents
[redacted]
[redacted]
[redacted]
[redacted]
 
 
 
Applicable at Corporate Offices




-8-
CONFIDENTIAL TREATMENT REQUESTED



appendix6apart2.jpg


-1-
CONFIDENTIAL TREATMENT REQUESTED




pic14.jpg


-2-
CONFIDENTIAL TREATMENT REQUESTED


Pool Percentage for Allocation
250%
#
Type
Service Level Name
Description / Overview
 
 
 
On-Prem Infra
On-Azure Infra
 
 
 
 
 
 
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
1
Critical Service Level
Database Cluster Availability
Measures the percentage availability of Database Clusters (with redundancy within the site) in Data Centers 
 
1. This SLA is applicable for Platinum category application having more than 2 nodes per clusters.
2. AppDynamincs will be used for application performance monitoring
3. On Azure, the SLA's will reamin same for services taken as IaaS. For PaaS DB services, MS Azure specific SLA will be applicable as contracted.
Service Level = (B - A) / B
A = number of minutes of Unplanned Downtime for database clusters during the Measurement Period. “A” shall not include Unplanned Downtime as long as all database clusters remain available and are capable of taking workload. "A" shall include Unplanned Downtime if any of the four following conditions applies:
1. More than one node in a cluster is in downstate
2. Loss of connectivity to the database
3. Performance degradation of application due to database issue.
4. SQLs running longer due to optimizer plan change resulting in partial loss of functionality to the application.
B = number of minutes of planned operation for all database clusters that experienced any Unplanned Downtime during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
This is not applicable to for Azure Cloud as the oracle Exadata is running on private cloud.

SQL DB Availability is covered as part of Azure SLA:

https://azure.microsoft.com/en-us/support/legal/sla/
[redacted]
Each minute
Monthly
Yes
1. This SLA is applicable for Platinum category application having more than 2 nodes per clusters.
2. AppDynamincs will be used for application performance monitoring
3. On Azure, the SLA's will reamin same for services taken as IaaS. For PaaS DB services, MS Azure specific SLA will be applicable as contracted.
2
Critical Service Level
Response Time (Priority 1)
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Service Level = A / B
A = number of Priority 1 incidents responded to within the designated timeframe or less.
B = number of Priority 1 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Infosys IIMSS will be configured to send automated aknowledgement alerts.
[redacted]
Each incident
Monthly
Yes
 
3
Critical Service Level
Response Time (Priority 2)
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Service Level = A / B
A = number of Priority 2 incidents responded to within the designated timeframe or less
B = number of Priority 2 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Infosys IIMSS will be configured to send automated aknowledgement alerts.
[redacted]
Each incident
Monthly
Yes
Volumes for P2 tickets is almost 5 tickets per day hence keeping SLA lower than P1s.

-3-
CONFIDENTIAL TREATMENT REQUESTED


#
Type
Service Level Name
Description / Overview
 
 
 
On-Prem Infra
On-Azure Infra
 
 
 
 
 
 
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
4
Critical Service Level
Resolution Time (Priority 1)
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Service Level = A / B
A = number of Priority 1 incidents resolved within the designated timeframe.
B = number of Priority 1 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
For the issues related to Azure platform, MS provodes the following SLAs with Azure Rapid response Contract. This contract needs to be established between Molina & MS or Infosys & MS.

With Rapid response contract- response SLA is 15 min.
With Azure premimum support contract- response SLA is 1 hour

there is no resolution SLA commited by MS.
[redacted]
Each incident
Monthly
Yes
 
5
Critical Service Level
Resolution Time (Priority 2)
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Service Level = A / B
A = number of Priority 2 incidents resolved within the designated timeframe.
B = number of Priority 2 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
For the issues related to Azure platform, MS provodes the following SLAs with Azure Rapid response Contract. This contract needs to be established between Molina & MS or Infosys & MS.

With Rapid response contract- response SLA is 15 min.
With Azure premimum support contract- response SLA is 1 hour

there is no resolution SLA commited by MS.
[redacted]
Each incident
Monthly
Yes
 
6
Critical Service Level
Installation of Emergency Software or Patches
Percentage of Emergency Software or Patches for which the process was started immediately, and installed on Infrastructure within the designated timeframe. 
 
1. Inclusions : Devices reporting to AD, persistent machines and DMZ devices
2. Exclusions : Pooled, EoL and in-progress decomm mchines
3. Applies to day-0 patches
4. Implementation timelines will be mutually agreed
Service Level Achievement = A/B
A=Total number of Emergency Software/Patch installations required to be completed during the Measurement Period that are completed within the time allotted
B=Total number of Emergency Software/Patch installations required to be completed during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each patch or Software distribution to each Molina device
Monthly
Yes
1. Inclusions : Devices reporting to AD, persistent machines and DMZ devices
2. Exclusions : Pooled, EoL and in-progress decomm mchines
3. Applies to day-0 patches
4. Implementation timelines will be mutually agreed

-4-
CONFIDENTIAL TREATMENT REQUESTED


#
Type
Service Level Name
Description / Overview
 
 
 
On-Prem Infra
On-Azure Infra
 
 
 
 
 
 
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
7
Critical Service Level
Network Infrastructure Availability
Measures the percentage availability of Production Network Infrastructure
Service Level = (B - A) / B
A = number of minutes of Unplanned Downtime for all Production Network Infrastructure resources during the Measurement Period. “A” shall not include Unplanned Downtime as long as all server clusters (including Infrastructure and storage), and network paths remain available and are capable of taking workload.
B = number of minutes of planned operation for all Production Network resources that experienced any Unplanned Downtime during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
This is covered as part of Azure SLA:

https://azure.microsoft.com/en-us/support/legal/sla/
[redacted]
Each minute
Monthly
Yes
1. Applicable to the On prem DC Networks

2. For Azure, MS SLA will be applicable as contracted.
8
Critical Service Level
Azure Services Availability
Microsoft’s commitments for uptime and connectivity
https://azure.microsoft.com/en-us/support/legal/sla/
-
-
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Microsoft makes service levels commitments to customers in the SLA, which will be applicable to Molina as well. Details on specific services are listed on https://azure.microsoft.com/en-us/support/legal/sla/.

As per the terms of Cloud Service Provider ("CSP") agreement between Microsoft and Infosys - In case of any Azure Services SLA breach for Azure Services procured through Infosys CSP, Infosys will escalate the claim to Microsoft for review. Microsoft will review the claim according to the standard SLA review process. Microsoft will then apply any credit due on Infosys’s next billing reconciliation report and Infosys will then credit Molina for the SLA claim that Microsoft has paid Infosys for the SLA credit. Molina is eligible for credits not to exceed the total monthly Subscription price.
[redacted]
Each incident
Monthly
Yes
 

-5-
CONFIDENTIAL TREATMENT REQUESTED


#
Type
Service Level Name
Description / Overview
 
 
 
On-Prem Infra
On-Azure Infra
 
 
 
 
 
 
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
9
KPI
Backup Infrastructure Availability
Measures the percentage availability of the backup infrastructure
Service Level = (B - A) / B
A = number of minutes of Unplanned Downtime for all backup infrastructure during the Measurement Period.
B = number of minutes of planned operation for backup infrastructure that experienced any Unplanned Downtime during the Measurement Period. B shall not include minutes of planned operation of the backup infrastructure unless the it was unavailable.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
This is covered as part of Azure SLA:

https://azure.microsoft.com/en-us/support/legal/sla/
[redacted]
Each minute
Monthly
Yes
For Azure, backup is a paas service and availability of paas services will shared by MS as per the contract.
10
KPI
Stand-Alone Device Availability
Measures the aggregate availability of the in-scope stand-alone devices 

1. Assumption : Branch office location devices are protected by the secured and controlled facility.
2. All WAP devices except those in Corporate offices (bldg 200/300) in Long Beach are excluded
3. Exclusions : End-user and EoL Devices
Service Level = (B - A) / B
A = number of minutes of Unplanned Downtime for all stand-alone devices located outside a Data Center during the Measurement Period.
B = number of minutes of planned operation for all stand-alone devices located outside a Data Center that experienced any Unplanned Downtime during the Measurement Period. B shall not include minutes of planned operation for a stand-alone device unless the device was unavailable.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
This is covered as part of Azure SLA:

https://azure.microsoft.com/en-us/support/legal/sla/
[redacted]
Each minute
Monthly
Yes
1. Assumption : Branch office location devices are protected by the secured and controlled facility.
2. All WAP devices except those in Corporate offices (bldg 200/300) in Long Beach are excluded
3. Exclusions : End-user and EoL Devices
11
KPI
Communication Time
Measures the percentage of incidents where the incident was communicated with business impact and technical description of what is being investigated, to appropriate business partners and technical teams within the appropriate amount of time.
Service Level = A / B
A = number of incidents communicated in within the designated timeframe or less.
B = number of incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
Applicable only for the P1/P2 incidents and as per the agreed business communication plans

-6-
CONFIDENTIAL TREATMENT REQUESTED


#
Type
Service Level Name
Description / Overview
 
 
 
On-Prem Infra
On-Azure Infra
 
 
 
 
 
 
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
12
KPI
Response Time (Priority 3)
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Service Level = A / B
A = number of Priority 3 incidents responded to within the designated timeframe.
B = number of Priority 3 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
13
KPI
Response Time (Priority 4)
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Service Level = A / B
A = number of Priority 4 incidents responded to within the designated timeframe.
B = number of Priority 4 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
14
KPI
Resolution Time (Priority 3)
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Service Level = A / B
A = number of Priority 3 incidents resolved within the designated timeframe.
B = number of Priority 3 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
15
KPI
Resolution Time (Priority 4)
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Service Level = A / B
A = number of Priority 4 incidents resolved within the designated timeframe.
B = number of Priority 4 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
16
KPI
Root Cause Analysis Time
Measures the percentage of Priority 1 and 2 incidents that receive a final root cause analysis within the designated timeframe. Pending responses from third party suppliers are acceptable
Service Level = A / B
A = number of Priority 1 and Priority 2 incidents that meet the Root Cause Analysis Time within the designated timeframe
A = number of Priority 1 and Priority 2 incidents resolved during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
17
KPI
Batch Job Commencement
Measures the percentage of batch jobs failures where the failure was responded to (following SOP guidelines) within the designated timeframe. 
Response only to respective teams according SOP & Communication Matrix
Service Level = A / B
A = number of batch job failures during the Measurement Period that were responded to within the designated timeframe or less
B = number of batch job failures during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each instance
Monthly
Yes
Response only to respective teams according SOP & Communication Matrix

-7-
CONFIDENTIAL TREATMENT REQUESTED


#
Type
Service Level Name
Description / Overview
 
 
 
On-Prem Infra
On-Azure Infra
 
 
 
 
 
 
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
18
KPI
Successful Completion of Backup and Recovery
Measures the percentage of successfully completed backup and recovery jobs. 
 
>2 consecutive backup failures will be considered breach failure in service level
Service Level = A / B
A = the sum of (x) number of tests of backup data that show that the backup was complete, accurate and accessible plus (y) the number of complete, accurate and otherwise successful restorations of backed-up data during the Measurement Period.
B = number of tests of backup data plus the number of restorations of backed-up data performed during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each test of backup data or each restoration of backed-up data
Monthly
Yes
Molina to revert with metric data
>2 consecutive backup failures will be considered breach failure in service level
19
KPI
Infrastructure Capacity Provisioning
Measure of Capacity provisioning requests completed within the time allotted. 

This metric measures number of succesful completion of catalogue requests for provisioning
Service Level Achievement = A/B
A=Total number of Infrastructure Capacity provisioning requests required to be completed during the Measurement Period that are completed within the time allotted
B=Total number of Infrastructure Capacity provisioning requests required to be completed during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Infra Provisioning on Azure can be fully automated to improve the service request completion time
[redacted]
Each request
Monthly
Yes
Catalogue with defined timelines to be created in ServicNow.
This metric measures number of succesful completion of catalogue requests for provisioning
20
KPI
Installation of Approved Software or Patches
Percentage of Approved Software or Patches installed on Infrastructure within the time allotted (as per Molina patching and installation scheduling requirements)
Service Level Achievement = A/B
A=Total number of Approved Software/Patch installations required to be completed during the Measurement Period that are completed within the time allotted
B=Total number of Approved Software/Patch installations required to be completed during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each patch or Software distribution to each Molina device
Monthly
Yes
Need to evaluate the pending patches with the new approved patches to agree on the standards.
21
KPI
Contract Management
Measures the percentage of Contract Change Order, Invoices Correct and On-Time (calculated on number of lines). This will be applicable for Infosys contracts only. All documents recalled for corrections post approvals will be considered for defaults.
Service Level = (B - A) / B
A = number of line items on any contract change order or invoice which are incorrect (or all lines if such invoice or contract is provided to Molina after a Molina-communicated due date).
B = number of line items on all invoices and change orders in the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each line item
Monthly
Yes
 

-8-
CONFIDENTIAL TREATMENT REQUESTED


#
Type
Service Level Name
Description / Overview
 
 
 
On-Prem Infra
On-Azure Infra
 
 
 
 
 
 
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
22
KPI
Reporting
Measures the Supplier's ability to deliver reports to Molina according to the planned and/or scheduled cadence. 
 
Only for the agreed and pre defined report formats.
Service Level = A / B
A = number of reports completed by Supplier within the scheduled reporting cadence as defined by Molina
B = number of reports scheduled to be completed during the Measurement Period by Supplier
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each report
Monthly
Yes
Only for the agreed and pre defined format
23
KPI
Documentation
Completion of all scheduled documentation revisions and drafts as defined by Molina. 
 
Following list of documents will form a part of this list:
1. Ops Manual/Run book
2. Process Manual
3. SOPs
Service Level = A / B
A = number of documents drafted or updated by Supplier within the scheduled document update window as mutually agreed between Molina and Supplier
B = number of documents scheduled to be completed during the Measurement Period by Supplier
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each report
Monthly
Yes
Need to clarifiy on the list and type of scheduled documents. Following list of documents will form a part of this list:
1. Ops Manual/Run book
2. Process Manual
3. SOPs
24
KPI
Security Review
Measures the performance of all security reviews within specified timeframes
Service Level = B / A
A = number of security reviews required by Molina (or Supplier's standards) during the Measurement Period.
B = number of security reviews completed during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each security review
Monthly
Yes
To be discussed 

Will be included in Security SLA Matrix
25
KPI
Capacity Reporting
Measures the number of Infra Capacity Events not reported within one business day. 

Events include : CPU Utilization, Memory Utilization, Disk Capacity, Network Bandwidth, SAN/NAS Storage Capacity, beyond defined thresholds.
Service Level = A/B
A = number of instances in which the threshold breaches ocurred but not reported
B = number of instances in which the threshold breaches occurred
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each month
Monthly
Yes
 

-9-
CONFIDENTIAL TREATMENT REQUESTED


#
Type
Service Level Name
Description / Overview
 
 
 
On-Prem Infra
On-Azure Infra
 
 
 
 
 
 
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
26
KPI
File Recovery / Restoration
Measure of restoration requests where the restore is initiated is that are completed with the allotted time. 
 
This has to be a measure of success or failure of restoration.
Service Level Achievement = A/B
A=Total number of restoration requests initiated and completed succesfully
B=Total number of restoration requests during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each request
Monthly
Yes
Proposed : This has to be a measure of success or failure of restoration.
27
KPI
Account Provisioning Error Rates
Percentage of Account Provisioning (including de-Provisioning) requests processed incorrectly to total number of requests by type
Service Level Achievement = A/B
A=Total number of Account Provisioning and De-Provisioning requests processed incorrectly during the Measurement Period
B=Total number of Account Provisioning and De-Provisioning requests received during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each request
Monthly
Yes
Account provisioning needs to be clarified.
How is Molina measuring this currently?
28
KPI
Emergency Account de-provisioning Error Rates
Percentage of Emergency Account de-provisioning requests processed incorrectly to total number Emergency Account de-provisioning requests
Service Level Achievement = A/B
A=Total number of Emergency Account de-provisioning requests processed incorrectly during the Measurement Period
B=Total number of Emergency Account de-provisioning requests received during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each request
Monthly
Yes
Account provisioning needs to be clarified.
How is Molina measuring this currently?
29
KPI
Customer Satisfaction
Infosys will use ELF (Engagement Level Feedback) mechanism to collect and report customer satisfaction.
 
 
 
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each report
Quarterly
Yes
Overlaps with the EUC customer satisfaction survey.
What is current survey mechanism being used by Molina?
Can be part of CVS Survey conducted by Infosys.





-10-
CONFIDENTIAL TREATMENT REQUESTED





a6asecurityservices.jpg

-1-
CONFIDENTIAL TREATMENT REQUESTED





pic15.jpg



-2-
CONFIDENTIAL TREATMENT REQUESTED



a6a1.jpg



-3-
CONFIDENTIAL TREATMENT REQUESTED


Pool Percentage for Allocation

 
 
 
 
250
%
 
 
 
 
 
On-Azure Infra
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
1
Critical Service Level
Triage Investigation for CDC
Measurs the percetage of alerts for which the alert triaging process was started witin the appopriate amount of time for a security event.
Service Level = A / B
A = number of alerts that were generated within the designated timeframe or less
A = number of alerts for which the traigae process was started and initial priority assignedwithin the designated timeframe or less
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each alert
Monthly
Yes
Applicable to CDC Incident Response services
2
Critical Service Level
Alert Notification Response Time (Priority 0, 1) for CDC
Measures the percentage of True Postive Priority 1 incidents where the incident was assigned to a security analyst within the appropriate amount of time from the time a security event was assiged as a priority 1.
Service Level = A / B
A = number of True Postive Priority 1 incidents where the incident was assigned to a security analyst within the designated timeframe or less
B = number of True Postive Priority 1 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services
3
Critical Service Level
Alert Notification Response Time(Priority 2) for CDC
Measures the percentage of True Postive Priority 2 incidents where the incident was assigned to a security analyst within the appropriate amount of time from the time a security event was assiged as a priority 2
Service Level = A / B
A = number of True Postive Priority 2 incidents where the incident was assigned to a security analyst within the designated timeframe or less
B = number of True Postive Priority 2 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services
4
Critical Service Level
Target for Recommendations /workarounds (Priority 0) for CDC
Measures the percentage of True Postive Priority 1 incidents where the incident recommendations /workarounds was provided within the appropriate amount of time from the time a security event was assiged as a priority 1
Service Level = A / B
A = number of True Postive Priority 1 incidents where the incident containment was initiated within the designated timeframe.
B = number of True Postive Priority 1 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services. Exeption
5
Critical Service Level
Target for Recommendations /workarounds (Priority 1) for CDC
Measures the percentage of True Postive Priority 1 incidents where the incident recommendations /workarounds was provided within the appropriate amount of time from the time a security event was assiged as a priority 1
Service Level = A / B
A = number of True Postive Priority 1 incidents where the incident containment was initiated within the designated timeframe.
B = number of True Postive Priority 1 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services. Exeption

-4-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
 
250
%
 
 
 
 
 
On-Azure Infra
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
6
Critical Service Level
Target for Recommendations /workarounds (Priority 2) for CDC
Measures the percentage of True Postive Priority 2 incidents where the incident recommendations /workarounds was provided within the appropriate amount of time from the time a security event was assiged as a priority 2
Service Level = A / B
A = number of True Postive Priority 2 incidents where the incident containment was initiated within the designated timeframe.
B = number of True Postive Priority 2 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services
7
KPI
Alert Notification Response Time (Priority 3) for CDC
Measures the percentage of True Postive Priority 3 incidents where the incident was assigned to a security analyst within the appropriate amount of time from the time a security event was assiged as a priority 3
Service Level = A / B
A = number of True Postive Priority 3 incidents where the incident was assigned to a security analyst within the designated timeframe or less
B = number of True Postive Priorit 3 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services
8
KPI
Alert Notification Response Time (Priority 4) for CDC
Measures the percentage of True Postive Priority 4 incidents where the incident was assigne to a security analyst within the appropriate amount of time from the time a security event was assiged as a priority 4
Service Level = A / B
A = number of True Postive Priority 4 incidents where the incident was assigned to a security analyst within the designated timeframe or less
B = number of True Postive Priority 4 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services
9
KPI
Target for Recommendations /workarounds (Priority 3) for CDC
Measures the percentage of True Postive Priority 3 incidents where the incident recommendations /workarounds was provided within the appropriate amount of time from the time a security event was assiged as a priority 3.
Service Level = A / B
A = number of True Postive Priority 3 incidents where the incident containment was initiated within the designated timeframe.
B = number of True Postive Priority 3 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services
10
KPI
Target for Recommendations /workarounds (Priority 4) for CDC
Measures the percentage of True Postive Priority 4 incidents where the incident recommendations /workarounds was provided within the appropriate amount of time from the time a security event was assiged as a priority 4.
Service Level = A / B
A = number of True Postive Priority 4 incidents where the incident containment was initiated within the designated timeframe.
B = number of True Postive Priority 4 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
Not applicable
Not applicable
Not applicable
Not applicable
[redacted]
Each incident
Monthly
Yes
Applicable to CDC Incident Response services

-5-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
 
250
%
 
 
 
 
 
On-Azure Infra
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
11
Critical Service Level
Response Time (Critical Severtiy Vulnerability) for UVM
Measures the percentage of critical severity vulnerability identified by scanning using any technology means is reported to the system or application owner for appopriate remediation.
Service Level = A / B
A = number of critical serverity vulnerabities reported where the vulnerabiity was reported within the designated timeframe or less
B = number of critical serverity vulnerabities detected within during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each vulnerability on infrastructure or application
Monthly
Yes
Applicable to application and infrastrcture vulnerability management services. Exceptions - Zero Day vulnerabilities
12
Critical Service Level
Response Time (High Severity Vulnerability) for UVM
Measures the percentage of High severity vulnerability identified by scanning using any technology means is brought to the notice of system or application owner for appopriate remediation.
Service Level = A / B
A = number of high serverity vulnerabities reported where the vulnerabiity was reported within the designated timeframe or less
B = number of high serverity vulnerabities detected within during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each vulnerability on infrastructure or application
Monthly
Yes
Applicable to application and infrastrcture vulnerability management services. Exceptions - Zero Day vulnerabilities
13
Critical Service Level
Response Time (Priority 1) for global security services
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Service Level = A / B
A = number of Priority 1 incidents responded to within the designated timeframe or less.
B = number of Priority 1 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Infosys IIMSS will be configured to send automated aknowledgement alerts.
[redacted]
Each incident
Monthly
Yes
 
14
Critical Service Level
Response Time (Priority 2) for global security services
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Service Level = A / B
A = number of Priority 2 incidents responded to within the designated timeframe or less
B = number of Priority 2 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Infosys IIMSS will be configured to send automated aknowledgement alerts.
[redacted]
Each incident
Monthly
Yes
Volumes for P2 tickets is almost 5 tickets per day hence keeping SLA lower than P1s.
15
Critical Service Level
Resolution Time (Priority 1) for global security services
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Service Level = A / B
A = number of Priority 1 incidents resolved within the designated timeframe.
B = number of Priority 1 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
For the issues related to Azure platform, MS provodes the following SLAs with Azure Rapid response Contract. This contract needs to be established between Molina & MS or Infosys & MS.

With Rapid response contract- response SLA is 15 min.
With Azure premimum support contract- response SLA is 1 hour

there is no resolution SLA commited by MS.
[redacted]
Each incident
Monthly
Yes
 

-6-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
 
250
%
 
 
 
 
 
On-Azure Infra
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
16
Critical Service Level
Resolution Time (Priority 2) for global security services
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Service Level = A / B
A = number of Priority 2 incidents resolved within the designated timeframe.
B = number of Priority 2 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
For the issues related to Azure platform, MS provodes the following SLAs with Azure Rapid response Contract. This contract needs to be established between Molina & MS or Infosys & MS.

With Rapid response contract- response SLA is 15 min.
With Azure premimum support contract- response SLA is 1 hour

there is no resolution SLA commited by MS.
[redacted]
Each incident
Monthly
Yes
 
17
Critical Service Level
Installation of Emergency Software or Patches
Percentage of Emergency Software or Patches for which the process was started immediately, and installed on Infrastructure within the designated timeframe. 
 
1. Inclusions : Devices reporting to AD, persistent machines and DMZ devices
2. Exclusions : Pooled, EoL and in-progress decomm mchines
3. Applies to day-0 patches
4. Implementation timelines will be mutually agreed
Service Level Achievement = A/B
A=Total number of Emergency Software/Patch installations required to be completed during the Measurement Period that are completed within the time allotted
B=Total number of Emergency Software/Patch installations required to be completed during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each patch or Software distribution to each Molina device
Monthly
Yes
1. Inclusions : Devices reporting to AD, persistent machines and DMZ devices
2. Exclusions : Pooled, EoL and in-progress decomm mchines
3. Applies to day-0 patches
4. Implementation timelines will be mutually agreed
18
KPI
Response Time (Priority 3) for global security services
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Service Level = A / B
A = number of Priority 3 incidents responded to within the designated timeframe.
B = number of Priority 3 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 

-7-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
 
250
%
 
 
 
 
 
On-Azure Infra
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
19
KPI
Response Time (Priority 4) for global security services
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Service Level = A / B
A = number of Priority 4 incidents responded to within the designated timeframe.
B = number of Priority 4 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
20
KPI
Resolution Time (Priority 3) for global security services
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Service Level = A / B
A = number of Priority 3 incidents resolved within the designated timeframe.
B = number of Priority 3 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
21
KPI
Resolution Time (Priority 4) for global security services
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Service Level = A / B
A = number of Priority 4 incidents resolved within the designated timeframe.
B = number of Priority 4 incidents opened during the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
22
KPI
Root Cause Analysis Time for global security services
Measures the percentage of Priority 1 and 2 incidents that receive a final root cause analysis within the designated timeframe. Pending responses from third party suppliers are acceptable
Service Level = A / B
A = number of Priority 1 and Priority 2 incidents that meet the Root Cause Analysis Time within the designated timeframe
A = number of Priority 1 and Priority 2 incidents resolved during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each incident
Monthly
Yes
 
23
KPI
Installation of Approved Software or Patches for global security services
Percentage of Approved Software or Patches installed on Infrastructure within the time allotted (as per Molina patching and installation scheduling requirements)
Service Level Achievement = A/B
A=Total number of Approved Software/Patch installations required to be completed during the Measurement Period that are completed within the time allotted
B=Total number of Approved Software/Patch installations required to be completed during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each patch or Software distribution to each Molina device
Monthly
Yes
Need to evaluate the pending patches with the new approved patches to agree on the standards.

-8-
CONFIDENTIAL TREATMENT REQUESTED


 
 
 
 
250
%
 
 
 
 
 
On-Azure Infra
 
 
 
 
 
 
#
Type
Service Level Name
Description / Overview
Formula
Formula Variable - A
Formula Variable - B
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Minimum Service Level Target
Expected Service Level Target
Allocation of Pool Percentage
Comments for Azure SLA deviations / Changes
Service Level Commencement Date
Monitoring Requirement
Measurement Period
Agree?
Comments
24
KPI
Contract Management for global security services
Measures the percentage of Contract Change Order, Invoices Correct and On-Time (calculated on number of lines). This will be applicable for Infosys contracts only. All documents recalled for corrections post approvals will be considered for defaults.
Service Level = (B - A) / B
A = number of line items on any contract change order or invoice which are incorrect (or all lines if such invoice or contract is provided to Molina after a Molina-communicated due date).
B = number of line items on all invoices and change orders in the Measurement Period.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each line item
Monthly
Yes
 
25
KPI
Reporting for global security services
Measures the Supplier's ability to deliver reports to Molina according to the planned and/or scheduled cadence. 
 
Only for the agreed and pre defined report formats.
Service Level = A / B
A = number of reports completed by Supplier within the scheduled reporting cadence as defined by Molina
B = number of reports scheduled to be completed during the Measurement Period by Supplier
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each report
Monthly
Yes
Only for the agreed and pre defined format
26
KPI
Account Provisioning Error Rates for global security services
Percentage of Account Provisioning (including de-Provisioning) requests processed incorrectly to total number of requests by type
Service Level Achievement = A/B
A=Total number of Account Provisioning and De-Provisioning requests processed incorrectly during the Measurement Period
B=Total number of Account Provisioning and De-Provisioning requests received during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each request
Monthly
Yes
Account provisioning needs to be clarified.
How is Molina measuring this currently?
27
KPI
Emergency Account de-provisioning Error Rates for global security services
Percentage of Emergency Account de-provisioning requests processed incorrectly to total number Emergency Account de-provisioning requests
Service Level Achievement = A/B
A=Total number of Emergency Account de-provisioning requests processed incorrectly during the Measurement Period
B=Total number of Emergency Account de-provisioning requests received during the Measurement Period
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
Each request
Monthly
Yes
Account provisioning needs to be clarified.
How is Molina measuring this currently?



-9-


SCHEDULE 7 GOVERNANCE



CONTENTS
    
 
 
Page
1.
Introduction
1
2.
Appendices
1
3.
Governance Processes and Procedures
1
4.
Governance Definitions
1
5.
Executive Steering Committee
2
6.
IT Core Leadership Team
3
7.
Multi-Service Provider Operational Committees
4
8.
Operational Review Boards
6
9.
Reporting
7
10.
Background Checks
7




(i)


1.
INTRODUCTION
1.1
This Schedule 7 (Governance) sets out certain governance processes and procedures with which the parties shall comply.
1.2
Capitalized terms used but not defined in this Schedule and its Appendices shall have the meanings given in Schedule 1 (Definitions and Interpretation). Paragraph references used herein will refer to the applicable paragraph in this Schedule 7, except as otherwise set forth herein.
2.
APPENDICES
2.1
The following Appendices are attached to this Schedule 7:
(a)
Appendix 7-A (Meeting Requirements) sets forth the cadence of meetings held periodically between Molina and Service Provider.
(b)
Appendix 7-B (Reporting Requirements) sets forth reporting requirements described further below and elsewhere in this Schedule.
3.
GOVERNANCE PROCESSES AND PROCEDURES
3.1
The Governance organization defines the key roles and responsibilities for Molina, the Service Provider, and other relevant third-party vendors. The program structure/governance model under this Schedule is comprised of a four-tier structure for the management of the relationship between the parties under this Agreement:
(a)
Executive Steering Committee;
(b)
IT Core Leadership Team;
(c)
Multi-Service Provider Operational Committee; and
(d)
Operational Review Board.
4.
GOVERNANCE DEFINITIONS
4.1
“Executive Steering Committee” means the committee described in paragraph 5.
4.2
“IT Core Leadership Team” means the committee described in paragraph 6.
4.3
“Molina CIO” means the role described in paragraph 5.
4.4
“Molina - Commercial Lead(s)” means the role described in paragraph 7.
4.5
“Molina - Delivery Lead(s)” means the role described in paragraph 7.
4.6
“Molina Procurement Lead” means the role described in paragraph 5.
4.7
“Multi-Service Provider Operational Committee” means the committee described in paragraph 7.
4.8
“Operational Review Board” means the committee described in paragraph 8.
4.9
“Service Provider Account Executive” means the role described in paragraph 5.
4.10
“Service Provider Delivery Lead” means the role described in paragraph 6.
4.11
“Service Provider Operational Team Lead” means the role described in paragraph 7.
5.
EXECUTIVE STEERING COMMITTEE
5.1
Purpose. The purpose of the Executive Steering Committee is to manage the overall strategic direction of the relationship between Molina and Service Provider to ensure alignment with the broader direction of the business.
5.2
Members. The members of the Executive Steering Committee shall consist of:
(a)
Molina EVP of Health Plan Services, CIO, and/or their respective peers and proxies;
(b)
Molina Procurement Lead;
(c)
Molina VP, Vendor Management;
(d)
Service Provider Account Executive; and
(e)
a CIO Service Provider Peer-Level Representative.
5.3
Meetings. The Service Provider Account Executive shall be responsible for developing and, as directed by the Molina CIO, revising the meeting agenda and presentation materials for meetings. The Executive Steering Committee shall meet on an ad hoc basis if called by the Molina CIO, but in no case less than two (2) times each calendar year, unless Molina elects to meet less frequently.
5.4
Oversight. The Molina CIO and Molina Procurement Lead shall be authorized to set the strategic direction for the relationship between the Parties and shall meet to discuss, processes, risks and potential remedies, as well as any commercial implications of the foregoing.
(a)
The Molina CIO shall be responsible for setting the overall strategic direction in consultation with the Molina EVP of Health Plan Services.
(b)
The Service Provider Account Executive shall be responsible for implementing and executing the overall strategy set by Molina, and escalating issues that may affect the overall strategy.
(c)
The Service Provider Account Executive shall be responsible for communicating to the IT Core Leadership Team the high-level strategy as directed by the Executive Steering Committee.

-1-


(d)
The Service Provider Account Executive shall be responsible for overseeing the performance and status of all active Project(s), and escalating significant issues and risks to the Molina CIO.
5.5
Strategic Relationships. The Service Provider Account Executive shall:
(a)
Prepare and present high-level trend analysis to the Molina CIO, including relating to Molina’s and Service Provider’s behavior patterns, process requests, and synergy opportunities for Molina with other customers of Service Provider.
(b)
Present value-add business opportunities and innovations to Molina for review and consideration for approval.
5.6
Portfolio and Financial Management. The Service Provider Account Executive shall inform the Molina CIO of Services volume forecasts, resource allocation, audits, and applicable invoices for approval.
5.7
Contract Management. The Service Provider Account Executive shall be responsible for communicating to the Executive Steering Committee any Service Provider-proposed contract changes and for providing a risk analysis for review and consideration for approval by the Executive Steering Committee.
5.8
Reporting and Communication. The Service Provider Account Executive shall:
(a)
Conduct a performance assessment and deliver to the Molina CIO for review a summary of the performance of the Services for review and consideration for approval; and
(b)
Be responsible for communicating the monthly performance reviews made by the Multi-Service Provider Operational Committee to the Executive Steering Committee.
6.
IT CORE LEADERSHIP TEAM
6.1
Purpose. The purpose of the IT Core Leadership Team is to provide Molina executive leadership a forum for discussing Molina’s strategic vision, and receiving Service Provider input on that vision
6.2
Members. The members of the IT Core Leadership Team shall consist of:
(a)
Molina CIO and his/her proxies;
(b)
Molina IT Core Leadership Team;
(c)
Molina Procurement Lead;
(d)
Molina VP, Vendor Management; and
(e)
Service Provider Delivery Lead.

-2-


6.3
Meetings. The Service Provider Delivery Lead shall be responsible for developing and (as directed by the Molina CIO) revising the meeting agenda and presentation materials for meetings, to be submitted prior to the meetings. The IT Core Leadership Team shall meet on an ad hoc basis if called by the Molina CIO, but in no case less than one (1) time each calendar quarter.
6.4
The IT Core Leadership Team shall focus on topics such as, but not limited to, reviewing Molina IT’s overall performance trends, assessing ability to meet the needs of its customers, and identifying opportunities for improved performance and commercial outcomes.
6.5
Oversight. The IT Core Leadership Team shall make recommendations to the Executive Steering Committee about the strategic direction of Molina IT, and shall implement strategies as directed by the Executive Steering Committee.
(a)
The IT Core Leadership Team shall be responsible for advising and counseling the Multi-Service Provider Operational Review Board.
(b)
The IT Core Leadership Team shall act as the first level of issue resolution for issues escalated by the Multi-Service Provider Operational Committee.
(c)
The Service Provider Delivery Lead shall be responsible for assisting and counseling Service Provider Operational Team Lead(s) and the Molina Delivery Lead(s) as required.
(d)
The Service Provider Delivery Lead is responsible for ensuring that the Multi-Service Provider Operational Committee and Operational Review Board adhere to all operational processes.
6.6
Portfolio Management. The Service Provider Delivery Lead shall provide a complete financial review of the Services for the review and consideration for approval of the respective Molina Commercial Lead(s).
(a)
The Service Provider Delivery Lead shall be responsible for reviewing all Services volume forecasts from the Molina Delivery Lead(s) and Service Provider Operational Team Lead(s).
(b)
The Service Provider Delivery Lead shall be responsible for the analysis, preparation, review, and reporting to Molina of forecasts, resource plans, baseline volumes, and summaries of any associated impacts to the Services (including Service Levels), for review, revision (as directed by Molina Procurement Lead), and approval by the Molina Commercial Lead(s)
7.
MULTI-SERVICE PROVIDER OPERATIONAL COMMITTEES
7.1
Purpose. The purpose of the Multi-Service Provider Operational Committee is to provide integrated governance in instances whereby Service Provider is providing support under

-3-


multiple towers and/or Service Provider is one of multiple service providers supporting a single tower.
7.2
Members. The members of the Multi-Service Provider Operational Committee shall consist of:
(a)
Molina Delivery Lead(s);
(b)
Molina Commercial Lead(s);
(c)
Molina Delivery Executives for Other Service Providers;
(d)
Service Provider Delivery Lead;
(e)
Service Provider Operational Team Lead(s); and
(f)
Other Service Provider Personnel as Required.
7.3
Meetings. The Service Provider Delivery Lead shall be responsible for developing and (as directed by the Molina Delivery Lead) revising the meeting agenda and presentation materials for meetings, to be submitted prior to the meetings. The Multi-Service Provider Operational Committee(s) shall meet on an ad hoc basis if called by the Molina Delivery Lead, but in no case less than one (1) time each calendar month.
7.4
Oversight. The Multi-Service Provider Operational Committee shall maintain the quality of end-to-end service delivery within each tower, and shall implement strategies as directed by the IT Core Leadership Team.
(a)
The Multi-Service Provider Operational Committee shall be responsible for advising and counseling the Operational Review Board.
(b)
The Multi-Service Provider Operational Committee shall act as the first level of issue resolution for issues arising from multiple Service Providers operating within the same tower.
(c)
Service Provider Delivery Lead(s) shall be responsible for assisting and counseling Service Provider Operational Team Lead(s) and the Molina Delivery Lead(s) as required.
(d)
Service Provider Delivery Lead(s) are responsible for ensuring that the Operational Review Board adheres to all operational processes.
7.5
Portfolio Management. Service Provider Delivery Lead(s) shall provide a work portfolio and performance review of the Service Provider contracts for the review and consideration for approval of the respective Molina Commercial Lead(s).
(a)
Service Provider Delivery Lead(s) shall be responsible for reviewing all Services volume forecasts from the Molina Delivery Lead(s) and Service Provider Operational Team Lead(s).

-4-


(b)
Service Provider Delivery Lead(s) shall be responsible for reviewing issues and risks related to Services with the Molina Delivery Lead(s), Lead Commercial Manager and the Operations Steering Committee.
(c)
Service Provider Delivery Lead(s) shall be responsible for supporting the Molina Delivery Lead(s) and the Service Provider Operational Team Lead(s) (e.g., on applicable application of resources, audits, etc.).
(d)
Service Provider Delivery Lead(s) shall be responsible for the analysis, preparation, review, and reporting to Molina of forecasts, resource plans, baseline volumes, and summaries of any associated impacts to the Services (including Service Levels), for review, revision (as directed by Molina Commercial Lead(s)), and approval by the Molina Commercial Lead(s), including:
(i)
Reporting and Communication. The Service Provider Delivery Lead, with the consultation of the Service Provider Operating Team Lead(s), shall provide to the Molina Delivery Lead(s) monthly performance reviews, including operations, metric achievement, and trends.
(ii)
Service Level and Consequence Management. The Service Provider Delivery Lead, in the consultation of the Molina Delivery Lead(s) and Service Provider Operational Team Lead(s), shall review actual performance against the requirements of the applicable Services, and shall submit the results of such review for review and consideration for approval by the Molina CIO.
7.6
Molina Commercial Lead(s) and Molina Delivery Lead(s) shall have the right to add, modify, or remove Service Levels and Key Performance Indicators in accordance with Schedule 6 (Service Levels and Service Credits).
8.
OPERATIONAL REVIEW BOARDS
8.1
Purpose. The purpose of the Operational Review Board is to oversee and manage contracted Services to ensure that all the Services are delivered according to contracted Service Provider obligations.
8.2
Members. The members of an Operational Review Board for each Services tower shall consist of:
(a)
Molina Delivery Lead(s);
(b)
Molina Commercial Lead(s);
(c)
Molina VP, Vendor Management;
(d)
Service Provider Delivery Lead;

-5-


(e)
Service Provider Operational Team Lead(s); and
(f)
Other Service Provider Personnel as Required.
8.3
Meetings. Service Provider Operating Team Lead(s) shall be responsible for developing and revising (as directed by the Molina Delivery Lead(s)) the meeting agenda and presentation materials for meetings, to be submitted prior to the meetings. The Operational Review Board(s) shall meet on an ad hoc basis if called by the Molina Delivery Lead(s), but in no case less than one (1) time each calendar month.
8.4
Oversight. Service Provider Operating Team Lead(s) shall be responsible for day-to-day oversight of operations, and shall report any findings for review and consideration for approval by the Molina Delivery Lead(s) / Molina Commercial Lead(s), which oversight activities shall include the following:
(a)
Ensuring compliance with all Molina's onboarding requirements set forth on Schedule 4 (Transition and Transformation) or as otherwise directed by Molina and providing a report to Molina Delivery Lead(s) and Molina Commercial Lead(s) in such level of detail as directed by Molina;
(b)
Ensuring operational process adherence;
(c)
Managing risk and mitigation strategies;
(d)
Identifying and managing issues applicable to the relevant Services; and
(e)
Presenting any issues, risks, or concerns to the Molina Delivery Lead(s) / Molina Commercial Lead(s).
8.5
Strategic Relationships. Service Provider Operating Team Lead(s) shall identify opportunities to optimize Services through standardizations, and report any findings for review and consideration by the Molina Delivery Lead(s).
8.6
Portfolio and Financial Management. Service Provider Operating Team Lead(s) shall perform portfolio and financial management activities (and shall report any findings for the review and consideration for approval by the Molina Delivery Lead(s) / Molina Commercial Lead(s)), including the following:
(a)
Reviewing applicable Services forecasts;
(b)
Coordinating and allocating resources applicable to the relevant Services;
(c)
Supporting audits;
(d)
Processing invoices applicable to the relevant Services; and
(e)
Providing general reporting applicable to the relevant Services, including weekly and monthly activity status.

-6-


8.7
Contract Management. Service Provider Operating Team Lead(s) shall submit proposed amendments to Services for review and consideration for approval by the appropriate Molina Commercial Lead(s).
8.8
Service Level and Consequence Management. Service Provider Operating Team Lead(s) shall manage quality applicable to the relevant Services.
(a)
Service Provider Operating Team Lead(s) shall be responsible for monitoring performance against Service Levels and Services obligations, and reviewing any issues or risks (and proposed mitigation plans) with the Molina Delivery Lead(s) / Molina Commercial Lead(s).
8.9
Project Delivery. Service Provider Operating Team Lead(s) shall be responsible for ensuring that Service Provider delivers Projects on time and within budgets.
(a)
Service Provider Operating Team Lead(s) shall be responsible for managing risk on a function, process, and project basis.
9.
REPORTING
9.1
The Service Provider shall provide the reports set out in Appendix 7-B (Reporting Requirements) and the Agreement. Each report shall be provided by the Service Provider with effect from the "Services Commencement Date" as indicated in Appendix 7-B (Reporting Requirements) at the frequency specified therein.
9.2
The Service Provider shall provide to Molina such other information or reports relating to the Services as are reasonably requested by Molina and the Service Provider shall provide such information or reports within five (5) Business Days of such request.
10.
BACKGROUND CHECKS
10.1
The Service Provider shall screen all Service Provider Personnel prior to their being assigned to the Services and / or entering any Molina Premises. The Service Provider will be responsible for all costs associated with the screening process. The screening process shall include, but not be limited to:
(a)
Completion of the Service Provider’s application process for Service Provider Personnel, which, at a minimum, shall provide for references, employment history, and disclosure of criminal convictions, where allowed by law;
(b)
Reference checks, including at least three (3) previous employers, if possible; and
(c)
Save as provided in paragraph 10.3 below, a criminal background check conducted by a reputable consumer reporting agency utilizing the highest industry standards that include, at a minimum, a complete criminal records search and a sex offender registry check.

-7-


10.2
The Service Provider shall provide evidence of having performed these checks in relation to any assigned Service Provider Personnel within a reasonable time period following request by Molina.
10.3
The Service Provider must allow for adequate time for background checks to be performed prior to onboarding any new resources.

APPENDIX 7A – MEETING REQUIREMENTS
[See Attached]

APPENDIX 7B – REPORTING REQUIREMENTS
[See Attached]




-8-
CONFIDENTIAL TREATMENT REQUESTED


APPENDIX 7-A MEETING REQUIREMENTS





CONFIDENTIAL TREATMENT REQUESTED







Executive Steering Committee
IT Core Leadership Team
Multi-Service Provider Operational Committee
Operational Review Board
Details

Frequency:
Semi-Annual (Calendar Year)
Quarterly (Calendar Year)
Monthly
Monthly
Molina Participants

Participant #1:
EVP of Health Plan Services
Molina CIO
Molina Delivery Lead(s)
Molina Delivery Lead(s)
Participant #2:
Molina CIO
Molina IT Core Leadership Team
Molina Commercial Lead(s)
Molina Commercial Lead(s)
Participant #3:
Molina Procurement Lead
Molina Procurement Lead
Delivery Executives for Other Service Providers
 VP, Vendor Management
Participant #4:
 VP, Vendor Management
 VP, Vendor Management
 
 
Participant #5:
 
 
 
 
Supplier Participants

Participant #1:
Service Provider Account Executive
Service Provider Delivery Lead
Service Provider Delivery Lead
Service Provider Delivery Lead
Participant #2:
 CIO Service Provider Peer-Level Representative
 
Service Provider Operational Team Lead(s)
Service Provider Operational Team Lead(s)
Participant #3:
 
 
Other Service Provider Personnel as Required
Other Service Provider Personnel as Required
Responsibilities


-2-




Executive Steering Committee
IT Core Leadership Team
Multi-Service Provider Operational Committee
Operational Review Board
Strategic Alignment
- Provide strategic direction on where the organization is heading
- Understand Molina business priorities
- Understand how business priorities influence IT priorities
- Manage enterprise-level risks, issues, and decisions that impact IT (and vice-versa)
- Discuss business initiatives that could impact the current environment
- Own IT Roadmap
- Understand business initiatives
- Managed cross-IT priorities, risks, issues, and decisions
- Maintain quality of end-to-end service delivery within each Service Tower
- Coordinate service integration across the IT ecosystem
- Manage cross-supplier dependencies, and tower priorities, risks, issues, and decisions
- Oversee and manage contracted Services to ensure that all the Services are delivered according to contracted Service Provider obligations.
Performance Review
- Review executive summary performance reports; discuss trends
- Review critical issues escalated by other governance forums
- Review summary performance reports and Service Levels since the last forum; discuss trends
- Review critical issues escalated by other governance forums
- Review recommendations for service improvement
- Review transition and transformation performance
- Review overall supplier performance and aggregate service level performance
- Discuss the overall 30/60/90 days plan
- Discuss any key service tickets or critical issues during the month
- Review recommendations regarding service improvement from performance review meetings
Financial Review
- Review relevant summary commercial reports including budgets
- Review financial summary reports (invoice, payment, budget variations, etc.) relative to the IT bucket
- Review recommendations from benchmarking activities and other audits when applicable
- Review relevant summary commercial reports
- Review usage and application of Innovation Fund
- Review the monthly, quarterly and annual forecast, and resource plan
- Review performance issues, which have company-wide commercial impact
- Review the monthly, quarterly and annual forecast, and resource plan
- Review performance issues, which have company-wide commercial impact
- Review the variance to the forecasted / budget expenses
- Resolve escalated issues related to invoice payment and service credits / earn backs from regional meetings

-3-




Executive Steering Committee
IT Core Leadership Team
Multi-Service Provider Operational Committee
Operational Review Board
Contract Management
- Approve contract changes escalated from IT Core Leadership Team Review
- Optimize benefit Molina is receiving from its supplier relationships
- Approve contract changes escalated from Supplier Operational Review
 
- Review performance issues, which have company-wide contractual impact
- Review recent contract changes or change order, and discuss upcoming contract expirations / terminations
Continuous Improvement of Services
- Set directions for performance improvement
- Review the innovation and service optimization ideas
- Review progress of optimization and service innovations programs
- Review a summary of continuous improvement plans and programs
- Review submissions for performance improvement and set direction
- Review the innovation plans
- Sorting out ways to enhance end-to-end delivery in a multi-supplier environment
- Review performance and identifying root causes of any performance issues
Risk Management
- Discuss any audit issues/findings
- Provide guidance on significant enterprise risks and interdependencies
- Provide final approval for contract exit plans, business continuity plan, disaster recovery and technology refresh plan
- Discuss any audit issues/findings
- Provide guidance on significant program risks and interdependencies
- Provide final approval for contract exit plans, business continuity plan, disaster recovery and technology refresh plan
- Review issues & risks related to Tower services and project order
- Review issues related to attrition of staff and key personnel
- Review issues & risks related to individual services and project order
- Review issues related to attrition of staff and key personnel

-4-




Executive Steering Committee
IT Core Leadership Team
Multi-Service Provider Operational Committee
Operational Review Board
Issue & Dispute Resolution
- Provide resolution for issues and disputes that require executive attention
- Resolve any issues escalated by Multi-Service Provider Operational Committee
- Authorize closure of open issues that are discussed within this forum
- Escalate the unresolved issues to the IT Core Leadership Team for guidance
- Report to the IT Core Leadership Team any significant results / findings related to repetitive SLA breach, recurring contract change orders or scope creep, recurring invoicing issues, customer satisfaction survey results, supplier audit results, and benchmarking results
- Manage issues and disputes that arise due to multi-supplier dependencies
- Escalate the unresolved issues to the IT Core Leadership Team for guidance
- Report to the IT Core Leadership Team any significant results / findings related to repetitive SLA breach, recurring contract change orders or scope creep, recurring invoicing issues, customer satisfaction survey results, supplier audit results, and benchmarking results


-5-



APPENDIX 7-B
REPORTING REQUIREMENTS




-6-
CONFIDENTIAL TREATMENT REQUESTED


APPENDIX 7-B REPORTING REQUIREMENTS


CONFIDENTIAL TREATMENT REQUESTED



Report Name

Summary of Required Report Data Elements
Effective Date
Reporting Frequency
Resource Attrition
Overall Resourcing statistics for Attrition, and Headcount as it relates to the Service Provider personnel supporting Molina
One (1) month after Statement of Work Effective Date
Quarterly
Asset Inventory
Asset and configuration information including:
o Expiring support
o Licenses
o Maintenance
o Certificates
o Warranties
o Recommendations on course of action needed
• Asset changes from previous report
• Decommissioned applications
• Identification of all third party assets
• Forecasted asset changes
One (1) month after Statement of Work Commencement Date
Monthly
Project Management Status
• Schedule
• Project Deliverables and Milestones
• Issues and risks
• Changes
• Tasks
• Next steps
One (1) month after Statement of Work Commencement Date
Monthly
Monthly Performance Report
As required by Schedule 6 (Service Levels and Service Credits)
As required by Schedule 6 (Service Levels and Service Credits)
As required by Schedule 6 (Service Levels and Service Credits)
Annual Service Level Report
Information required under paragraph 9 (Annual Review and Continuous Improvement) of Schedule 6 (Service Levels and Service Credits)
One year anniversary of Commencement date of Services
Annually
Project Management Status
• Schedule
• Project Deliverables and Milestones
• Issues and risks
• Changes
• Tasks
• Next steps
• Cost
Commencement date of Services
Weekly
Molina Designated Systems Operations
Reporting daily (live or on demand using monitoring tools) to indicate the performance of Molina designated Systems
Commencement date of Services
Daily, On-Request

-2-


Report Name

Summary of Required Report Data Elements
Effective Date
Reporting Frequency
Disaster Recovery Plans
• Updates and changes to Disaster Recovery Plan
• Updates and changes to relevant infrastructure
• Number of disaster recovery plans per Service in place vs. targets and criticality of Services
Commencement date of Services
Annual
Disaster Recovery Test
• Number of tests performed and the results achieved
• A comparison of the results to the measures and goals identified in the Disaster Recovery Plan per Service
• A report on the feedback from Molina supplier Management Office as to the adequacy of continuity for their respective areas
• A plan and a schedule to remedy any gaps revealed during testing
Commencement date of Services
Annual
Capacity Service Analysis
• Capacity service analysis. Provide plans for peak season volumes.
• Reporting on defined key elements of capacity on
• Service and resource levels to include:
• Resource capacity levels
• Service capacity levels
• Data center capacity levels
• Mid-term and long term trending and capacity forecasts
Commencement date of Services
Monthly
Operational Matrices
• Report on operational metrics as of commencement per the Service Level Matrix
Commencement date of Services
Monthly
Incident Report
Summary report for the reporting period detailing:
• Number of Incidents opened
• Incident resolution – elapsed time average and maximum
• Range, mean, and median time for Incident resolution by service. Include metrics in Daily Dashboard as a MTD total
• Major Incident summary Key issues relating to the Incident
• Number of Incidents during the month, grouped by severity, service, and appropriate classification
• Detailed description, including timing of activities and duration of each Incident
• Trend analysis of the Incidents reported during the thirteen (13) most recent months
• Knowledge article usage
Commencement date of Services
Monthly

– 3 –


Report Name

Summary of Required Report Data Elements
Effective Date
Reporting Frequency
Problem Report
Summary report for the reporting period displaying:
• Key issues relating to Problem
• Number of Problems during the month, grouped by severity, service, and appropriate classification
• Detailed description, including timing of activities and duration of each Problem
• Reduction in Incidents over time
• Timely production of Root Cause Analysis
• Aging of Problems
Commencement date of Services
Monthly
Change Management Requests
Change management requests, status, estimates for completion, etc. Include metrics in Daily Dashboard as a MTD total.
Commencement date of Services
Monthly, On Request
Security Audit Reports
Security audit reports, to be determined
Commencement date of Services
As required
Security Events Report
Summary report for the reporting period in encrypted format displaying:
• Number of events by types of attacks or misuse;
• Identified source of attacker and destination
Commencement date of Services
Weekly

Financial Reporting
• Required billing information in format requested
• Financial reporting as requested
Commencement date of Services
As required in accordance with the Agreement.
Opportunity Analysis
• Identifying, analyzing, and recommending areas of opportunity for cost savings or business improvement
• Suggestions for innovation in IT and business operations
Commencement date of Services
Quarterly
Audit Responses

•Service Provider Certifications
•Service Provider Audit Reports
Commencement date of Services
As required in accordance with the Agreement.
Contract Scorecard
•Service Provider results vs Target metrics
Commencement date of Services
Monthly


– 4 –



Lift, Shift and Enhance for End-User Services (EUS): Workflows, including State-Specific Requirements: Workflows for Service Desk and any State-Specific Requirements: Monitoring and Reporting:
Service Provider shall provide customized reports at a frequency as desired by Molina. The format and frequency of reports will be customized to Molina’s requirements and will clearly depict a comparison of actual performance against the contracted service levels.
Infosys generates performance reports at three levels:
#
Level
Report Type
1
Agent Level
    Transaction Quality
    AHT / Productivity
    Escalations

– 5 –


#
Level
Report Type
2
Process Level
    Process quality
    Average Speed of Answer (ASA) percentage
    Abandoned Call Rate percentage
    First Contact Resolution percentage
    Same Day Resolution percentage
    Ticket Resolution time percentage
    At First Level resolution percentage
    Mean Time to Resolve (MTTR)
    Response Time (P1, P2, P3, P4)
    Resolution Time (P1, P2, P3, P4)
    Backlog (P1, P2, P3, P4)
    Case Chase/ Follow-up/ Update (P1, P2, P3, P4)
    Customer satisfaction score
    Sentiment Analysis
    Customer complaints
    Production hours
    Process AHT
    Attrition
    Capacity plans/ Seat utilization calibration

– 6 –


#
Level
Report Type
3
Organization Level
    Service levels
    Hierarchical Escalation
    Attrition Reports
    C-SAT Reports

These reports will be referenced during performance feedback sessions and will be utilized by Service Provider and Molina to map improvements and set targets.

Lift, Shift and Enhance for End-User Services (EUS): Fundamentals for Transformation: Security Operations: Security Operations Model: Reporting Requirements:
SOC team will create daily/weekly/monthly reports and share the update with Molina team. The reports that will be shared with Molina are as follows
Area
Frequency
Target Stakeholders
Report Example
Operational Reporting
Weekly

Infra leads, App Leads, SOC Manager/team, CSIRT team
    Total alerts, true positive alerts with incidence severity, status of alerts (open/closed)
    Correlation rules Alerts, incidents, cases and event reports

– 7 –


Area
Frequency
Target Stakeholders
Report Example
Trend Reporting

Monthly
SOC Manager, IT Managers

    Administrative changes Trends
    Point solutions like AV, IPS, FW trends
    Traffic Trends (services, ports, users)
    Vulnerabilities and Threats
    SLAs
Executive Reporting

Monthly, Quarterly

Program Manager, CISO, SOC Manager

    Attack categories and distribution
    Incidents summary and remediation trends
    Risk and compliance status overview
    Service performance and enhancements (if any)
    SLAs
Incident and Service Status reporting
Daily, Weekly
SOC Manager
    Incidents by Priority
    Incident by Stages
    Incidents by Age
    Incident Trend by Priority
    SLA Compliance/breaches
    Average Incident response time by priority
    Ad-Hoc Report delivery

– 8 –


Area
Frequency
Target Stakeholders
Report Example
Compliance Reports
On-Demand
Compliance Auditors
    Access and Change Validation
    Administrative Activities
Ad-Hoc report
On-Demand
Need basis
    Any available report
Incident Alerts
As per notification and escalation matrix
SOC Manager, Concerned Stakeholders
    Correlated Rules Alerts
    Manual Analysis Alerts
    Reporting Analysis









– 9 –






Below are few sample reports that Infosys uses.
[Redacted]








– 10 –







Illustrative SOC Reports
[Redacted]















– 11 –


Illustrative Dashboards
[Redacted]










– 12 –






Lift, Shift and Enhance for End-User Services (EUS): Engagement Level Security and Security Operations: Security Operations: Scope of Work: Reporting:
Service Provider’s SOC team will create daily/weekly/monthly reports and share the update with Molina team. The reports that will be shared with Molina are as follows:
Area
Frequency
Target Stakeholders
Report Example
Incident and Service Status reporting
Daily, Weekly
Infra leads, App Leads, SOC Manager/team, CSIRT team
§    Total alerts, true positive alerts
§    Incidents by Priority
§    Incident by Stages
§    Incidents by Age
§    Incident Trend by Priority
§    Average Incident response time by priority
§    Ad-Hoc Report delivery
§    Correlation rules Alerts, incidents, cases and event reports

– 13 –


Area
Frequency
Target Stakeholders
Report Example
Trend Reporting

Monthly
SOC Manager, IT Managers

§    Administrative changes Trends
§    Point solutions like AV, IPS, FW trends
§    Traffic Trends (services, ports, users)
§    Vulnerabilities and Threats
§    SLA reporting
Executive Reporting

Monthly, Quarterly

Program Manager, CISO, SOC Manager

§    Attack categories and distribution
§    Incidents summary and remediation trends
§    Risk and compliance status overview
§    Service performance and enhancements (if any)
§    SLAs
Compliance Reports
On-Demand
Compliance Auditors
§    Based on on-demand requirements
Ad-Hoc report
On-Demand
Need basis
§    Based on on-demand requirements

– 14 –




Lift, Shift and Enhance for End-User Services (EUS): Engagement Level Security and Security Operations: Security Operations: Identity and Access Management: Reporting:
Following table provides list of reports / KPIs that Service Provider shall provider for identity and access management support:
#
Report Parameter / KPI
Description / Action Item
1
Availability
Ensure availability of IAM systems and provide weekly / monthly report for the same in addition to live availability status (live availability is dependent on available monitoring systems)
2
Incident Count / Service Requests vs. Status
Adhere to SLAs
3
Top 10 IAM Incident Categories vs. Volume
With process optimization or automation, show decrease in incident numbers in same category
4
SOX Reports
Convert Ad-hoc / manual report generation into automated report generation over time for SOX queries
5
Audit Reports
Convert manual audit report generation into automated report generation over time
6
Operations Reports
Automate report generation for operational efficiency such as for data discrepancy over time
7
Usage Reports
Provide reports on usage of identity and access management system, password reset, progress of access certification cycle, etc. and monitor performance of environment vs. available capacity
8
Privilege Usage Reports
Provide reports for privilege access usage through available tools (Bomgar PAM and available analytics system)
9
Weekly / Monthly Trend Reports
Provide weekly / monthly trends for incidents, problems, service requests, availability, usage, etc.
10
Dashboard
Provide dashboard summarizing no of active users, key activities, key automation activities, etc. in addition to weekly / monthly trends

– 15 –













SCHEDULE 8


TERMINATION ASSISTANCE AND EXIT

CONTENTS
Clause
 
Page
1.
Definitions
1
2.
Introduction
1
3.
Exit Period
2
4.
Quality of Transfer
3
5.
Termination Assistance
4
6.
Liability and Legal Process
5
7.
Exit Plans
6
8.
Termination Assistance Charges
7
9.
Exit Management
7
10.
Employment Provisions
8
11.
Assets
8
12.
Third Party Contracts
9
13.
Information
10
14.
Knowledge Transfer
11
15.
Further Tenders
12
16.
Project Work Order Termination Assistance
12


– 16 –



1.DEFINITIONS
1.1
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) of this Agreement.
1.2
The express reference in this Schedule to both Molina (or a Molina Company) and a Successor Supplier is for convenience only, and does not affect the interpretation of any other reference to a Successor Supplier.
2.INTRODUCTION
2.1
This Schedule describes the responsibilities of both Parties in relation to the termination (in whole or in part) or expiry of this Agreement or the termination of one or more Services, including the obligations of the Service Provider to provide assistance, information and cooperation, and establishes the means by which the Service Provider will be remunerated for providing Termination Assistance.
2.2
Where in this Schedule or in an Exit Plan, Molina is given a right, that right shall also be given to each Successor Supplier (but only to be exercised for the benefit of Molina) and both Molina and the Successor Supplier shall be entitled to exercise that right (but, in the case of the Successor Supplier, that right shall only be exercised for the benefit of Molina). Only Molina may enforce any such rights, and may also do so on behalf of any Successor Supplier.
2.3
Where in this Schedule or in an Exit Plan, Molina has an obligation to fulfil, that obligation may be fulfilled by either Molina or a Successor Supplier, and fulfilment of an obligation by a Successor Supplier shall discharge Molina’s obligation. The Service Provider shall have no cause of action against any Successor Supplier for any failure of Molina or the Successor Supplier to meet any obligations set out in this Schedule or in the Exit Plan. Molina shall at all times be responsible to the Service Provider for fulfilling the obligations of Molina and any Successor Supplier under this Schedule or in an Exit Plan.
2.4
No Successor Supplier shall have any cause of action against the Service Provider for any failure of the Service Provider to meet any obligations set out in this Schedule or in an Exit Plan (and Molina agrees to procure the same). The Service Provider shall at all times be responsible to Molina for fulfilling its obligations under this Schedule and each Exit Plan.
2.5
The Service Provider and Molina shall perform their respective obligations under this Schedule in accordance with any applicable Exit Plan.

-1-


2.6
Where there is a full or partial termination of the Run Services, the Service Provider’s obligations to provide the Project Services pursuant to any Project Work Order shall be unaffected unless Molina separately terminates any relevant Project Work Order.
3.EXIT PERIOD
3.1
This Schedule:
(a)
sets out a framework governance process to be adopted and applied during any Exit Period; and
(b)
provides that it is the Service Provider’s responsibility to prepare and maintain the Exit Plan and describes the process to be applied in preparing and maintaining the Exit Plan.
3.2
The Service Provider must provide Molina with Termination Assistance during each Exit Period in accordance with the terms of this Schedule and the Exit Plans applicable to the Terminating Services.
3.3
The Exit Plan may be used more than once, as there may be more than one Exit Period. The Exit Plan may also be used over a single Exit Period to phase out Services in multiple stages over time.
3.4
There shall be a period (each, an “Exit Period”) in respect of:
(a)
the termination of this Agreement by either Party (for whatever reason);
(b)
each partial termination of this Agreement, including the termination of one or more of the Services; and
(c)
the expiry of the Term.
3.5
Each Exit Period shall commence in accordance with paragraph 3.6 and shall continue until the responsibility for delivering the Terminating Services has transferred to the Successor Supplier or Successor Suppliers in accordance with the terms of this Schedule and the Exit Plan.
3.6
An Exit Period shall commence on each of the following dates:
(a)
the date on which either Party gives notice of termination of this Agreement (including partial termination of this Agreement by Molina); and
(b)
the date falling nine (9) months prior to the then-current Expiry Date.





3.7
Subject to paragraphs 3.8 to 3.11, the duration of each Exit Period shall be of such duration as may be agreed in the Exit Plan. The Exit Plan shall provide for an Exit Period of sufficient duration to transfer responsibility for the Terminating Services to the Successor Supplier or Successor Suppliers.
3.8
Molina may, in its sole discretion, extend any Exit Period one or more times by giving not less than thirty (30) days’ written notice to the Service Provider, as may be necessary in order to ensure a smooth, efficient and minimum-risk Transfer. Subject to paragraph 3.10, the aggregate duration of an Exit Period, including all extensions, under this paragraph 3.8 shall not exceed twenty-four (24) months unless the parties mutually agree otherwise in writing.
3.9
Molina may, in its sole discretion, shorten any Exit Period by giving written notice to the Service Provider specifying the earlier date on which the Exit Period will end, provided that such notice must be given no later than thirty (30) days before the date specified by Molina and in the event of expiry of the Term cannot take effect sooner than the end of the then-current Term.
3.10
The Exit Period shall be extended if (a) the Service Provider fails to achieve any Milestone, Delivery Date or other time-related obligation set out in the Exit Plan and (b) Molina has provided prior written notice to Service Provider of such failure. The length of the extension to the Exit Period shall be equivalent in Business Days to the delays caused by the Service Provider.
3.11
An Exit Period commencing under paragraph 3.6(b) shall end automatically if Molina subsequently issues a Renewal Notice under Clause 4 (Extension of the Term) and the Parties agree that there shall be an Extended Term; in such event, Molina will be responsible for the Service Provider’s reasonable out-of-pocket expenses, incurred at the time the Renewal Notice is issued, in relation to such Exit Period at the time of the Renewal Notice.
3.12
The provisions of this Agreement (including without limitation the Service Provider’s obligation to provide the Services and Molina’s obligation to pay the Charges (including Termination Assistance Charges)) shall remain in full force during each Exit Period, subject to the Exit Plan.
4.QUALITY OF TRANSFER
4.1
The Service Provider shall provide the Termination Assistance in accordance with the terms of this Schedule.
4.2
The Service Provider shall perform its obligations under this Schedule in such a way as to:
(a)    facilitate a smooth and orderly Transfer; and

-3-


(b)
minimize disruption and cause no material impact to any Services or to Molina’s business or operations (other than scheduled downtime and ramp-down of Services provided for in the Exit Plan).
4.3
The Service Provider shall reasonably cooperate with each Successor Supplier and Molina shall procure that each Successor Supplier shall reasonably cooperate with the Service Provider.
4.4
The Service Provider shall continue to perform the Services up to the end of each Exit Period in accordance with this Agreement, including the Service Levels, except to the extent that an agreed Exit Plan expressly provides to the contrary.
4.5
The Parties acknowledge that this Schedule and any Exit Plan cannot and do not include all of Molina’s and the Successor Suppliers’ specific requirements related to a Transfer. Accordingly, during an Exit Period, the Service Provider shall, in addition to performing the obligations expressly set out in this Schedule and in the Exit Plan, provide such assistance as is necessary or ancillary to the performance of those obligations, in relation to the Services or the Termination Assistance.
4.6
During an Exit Period, the Service Provider shall provide Molina and each Successor Supplier, as necessary, with reasonable access to the locations from which it delivers the Services, provided:
(a)
any such access does not interfere with the Service Provider’s ability to provide the Services or Termination Assistance;
(b)
in the case of access by a Successor Supplier, the Successor Supplier complies with the Service Provider’s reasonable security requirements; and
(c)
in the case of access by a Successor Supplier, Molina has procured the execution of an Agreed Form NDA by the Successor Supplier.
5.TERMINATION ASSISTANCE
5.1
Termination Assistance to be provided by the Service Provider shall include all those matters set out in the Exit Plan and the following obligations:
(a)
notifying Subcontractors of procedures to be followed during the Transfer process;
(b)
providing assistance and expertise as necessary to identify all material operational and business processes provided specifically for Molina and used by the Service Provider or any Subcontractor in providing the relevant Services, which may include, at Molina’s reasonable request, the presentation of such processes to Molina, the Successor Suppliers and other designees;

-4-


(c)
providing and coordinating assistance to Molina in notifying the relevant members of Service Provider Personnel of the procedures to be followed during the Transfer process;
(d)
providing details of work volumes and staffing requirements over the preceding twelve (12) months;
(e)
providing a listing of the Service Provider Personnel engaged in the delivery of the Services, in sufficient detail to determine their applicability to the Transfer process and ongoing operation and support of the Replacement Services;
(f)
providing Molina with reasonable access to Service Provider Personnel performing (or who were performing) the Services and to a Service Provider representative familiar with the provision of the Services in order that these Service Provider Personnel will answer Molina’s questions;
(g)
providing Molina with copies of all documented operations, procedures and tools that are used or followed by the Service Provider in performing the Services;
(h)
providing to Molina the plans and status of current and pending projects and other work in progress and all other information required for continuity during the Exit Period to minimize the disruption to the Services and Molina’s business;
(i)
providing for the orderly hand-off of ongoing projects and other work in progress as may be requested by Molina;
(j)
providing key support contact details for Subcontractor personnel under contracts which are agreed to be assigned or novated to Molina under paragraph 12;
(k)
providing assistance and expertise as reasonably necessary to examine all governance arrangements and reports in place for the provision of the Services;
(l)
assisting in the execution of a parallel operation involving certain Services being provided by the Service Provider, Molina and the Successor Suppliers until the end of the Exit Period; and
(m)
providing any further assistance requested by Molina with a view to allowing the Services to continue with minimal interruption or without material adverse effect following the termination or expiry of this Agreement and with a view to facilitating the orderly transfer of responsibility for and conduct of the Services to Molina or its Successor Supplier.

-5-


5.2
The first activities that the Service Provider must complete as part of the first phase of the Exit Plan shall include the preparation of a risk matrix highlighting all of the anticipated risk elements associated with the Transfer and in particular those areas where particular focus and attention is required. The Service Provider must include appropriate mitigating factors to help manage that risk. The Exit Plan must be modified and enhanced by the Service Provider to address all risks identified, and in particular must reflect all of the mitigating factors identified.
6.LIABILITY AND LEGAL PROCESS
6.1
If during any Exit Period:
(a)
the Service Provider fails or unreasonably refuses to provide to Molina (within a required time period) any information is material in the context of the assistance that the Service Provider is reasonably required to provide (whether expressly under this Agreement or in any Exit Plan or in order to meet an obligation set out in this Agreement or in any Exit Plan); and
(b)
such failure or refusal remains uncured for ten (10) days following receipt of written notice of such failure or refusal,
then the failure or refusal shall be treated as a material breach of this Agreement by the Service Provider.
6.2
If the Service Provider is in material breach of this Agreement by virtue of operation of this paragraph 6, Molina shall be afforded the following remedies in addition to its other remedies under this Agreement and at law:
(a)
Molina may, in its sole discretion, elect to commence a new Exit Period;
(b)
if the Agreement was not terminated for cause, Molina may then elect to treat the Agreement as if it were terminated for cause; and
(c)
Molina may publicize the material breach to the Successor Suppliers with full details of that breach to explain any consequential delays and impact on the Transfer.
7.EXIT PLANS
7.1
With effect from the Effective Date, the Parties shall comply with the obligations set out in the Exit Plan, as amended from time to time in accordance with this Schedule.
7.2
The Service Provider shall make available to Molina, on the Contract Management Portal or such other location as may be agreed between the Parties, an Exit Plan within three (3) months of the Effective Date, to reflect the state of the Services after Transition. If the Service Provider does not produce an Exit Plan within the time period stipulated in this paragraph 7.2, Molina

-6-


may elect, at its cost, to produce an Exit Plan and the Service Provider shall provide reasonable assistance in the preparation of such Exit Plan.
7.3
Amendments to the Exit Plan that in any way change the substance of either Party’s obligations shall not bind the Parties unless agreed pursuant to the Change Control Process.
7.4
The Service Provider shall keep the Exit Plan up to date and ensure that it reflects all changes to the Services and means of delivering the Services. The Service Provider shall maintain the Exit Plan so that it is sufficiently flexible to enable the partial termination of the Services.
7.5
The Service Provider shall conduct a thorough review of the latest Exit Plan at least annually and shall make available to the Operational Review Board an up to date version of the latest Exit Plan, together with a written statement of currency, confirming the Exit Plan is up to date, within sixty (60) days of this annual review. The Service Provider shall include all information required in the Exit Plan in the Contract Management Portal (or such other location as may be agreed between the Parties), and that the Exit Plan is capable of implementation in accordance with this Agreement. In support of the annual review, the Service Provider shall provide anonymized and where necessary redacted examples of exit plans that it has implemented to the extent such plans are available to demonstrate to Molina that the Exit Plan is fit for purpose and in line with current best practice deployed within the Service Provider.
7.6
Amendments to the Exit Plan that are made pursuant to paragraphs 7.4 and 7.5 need not be made pursuant to the Change Control Process.
7.7
The Service Provider shall ensure that the Service Provider is, at all times, able to commence the various processes described within the Exit Plan within seven (7) days.
7.8
The Exit Plan and its annual review shall at all times be available to Molina to view and print on the Contract Management Portal (or such other location as may be agreed between the Parties).
7.9
If the terms of the Exit Plan are incomplete, unclear or ambiguous, then they are to be interpreted and construed by reference to this Schedule.
7.10
The Exit Plan must at all times contain a description of the Services, focusing in particular on any cases where the Services as delivered may differ from the description of those Services in this Agreement.
7.11
The Exit Plan must clearly identify the dependencies on a Successor Supplier, and if any information or assistance is required from Molina the Exit Plan must clearly state what that information or assistance is and when it is required and what activity of the Service Provider is dependent on that information or assistance.

-7-


8.TERMINATION ASSISTANCE CHARGES
8.1
Molina shall pay for Termination Assistance as if those Services were Project Services and the Exit Plan were a Fixed Price Project Work Order. The Charges shall be as set out in the Exit Plan and Schedule 3 (Pricing and Invoicing).
8.2
Where the Service Provider has terminated this Agreement in accordance with Clauses 51.3 or 51.4 then Molina shall pay the Charges for Termination Assistance monthly in advance.
8.3
If any of the activities required in this Schedule can be performed by BAU Personnel without impacting the Services or are included within another obligation in this Agreement (that is not specifically expressed to be separately chargeable) then they shall be performed and charged for as part of the Base Charges.
8.4
If there are no specific fees, charges or expenses identified within this Schedule for a particular activity which the Service Provider is required to perform as part of the Termination Assistance, then the Charges for Termination Assistance already incorporate a fee, charge or expense for that activity. The absence of a specific fee, charge or expenses for a particular activity does not mean that, and should not be used to support any argument that, the particular activity does not form part of the Termination Assistance.
9.EXIT MANAGEMENT
9.1
The Service Provider shall identify one Key Person (the “Exit Manager”) who shall, subject to approval by Molina, be dedicated to the management of Termination Assistance. The Exit Manager must have experience in managing the transition of services from one provider to another of similar scale and complexity.
9.2
The name of the Exit Manager shall be included within each Exit Plan and updated regularly.
9.3
If the Exit Manager does not become a Molina employee as may be required pursuant to Applicable Law, the Service Provider shall make the Exit Manager available to provide consulting services until the date falling six (6) months after the end of the Exit Period, and the Charges for such individual shall be determined in accordance with the Resource Rates or as otherwise agreed between the Parties.
9.4
The Service Provider shall ensure that a dedicated team is assigned to the Transfer over and above any ‘business as usual’ resources deployed. All members of the dedicated team assigned to the Transfer shall have experience in transitioning services from one supplier to another of a similar scale and complexity. The Charges for such team shall be determined in accordance with the Resource Rates or as otherwise agreed between the Parties. The CVs of the Exit Manager and each member of the dedicated team shall be appended to the Exit Plan.

-8-


10.EMPLOYMENT PROVISIONS
The exit-related provisions set out in Schedule 15 (HR Matters and Key Personnel) shall apply. Any employment-related provisions in this Schedule or in the Exit Plan shall operate independently of the obligations in Schedule 15 (HR Matters and Key Personnel) and the Parties shall meet their respective obligations set out in Schedule 15 (HR Matters and Key Personnel).
10.1
The operational requirements for transferring Assets to the Successor Suppliers shall be contained in an Exit Plan. It shall be the Service Provider’s responsibility to ensure that all Assets owned by Molina and all Dedicated Equipment purchased by each Successor Supplier are safely shipped to the destination of Molina’s or the Successor Supplier’s choosing at Molina’s request and at Molina’s expense.
10.2
During the Exit Period, the Service Provider shall, offer to sell each individual item of Dedicated Equipment (such sale to be effective at the date that responsibility for providing the Replacement Services that requires the Dedicated Equipment transfers to a Successor Supplier). The offer shall be made, in respect of each item of Dedicated Equipment, to Molina or to such Successor Supplier as Molina may nominate. Molina (on its own behalf or on behalf of a nominated Successor Supplier) and each nominated Successor Supplier may, in its sole discretion, elect to accept the Service Provider’s offer in respect of any or all of the Dedicated Equipment, and shall have no liability for failing to accept the offer in respect of any or all of the Dedicated Equipment.
10.3
The purchase price for each item of Dedicated Equipment that Molina or a Successor Supplier agrees to purchase shall be the fair market value.
10.4
During the Exit Period, the Service Provider may not delay or condition the provision of any Assets required in order to provide the Services (other than as expressly permitted in this Agreement) and in particular may not refuse to provide any Asset unless the Successor Supplier makes an election to purchase that Asset (whether Dedicated Equipment or not).
10.5
Molina may acquire Dedicated Equipment on the terms set out in a Project Work Order or in a Change Notice.
10.6
During the Exit Period, the Service Provider shall not sell, Refresh, upgrade or replace any Dedicated Equipment without obtaining Molina’s written approval, other than in cases of (i) emergency replacement or repair where to do otherwise would impact on the delivery of the Services, or (ii) where otherwise set out as an obligation under the Agreement.


-9-


11.THIRD PARTY CONTRACTS
11.1
Each Exit Plan shall always contain provisions that require the Service Provider to:
(a)
with respect to Third Party contracts that the Service Provider or any Subcontractor has entered into relating exclusively to the Services (including software licenses and other licenses of Intellectual Property Rights), transfer to Molina or a Successor Supplier (whether by assignment or novation), on the expiry or earlier termination (in whole or in part) of this Agreement, at no charge (other than on-going charges as consideration for the services or goods provided under those contracts), such of those Third Party contracts as Molina may request to be transferred; provided, however, that if a Third Party contract contains terms making transfer conditional on the payment of any additional charges, then those charges shall be allocated between the Parties in such proportions as they mutually agree;
(b)
with respect to all other Third Party contracts:
(i)
use all reasonable efforts to obtain the commitment of such Third Party vendor(s) to allow the Service Provider to transfer to Molina or a Successor Supplier (whether by assignment or novation), at no charge (other than on-going charges as consideration for the services or goods provided under those contracts), such of those Third Party contract(s) as Molina may request to be transferred;
(ii)
use all reasonable efforts to exercise that right of transfer under each such Third Party contract that Molina has requested to be transferred and in respect of which the Service Provider obtains that commitment from the Third Party vendor(s); and
(iii)
if the Service Provider is unable to obtain that commitment from the Third Party in connection with a contract that is needed for the continued performance of Replacement Services:
(A)
notify Molina and provide Molina non-confidential information related to the Third Party’s refusal to consent to the transfer; and
(B)
propose a work-around solution, if feasible, that will enable the Successor Supplier to take the benefit of the services under the relevant contracts; and
(c)
exercise its rights of transfer referred to in Clause 63.5(b) of the Agreement as requested by Molina.

-10-


11.2
To ensure that the Service Provider is able to comply with the transfer requirements set out in paragraph 12.1(a) above, the Service Provider shall use commercially reasonable efforts to include in each such Third Party contract a provision stating that such contract can be transferred to a Successor Supplier at no charge (apart from any ongoing charges payable under the Third Party contract as consideration for the services or goods provided under that contract) on the expiry or earlier termination (in whole or in part) of this Agreement.
11.3
With respect to the contracts covered by paragraph 12.1(a), the Service Provider shall use commercially reasonable efforts to procure that all such Third Party contracts include a right to extend or renew the term of those contracts for at least a further period of two (2) years, exercisable by Molina at the time of the transfer to Molina.
11.4
The Service Provider shall ensure that the Exit Plan contains at all times a complete list of the contracts entered into by any Service Provider Company for the performance of the Services, and that all such contracts are contained in the Contract Management Portal on:
(a)
each and every date that the Exit Plan is first prepared and thereafter updated in accordance with paragraph 7; and
(b)
the first day of the Exit Period and each day thereafter during the Exit Period.
12.INFORMATION
12.1
The Service Provider shall, at Molina’s request:
(a)    provide to Molina and/or any Successor Supplier; and
(b)    maintain on the Contract Management Portal,
a full and up-to-date copy of the information required under the Exit Plan.
12.2
The Service Provider shall ensure that the Exit Plan shall contain a standard set of information requirements that must be provided by the Service Provider during the Exit Period to a Successor Supplier that will enable the Successor Supplier to fully understand how the Services are provided by the Service Provider.
12.3
The Service Provider shall update the information in the Contract Management Portal regularly during the Exit Period.
12.4
Molina shall be entitled to give potential Successor Suppliers access to copies of the information on the Contract Management Portal as part of any tender process and as part of any knowledge transfer process; provided, however, that Molina shall not give potential Successor Suppliers access to any of the following information:
(a)
the Resource Rates;

-11-


(b)
the Project Rates;
(c)
descriptions of the Service Provider’s technical architecture that are separate from descriptions of the Services or the technical architecture of Systems that are provided to, or for the benefit of, Molina as part of the Services;
(d)
descriptions of the Service Provider’s security policies that are separate from descriptions of the Services or the technical architecture of Systems that are provided to, or for the benefit of, Molina as part of the Services;
(e)
whether the Service Provider achieved or missed any Service Levels (though actual Service performance may be shared by Molina);
(f)
audit findings provided by the Service Provider to Molina in connection with the Services (except to the extent such findings relate to a security risk which the applicable Successor Supplier is being engaged by Molina to address); and
(g)
except as contemplated in this Schedule (e.g., job shadowing and knowledge transfer in accordance with this Schedule), the names of Service Provider Personnel other than Subcontractors.
13.KNOWLEDGE TRANSFER
13.1
The Service Provider will transfer all Molina-related training materials to Molina and/or the Successor Supplier.
13.2
To facilitate the transfer of knowledge from the Service Provider to Molina or its Successor Supplier in order to enable Molina or the Successor Supplier to provide (and/or, in the case of Molina, receive) Replacement Services, the Service Provider shall explain to Molina and/or its Successor Supplier, in writing and by way of presentations, the operations, procedures and tools used to provide the Services, the Change Control Process and other standards and procedures.
13.3
This knowledge transfer may include Molina personnel shadowing Service Provider Personnel, and, if agreed between the parties, being seconded to the Service Provider, to facilitate the transfer of knowledge from the Service Provider to Molina or any Successor Supplier.
13.4
Subject to paragraph 14.5, the Service Provider shall:
(a)
provide for transfer of knowledge required for the provision of the Services which may, as appropriate, include confidential information, records and documents including those referred to in the Exit Plan and all other relevant information, data, IPR or records in the Service Provider’s and Subcontractors’ possession or control





required by Molina or its Successor Supplier to provide the Replacement Services; and
(b)
answer all reasonable questions from Molina or its Successor Supplier regarding the Services during the Exit Period.
13.5
Subject to Clause 29 of the Agreement (Intellectual Property Rights), paragraph 14.4 does not require the Service Provider to transfer or otherwise make available to Molina or to a Successor Supplier any:
(a)
Service Provider IP that is not included or embedded in a Deliverable, and to which Molina would not have had access during the Term, provided that this exception shall not apply if it would prevent Molina or a Successor Supplier from being able to use any Molina Data; or
(b)
Service Provider Commercially Sensitive Information.
14.FURTHER TENDERS
14.1
The Service Provider shall, at Molina’s request, reasonably assist and cooperate with Molina and with any potential Successor Supplier prior to its appointment as a Successor Supplier, in any tender process conducted for the provision of all or part of the Terminating Services.
14.2
The Service Provider shall, at Molina’s request, provide to Molina all copies of any information and data in the Service Provider’s possession concerning Molina’s business and technical requirements for the Run Services and the Project Services.
15.PROJECT WORK ORDER TERMINATION ASSISTANCE
15.1
If either Party gives notice to terminate a Project Work Order (for any reason), the Service Provider shall, as requested by Molina:
(a)
provide reasonable knowledge transfer associated with the Deliverables, undertaken through co-working, show and tell or otherwise, by Service Provider Personnel co-located with the ‘take-on’ staff on Molina, Service Provider or Successor Supplier premises (as required by Molina);
(b)
either as part of knowledge transfer or otherwise, provide training in the use of the Deliverables and any other Software required to be provided under the Project Work Order (including tools);
(c)
for all licensed Software (Third Party or Servicer Provider Software), determine what is used, the identities of the licensor and licensee, and where the physical or electronic license copies are located;

-13-


(d)
hand over Molina-owned licenses and provide other licenses necessary for Molina to use the Deliverables;
(e)
where Deliverables were to have been provided in a language other than that in which they exist at the time of termination, complete any outstanding translation activities forming part of the terminated Project Work Order;
(f)
physically transfer Deliverables to Molina environments, in a location determined by Molina;
(g)
provide any and all Source Code that is associated with the Deliverables and required to be provided under this Agreement;
(h)
migrate Source Code libraries into a Molina Source Code configuration control tool;
(i)
hand over test data and stubs/harnesses specifically developed for the Deliverables; and
(j)
support any verification activities for the above and correction of any outstanding issues.





-14-











SCHEDULE 9
CHANGE




CONTENTS
Clause
 
Page
PART A
GENERAL
1

1.
Definitions
1

2.
Introduction
1

3.
The Service Provider Technical Solution
1

4.
Changes to Policies
2

5.
Regulatory Change
2

PART B
AGREEMENT CHANGE
4

6.
Agreement Change
4

7.
MSA Change
4

8.
Project Change
7

9.
Costs of Investigating and Agreeing Agreement Changes
8

10.
Urgent Changes
8

11.
Agreement Change Compulsory
9

PART C
CHARGE ADJUSTMENT AND ONE-OFF FEES
10

12.
Changes to the Charges and One-Off Fees Resulting From Changes
10

PART D
CHANGE DISPUTES
11

13.
Resolution of Change Disputes
11

Appendix 9A Template MSA Change Request
13

Appendix 9B Template Project Change Request
14

Appendix 9C Sample Change Notice
15






PART A GENERAL
1.
Definitions
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) of this Agreement.
2.
Introduction
2.1
Part A of this Schedule deals with changes to the Service Provider Technical Solution, changes to Policies, Regulatory Changes and the consequences of Molina’s failure to perform its obligations under this Agreement.
2.2
Part B of this Schedule defines the processes for introducing and approving Agreement Changes.
2.3
Any decision or agreement resulting from the processes set out in this Schedule shall not be binding on the Parties unless:
(a)
approved in accordance with the relevant level of authority set out in Schedule 7 (Governance); or
(b)
where Schedule 7 (Governance) does not stipulate a relevant level of authority for any change, approved by duly authorized representatives of the Parties named in each draft Change Request.
2.4
Part C of this Schedule defines the processes for introducing and approving Charge Adjustments and one-off fees that arise in connection with an Agreement Change.
2.5
Part D of this Schedule sets out the procedure for resolving Change Disputes and Disputed Proposed Charges that arise in relation to the content of this Schedule.
3.
The Service Provider Technical Solution
3.1
The Service Provider may change the Service Provider Technical Solution except as set out in this Schedule.
3.2
If the Parties expressly agree as part of any Agreement Change that the functionality provided by the Service Provider’s solution may differ in any material respect from that described by the Service Provider Technical Solution, then the Parties shall record such agreement in a written addendum to the Service Provider Technical Solution and the Service Provider shall upload that addendum to the Contract Management Portal in the same section as the Service Provider Technical Solution.




3.3
Any change (a) to the functionality provided by the Service Provider Technical Solution or (b) to any aspect of the Service Provider Technical Solution which the Service Provider is not permitted to change unilaterally (as set out in paragraph 3.1), as applicable, shall not be effective unless and until an addendum is executed by authorized representatives of the Parties. Each such addendum must be uploaded to the Contract Management Portal within two (2) Business Days of being executed.
4.
Changes to Policies
4.1
Molina may amend the Policies at any time without following the Agreement Change procedure as set out in Part B of this Schedule. Molina may not amend a Policy to deliberately single out or discriminate against the Service Provider.
4.2
A Policy Change is not an Agreement Change but may result in formal requests by either Party for an Agreement Change.
4.3
Molina shall notify the Service Provider in writing (which may be an e-mail notification) of each Policy Change (“Policy Change Notice”). Unless Molina specifies otherwise, the date on which the Policy Change shall become effective (“Policy Change Effective Date”) shall be ten (10) Business Days from the date of the Policy Change Notice.
4.4
In circumstances where Molina specifies a Policy Change Effective Date under paragraph 4.3, Molina shall ensure that it gives the Service Provider reasonable time to comply with the Policy Change, taking into account the complexity of the Policy Change. The Service Provider acknowledges that in cases where the Policy Change is required by Applicable Law or by any Regulatory Authority, Molina may only allow the Service Provider as much time to implement the Policy Change as Applicable Law or the Regulatory Authority permits. Molina shall, at the Service Provider’s request, discuss the Policy Change with the Service Provider.
4.5
The Service Provider shall comply with each Policy Change from the Policy Change Effective Date.
4.6
The Service Provider may, within ten (10) Business Days after the date of the Policy Change Notice (or within such other period as the Parties may agree in writing), issue a Change Request if it believes that a Policy Change requires a Charge Adjustment or the imposition of a one-off fee or a combination of both. In that case, paragraph 12.3(a) of this Schedule shall apply to the Policy Change, and any Charge Adjustment or one-off fee shall be processed and documented in the same manner as an Agreement Change.
4.7
Molina may make a Change Request if it believes that the Policy Change should result in an overall reduction in the Charges to Molina.
4.8
If either Party makes a request pursuant to paragraph 4.6 or 4.7, the Service Provider shall comply with the Policy Change immediately but any Charge Adjustment relating to the Policy

-2-


Change shall be processed and documented in the same manner as an Agreement Change in accordance with the principles in Part C of this Schedule.
5.
Regulatory Change
5.1
A Regulatory Change may require an Agreement Change.
5.2
Either Party shall notify the other as soon as reasonably practicable after becoming aware of a Regulatory Change that could have an impact on the provision of the Services under this Agreement or any Project Work Order or impact either Party in meeting any of its obligations under this Agreement or any Project Work Order, together with the date on which that Regulatory Change will become effective (“Regulatory Change Effective Date”).
5.3
The Service Provider shall comply with each Regulatory Change from the Regulatory Change Effective Date.
5.4
Except as provided in paragraph 12.2, there shall be no Charge Adjustment or one-off fees imposed on Molina in relation to a Regulatory Change or any Agreement Change resulting from a Regulatory Change.

-3-



PART B AGREEMENT CHANGE
6.
Agreement Change
6.1
All Agreement Changes shall be made in accordance with the process set out in this Schedule.
6.2
An Agreement Change may be initiated by those persons authorized by Molina or by the Service Provider to do so from time to time, by issuing a written request to the other Party. A request to make an MSA Change shall be referred to as an “MSA Change Request” and a request to make a Project Change shall be referred to as a “Project Change Request”, together being “Change Requests”.
6.3
All Change Requests shall be submitted in such form as is specified by Molina from time to time. As at the Contract Effective Date, the format for:
(a)
an MSA Change Request is as set out in Appendix 9A to this Schedule; and
(b)
a Project Change Request is set as out in Appendix 9B to this Schedule, and shall attach a draft conformed copy of the Project Work Order, updated to include the changes proposed under the draft Project Change Request and all prior Agreement Changes affecting that PWO.
6.4
The Service Provider shall not take any action to implement the terms of a Change Request until the Parties have executed a Change Notice following the process set out in the remainder of this Schedule.
6.5
Molina shall only be liable to pay for costs or expenditure incurred by the Service Provider in taking any action to implement the terms of a Change Request, or for any proposed Charge Adjustment or one-off fees proposed in a Change Request, when the Change Request has been signed by Molina or otherwise determined in accordance with paragraphs 13.4 and 13.5.
7.
MSA Change
7.1
Response to requests for MSA Change
(a)
Following issuance of an MSA Change Request by either Party, the Service Provider shall provide Molina with an impact assessment for the proposed MSA Change, within the time period set out by the relevant Governance Body charged with the responsibility for the particular Change as set out in Schedule 7 (Governance) (“relevant Governance Body”), or, in the absence of any time period set out by the relevant Governance Body, within five (5) Business Days.
(b)
All impact assessments submitted shall be reviewed by the relevant Governance Body, and during those reviews the Service Provider must:




(i)
acting reasonably share any relevant experience it may have in relation to changes similar to the particular MSA Change in question, provided sharing that information would not require the Service Provider to breach any obligations of confidentiality that it owes to a third party;
(ii)
discuss the impact assessment at the meeting of the relevant Governance Body;
(iii)
outline any particular requirements and information that it will need in order to prepare a detailed Change Notice and the time that the Service Provider requires to prepare a Change Notice;
(iv)
provide Molina with an indicative timetable within which the MSA Change could be implemented;
(v)
give an explanation of its estimate of the net effect on the Charges and any required one-off fee;
(vi)
identify any impact the Service Provider believes the proposed MSA Change may have on the services provided or Systems supported by any Other Service Provider, and any corresponding changes to any such services or Systems the Service Provider believes may be necessary or desirable if the proposed MSA Change is made; and
(vii)
inform Molina if the Service Provider is unable to implement the MSA Change because one of the reasons in paragraph 11.1 applies and an explanation as to why one of those reasons applies.
(c)
Discussions under paragraph 7.1(b) must be held within the time period set out by the relevant Governance Body, or, in the absence of any time period set out by the relevant Governance Body, within ten (10) Business Days of Molina either receiving an MSA Change Request issued by the Service Provider or issuing an MSA Change Request to the Service Provider and such discussions must result either in:
(i)
agreement by the Parties, or, where Molina has discretion, a determination by Molina, not to proceed further with an MSA Change as a result of the MSA Change Request, and any such agreement or determination shall be recorded in the minutes of the relevant Governance Body; or
(ii)
agreement by the Parties, or, where Molina has discretion, a determination by Molina, to proceed with the process set out below to reach agreement on an MSA Change as a result of the MSA Change Request (even if the Service Provider prepared and submitted the MSA Change Request but no longer wishes to proceed), and this agreement or determination (the “Initial Change Approval”) shall be signed by Molina and recorded in the minutes of the relevant Governance Body.

-5-


(d)
Following Initial Change Approval, the relevant Governance Body shall set out a timetable to reach agreement of the Change Notice, or, in absence of a timetable, the Change Notice shall be agreed within ten (10) Business Days from the date of such Initial Change Approval.
7.2
Submission of a Change Notice
The Service Provider must submit to Molina, as soon as reasonably possible but in no event later than ten (10) Business Days (or such longer period as may be agreed by the Parties) following Initial Change Approval, either:
(a)
the Change Notice to which the Initial Change Approval relates, which shall be an irrevocable offer capable of acceptance by Molina and signed by an authorized representative of the Service Provider; or
(b)
a draft Change Notice for agreement with Molina and an updated impact assessment.
7.3
Modification of the Change Notice
(a)
If Molina does not agree with any aspect of the Change Notice, it shall notify the Service Provider of the matters with which it does not agree and it may provide a counter-proposal reflecting terms that are acceptable to Molina or request the Service Provider to make changes to its Change Notice or any combination of the two.
(b)
If Molina and the Service Provider cannot agree on the terms of a Change Notice, the matters in dispute shall be referred for informal dispute resolution in accordance with paragraph 13.
7.4
Notification of Acceptance of Change Notice
(a)
Molina shall, within a reasonable period of time after its receipt of the Change Notice (having regard to the proposed Change Start Date), notify the Service Provider as to whether or not it wishes to proceed with the implementation of the proposed MSA Change using the services of the Service Provider on the terms of the Change Notice.
(b)
If Molina accepts the Change Notice (either as submitted by the Service Provider or as amended by agreement between the Parties in accordance with paragraph 10) then both Parties shall execute, as soon as possible thereafter, two copies of the Change Notice. The Service Provider and Molina shall each retain one copy of the executed Change Notice.
(c)
Upon a Change Notice being executed by both the Service Provider and Molina, the Change Notice will be deemed to form a part of this Agreement and, in the case of an MSA Change applicable to a Project Work Order, that Project Work Order, and the Parties shall comply with the Change Notice accordingly.

-6-


7.5
Process Following Acceptance of Change Notice
(a)
The Service Provider shall maintain a conformed copy of this Agreement reflecting all agreed Change Notices and make those conformed copies available to Molina on the Contract Management Portal within ten (10) Business Days of the Parties agreeing to a Change Notice.
(b)
Further details of the Change Control Process may be agreed upon by the Parties.
7.6
Notification of Refusal to Proceed with a Change Notice
If, at any time prior to execution of a Change Notice, where Molina has discretion, Molina does not wish to proceed with a proposed MSA Change, Molina will notify the Service Provider of its decision, in which case the MSA Change Request shall be abandoned and neither Party shall be required to take any further steps in that regard.
8.
Project Change
8.1
Subject to paragraph 8.2, within ten (10) Business Days (or such longer period as the Parties agree) after issuance of a Project Change Request by either Party, the Service Provider shall provide Molina with:
(a)
the Service Provider’s comments on the Project Change Request in the case of a Project Change Request submitted by Molina; or
(b)
a final draft of the Project Change Request and conformed Project Work Order (updated to reflect the Project Change Request), which shall be an irrevocable offer capable of acceptance by Molina and signed by an authorized representative of the Service Provider.
8.2
Molina may, at its discretion, upon receipt of a Project Change Request from the Service Provider or when submitting a Project Change Request to the Service Provider, require the Service Provider to follow all or any part of the process described in paragraph 7 of this Schedule in relation to a Project Change Request, and references to an “MSA Change Request” in that paragraph shall, in relation to a Project Change Request and for the purposes of this paragraph 8, mean a reference to a Project Change Request.
8.3
The Service Provider shall not take any action to implement the terms of a Project Change Request until both Parties have executed an agreed Project Change Request following the process set out in the remainder of this Schedule.
8.4
Subject to paragraphs 13.4 and 13.5, unless otherwise agreed in advance and in writing, Molina shall not be liable for any costs or expenditure incurred by the Service Provider in taking any action to implement the terms of a proposed Project Change Request, and shall not be liable for any proposed Charge Adjustment or one-off fees proposed in a Project Change Request, unless and until it has been signed by Molina.

-7-


8.5
If, at any time prior to execution of a Project Change Request, Molina does not wish to proceed with a proposed Project Change, Molina will notify the Service Provider of its decision, in which case the Project Change Request shall be abandoned and neither Party shall be required to take any further steps in that regard.
8.6
The Service Provider shall maintain a conformed copy of each Project Work Order reflecting all agreed Project Change Requests and make those conformed copies available to Molina on the Contract Management Portal within ten (10) Business Days of the Parties agreeing to a Project Change Request.
8.7
Any Project Change that varies any terms of this Agreement as they apply to a Project Work Order shall be subject to Clause 13.3 (Effect of Project Work Orders) of this Agreement.
8.8
Any Change Notice for an Agreement Change that varies any terms of this Agreement must state whether that Agreement Change applies to any Project Work Orders in effect as at the effective date of the Agreement Change and, if so, which Project Work Orders.
8.9
If any Agreement Change as described in paragraph 8.8 applies to any Project Work Order, the Service Provider must also prepare a Change Notice in respect of the amendment to each such Project Work Order. Any such Agreement Change that affects the Charges under any Project Work Order shall be treated as a Charge Adjustment and shall be subject to Part C of this Schedule.
9.
Costs of Investigating and Agreeing Agreement Changes
The Service Provider and Molina will each bear its own costs related to any investigations into a proposed Agreement Change and agreeing and preparing and negotiating a Change Request, impact assessment and Change Notice.
10.
Urgent Changes
10.1
The Service Provider acknowledges that the appropriate Governance Board may designate certain Agreement Changes (including those resulting from Regulatory Changes) to be sufficiently urgent (an “Urgent Change”) to require the timescales set out in this Schedule to be shortened.
10.2
The following is a non-exhaustive list of the types of Agreement Changes that will, in all circumstances, be Urgent Changes:
(a)
required by a Regulatory Authority;
(b)
requested by the CIO or an equivalent board level Molina Personnel; or
(c)
necessitated by a Major Incident.
10.3
In the event of an Urgent Change, the Service Provider shall take Appropriate Actions:

-8-


(a)
to mitigate the adverse effects of the Urgent Change on the Services and any other Agreement Changes;
(b)
to ensure that the actions or steps taken by the Service Provider in managing and implementing the Urgent Change do not add any further disruptions to the impact of the Urgent Change on the Services or other Agreement Changes; and
(c)
to assign appropriately qualified and experienced Service Provider Personnel to manage and conclude the Urgent Change as a priority.
11.
Agreement Change Compulsory
The Service Provider shall not refuse to agree to any Agreement Change (other than disputes in relation to a Charge Adjustment which are addressed by Part C) unless to implement the Agreement Change:
(a)
is not technically possible for a service provider adopting Good Industry Practice;
(b)
the Service Provider, adopting Good Industry Practice, cannot reasonably implement the Agreement Change in the required timescale, in which case the Service Provider shall, within five (5) Business Days after receipt of a Change Request, notify Molina of the shortest timescale within which it could implement the Agreement Change;
(c)
would or might reasonably cause the Service Provider to contravene Applicable Law; or
(d)
would cause the Service Provider to miss or be delayed in meeting a Milestone, and Molina, having been notified in writing of that likelihood, does not respond to the Service Provider’s notification.

-9-



PART C CHARGE ADJUSTMENT AND ONE-OFF FEES
12.
Changes to the Charges and One-Off Fees Resulting From Changes
12.1
The Service Provider may propose a Charge Adjustment or the imposition of a one-off fee in connection with a Change Request only to the extent permitted under, and then only in accordance with, this paragraph 12.
12.2
Regulatory Changes
(a)
The Service Provider shall bear all of its own costs incurred in order to comply with a Regulatory Change, including all of its costs related to any necessary Agreement Changes, except in cases where paragraph 12.2(c) applies.
(b)
The Service Provider shall make no adjustment to the Charges to recover any costs from Molina as a result of a Regulatory Change (including any resulting Agreement Changes), except in cases where paragraph 12.2(c) applies.
(c)
In cases where a Regulatory Change occurs that is a change in Applicable Law and that is binding on Molina and that requires:
(i)
the Service Provider to acquire, Modify or otherwise enhance any Systems, Materials or Resources that are required under this Agreement to be dedicated exclusively to the provision of Services to Molina or to be reserved for Molina’s exclusive use;
(ii)
the Service Provider to create, Modify or otherwise enhance any Molina IP;
(iii)
Services dedicated exclusively to Molina to be provided from a location other than the Approved Service Delivery Location agreed for a particular Service or as set out in a relevant Project Work Order; or
(iv)
the Service Provider to adapt the performance of the Services,
either Party may make a Change Request to adjust the Charges under this Agreement and any Project Work Order affected by the Regulatory Change by such amount as represents the Service Provider’s increased or reduced costs resulting from the Regulatory Change.
12.3
Policy Changes
(a)
If a Policy Change is made due to a Regulatory Change then the provisions of paragraph 12.2 shall apply in relation to the costs of compliance with that Policy Change as if all references to Regulatory Change read Policy Change.




(b)
In all other cases of a Policy Change, the Service Provider or Molina may seek to apply a Charge Adjustment or impose a one-off fee, if either Party can establish and justify the basis of those charges and fees in accordance with paragraph 4.6 or 4.7 of this Schedule.





PART D CHANGE DISPUTES
13.
Resolution of Change Disputes
13.1
If the Service Provider and Molina cannot agree on any issue relating to a Change Request (a “Change Dispute”), then Clause 74 (Dispute Resolution and Dispute Management) shall apply.
13.2
Without prejudice to paragraph 13.1, if the only matter left to agree in relation to a Change Notice is whether a proposed Charge Adjustment or the imposition of a one-off fee (or a combination of both) is valid or is too high (a “Disputed Proposed Charge”), and:
(a)
the Agreement Change was triggered by a Policy Change or a Regulatory Change; or
(b)
the Agreement Change was not triggered by a Policy Change or a Regulatory Change, but Molina (acting through the Operational Review Board or such person as the Operational Review Board may nominate) issues a letter to the Service Provider stating that Molina, in its reasonable discretion, considers the Agreement Change to be urgent and requesting the Service Provider to proceed with the Change Notice,
the Parties shall, if Molina so requests, execute the Change Notice on a time and materials basis and shall commence the performance of the Change Notice.
13.3
Paragraphs 13.4 to 13.6 shall apply in cases where the Parties execute a Change Notice in the circumstances described in paragraph 13.2.
13.4
In the period of time between:
(a)
the date on which the performance of the work to which the relevant Change Notice relates is properly authorized by Molina (whether by signing the Change Notice or otherwise in writing); and
(b)
the time when the Change Dispute is resolved (either through determination of the Change Dispute or through agreement of the Disputed Proposed Charge),
the Service Provider shall be entitled to charge Molina on a time and materials basis, [redacted], for all work conducted in relation to the performance of its obligations under the Change Notice.
13.5
The final determination or agreement as to the Charge Adjustments or the imposition of a one-off fee (or a combination of both) relating to any Disputed Proposed Charge shall be applicable retrospectively with effect from the date of execution of the Change Notice, and any time and materials charges already paid to the Service Provider shall be deducted from amounts due to the Service Provider under the Change Notice, or, if no Charge Adjustments or imposition of a one-off fee (or a combination of both) are payable, shall be refunded to Molina by means of a credit note against the next month’s Charges.




13.6
Molina may, at any stage during the Change Dispute or following determination of the Change Dispute, terminate the Change Notice and pay the Service Provider for all Services rendered under the Change Notice up to the date of termination at the applicable time and materials charges.

-13-


Appendix 9A    
Template MSA Change Request
[Note: To Follow]






Appendix 9B    
Template Project Change Request
[Note: To Follow]




Appendix 9C    
Sample Change Notice
[Note: To Follow]







APPENDIX 9-A TEMPLATE MSA CHANGE REQUEST





Reference is made to the Master Services Agreement dated [date] and entered into between [Molina MSA Party] (“Molina”) and [Service Provider MSA Party] (“Service Provider”) (the “Agreement”). Unless otherwise defined herein, capitalized terms used in this MSA Change Request shall have the meanings ascribed to them in that Agreement.

PART A – CHANGE REQUEST

Change Request:   CR #:

Date of Change Request Submission:
 
Change Request Title:  

Change Description:  

Change Request Type:

MSA Change

NB: An “MSA Change” means a change to any of the terms of the Agreement, including any of the Schedule or Appendices thereto, or any documents incorporated therein, but does not include any change to (i) any of the Policies (for which, see paragraph 4 of Schedule 9) or (ii) a Project Change (for which, see Appendix 9-B (Project Change Request)).
Requesting Group Contact(s):

Responding Group Contact(s):


Document Purpose:
§    The written means by which authorized persons of Molina and Service Provider initiate an MSA Change.
§    [Describe the nature of requested change]

Request Overview (Complete with as much detail as possible)
Summary of Requested Change
 
Objectives / Goals
 
Agreement Reference(s)
 




Key Drivers
What are the key business objectives or other factors causing the Change Request?
 
Expected Impacts
What are the expected Impacts as a result of this Change Request?
(i.e. Scope, Schedule, Cost, Other)
 
Dependencies
 
Risks

Are there any risks identified?
Of Moving Ahead:

Of NOT Moving Ahead:





PART B – IMPACT ASSESSMENT

Change Request Impact Assessment:  CA #:

NB: To be completed by Service Provider in all cases.
Change Title:  
Change Description:   
Date of CR Impact Assessment Submission:

Impact Assessment Version:

Impact Assessment Prepared By:

 

Document Purpose:



Expected Results:





A. Impact Assessment
Assumptions
 
Background
 
Scope
 
Schedule
 
Service Provider Technical Solution
 
Deliverables
 
Transition Milestones
 
Service Delivery Locations
 
Project Work Order(s) Impacted Upon
 
Molina Policies
 
Service Level Impact?
 
Third Parties
 




A. Impact Assessment
Dependencies on Molina or its Other Service Providers
 
Systems
 
Disaster Recovery and Business Continuity
 
Molina Locations
 
Contract Impacts or Other Reference(s)
 
Risks
 
Charges (on-going)
 
Charges (One-Off Fees)
 
Other matters reasonably considered by Service Provider to be relevant
 



B. Molina Disposition 1
Decision:
[ ] Reject CR   [ ] Withdraw CR   [ ] Initial Change Approval granted
Approval Date:
 
Molina Approver Name:
 
Molina Approver Title:
 
Molina Approver Signature:
 







                                                                 
1 Note: In the event Molina’s disposition is to approve this document as completed, the next step is to begin developing the final form Change Notice as a separate document.






APPENDIX 9-B TEMPLATE PROJECT CHANGE REQUEST




PROJECT CHANGE REQUEST
This Project Change Request amends Project Work Order: [insert PWO Name] (Number: [●]) entered into between [Molina PWO Party] and [Service Provider PWO Party] on [date], pursuant to a Master Services Agreement dated [date] and entered into between [Molina MSA Party] and [Service Provider MSA Party].
Project Change Request Form (For Summary Purposes Only)
Initiation
Project Change Request (Tracker Number)
[PWO No. PCR XX ]
[(Tracker No. according to PCR Tracker)]
Title:
[Insert PWO Name]
Originator:
[Party requesting change]
Sponsor:
[Authorized person requesting change]
Date of Initiation:
[date]
Priority
[High/Medium/Low]
Background and reason for Proposed Change
[High-level background]

Details of Proposed Change
[Provide as much detail as is appropriate]














AMENDED AND RESTATED PROJECT WORK ORDER
PROJECT WORK ORDER

[Attach a draft conformed copy of the Project Work Order, updated to include the changes proposed under this Project Change Request (and all prior Agreement Changes that affect the Project Work Order).]
[●]





APPENDIX 9-C

SAMPLE CHANGE NOTICE









CHANGE NOTICE [NUMBER]

This Change Notice (“Change Notice”) amends Master Services Agreement dated [date] and entered into between [Molina MSA Party] (“Molina”) and [Service Provider MSA Party] (“Service Provider”) (the “Agreement”), as provided below. All terms and conditions of the Agreement not expressly modified herein, shall remain in full force and effect. All capitalized terms shall have the meaning ascribed to them in the Agreement unless otherwise defined herein.

This Change Notice is effective as of [date] (“Change Notice Effective Date”).
1.
[Include details of changes and any relevant attachments (in particular, the approved Change Request to which this Change Notice relates.]
2.
3.

IN WITNESS WHEREOF, the Parties have caused this Change Notice [number] to be executed by their duly authorized representatives as of the day and year signed below.
 

[MOLINA ENTITY].                     [SERVICE PROVIDER ENTITY]

Signature: __________________________          Signature: ____________________________

Name:     ___________________________        Name: ____________________________

Title: ___________________________        Title: ____________________________

Date: ___________________________        Date: ____________________________







SCHEDULE 10
APPROVED SERVICE DELIVERY LOCATIONS






1.
Introduction

This Schedule 10 sets out the Approved Service Delivery Locations.
2.
Approved Service Delivery Locations

Service Bundles
Approved Service Delivery Location
(including address)
Infrastructure
Security
Service Desk & EUC
Infosys Limited

Bengaluru
Offshore Development Center
Plot No. 26A
Electronics City, Hosur Road
Bengaluru​ 560 100, India

Mohali
Infosys Ltd
Level 9 & 10, Landmark Plaza Building
Plot No. A-40A, Industrial Focal Point, Phase VIII
Extension, Industrial Area, SAS Nagar
Mohali, Punjab – 160 059

Molina facilities set forth in Schedule 18

Service Desk
Infosys BPO Limited – Philippines Branch
BGC Corporate Center
#3030 11th Avenue corner 30th Street, 23rd Floor
Bonifacio Global City, Taguig City
Philippines – 1634

Infosys BPM Limited
5F Vector 2 Building,
Northgate Cyberzone,
Alabang, Muntinlupa City,
Philippines 1781

Molina Healthcare Inc.
650 Pine Ave, Long Beach, CA 90802








SCHEDULE 11
APPROVED SUBCONTRACTORS





CONTENTS
Clause
 
Page
1.
Introduction
1
2.
Approved Subcontractors
1




(i)
MOLINA / INFOSYS    CONFIDENTIAL


1.
INTRODUCTION
This Schedule sets forth the Approved Subcontractors for each of the Services listed below.
2.
APPROVED SUBCONTRACTORS
Service
Approved Subcontractor
Hands and feet support
[redacted]

(Molina’s approval of this entity as an Approved Subcontractor is conditioned upon this entity’s passing Molina’s subcontractor review and vetting process before this entity performs any activities under the Agreement)






-1-








SCHEDULE 13
Access to MOLINA FACILITIES

(i)


CONTENTS
Clause
 
Page
1.
Introduction
1
2.
Access to Molina Facilities
1
3.
Change to or Relocation of the Molina FacilitIes
1
4.
Service Provider Use of Molina Facilities
2
5.
Service Provider Personnel Located at Molina Facilities
3
6.
Molina Provided Equipment
3
Appendix 13A
Resources Schedule
5


(i)



1.
INTRODUCTION
1.1
This Schedule sets out the rights and obligations of the Parties in relation to the Molina Facilities.
1.2
In this Schedule, capitalized words and phrases shall have the meanings given to them in Schedule 1 (Definitions and Interpretation) to the Agreement.
2.
ACCESS TO MOLINA FACILITIES
2.1
Molina shall provide the Service Provider at no charge, as is reasonably necessary for the Service Provider to perform the Services, with reasonable access to the Molina Facilities and those resources set out in Appendix 13A (Resources Schedule) to this Schedule.
2.2
Molina shall be responsible for:
(a)
the physical security of the Molina Facilities;
(b)
the environmental and operational planning and monitoring of the Molina Facilities;
(c)
provision of equipment to assist in the installation and decommissioning of equipment, for example, lifting equipment, step ladders and pallet trucks;
(d)
portable appliance testing (PAT testing) of all electrical equipment to ensure it complies with Molina standards; and
(e)
any other facilities or equipment that Molina is required to provide in accordance with the Financial Responsibility Matrix or any other provision of the Agreement.
3.
CHANGE TO OR RELOCATION OF THE MOLINA FACILITIES
3.1
Molina may modify the design, engineering and operating standards relating to the Molina Facilities provided that where any such modifications are made Molina shall:
(a)
provide reasonable notice to the Service Provider of the forthcoming modifications;
(b)
consult with the Service Provider prior to making such modifications to allow the Service Provider to advise of any impact such modifications may have on the Service Provider’s ability to deliver the Services; and
(c)
if the modifications will impact the Service Provider’s ability to deliver the Services or have any material cost impact, initiate an Agreement Change to the Services or the Charges in accordance with the Change Control Process.

– 1 –


3.2
The Service Provider shall not make any improvements or changes involving structural, mechanical or electrical alterations to the Molina Facilities, except as may be permitted in the Agreement, without Molina’s prior written approval. Any improvements to the Molina Facilities shall be the property of Molina.
3.3
Molina may upon reasonable notice direct the Service Provider to relocate to another Molina Facility or another portion of the same Molina Facility and where such a direction is given Molina shall provide the Service Provider with facilities in the new location that are comparable to the facilities provided in the previous location. If such relocation will impact the Service Provider’s ability to deliver the Services or have any material cost impact, Molina shall initiate an Agreement Change to the Services or Charges in accordance with the Change Control Process.
4.
SERVICE PROVIDER USE OF MOLINA FACILITIES
4.1
The Service Provider’s use of the Molina Facilities shall not constitute or create a leasehold interest or any other enduring interest (whether legal or equitable) in the Molina Facilities.
4.2
The Parties acknowledge and agree that in the absence of any license agreement, the Service Provider (and its Subcontractors where relevant) shall have the use of such Molina Facilities as non-exclusive bare licensees and the Service Provider shall (and shall procure that its Subcontractors shall) vacate the same upon the expiry or earlier termination of the Agreement (or later to the extent Molina requests such later date to be the completion of Termination Assistance by the Service Provider).
4.3
The Service Provider shall use the Molina Facilities for the sole and exclusive purpose of performing the Services.
4.4
The Service Provider’s usage of the Molina Facilities shall be in accordance with the Molina Policies and procedures set out in Schedule 14 (Molina Policies).
4.5
The Service Provider shall be responsible for any damage to the Molina Facilities caused by the Service Provider or its employees, agents or Subcontractors, except for normal wear and tear.
4.6
The Service Provider shall comply with any reasonable directions or decisions made and notified to it by Molina in respect of the Molina Facilities.
4.7
The Service Provider shall maintain up-to-date records of its usage of the Molina Facilities and the condition of those parts of the Molina Facilities used by the Service Provider, and shall respond to requests from Molina for such information in a prompt and accurate manner.
4.8
The Service Provider shall not connect any laptops or PCs to the Molina network, other than through a visitor LAN in accordance with Molina terms and conditions of use for that visitor LAN, unless otherwise agreed with Molina.

– 2 –


5.
SERVICE PROVIDER PERSONNEL LOCATED AT MOLINA FACILITIES
5.1
The Service Provider shall provide Molina with a list of its personnel and Subcontractors that require access to any Molina Facility and shall maintain this list and provide updates on a regular basis.
5.2
Molina shall provide the Service Provider with the number of desks as outlined in Appendix 13A (Resources Schedule). The header row indicates the time period from which Molina shall make the desks available. Furthermore, Molina makes no affirmative commitment to the specific buildings or work locations from which it will provide the desks.
5.3
The Service Provider shall comply with Molina additional reasonable rules and regulations communicated in writing to the Service Provider regarding personal and professional conduct whilst at the Molina Facilities.
5.4
Where Service Provider Personnel or a Subcontractor employee fails to comply with procedures and Policies, Molina may request that the Service Provider remove the offender and the Service Provider shall comply with such request as soon as reasonably practicable.
6.
MOLINA PROVIDED EQUIPMENT
6.1
At the Molina Facilities, Molina shall permit Service Provider Personnel access to the internet for the purpose of gaining access to the Service Provider network.


– 3 –



Appendix 13A
Resources Schedule
In relation to this Agreement, Molina shall make work space available to the relevant Service Provider Personnel at each Molina Facility as set out below:
#
Services
Molina Office Location
Track
# of FTEs
1.    
Infrastructure Services
[redacted]
Infra Services
[redacted]
2.    
Infrastructure Services
[redacted]
Datacenter Hands and Feet
[redacted]
3.    
Infrastructure Services
[redacted]
Datacenter Hands and Feet
[redacted]
4.    
Infrastructure Services
[redacted]
DR Management
[redacted]
5.    
End User Services
[redacted]
EUS White Glove
[redacted]
6.    
End User Services
[redacted]
EUS White Glove
[redacted]
7.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
8.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
9.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
10.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
11.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
12.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
13.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]2
14.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
15.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
16.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
17.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
18.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
19.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
20.    
End User Services
[redacted]
EUS - Deskside Support
[redacted]
21.    
Security Services
[redacted]
Security Services
[redacted]



















SCHEDULE 14
MOLINA POLICIES







CONTENTS



Clause
 
Page
1.
Definitions
3
2.
Introduction
3
3.
Molina Policies
3




-2-


1.DEFINITIONS
1.1
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) of this Agreement.
2.INTRODUCTION
2.1
This Schedule:
(a)
describes the global Policies that the Service Provider must adhere to in delivery of all Services undertaken in accordance with this Agreement; and
(b)
describes the key human resources Policies that all Service Provider employees and representatives must adhere to when working at Molina Locations.
2.2
The human resources Policies provided are not an exhaustive list of policies, and all Service Provider Personnel and representatives are expected to follow and adhere to all site specific employment laws and regulations within the country of the Molina Location.
2.3
All Service Provider Personnel or representatives working on a Molina Location for more than five (5) Business Days must attend a site induction. During the site induction the local site policies and procedures will be made clear to the Service Provider Person/representative, who must adhere to these policies and procedures at all times while working at the Molina Location. Attendance of a site induction is also required in order for the Service Provider Person/representative to be issued with an access card to enable them to access the Molina Location.
2.4
If a Molina Policy has a more stringent standard than the equivalent Service Provider policy then the Service Provider shall comply with the Molina Policy. If a Service Provider policy requires a more stringent standard than the Molina Policy then the Service Provider shall apply its own more stringent standards.
2.5
If a Molina Policy is drafted as an internal policy containing instructions for Molina personnel (and is not, or contains sections that are not, drafted to apply to an external service provider), the Service Provider will comply with the intent and spirit of the Molina Policy and shall implement its own processes to achieve the result required by the Molina Policy, provided that result would be apparent to a service provider adopting Good Industry Practice. Without limiting the foregoing, if a Molina Policy sets out specific obligations to apply to external service providers, the Service Provider shall comply with such specific obligations.
3.MOLINA POLICIES
The following global Policies are to be adhered to by the Service Provider at all times. No standards, guidelines, processess, standard operating procedures, working practices and any

-3-


other control documents developed by the Service Provider to support the delivery of the Services may contradict these Policies.
(a)
Business Continuity Policies
Document ID
Name
Version
BCM 11.0
Incident Command System Terms and Definitions
May 2, 2014
BCM 11.0
Business Interruption Incident Management
May 2016
BCM 11.0
Incident Command System References
May 2, 2014

(b)
Data Center Standard Operating Procedures (SOPs)
Document ID
Name
Version
DCTS-SOP-201
Data Center Weekly Walkthrough
3/19/2018
DCTS-SOP-202
Mobile Data Destroyer Drive Destruction Procedure
2/20/2018
DCTS-SOP-203
Drive Erasure Procedure
2/2/2017
DCTS-SOP-205
Exporting Tapes for Iron Mountain Procedure
12/29/2016
DCTS-SOP-206
IT Hardware Requests for Shipment to Molina Sites Procedure
6/22/2018
DCTS-SOP-207
New Mexico Data Centre Receiving Procedure
8/23/2016
DCTS-SOP-208
Proof of Concept (POC) and Leased or Loaned Equipment Requests Procedure
6/21/2018
DCTS-SOP-209
Texas Data Center Receiving Procedure
5/21/2018
DCTS-SOP-210
Request for De-Installation of equipment in Molina Data Center’s [sic]
5/21/2018
DCTS-SOP-211
105 HD Shredder Drive Destruction Procedure
3/19/2018


-4-


(c)
Enterprise Infrastructure Services Policies
Document ID
Name
Version
IS-10.20
Cybersecurity Policy
9/11/17
IS-10.50
Asset Management Policy
12/9/14
IS-50.20
Risk Management
6/2/17
IS-50.33
Software Development Life Cycle
6/30/16
IS-55.30
IT Service Incident Management
3/31/16
IS-56.10
Contingency Planning
3/31/16
IS-60.20
Facility Access Controls
5/30/17
IS-61.10
Workstation Use and Security
3/31/16
IS-61.20
Desktop/Laptop Security Standards
7/20/15
IS-61.50
Server Security
3/1/17
IS-65.00
Software Asset Management
9/1/15
IS-72.10
Data Integrity
3/31/16
IS-73.50
Patch Management Policy
12/11/14
IS-74.00
Firewall Configuration
12/12/14
IS-74.10
Transmission Security
3/31/16
IS-80.10
SharePoint Governance and Standards Policy
7/18/16
IS-80.11
Email Use and Security
3/1/17
IS-80.15
Active Directory Management Policy
3/3/15
IS-80.22
Mobile Devise Use
5/15/15
IS-80.25
Wireless Network Security
12/15/14
IS-80.30
Data Backup and Recovery Policy
3/1/17
IS-80.35
Database Security Policy
3/11/16
IS-80.51
Removable Media
3/31/16
IS-80.65
Media Reuse and Disposal
3/31/16


-5-


(d)
HIPAA Policies
Document ID
Name
Version
HP-35
HIPAA TRANSACTIONS COMPLIANCE
03/01/18
HP-36
HIPAA CODE SETS COMPLIANCE
03/01/18
HP-43
PHYSICAL SECURITY
11/06/ 17
MHI HP-50
PRIVACY & SECURITY COUNCIL CHARTER
10/05/17
HP-23
USES & DISCLOSURES OF PROTECTED HEALTH INFORMATION (PHI) AND/OR PERSONALLY IDENTIFIABLE INFORMATION (Pil): MINIMUM NECESSARY
9/12/17

(e)
Incident Policies
Document ID
Name
Version
NA
MIT Incident Management Prioritization Quick Reference
v1.3 June 2015
NA
MIT Major Incident Process
Version 2.0, Revised October 30, 2015

(f)
Service Management Policies
Document ID
Name
Version
IS-50.30
Change Management
1/27/2016
IS-50.31
Configuration Management Policy
12/16/16
IS-50.32
Release and Deployment Management
12/14/16
IS-50.35
Problem Management Policy
11/21/2016
IS-50.55
Request Fulfillment Management Policy
12/16/16
IS-58.10
IT Strategic Sourcing and Staffing Policy
June 24th, 2016
IS-81.00
Cloud Security
7 /22/16


-6-


(g)
Other Policies
Document ID
Name
Version
AD-03
Document Retention and Destruction Policy
10/27/2010
NA
Cloud Application Standards
1/5/2017
NA
IT Compliance Considerations
NA
NA
Information Security Incident Response Plan
Version 1.5
NA
Molina HealthCare Applied Cryptography Guidelines
Version 0.1
1.1
OIG/GSA Exclusion List Reporting
August 11, 2017
 
PE Executive Support
3/2/2018
FAC.DC0.001
Physical Security and Access - Data Center and Equipment Rooms
10/13/14
 
SOX 307 Reporting Up Policy
10/23/2010
CC-19
Anti-Bribery and Anti-Money Laundering Policy
March 5, 2015




-7-
MOLINA/ INFOSYS    CONFIDENTIAL





















SCHEDULE 15
HR MATTERS AND KEY PERSONNEL

(i)
MOLINA/ INFOSYS    CONFIDENTIAL


CONTENTS
Paragraph
Page
1
Definitions and Interpretation
- 2 -
2
General Provisions
- 2 -
3
Pre-Commencement Date Work-Shadowing
- 3 -
4
Designated Employee Hiring Requirements
- 3 -
5
Designated Employee Transition Process
- 3 -
6
Employment of Transitioned Employees
- 4 -
7
Key Personnel
- 6 -
8
Service Provider Personnel
- 8 -
9
Status, Responsibility and Authorization
- 10 -
10
Incentives
- 10 -
11
Employee Records
- 11 -
12
Continuity of Service Provider Personnel
- 11 -
13
Assignment of MOLINA Staff
- 11 -
14
Service Provider Assistance
- 12 -
15
Liability and Indemnification
- 12 -
Appendix A Key Personnel
- 14 -





(i)


1.DEFINITIONS AND INTERPRETATION
1.1
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) to the Agreement.
1.2
The following defined terms used in this Schedule shall have the meanings specified below:
(a)
Molina Disability” shall have the meaning set forth in Paragraph 4.1.
(b)
Molina Leave of Absence” shall have the meaning set forth in Paragraph 4.1.
(c)
Molina Net Credited Service” shall mean a Designated Employee’s total years of service with Molina, commencing with his/her date of hire and ending on his/her last date of employment with Molina, as may be adjusted for any breaks in service.
(d)
Designated Molina Employees” shall mean the employees identified by Molina on Appendix A.
(e)
Service Provider Benefit Plans” shall have the meaning set forth in Paragraph 6.3.
(f)
Service Provider Employment Date” shall mean the date on which each Transitioned Employee begins his/her employment with Service Provider, which date shall be on the Effective Date, except for any employee who is on a Molina Leave of Absence or Molina Disability on the Effective Date, in which case employment with Service Provider shall begin on the first Business Day following his/her return to active service with Molina at the end of such Molina Leave of Absence or Molina Disability; provided that in special circumstances any other Transitioned Employee may begin his/her employment with Service Provider on such date after the Effective Date as Molina and Service Provider may mutually agree.
(g)
Transitioned Employee” shall mean a Designated Employee who timely accepts Service Provider’s offer of employment and commences employment with Service Provider in accordance with Paragraph 5.
2.GENERAL PROVISIONS
2.1
This Schedule describes the responsibilities of Molina and the Service Provider in relation to personnel at and before the relevant Service Commencement Dates, during the Term and on the termination, partial termination or reduction of any Services. Certain additional obligations in relation to personnel are set out in the Exit Plan.
2.2
Unless explicitly mentioned otherwise, where in this Schedule or in the Exit Plan, Molina is given a right (and that right shall also be given to any Successor Supplier), Molina or the Successor Supplier shall be entitled to exercise that right.
2.3
Unless explicitly mentioned otherwise, where in this Schedule or in the Exit Plan, Molina has an obligation to fulfill, that obligation may be fulfilled by either Molina or a Successor Supplier.

2


2.4
An obligation of the Service Provider in this Schedule or in the Exit Plan shall be construed to mean that the Service Provider must perform that obligation itself and must ensure that each and every Subcontractor performs that obligation to the extent that it is relevant.
3.PRE-COMMENCEMENT DATE WORK-SHADOWING
3.1
At Service Provider’s request, prior to the relevant Service Commencement Date, the Service Provider may assign an agreed number of its employees, to be agreed with Molina, to “work-shadow” Molina’s employees in order to understand Molina’s business operations and to facilitate such transfer of knowledge and skills as will assist the Service Provider in providing the Services, provided that the Service Provider shall ensure that its assigned employees do not interfere with, hinder or restrict Molina’s business operations and that the assigned employees will comply with all Molina’s policies and procedures (as disclosed to the Service Provider or its personnel) while on Molina’s premises. Any such assigned employees shall at all times remain employees of the Service Provider and will be subject to the management and directions of the Service Provider during the period of the assignment.
4.DESIGNATED EMPLOYEE HIRING REQUIREMENTS
4.1
Subject to the terms and conditions set forth in this Schedule, Service Provider shall extend offers of employment to all Designated Employees on Appendix A, regardless of whether any such Designated Employee is on an approved leave of absence as determined under any of Molina’s leave of absence policies (“Molina Leave of Absence”) or receiving benefits from Molina’s Short-Term Disability Benefit Plan (“Molina Disability”).
5.DESIGNATED EMPLOYEE TRANSITION PROCESS
5.1
The process by which the Designated Employees shall become Transitioned Employees is as follows:
(a)
As agreed to between Molina and Service Provider, Service Provider shall provide all Designated Employees with a general introduction package that has been reviewed by Molina and that shall include information regarding non-individualized terms and conditions of Service Provider’s offer of employment and information regarding Service Provider, its general management values, policies and practices and its performance standards and business conduct requirements. Thereafter, Molina shall provide Service Provider with access to the Designated Employees for group informational meetings at such dates, times and frequency as Molina, in its sole discretion, may determine to be appropriate. Prior to any such meetings, the Parties shall work together to agree upon guidelines for the meetings.
(b)
[redacted].
(c)
[redacted].

(d)
[redacted].
(e)
[redacted].
(f)
[redacted].

-3-


(g)
Each Designated Employee who timely accepts Service Provider’s offer of employment shall become a Transitioned Employee and shall commence employment with Service Provider on the Effective Date, which shall be his/her Service Provider Employment Date; provided, however, that (i) any Designated Employee who is on a Molina Leave of Absence or Molina Disability shall commence employment with Service Provider immediately following returning to work; (ii) Service Provider shall not be required to employ any such Designated Employee who does not return to work within twelve (12) months of the Effective Date, and (iii) Service Provider will use commercially reasonable efforts to obtain the transfer any H1-B visa held by a Designated Employee to Service Provider’s sponsorship.
(h)
Service Provider shall immediately inform Molina when any Designated Employee declines an offer of employment.
6.EMPLOYMENT OF TRANSITIONED EMPLOYEES
6.1
Service Provider shall not terminate any Transitioned Employee during the first [redacted] of his/her employment with Service Provider; provided, however, that Service Provider may terminate the employment of any Transitioned Employee for Cause (as that term is defined in Service Provider’s policies, practices and procedures; and provided, further, that all decisions regarding the termination of any Transitioned Employee shall be the sole responsibility of Service Provider.
6.2
For a period of no less than [redacted] following each Transitioned Employee’s Service Provider Employment Date, such Transitioned Employee shall be]:
(a)
[redacted];
(b)
[redacted];
(c)
assigned to perform job responsibilities with Service Provider that are substantially similar job responsibilities assigned to the Transitioned Employee at Molina immediately prior to the Effective Date, unless mutually agreed upon between the Transitioned Employee, Molina and Service Provider; and
(d)
permitted to work at the same work location as with Molina immediately prior to the Effective Date (including working remotely if there is no Molina location nearby) during the time the Transferred Employee is assigned to the Molina account.
6.3
[redacted]:
(a)
[redacted];
(b)
[redacted]
(c)
    [redacted].
6.4
[redacted].
6.5
Without limiting the obligations in Paragraph 6.2, any Transitioned Employee whose employment is terminated by Service Provider in the first [redacted] of his/her employment

-4-


with Service Provider, not for cause, shall be paid severance by Service Provider that is the greater of the severance payment calculated under, (a) Molina’s severance plan or policy and a formula providing for base salary payments of four months for AVPs and Directors, three months for Managers and Supervisors and two months for all other positions, and (b) the applicable Service Provider severance plan or policy maintained by Service Provider; provided, however, that no Transferred Employee whose employment is terminated by Service Provider shall receive severance from Service Provider unless and until Service Provider obtains from such Transferred Employee a general release that includes as a releasee any “Predecessor Employer,” and that term is defined within the general release generically in a manner that would reasonably be construed to include Molina. Severance for any Transferred Employee whose employment is terminated after the first [redacted] for a reason that qualifies him or her for severance under a Service Provider severance plan or policy that shall be calculated by recognizing both the Transferred Employee’s Molina Net Credited Service and his/her service with Service Provider.
7.KEY PERSONNEL
7.1
The Service Provider shall ensure that each Key Service Provider Position is occupied by suitably qualified Service Provider Personnel, which may include Transitioned Employees, in accordance with this Paragraph 7 during the entire term of the Agreement, unless the written consent of Molina is first obtained or the Parties agree that such Key Service Provider Position is no longer required for the provision of the Services. 1 The designation of any Key Service Provider Position in addition to those set forth in Appendix A shall require agreement of the Parties.
7.2
Each Key Person shall be dedicated on a fulltime basis to the provision of the Services for the period set forth in Appendix A.
7.3
If any present or former Key Person breaches his/her confidentiality obligations entered into pursuant to Paragraph 8.2 below, then the Service Provider shall take steps so as to prevent any future breach of such obligations, including reviewing the processes to protect confidentiality information and/or removing the Key Person from his/her position, if still so engaged.
7.4
Paragraph 7.3 and any confidentiality agreement entered into pursuant to Paragraph 8.2 are without prejudice to the Service Provider’s obligations of confidentiality under the Agreement and at law.
7.5
Service Provider shall ensure that no Key Person is removed from his/her specified role in the performance of the Service Provider’s obligations under the Agreement for the duration of his/her designation as a Key Person unless:
(a)
he/she resigns as an employee of the Service Provider or any relevant Subcontractor; or
(b)
he/she dies; or

                                         
1 Note: Key Person designation already addressed in MSA and Schedule 1.

-5-


(c)
he/she has become incapable of performing the essential functions of his/her position through illness or incapacity, or he/she is unavailable, due to family or medical leave or other leave which the Service Provider is legally obliged to provide, in each instance where such incapacity or unavailability lasts, or has been certified as being expected to last, for a consecutive period of more than 20 Business Days, and in such instance the removal shall be temporary, for the duration of the absence; or
(d)
    he/she has committed any act or omission with respect to which appropriate disciplinary action is to remove the Key Person from his/her specified role; or
(e)
Molina requests a replacement pursuant to Paragraph 7.9; or
(f)
the prior written consent of Molina is first obtained.
7.6
Before removing any Key Person in accordance with Paragraph 7.5 or appointing any person to a Key Service Provider Position, the Service Provider shall:
(a)
notify Molina of the proposed removal or appointment;
(b)
in the case of an appointment, provide Molina with a curriculum vitae of the proposed candidate and discuss the position with Molina and permit Molina, on request, to meet the proposed candidate; and
(c)
to the extent that it is lawfully able to do so, provide Molina with such information as Molina requests in relation to the proposed removal or appointment.
7.7
No person shall be appointed to a Key Service Provider Position without Molina’s prior written approval.
7.8
If a Key Person is to be replaced, the Service Provider shall ensure that a replacement who is acceptable to Molina is appointed as soon as practicable, that there is a handover period that is reasonable in the circumstances and that any adverse effects of the change of personnel on the performance of the Service Provider’s obligations under the Agreement or on Molina’s businesses are minimized. The Service Provider shall be responsible for all costs relating to such handover.
7.9
Molina may request that the Service Provider replace any Key Person if:
(a)
the Key Person has become incapable of performing the essential functions of his/her position through illness or incapacity, or he/she is unavailable, due to family or medical leave or other leave which the Service Provider is legally obligated to provide, in each instance where such incapacity or unavailability lasts, or has been certified as being expected to last, for a consecutive period of more than 20 Business Days, and in such instance the replacement shall be temporary, for the duration of the absence; or
(b)
the Key Person’s performance or conduct is, in Molina’s reasonable opinion, unsatisfactory or prejudicial to the working relationship between the Parties and the Services being provided, provided that:
(i)
before making any such request Molina has consulted with the Service Provider, and the Service Provider and/or the Key Person did not remedy

-6-


any unsatisfactory performance and/or conduct within thirty (30) days after Molina’s notice pursuant to this Paragraph 7.9(b); and
(ii)
the proviso in this Paragraph 7.9 shall not apply if Molina has previously provided notice of any concerns relating to the Key Person in accordance with Paragraph 7.9(b)(i).
7.10
The Service Provider shall replace the Key Person as soon as reasonably practicable after conclusion of the processes set forth in Paragraph 7.9 and, in any event, no later than two (2) months after such notice, or within such longer period as is reasonably necessary as a result of circumstances which are beyond the reasonable control of the Service Provider. The replacement of a Key Person under this Paragraph 7.10 shall be carried out in accordance with the provisions of Paragraph 7.6 above.
7.11
If a Key Person is unavailable or unable to respond to the needs of his/her position for a significant period, and Molina so requests, the Service Provider shall promptly nominate an alternate. The alternate shall have all the authority of the relevant Key Person for so long as the Key Person remains unavailable or unable to respond, and Molina may require the replacement of the alternate in accordance with this Paragraph 7.
7.12
Molina may, by written notice to the Service Provider, request Service Provider to designate new or alternative Key Service Provider Positions, and such new or alternate Key Service Provider Positions will be agreed via the Change Control Process.
7.13
The Service Provider shall defend, indemnify, keep indemnified and hold harmless Molina and any Molina Company from any employment related liability arising from any withdrawal or removal of Key Personnel (including any associated termination of employment) pursuant to this Paragraph 7, except to the extent such liability results from any unlawful act or omission of Molina.
8.SERVICE PROVIDER PERSONNEL
8.1
The Service Provider shall ensure that Service Provider Personnel:
(a)
have all the skills, experience, training, knowledge and linguistic fluency requisite to carry out the tasks allocated to them;
(b)
are trained in connection with the provision of the Services in accordance with market standards and any particular and reasonable Molina requirements provided to the Service Provider;
(c)
comply with any reasonable directions or decisions provided by Molina which are consistent with the Service Provider’s obligations under the Agreement; and
(d)
have the appropriate work authorizations in accordance with Applicable Law; and
(e)
while performing the Services, comply with professional standards of behavior and with Molina’s policies regarding personal and professional conduct, safety and security and any other policies and procedures as have from time to time been provided to the Service Provider or the relevant Subcontractor (including the Policies).

-7-


8.2
The Service Provider shall, subject to Applicable Law, ensure that the Service Provider Personnel:
(a)
enter into, or have already entered into, a confidentiality agreement with the Service Provider obligating the Service Provider Personnel to comply with confidentiality obligations which cover the confidentiality obligations in the Agreement; and
(b)
cooperate constructively with Molina or Molina personnel and third party personnel with whom they come into contact in the course of the provision of the Services.
8.3
If any of the Service Provider Personnel, in the reasonable opinion of Molina, do not at any time meet any of the requirements in Paragraphs 8.1 or 8.2, Molina shall so notify the Service Provider, and the Service Provider shall immediately review the matter and consult with Molina on its proposals to address Molina’s concerns. Following this review and consultation and, in any event, within ten (10) Business Days after the notification is received, if Molina is not reasonably satisfied, Molina may require the Service Provider to, and the Service Provider shall, remove the relevant Service Provider Personnel from the performance of the Services. The requirement to remove such an individual shall not excuse the Service Provider from any obligation of the Service Provider contained in the Agreement.
8.4
In order to protect Molina’s confidential and other proprietary information, the Key Service Provider Personnel shall not be assigned to or involved with the business or prospective business of any Molina Competitor while he/she is involved in the provision of the Services or for the twelve (12) months after his/her involvement with the Services ceases.
8.5
The Service Provider shall defend, indemnify, keep indemnified and hold harmless Molina from any employment related liability arising from any withdrawal or removal of Service Provider Personnel (including any associated termination of employment) pursuant to this Paragraph 8 except to the extent such liability results from any unlawful act or omission of Molina (including direction by Molina to act in an unlawful manner).
8.6
The Service Provider certifies that it is not named on the Specially Designated National (“SDN”) list maintained by the US Office of Foreign Assets Control and shall ensure that none of the Service Provider Personnel:
(a)
is named on the SDN list or on the United States Denied/Restricted Party List (“DRPL”) maintained by the US Department of Commerce; or
(b)
is considered a national of any country under US embargo or anti-terrorism export controls.
8.7
The Service Provider shall ensure that the Service Provider Personnel are appropriately vetted, including criminal and other background checks to the extent permitted by Applicable Law, and that no individual who does not meet the standards required by this Schedule or the Agreement is involved in the provision of the Services. Vetting shall be considered appropriate if they meet the Service Provider’s and market standards for the role in question together with any specific requirements provided to the Service Provider in writing by Molina.
8.8
The Service Provider shall comply with all relevant employment, labor, immigration and work permit laws and regulations in respect of the Service Provider Personnel.

-8-


8.9
The Service Provider shall be and remain liable for all amounts due to or in respect of the Service Provider Personnel, including but not limited to salary and other emoluments, benefits, payroll taxes, and social security payments, subject to Molina’s obligations in Paragraph 15.
8.10
Without limiting any other provisions of this Schedule, and if and to the extent applicable, Service Provider shall comply with United States Department of Labor regulations regarding:
(a)
equal employment opportunity obligations of government contractors and subcontractors;
(b)
employment by government contractors of Vietnam-era and disabled veterans;
(c)
employment of disabled persons by government contractors and subcontractors;
(d)
developing written affirmative action programs;
(e)
certifying no segregated facilities;
(f)
filing annual EEO-1 reports;
(g)
utilizing minority-owned and female-owned business concerns; and
(h)
any successor regulations thereto which are incorporated by reference herein.
9.STATUS, RESPONSIBILITY AND AUTHORIZATION
9.1
No Service Provider Personnel shall become employed by, or be deemed to be employed by any member of the Molina Group (before the termination, partial termination or reduction of the relevant Services) as a consequence of the provision of the Services (unless the Parties and the individual otherwise expressly agree in writing), and the Service Provider shall defend, indemnify, keep indemnified and hold harmless Molina and each Molina Company against all costs, losses and expenses arising out of or relating to any claim by any Service Provider Personnel that he/she has become an employee of Molina or any Molina Company or subcontractor of either, unless (a) he/she has become an employee of Molina or any Molina Company or subcontractor of either as a result of an offer of employment by Molina, a Molina Company or subcontractor of either, or (b) such liability results from any unlawful act or omission of Molina.
9.2
All Service Provider Personnel shall be deemed expressly authorized by the Service Provider to perform the Services, and all Key Persons shall be deemed expressly authorized by the Service Provider to communicate with Molina regarding the Services.
10.INCENTIVES
10.1
The Service Provider shall encourage and incentivize the Service Provider Personnel by appropriate means to maximize:
(a)
the quality and efficiency (for the benefit of Molina) with which the Services are delivered; and

-9-


(b)
Molina’s satisfaction with the Services.
10.2
In relation to any incentive scheme or arrangement affecting one or more Key Persons, the Service Provider will give Molina an opportunity to provide input with respect to the performance targets of such Key Persons, and the Service Provider shall consider such input for such targets. The provisions of this Paragraph 10.2 are without prejudice to the generality of Paragraph 10.1 above.
11.EMPLOYEE RECORDS
11.1
The Service Provider shall maintain comprehensive, accurate and up-to-date employee records in relation to the Service Provider Personnel, including training records, roles performed and numbers of Service Provider Personnel and staff structure, which shall, subject to Applicable Laws, be available for inspection by Molina.
11.2
Without limiting Paragraph 11.1 above, the Service Provider shall maintain an up to date list of all Service Provider Personnel working on any Molina premises (for any length of time), listing, where relevant, immigration authorization and work permit status. This list will be provided to Molina within five (5) Business Days of any request.
12.CONTINUITY OF SERVICE PROVIDER PERSONNEL
12.1
The Service Provider shall make all reasonable efforts to maintain continuity in relation to Service Provider Personnel.
12.2
The Service Provider shall provide a quarterly report on the Service Provider Personnel turnover rate. If Molina notifies the Service Provider in writing that the turnover is not in line with Good Industry Practice, the Parties will meet to discuss the impact of the turnover rate on the provision of the Services, and the Service Provider shall, as soon as practicable or, in any event, within ten (10) Business Days, submit to Molina a proposal for reducing the turnover rate, to be discussed and agreed with Molina. Once agreed, the Service Provider will implement the proposal as soon as practicable.
13.ASSIGNMENT OF MOLINA STAFF
13.1
Any Molina employees will at all times remain employees of Molina and will be subject to the management and directions of Molina during the period of assignment.
13.2
Molina shall ensure that its assigned employees do not interfere with, hinder, restrict or prevent the Service Provider from meeting its obligations under the Agreement and that they comply with all Service Provider policies and procedures, as notified from time to time, while on Service Provider premises.
13.3
Prior to the expiry or termination of the Agreement, or the termination or partial termination of any Services (or where any such an event is reasonably likely to occur), the Service Provider will allow Molina or a Successor Supplier to assign an agreed number of their employees to the Service Provider in order to work-shadow the Service Provider Personnel to facilitate such transfer of knowledge and skills in relation to the Services as Molina shall consider to be necessary. Access by Successor Supplier personnel to Service Provider’s premises or systems may be conditioned on the Successor Supplier executing a suitable confidentiality agreement.

-10-


14.SERVICE PROVIDER ASSISTANCE
14.1
At Molina’s reasonable request, the Service Provider shall make available to Molina or a Successor Supplier for the continued support of the Services any Service Provider Personnel who do not transfer to Molina or a Successor Supplier for any reason, on a full or part time basis, as appropriate, for an agreed period following termination of the relevant part of the Services (or as otherwise required by Molina) in order to facilitate such transfer of knowledge and skills in relation to providing the Services to Molina’s or a Successor Supplier’s personnel, as shall be necessary to ensure, to Molina’s satisfaction, uninterrupted continuity in the provision of the Services. The Service Provider shall be entitled to charge for such continued support in accordance with the principles described in Schedule 8 (Termination Assistance and Exit).
15.LIABILITY AND INDEMNIFICATION
15.1
Molina shall assume liability for all claims asserted by or on behalf of any Designated Employees arising out of their employment with Molina prior to their Service Provider Employment Date, including any termination of employment by Molina, and the Service Provider shall assume liability for all claims asserted by any Transitioned Employees arising out of their employment with or termination of employment from the Service Provider.
15.2
The Service Provider shall be fully responsible for and, unless prohibited by Applicable Law, shall defend, indemnify, keep indemnified and hold harmless Molina and each Molina Company against (a) all losses arising out of or relating to any claim or liability for any labor, employment or immigration related claim or any claim based on worker status brought against Molina or any Molina Company or any Molina subcontractor arising out of or in connection with any Service Provider Personnel, and (b) all costs, claims and liabilities arising out of or in relation to any of the foregoing (including costs and expenses, reasonable attorneys’ fees and expenses), including with respect to any:
(a)
alleged violation of federal, state, local, international or other laws or regulations or any common law protecting persons or members of a protected class or category, including without limitation laws or regulations prohibiting discrimination or harassment on the basis of a protected characteristic,
(b)
alleged work-related injury, illness or death, except as may be covered by the Service Provider’s workers’ compensation plans,
(c)
claim for payment of wages, or
(d)
claim accrued employee pension or welfare benefits, except to the extent such claim arises in connection with a pension or benefit of a Transitioned Employee arising prior to the Service Provider Employment Date.
except to the extent such losses, costs, claims or liability results from any unlawful act or omission of Molina.
15.3
Molina shall indemnify and hold the Service Provider harmless, to the fullest extent permitted by applicable law, against any liability or expenses (including reasonable attorneys’ fees and expenses) incurred or suffered by the Service Provider as a consequence of the Service Provider’s being made a party or being threatened to be made a party to any action, suit or proceeding commenced by or on behalf of any Designated Employee arising out of or relating

-11-


to any act or omission by Molina or any employee or agent of Molina prior to the Effective Date with respect to any:
(a)
alleged violation of federal, state, local, international or other laws or regulations or any common law protecting persons or members of a protected class or category, including without limitation laws or regulations prohibiting discrimination or harassment on the basis of a protected characteristic,
(b)
alleged work-related injury, illness or death, except as may be covered by Molina’s workers’ compensation plan,
(c)
claim for payment of wages, or
(d)
claim for accrued employee pension or welfare benefit obligations;
except to the extent such losses, costs, claims or liability results from any unlawful act or omission of the Service Provider.
15.4
The provisions of this Paragraph 15 shall be in addition to any similar provisions contained in the Agreement and in other sections of this Schedule, and in the event of a conflict, the specific provision shall control over the general provision. The Parties shall follow the procedures set forth in the Agreement with respect to any claim for indemnification.
15.5
Each Party’s indemnity obligations arising pursuant to this Paragraph 15 shall not be subject to, and shall not accrue against, any limitation of liability set out in the Agreement.



-12-


Appendix A
Key Personnel
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
 
[redacted]
 
 
 
[redacted]
 
[redacted]
[redacted]
 
 
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
 
 
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
 
 
[redacted]
[redacted]
 



-13-














SCHEDULE 16
DEPENDENCIES




CONTENTS
Clause
 
Page
1.
Definitions
3
2.
Introduction
3


-2-


1.
DEFINITIONS
1.1
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) of this Agreement.
2.
INTRODUCTION
2.1
This Schedule sets out the Molina Responsibilities and the date by which the Service Provider requires them to be completed.


– 3 –


Reference
Molina Responsibility
Due Date
DP1

Molina to provide access to all updated Inventories / CMDB / Asset Database (registers), Design Diagrams, Architecture Diagrams, Runbooks, Operating Manual, Operations policies and standards, Risk and Issues documents, Capacity Reporting methodology and reports, Vulnerability reports, CDC known error database, patching status reports, SLA/KRA/KPI Reporting, Quality check, 3rd Party contact information, 3rd Party contract details, required software tools and existing call / Service Desk ticket monitoring parameters that are required to perform the scope the services. IT inventories across Service Towers are aligned to the RU counts in the pricing sheet. Infosys would validate actual RU counts by the end of transition.
The start date for Transition as set out in the Detailed Transition Plan
DP2
Ensure that it has RTU (right to use) for the Service Provider to use the following Software in connection with the Service Provider’s provision of the Services: Tools as set out in Appendix 6-D to Schedule 6.
45 days after the Effective Date
[redacted]
[redacted]
[redacted]
DP4
Molina’s existing toll-free numbers will be leveraged for in-scope voice requirements (for general and VIP callers)
Final Go Live Date
[redacted]
[redacted]
[redacted]
DP6
Molina will provision required number of licenses for Service Provider Personnel, in a number subject to Molina’s approval, to have access to ServiceNow (Access required - Fulfiller users, Planner Users, Worker User, Software Asset Management, Discovery), in each case as set out in the Detailed Transition Plan
The start date for Transition as set out in the Detailed Transition Plan
DP7
Molina will provide adequate seating facility to Service Provider Personnel onsite at Molina’s office locations, in a number subject to Molina’s approval, along with a Molina-imaged PC
Final Go Live Date
DP8
Molina will provide the applicable Service Provider Personnel, in a number subject to Molina’s approval, access to the applicable Molina offices where such individual performs the Services
The start date for Transition as set out in the Detailed Transition Plan
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

-4-


DP13
    Molina will allow the use of collaboration tools like WebEx to conduct knowledge transfer sessions to transition team working from India delivery centers. All KT and some shadowing sessions will need to be recorded for later review. The recordings will be considered Molina property.
     All backlog tickets carried forward from the current team into steady state will be excluded from SLA computation.
 
DP14
Molina will assign technical resources to work with Infosys in order to set up remote connectivity with Infosys Bangalore/Chandigarh/Manila Offices.
One week before the start date for Transition as set out in the Detailed Transition Plan
DP15
    Molina to share the resource onboarding pre-requisite/process 10 business days before the start of the transition.
    Molina to ensure Infosys designated resources are on-boarded in an expedited manner
    Molina to provide VDI/Virtual Desktop/RSA/Remote Login capability to the On boarded resources
    Infosys will provide complete list of resource names along with roles and location 10 days in advance to ensure proper onboarding during steady state
    Infosys to ensure proper device availability for all resources offshore to meet Molina requirements as defined (Desktop, Laptops, Phones etc.,) before the resources are onboarded
The start date for Transition as set out in the Detailed Transition Plan
DP16
Approve draft transition plan, schedule and SME availability before the transition is commenced.
One week before the start date for Transition as set out in the Detailed Transition Plan

-5-


DP17
Share the details of the Molina SME’s for each track and confirm the availability as per the KT Plan shared by Infosys. Infosys to share details of Infosys resources who will be participating in the KT sessions one day after contract signature

One week before the start date for Transition as set out in the Detailed Transition Plan
DP18
Molina to share details and ensure that there are adequate Underpinning Contracts/support arrangements with the OEM and Third party vendors (eg Microsoft, Oracle , IBM, ServiceNow, Cisco, etc ) where there is an interdependency of services and deliverables.
During Transition Phase
DP19
Timely feedback (As per the transition plan) of Molina on the Infosys queries/deliverables/escalations during the overall Transition phase
During Transition Phase
DP20
Timely approvals during ARC/security council to bring in Infosys recommended tools IIMSS, ESM café and Cyber Gaze into Molina environment
Molina will provide required infrastructure for installation of Infosys recommended tools (IIMSS, ESM café and Cyber Gaze) in Dev, QA and Production environment
The start date for Transition as set out in the Detailed Transition Plan
DP21
Provide access to Molina facilities, depots and logistic service providers
The start date for Transition as set out in the Detailed Transition Plan
DP22
Molina will ensure that every dispatch site is made accessible to the named and verified Infosys dispatch engineer along with a site contact
The start date for Transition as set out in the Detailed Transition Plan
DP23
During transition, Molina will be the single point of contact for any communication and will mediate on any issues or conflicts with any third party vendors.
During KT Phase
DP24
Third party contact information will be provided to Infosys team during KT phase. For e.g. WAN Link provider information, Third party asset disposal services etc
During KT Phase
DP25
All in-flight Infra projects will be assessed by Infosys as part of the transition and an approach for assisting in in-flights and taking over support as per the Statement of Work will mutually agree to by Infosys and Molina.
During KT Phase
[redacted]
[redacted]
[redacted]
DP27
Any other dependencies expressly set out in the Agreement as a responsibility of Molina e.g FRMor SOWs.
During Transition and Steady State

-6-


DP28
Molina will complete 50% of DR migration to Azure (based on # of VMs, storage and back-up) and the remaining work will be completed by Infosys.

Transition to steady state complete
DP29
    Infosys and Molina to provide organization holiday calendar before transition, to put the transition plan accordingly
    Molina to provide vacation calendar/details of the Molina SMEs participating in KT sessions. The details to be provided before the transition commencement date, for transition planning
The start date for Transition as set out in the Detailed Transition Plan
DP30
Molina will assign SME(s) to provide requirements to build Business Service Assurance (BSA) use-cases during IIMSS implementation phase. The SME also will be responsible to get necessary approvals from Molina team (IT/Business) to enable IIMSS team build necessary interfaces, access to required tools and data. Molina will provide the priority of the applications that needs to be covered under BSA. Infosys IIMSS team will build BSA for 4 critical applications.
During steady state
DP31
Molina will provide OEM/third party support for End Of Life (EOL) hardware and software configuration items. This would be finalized during the Transition.

Transition to steady state complete



-7-















SCHEDULE 17
MUTUAL ASSISTANCE AND COOPERATION





CONTENTS

Clause
 
Page
1.
Definitions
1
2.
Introduction
1
3.
Mutual Assistance
1
4.
Operational Level Agreements
5


(i)



1.DEFINITIONS
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) to this Agreement.
2.INTRODUCTION
2.1
This Schedule deals with the interaction between the Service Provider and the Other Service Providers.
2.2
Nothing in this Schedule relieves the Service Provider of any of its obligations under this Agreement or any Project Work Order, or requires any Other Service Provider to perform any of the Service Provider’s obligations under this Agreement or any Project Work Order.
2.3
The Service Provider shall enter into an Agreed Form Non-Disclosure Agreement with the Other Service Providers where requested to do so by Molina to facilitate the performance of its obligations under this Schedule.
3.MUTUAL ASSISTANCE
3.1
The Service Provider shall provide Molina and each Other Service Provider with reasonable cooperation and assistance as requested by each such party.
3.2
In particular, the Service Provider shall provide reasonable cooperation to each Other Service Provider in relation to the following matters (in each case, in so far as the matters set out below are relevant to the Services or any Deliverables, or to Systems, Software or services that relate to the Services or any Deliverables):
(a)
change management and in particular any relevant change control process;
(b)
problem management;
(c)
service desk management;
(d)
business continuity, technology refresh and disaster recovery planning;
(e)
security of Molina Data, Applications and Systems (including Intellectual Property Rights);
(f)
transfer and migration of Molina Data;
(g)
data recovery and back–up procedures;

-1-


(h)
operation and execution of production control and job schedules;
(i)
database administration;
(j)
configuration management;
(k)
any handover processes;
(l)
crisis management and escalation management;
(m)
project management; and
(n)
security of Service Provider Data and Systems (including Intellectual Property Rights therein).
3.3
In addition to the general obligations set out in paragraphs 3.1 and 3.2, the Service Provider shall:
(a)
provide all the Other Service Providers with:
(i)
the Service Provider’s roles and accountabilities for its delivery of the Services, including organization charts, operating models and contact details, in particular to ensure that contact points and interfaces are understood;
(ii)
reasonable knowledge transfer about Deliverables that have been developed by the Service Provider, and about the Services and the Systems supported or managed by the Service Provider under this Agreement, including difficulties and issues the Other Service Provider may encounter in working with those Deliverables, Services and Systems;
(iii)
such information regarding the operating environment, system constraints and other operating parameters applicable to the Deliverables and the Services and the Systems supported or managed by the Service Provider under this Agreement as a service provider with reasonable technical skills and expertise would find reasonably necessary in order to perform its work; and
(iv)
such information as is necessary to assist the Other Service Providers with interoperation of its services with the Deliverables and the Services and the Systems supported or managed by the Service Provider under this Agreement,
(b)
provide cooperation, support, information and assistance to the Other Service Providers in a proactive, transparent and open way and in a spirit of trust and mutual confidence;

-2-


(c)
where possible, work with the Other Service Providers to prepare, and then deliver services according to, a single, consolidated project plan incorporating all the milestones that the Service Provider and each Other Service Provider is required to achieve. If that is not possible, the Service Provider must at a minimum co-ordinate its project plans with those of the Other Service Providers to ensure that they are consistent, that dependencies between the Service Provider and the Other Service Providers are clearly identified and that milestones are aligned between project plans in order to ensure the optimal delivery of the Services and the Other Services to Molina;
(d)
communicate appropriately and provide reasonable availability to communicate in order to reach mutual solutions where necessary;
(e)
cooperate and assist with acceptance testing and any necessary quality assurance analysis;
(f)
make itself available for a reasonable time after each Deliverable has Passed, to respond promptly to questions and problems raised by the Other Service Providers in connection with that Deliverable;
(g)
cooperate with the Other Service Providers in identifying planned downtime, and cooperatively plan and communicate planned downtime so as to maximize benefit to Molina and minimize disruption to the services and to Molina’s business;
(h)
cooperate with the Other Service Providers to co-coordinate the scheduling and conducting of testing and the preparation of test scripts and test cases, and to review test results as applicable;
(i)
where Incidents or Problems occur in relation to any Deliverable or any Services or any Systems supported or managed by the Service Provider under this Agreement, cooperate reasonably and in good faith with the Other Service Providers, to the extent that this is required, including:
(i)
identifying what it would take to Resolve the Incident or Problem;
(ii)
Resolving an Incident or fixing a Problem as expeditiously and cost effectively as possible and waiting until after the resolution of the relevant Incident or Problem to raise (or take any action in relation to) any dispute as to whether which Party or Other Service Provider is responsible, which Party or Other Service Provider should bear the cost of fixing the Incident or Problem or any associated legal issues;

-3-


(iii)
providing prompt information where necessary; and
(iv)
where Incidents or Problems occur that have multiple possible solutions (including Incidents or Problems that could be resolved through action by the Service Provider, whether alone or with the Other Service Providers), cooperate with Molina and/or the Other Service Providers to Resolve the Incident or Problem in the way that causes the least disruption and cost to Molina and complies with recognized industry standards and practices;
(j)
promptly identify any inconsistencies, ambiguities or gaps between the Other Service Providers’ respective accountabilities and responsibilities which impact (or may impact) upon the delivery of the services, and proactively engage the Other Service Providers to resolve any such inconsistencies, ambiguities or gaps;
(k)
adopt standard processes to support end to end service delivery in collaboration with the Other Service Providers. Adoption of standard processes means that:
(i)
the Service Provider shall actively participate in the design, development, introduction and operation of end to end service delivery processes, including by participation in multi-supplier governance meetings and working sessions as required; and
(ii)
the Service Provider shall provide its own insight and experience as required to support end to end service delivery processes; and
(l)
wherever possible, for a given concept adopt such standard terminology as is used already by Molina and the Other Service Providers and where no such standardized terminology exists, use recognized industry standard terminology wherever possible, in preference to terminology that describes the Service Provider’s own products, services, tools and processes.
3.4
In addition to the obligations set out in paragraphs 3.1 to 3.3, the Service Provider shall, in relation to each AD Service Provider:
(a)
in connection with each Project that relates to a project for the development of an Application:
(i)
collaborate with the AD Service Provider in developing an estimate of the work required by the Service Provider to support a Project, based on input from Molina or the AD Service Provider and their requirements of the Service Provider; and

-4-


(ii)
when reviewing Input Deliverables provided by the AD Service Provider, identify to both Molina and the AD Service Provider any issues that the Service Provider believes arise as a result of information obtained by reviewing the Input Deliverables;
(b)
provide the AD Service Provider with reasonable information about the Systems supported or managed by the Service Provider under this Agreement in order to assist the AD Service Provider in developing Applications that will depend upon, be used in conjunction with or otherwise relate to those Systems; and
(c)
proactively, and with cooperation and support from Molina in obtaining this information, in accordance with Good Industry Practice, obtain from the AD Service Provider all necessary information about the Applications being developed by the AD Service Provider and any related Third Party Software to be used in conjunction with the Deliverables or with the Applications being developed by the AD Service Provider, and use that information in the provision of the Services.
3.5
In addition to the obligations set out in paragraphs 3.1 to 3.3, the Service Provider shall, in relation to each AM Service Provider, provide such information about the Services and the Systems supported or managed by the Service Provider under this Agreement as the AM Service Provider may require in order to provide maintenance, management and/or operations services in relation to any Application that will depend upon, be used in conjunction with or otherwise relate to the Services or those Systems.
3.6
In addition to the obligations set out in paragraphs 3.1 to 3.3, the Service Provider shall, in relation to each Infrastructure Supplier:
(a)
participate in any reasonable discussions requested by the other Infrastructure Supplier regarding the other Infrastructure Supplier’s requirements;
(b)
where necessary, provide reasonable assistance to the other Infrastructure Supplier in meeting its requirements; and
(c)
ensure that the other Infrastructure Supplier is kept up-to-date with such information about the Deliverables and the Services and the Systems supported or managed by the Service Provider under this Agreement as is reasonably required by the Infrastructure Supplier.
3.7
If the Service Provider is not receiving the cooperation that it requires from any Other Service Provider and the lack of cooperation could impact on the Service Provider’s ability to perform any of the Services, then the Service Provider shall promptly notify Molina. Molina shall procure

-5-


the mutual cooperation and assistance of the Other Service Provider as contemplated by this Agreement.
3.8
A dispute or uncertainty about the financial consequences of, or operational responsibility for an Incident or Problem does not entitle the Service Provider to delay the resolution of that Incident or Problem or to suspend or defer the performance of the Services or any Other Services.
3.9
The Service Provider shall provide to Molina, at Molina’s request, information collected by the Service Provider or provided to the Service Provider about Molina’s business, operations, Applications and Systems, as reasonably required by Molina, and Molina shall be entitled to share that information with each Other Service Provider for the purpose of that Other Service Provider providing services to the Molina Companies.
3.10
The Service Provider shall comply with the reasonable security and health and safety policies of each Other Service Provider if it is working on the site of that Other Service Provider.
3.11
Molina is responsible for informing the Service Provider of the identity of each Other Service Provider to whom the Service Provider is required to provide cooperation and assistance under this Schedule, including informing the Service Provider of the Applications for which each such AD Service Provider and AM Service Provider is responsible and the Systems for which each such Infrastructure Supplier is responsible.
4.OPERATIONAL LEVEL AGREEMENTS
4.1
In order to facilitate the smooth and effective delivery of services (including the Services) to Molina in a multi-vendor environment, Molina may require the Service Provider to enter into an operational level agreement (“Operational Level Agreement”) with any Other Service Provider, as specified by Molina.
4.2
A change to any Operational Level Agreement and the re-allocation of responsibilities within any Operational Level Agreement shall be dealt with entirely between the Service Provider and the relevant Other Service Provider and shall not require an Agreement Change, in accordance with the provisions of this Agreement.
4.3
The principal purpose of each Operational Level Agreement shall be to clarify the relevant responsibilities, accountability, access and dependencies between the Service Provider and the relevant Other Service Provider in respect of services to be provided to Molina.
4.4
A copy of each Operational Level Agreement and each subsequent version thereof shall be published by the Service Provider on the Contract Management Portal promptly after it is signed.


-6-










SCHEDULE 18
MOLINA LOCATIONS

(i)



CONTENTS
Clause
 
Page
1.
Definitions
- 1 -
2.
Introduction
- 1 -
3.
Molina Locations Service Matrix
- 2 -


(i)



1.DEFINITIONS
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) of this Agreement.
2.INTRODUCTION
This Schedule is divided into three sections and sets out the Molina Locations at which Molina operates and where the Service Provider shall provide the Services.



1


3.MOLINA LOCATIONS SERVICE MATRIX
The following table sets out the Molina Locations at which the Services shall be provided:

#
Address Suite
City
State
Postal Code
Type
1.    
200 S. Main St
Corona
CA
92882
Office
2.    
1607 W. Main St,
El Centro
CA
92243
Office
3.    
1500 Hughes Way, Pod A
Long Beach
CA
90810-1870
Office
4.    
604 Pine Ave (Press Telegram)
Long Beach
CA
90802-1329
Office
5.    
650 Pine Ave (Meeker Baker)
Long Beach
CA
90802-1329
Office
6.    
100 Oceangate, 15th Floor
Long Beach
CA
90802
Office
7.    
300 Oceangate (300 Tower)
Long Beach
CA
90802
Office
8.    
200 Oceangate, #100
Long Beach
CA
90802-4317
Office
9.    
One Golden Shore Drive
Long Beach
CA
90802
Parking
10.    
1151 Walnut Avenue
Ontario
CA
91761
Clinic
11.    
887 E. 2nd Street
Pomona
CA
91766-2009
Clinic/Office
12.    
35-800 Bob Hope Drive
Rancho Mirage
CA
92270
Office
13.    
2180 Harvard St, #500
Sacramento
CA
95815
Office
14.    
300 University Avenue, #100
Sacramento
CA
95825-6518
Office
15.    
550 E. Hospitality Lane, #100
San Bernardino
CA
92408
Office
16.    
9275 Sky Park Court, #350
San Diego
CA
92123
Office

-2-


#
Address Suite
City
State
Postal Code
Type
17.    
222 West 6th Street, floors 6, 7, 8 &11
San Pedro
CA
90731
Office
18.    
8300 N.W. 33rd Street, #400
Doral (Miami)
FL
33122-1940
Office
19.    
8200 NW 33rd Street
Doral (Miami)
FL
33122
Office
20.    
6622 SouthPoint Drive South, #450
Jacksonville
FL
32216
Office
21.    
3450 Buschwood Park Drive, #200
Tampa Bay
FL
33618
Office
22.    
950 Bannock St., Offices 1116 & 1117
Boise
ID
83702
Temp Office
23.    
950 Bannock St., Office 1169
Boise
ID
83702
Temp Office
24.    
9050 Overland, Suite 155
Boise
ID
83704
Office
25.    
1520 Kensington Rd, #212
Oak Brook
IL
60523-2197
Office
26.    
One West Old State Capitol Plaza, #300
Springfield
IL
62701
Office
27.    
615 W. Lafayette Blvd., #500
Detroit
MI
48226
Office
28.    
1321 S. Linden Road, #A
Flint
MI
48532
Office
29.    
3196 Kraft Ave, #303
Grand Rapids
MI
49512
Office
30.    
880 West Long Lake Rd
Troy
MI
48098-4504
Office
31.    
188 E Capitol, Suites 600, 700, 800
Jackson
MS
39201
Office
32.    
5610 Turing Dr SE
Albuquerque
NM
87106-9703
Data Center
33.    
400 Tijeras Ave NW
Albuquerque
NM
87102
Office
34.    
Kent Ave & 8th St
Albuquerque
NM
87102
Parking
35.    
500 4th Street
Albuquerque
NM
87102
Parking
36.    
5232 Witz Dr.
Clay
NY
13212
Office
37.    
70 E 55th St., 8th Floor
New York
NY
 
Office
38.    
819 South Salina St
Syracuse
NY
13202
Office
39.    
1101 Erie Blvd East, Suite #100
Syracuse
NY
13210
Clinic

-3-


#
Address Suite
City
State
Postal Code
Type
40.    
9987 Carver Rd, Suite 250
Blue Ash
OH
45242
Office
41.    
25 Merchant St, #200
Cincinnati
OH
45246
Office
42.    
3000 Corporate Exchange Dr
Columbus
OH
43231
Office
43.    
6161 Oak Tree Blvd, #200
Independence (Cleveland)
OH
44131
Office
44.    
6001 Woodland Ave
Cleveland
OH
44104
Office/Storage
45.    
PR State Road 908, Km 0.4, Barrio tejas
Humacao
PR
791
Office
46.    
111 Hostos Ave.
Ponce
PR
716
Office
47.    
652 Munoz Rivera Ave, #300
San Juan
PR
918
Office
48.    
654 Munoz Rivera Ave, #1600
San Juan
PR
918
Office
49.    
Calle 25 de Julio St, #53, Urb. Villa Milagros
Yauco
PR
698
Office
50.    
440 Knox Abbott Drive, #430
Cayce
SC
29033-4353
Office
51.    
4105 Faber Place Drive, #120
N. Charleston
SC
29405
Office
52.    
4316 South McColl Road
Edinburg
TX
78539-3160
Office
53.    
445 Executive Center, #100
El Paso
TX
79902-1003
Office
54.    
15115 Park Row, #110
Houston
TX
77084-4288
Office
55.    
1660 N. Westridge Circle,
Irving
TX
75038
Office
56.    
5605 MacArthur, #400
Irving
TX
75038-2693
Office
57.    
6999 MacPherson Road, #213
Laredo
TX
78041-6450
Office
58.    
1255 W. 15th St, #100
Plano
TX
75075
Office
59.    
1232 Alma Rd.
Richardson
TX
75081
Data Center

-4-


#
Address Suite
City
State
Postal Code
Type
60.    
84 NE Loop 410, #200
San Antonio
TX
78216-8419
Office
61.    
7050 Union Park Center, #240
Midvale
UT
84047-4169
Office
62.    
7070 Union Park Center
Midvale
UT
84047
Office
63.    
3959 Pender Dr, Suite 240
Fairfax
VA
22030
Office
64.    
4101 Cox Rd, #100
Glen Allen
VA
22408
Office
65.    
21540 30th Drive SE 101, #400
Bothell
WA
98021
Office
66.    
15 SW Everett Mall Way, #A
Everett
WA
98208-3230
Clinic
67.    
1330 North Washington St, #4000
Spokane
WA
99201
Office
68.    
19120 SE 34th St, 2nd floor
Vancouver
WA
98683
Office
69.    
616 A Valley Mall Parkway
East Wenatchee
WA
98802
Office
70.    
601 13th St NW, #800 North
Washington
WA DC
20005
Office
71.    
11002 W. Park Place
Milwaukee
WI
53224
Office



-5-
















SCHEDULE 19
AGREED FORM NON-DISCLOSURE AGREEMENT

















Non-Disclosure Agreement




CONTENTS

Clause
 
Page
1.
Disclosure
- 1 -
2.
Obligations
- 2 -
3.
Confidentiality Period
- 3 -
4.
Exceptions to Obligations
- 3 -
5.
Disclaimers
- 3 -
6.
General
- 3 -
7.
Entire Agreement
- 4 -
8.
Governing Law and Jurisdiction
- 4 -



– i –


THIS CONFIDENTIALITY AGREEMENT is made on [●]
BETWEEN:
(1)
[●], a company registered in [●] (company number [●]), whose registered office is at [●] (“[●]”); and
(2)
[●], a company registered in [●] (company number [●]), whose registered office is at [●] (“[●]”).
Each of [●] and [●] is referred to in this Confidentiality Agreement as a “Party”, and they are referred to collectively as the “Parties”.
INTRODUCTION:
The Parties’ mutual objective under this Confidentiality Agreement is to provide protection for confidential information (“Information”) while maintaining their ability to conduct their respective business activities. Each Party agrees that the following terms apply when the disclosing Party (the “Discloser”) discloses Information to the other, receiving Party (the “Recipient”) which relates to or is acquired in consequence of either Party’s engagement with [Molina Healthcare Entity] (“Molina”) for [●].
For the avoidance of doubt the obligations under this Confidentiality Agreement will apply only with effect from the date of signature hereof.
THE PARTIES AGREE as follows:
1.
DISCLOSURE
1.1
Information will be disclosed either:
a(
in writing;
b(
by delivery of items;
c(
by initiation of access to Information, such as may be in a database; or
d(
by oral or visual presentation.
1.2
Information should be marked with a restrictive legend of the Discloser. If Information is not marked with such legend or is disclosed orally, the Information will be identified as confidential at the time of disclosure. In any event, Information will be protected by this Confidentiality Agreement if by its nature it would reasonably be considered to be confidential even if it is not marked with a restrictive legend or identified as confidential at the time of disclosure.

-1-


2.
OBLIGATIONS
2.1
The Recipient agrees to:
1(a)
use the same care and discretion to avoid disclosure, publication or dissemination of the Discloser’s Information as it uses with its own similar information that it does not wish to disclose, publish or disseminate; and
1(b)
use the Discloser’s Information solely for the purpose for which it was disclosed or otherwise for the benefit of the Discloser.
2.2
The Recipient may disclose Information to:
1(a)
its employees who have a need to know, and employees of any legal entity that it controls, controls it, or with which it is under common control, who have a need to know. Control means to own or control, directly or indirectly, over 50% of voting shares;
1(b)
employees of Molina who have a need to know and employees of any legal entity that Molina controls, controls Molina, or with which Molina is under common control, who have a need to know. Control means to own or control, directly or indirectly, over 50% of voting shares; and
1(c)
any other party with the Discloser’s prior written consent.
2.3
Before disclosure to other parties as described in Clause 2.2(c), the Recipient will have a written agreement with the party sufficient to require that party to treat Information in accordance with this Confidentiality Agreement.
2.4
The Recipient may disclose Information to the extent required by law. However, unless prohibited by law, the Recipient will give the Discloser prompt notice to allow the Discloser a reasonable opportunity to obtain a protective order.
2.5
Notwithstanding the Parties’ obligations in this Clause 2, the Parties acknowledge that general ideas, concepts and know-how contained in the Discloser’s Information may be retained in the unaided memories (meaning that part of the memory that cannot be controlled or influenced by a person) of the Recipient’s employees who have had access to the Information in accordance with the terms of this Confidentiality Agreement. The Parties therefore agree that the Recipient shall not be in breach of this Confidentiality Agreement if the Recipient’s employees who have had access to such Information use such retained general ideas, concepts and know-how in conducting the Recipient’s business activities.
2.6
Nothing contained in Clause 2.5 gives the Recipient the right to disclose, publish or disseminate:
(a)
the source of Information;
(b)
any financial, statistical or personnel data of the Discloser; or
(c)
the business plans of the Discloser.

-2-


Furthermore, neither Party shall use any ideas, concepts or know-how if such use involves the reproduction or reconstruction of any Information in such a form as may involve an infringement of the other Party's intellectual property rights.
3.
CONFIDENTIALITY PERIOD
Information disclosed under this Confidentiality Agreement will be subject to this Confidentiality Agreement for ten (10) years following the initial date of disclosure.
4.
EXCEPTIONS TO OBLIGATIONS
The Recipient may disclose, publish, disseminate and use Information that is:
(a)
already in its possession without obligation of confidentiality;
(b)
developed independently;
(c)
obtained from a source other than the Discloser without obligation of confidentiality;
(d)
publicly available when received, or subsequently becomes publicly available through no fault of the Recipient; or
(e)
disclosed by the Discloser to another person without obligation of confidentiality.
5.
DISCLAIMERS
5.1
The Discloser provides Information without warranties of any kind in favor of the Recipient.
5.2
The Discloser will not be liable to the Recipient for any damages arising out of the use of Information disclosed under this Confidentiality Agreement unless and except to the extent that such damages arise as a direct result of the Discloser providing information it did not have the right to provide.
5.3
Neither this Agreement nor any disclosure of Information made under it grants the Recipient any right or license under any trademark, copyright or patent now or subsequently owned or controlled by the Discloser.
6.
GENERAL
6.1
This Agreement does not require either Party to disclose or to receive Information.
6.2
Neither Party may assign, or otherwise transfer, its rights or delegate its duties or obligations under this Confidentiality Agreement without prior written consent. Any attempt to do so is void.

-3-


6.3
The receipt of Information under this Confidentiality Agreement will not in any way limit the Recipient from:
(a)
providing to others products or services which may be competitive with products or services of the Discloser;
(b)
providing products or services to others who compete with the Discloser; or
(c)
assigning its employees in any way it may choose.
6.4
The Recipient will comply with all applicable export and import laws and regulations provided that the Discloser has provided the applicable export control classification number so as to enable such compliance.
6.5
Only a written agreement signed by both Parties can modify this Confidentiality Agreement.
6.6
Either Party may terminate this Confidentiality Agreement by providing one month’s written notice to the other. Any terms of this Confidentiality Agreement which by their nature extend beyond its termination remain in effect until fulfilled, and apply to respective successors and assignees.
7.
ENTIRE AGREEMENT
This Confidentiality Agreement is the complete and exclusive agreement regarding the Parties’ disclosures of Information, and replaces any prior oral or written communications between the Parties regarding these disclosures. By signing below for their respective enterprises, each Party agrees to the terms of this Confidentiality Agreement. Once signed, any reproduction of this Confidentiality Agreement made by reliable means (for example, photocopy or facsimile) is considered an original.
8.
GOVERNING LAW AND JURISDICTION
This Confidentiality Agreement is governed by, construed in accordance with, and enforced under the substantive Law of the State of New York, without giving any effect to any contrary choice of law or conflict of law provision or rule (whether of the State of New York or any other jurisdiction). Any claim or action brought by a Party in connection with this Confidentiality Agreement, or any part hereof, will be brought in the appropriate federal or state court located in the State of New York, New York County, and the Parties irrevocably consent to the exclusive jurisdiction of such courts. The United Nations Convention on Contracts for the International Sale of Goods and New York conflict of law rules do not apply to this Agreement or its subject matter. In any action relating to this Confidentiality Agreement, each of the Parties irrevocably waives the right to trial by jury.

-4-


By signing below, both Parties agree to perform their obligations set out in this Confidentiality Agreement.

……………………………………..        ……………………………………..
For and on behalf of         For and on behalf of
<insert company name>
<insert company name>

<Name>        <Name>
<Title>        <Title>
<Date>        <Date>
<E-mail address>        <E-Mail Address>
<Telephone number>        <Telephone Number>

 


-5-
CONFIDENTIAL
TREATMENT REQUESTED
















SCHEDULE 21

SERVICE PROVIDER TECHNICAL SOLUTION

(i)
CONFIDENTIAL
TREATMENT REQUESTED


CONTENTS
Clause
 
Page
1.
Definitions and Interpretation
2
2.
General Provisions
2
3.
Service Provider Technical Solution
2





(i)




1.DEFINITIONS AND INTERPRETATION
1.1
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) to the Agreement.
2.GENERAL PROVISIONS
2.1
This Schedule sets out the Service Provider Technical Solution, as contemplated in the Agreement.
3.SERVICE PROVIDER TECHNICAL SOLUTION
See below.


-2-
Technical Solution to Tooling for Future State    Infosys Ltd







infosys.jpg




-3-
Technical Solution to Tooling for Future State    Infosys Ltd

1    CONTENTS
1
Introduction
6
1.1
Overview of the Technical Solution Document (TSD)
6
1.2
Definitions
6
2
Technical Solution Overview
6
2.1
Current Mode of Operations
6
2.1.1
Current Delivery Locations
6
2.1.2
Current Assets, Layouts
7
2.1.3
Current Processes & Performance Standards
8
2.1.4
Current Tools and Licensing
11
2.1.5
Current Challenges and Focus Areas (Please add other topics as appropriate)
16
2.1.6
Other Information on Current State
19
2.2
Lift, Shift and Enhance for Core Infrastructure
19
2.2.1
Service Delivery Model, Processes, and Procedures
19
2.2.2
Delivery Locations (Onshore, Nearshore, Offshore) and Associated Services
30
2.2.3
Staffing, Hours of Operation, and On-Demand Sourcing
31
2.2.4
Day 1 and Year 1 Transformation (e.g., Migration, Consolidation, Layout)
34
2.2.5
Flex Models (e.g., Scale Up, Scale Down, Migrate)
34
2.3
Lift, Shift and Enhance for End-User Services (EUS)
35
2.3.1
[redacted]
36
2.3.2
Deskside and Walkup Support (Exhibit 2-C)
46
2.3.3
Desktop Engineering (Exhibit 2-C)
47
2.3.4
End-User Device (EUD) Management and Remote Support Model (Exhibit 2-C)
50
2.3.5
[redacted]
51
2.3.6
Network Operations Center
52
2.4
[redacted]
55
2.4.1
[redacted]
55
2.4.2
Security Operations
55
2.5
[redacted]
60
2.5.1
[redacted]
61
2.5.2
[redacted]
63
2.5.3
[redacted]
64
2.5.4
[redacted]
64
2.6
[redacted]
66
2.6.1
[redacted]
66
2.6.2
DR / BC for Supplier Services in-Scope of This Agreement
68
2.7
[redacted]
70
2.7.1
[redacted]
70
2.7.2
[redacted]
70
2.7.3
[redacted]
70
2.7.4
[redacted]
70
2.8
[redacted]
70

-4-
Technical Solution to Tooling for Future State    Infosys Ltd

2.8.1
[redacted]
70
2.8.2
[redacted]
70
2.8.3
[redacted]
71


1
INTRODUCTION
1.1
Overview of the Technical Solution Document (TSD)
Overview:
The Technical Solution Document (TSD), is an artefact detailing the various elements of the technical solution detailed in the entire document.

1.2
Definitions
Following are the definition of the terminologies used this document:
Terminology
Definition
TSD
Technical Solution Document
RFP
Request for Proposal
IIMSS
Infosys Infrastructure Management Solution Suite
ESM Café
Enterprise Service Management Café
DR
Disaster Recovery
BCP
Business Continuity Plan
FTE
Full Time Employee
SLA
Service Level Agreement
CSL
Critical Service Level
KPI
Key Performance Indicator
Table 1. List of Terminologies
2
TECHNICAL SOLUTION OVERVIEW
2.1
Current Mode of Operations
2.1.1
Current Delivery Locations

Infosys understands that Molina office at Long Beach, CA is the primary delivery location, from where the infrastructure services are provided apart from the EUC services where skilled staff are stationed on those locations.
SOW
Service Delivery Location #1
Service Delivery Location #2
Service Desk
Long Beach, CA
Bothell, WA
End User Services
102 Locations across 22 states of US & Puerto Rico with dedicated and dispatch services
 
Infrastructure Services
NOC – Long Beach, CA
 
Security Services
Long Beach, CA
 

Table 2. Delivery Locations
The Molina’s platform engineering area is divided into seven capability areas. A combined internal and contractor workforce of approximately 317 FTEs, are catering to these capability areas.

-5-
Technical Solution to Tooling for Future State    Infosys Ltd

There are two Main Datacenter New Mexico (NM) and Co-Lo (Digital Reality) in Texas. Where prior services as Primary DC and later as Cold DR DC with exceptions to Telephony/Call Center services (with capacity limitations).

2.1.2
Current Assets, Layouts
2.1.2.1
Architecture Overview
2.1.2.2
Inventory of Molina IT Assets
[redacted]

Figure 1.
[redacted]

Following is the Molina inventory detail and analysis done by Infrastructure technology tracks:
Server Inventory

[redacted]
[redacted]
[redacted]
[redacted]


Table 3. [redacted]
Network Inventory
 
[redacted]
[redacted]
[redacted]
[redacted]


Table 4. [redacted]
Storage and Backup Inventory

[redacted]
[redacted]
[redacted]
[redacted]

Table 5. [redacted]
Database Inventory

[redacted]
[redacted]
[redacted]
[redacted]

Table 6. [redacted]
Middleware Inventory



Page 6 of 6
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]

Table 7. [redacted]
EUC Inventory

[redacted]
[redacted]
[redacted]
[redacted]


Table 8. [redacted]
Service Desk Inventory

[redacted]
[redacted]
[redacted]
[redacted]

Table 9. [redacted]
2.1.3
Current Processes & Performance Standards
Current Processes

Process
Process Description
Business Continuity
This deals with the Business Continuity, in case, if there is any incident where normal business functions delivery is affected or at risk.
The definition and policy with the handling procedure are understood and can be accommodated in the overall Infosys BCP solution.
Data Center SOPs
The supplied SOP’s (201-211) are in general part of the best practices wherever Infosys deliver managed services operations.
They largely deals with the material movement, DC access, Disk wipe procedure, DC walkthrough etc.
Enterprise Infrastructure Services Policies
As stated above, similarly for the infrastructure services policies are also part of the Infosys delivered managed services. We build upon the existing policies and keep the policies reviewed to ensure the adherence to the agreement shared with our customers.
HIPAA
Infosys is aware of the HIPAA requirement while working in the Health care sector. We understand the sensitivity of the health information and care that needs to be taken to ensure that they are only available for the authorized eyes only. Infosys agrees to abide by the terms set forth Molina’s BAA.
Incident
The document provided gives quite good understanding of the Incident prioritization and thereafter Molina specific process to handle the designated Major Incident. Infosys may review this and mutually agree the changes so that it is best suitable for all stages of the engagement.
Service Management Policies
All the ITSM policies/Sourcing/SR/Security are not revised for more than 2 years. However, we believe these are derived out of the best practices and can be followed without review.
Additional Policies
We have gone through the additional policy documents shared namely, SOX, Document retention and destruction, VIP Support policy, Physical DC etc. are found to be in line with our understanding too. We will comply with these as well.


Page 7 of 7
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Table 10. Current Process
Current Performance Standards
We have analyzed the following documents such as Schedule 7 (Governance) and Appendix 6-A (Service Level Matrix) to understand the status of the Molina IT operations prior to the Effective Date. However, no service levels values, benchmarks were provided.
Infosys believes the Service levels and Governance both needs to be in place for progressive delivery of the performance standards. We are delighted to see that Molina review the service levels and performance against them on regular basis. It is also noted that the regular reports are reviewed and discussed by the respective governance group’s viz., Operational Review Board, Multi-Supplier Operational Committee, IT Core Leadership Team and Executive Steering Committee. Moreover, the optimization also becomes the part of the discussion to ensure the continuous improvements are done over and above what is being reported and monitored.

Below are the Molina expected Infrastructure SLA’s*:
Type
Service Level Name
Description / Overview
Critical Service Level (CSL)
Database Cluster Availability
Measures the percentage availability of Database Clusters (with redundancy within the site) in Data Centers
Response Time (Priority 1)
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Response Time (Priority 2)
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Resolution Time (Priority 1)
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Resolution Time (Priority 2)
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Installation of Emergency Software or Patches
Percentage of Emergency Software or Patches for which the process was started immediately, and installed on Infrastructure within the designated timeframe.
Network Infrastructure Availability
Measures the percentage availability of Production Network Infrastructure


Page 8 of 8
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Type
Service Level Name
Description / Overview
Key Performance Indicator (KPI)
Backup Storage Device Availability
Measures the percentage availability of the backup storage devices
Stand-Alone Device Availability
Measures the aggregate availability of the in-scope stand-alone devices
Communication Time
Measures the percentage of incidents where the incident was communicated with business impact and technical description of what is being investigated, to appropriate business partners and technical teams within the appropriate amount of time.
Response Time (Priority 3)
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Response Time (Priority 4)
Measures the percentage of incidents where the incident was responded to within the appropriate amount of time.
Resolution Time (Priority 3)
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Resolution Time (Priority 4)
Measures the percentage of incidents where the incident was resolved within the appropriate amount of time.
Root Cause Analysis Time
Measures the percentage of Priority 1 and 2 incidents that receive a final root cause analysis within the designated timeframe. Pending responses from third party suppliers are acceptable
Batch Job Commencement
Measures the percentage of batch jobs failures where the failure was responded to (following SOP guidelines) within the designated timeframe.
Successful Completion of Backup and Recovery
Measures the percentage of successfully completed backup and recovery jobs.
Infrastructure Capacity Provisioning
Measure of Capacity provisioning requests completed within the time allotted
Installation of Approved Software or Patches
Percentage of Approved Software or Patches installed on Infrastructure within the time allotted (as per Molina patching and installation scheduling requirements)
Contract Management
Measures the percentage of Contract Change Order, Invoices Correct and On-Time (calculated on number of lines).
Reporting
Measures the Supplier’s ability to deliver reports to Molina according to the planned and/or scheduled cadence
Documentation
Completion of all scheduled documentation revisions and drafts as defined by Molina
Security Review
Measures the performance of all security reviews within specified timeframes
Capacity Reporting
Measures the number of CPU Capacity Events or Storage Capacity Events not reported within one business day.
File Recovery / Restoration
Measure of restoration requests where the restore is initiated is that are completed with the allotted time
Account Provisioning Error Rates
Percentage of Account Provisioning (including de-Provisioning) requests processed incorrectly to total number of requests by type
Customer Satisfaction
Measures the percentage of Infrastructure stakeholders (as defined by Molina) who are satisfied with the Services (e.g., BAU, Continuous Improvement and Innovation).
Table 11. Current Performance Standards
*All SLA’s are subject to due diligence

Infosys understands that Molina is already following these above mentioned service levels. However, Infosys would further like to understand the current adherence to these service levels achieved.
2.1.4
Current Tools and Licensing
[redacted]


Page 9 of 9
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd


[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


Page 10 of 10
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Table 12. [redacted]


Page 11 of 11
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Table 13. [redacted]


Page 12 of 12
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Table 14. [redacted]

2.1.4.1
Purpose and Scope
The primary purpose of these tools is to support various technology areas, mentioned in the latest tools data provided in ‘20181029_Attachment D _Tools and Technology_updates.xlsx’

Infosys is expected to support all these tools and agrees for the same. However, the license(s) of these tools remains with Molina, and Infosys need to support Molina, with periodic license updates to avoid any license renewal issues, from the time perspective.

Also, Molina has a strong preference for non-proprietary, commercially available tools but open for discussion and inclusion of any such tools, if it brings transformational value and thereby helps optimize the operations further.

2.1.4.2
PE/Telecom/Network Security
Platform Engineering (PE)

PE is part of Molina’s Infrastructure landscape construct, among the five core groups. The PE is further categorized into seven capability areas, namely:
Solution Engineering
Core Engineering
IT Security and Identity Management
Operations
DB & Analytics Platform


Page 13 of 13
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Quality Management
Service and Relationship Management

The PE tools support, the following technology/process areas:
Asset Management
Collaboration
Configuration Management
Data Management
Endpoint Management
Hypervisor
Operations Monitoring/Metrics
QA
Security – Access, Detection and Operations
Service Management
Storage and Backup
Source Control Management

The details of the tools, as provided by Molina is already provided in the beginning of this section – Section 2.1.4
Telecom Tools
[redacted]
2.1.5
Current Challenges and Focus Areas (Please add other topics as appropriate)

2.1.5.1
Expansive and Highly Disparate Infrastructure Landscape
Based on our analysis of Molina’s Infrastructure landscape, for the same work areas, multiple technologies, tools, multiple different versions of software(s) and hardware. [redacted].

The details around all these things have already been provided in various sections of this document.

2.1.5.2
Disaster Recovery/Business Continuity (DR/BC)
Infosys understands the following challenges and Infosys recommendations:
[redacted]

2.1.5.3
End-of-Life Devices Increasing Risk, Support Complexity, and Upkeep Costs
Infosys have performed analysis on the Molina infrastructure estate, as per the inventory provided, and following are the details by technology tracks where and how much devices have already reached end-of-life or reaching end of life by [redacted].
[redacted]


Page 14 of 14
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 15. [redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 16. [redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


Page 15 of 15
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Table 17. [redacted]
Storage:
The total number of storage arrays as per inventory are [redacted] with total storage capacity of [redacted].
(source: A-2 Storage Services and A-3 Storage Services – Remote worksheets in 27. Attachment B (Infrastructure Data) workbook)

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 
[redacted]
[redacted]
[redacted]
 

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Table 18. [redacted]
End User Devices:
Following are the details of the end user devices (desktops and laptops) contributing to EOL:
(source: B-1 Desktops and Laptops in worksheets in 27. Attachment B (Infrastructure Data) workbook)
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Table 19. [redacted]


Page 16 of 16
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

2.1.5.4
[redacted]

2.1.5.5
[redacted]

2.1.6
Other Information on Current State
Not applicable

2.2
Lift, Shift and Enhance for Core Infrastructure
2.2.1
Service Delivery Model, Processes, and Procedures
The graphic below visualized the governance committees which the Parties are to implement and participate in accordance with the Agreement, including Schedule 7 (Governance).
These governance models are defined in accordance to Molina’s ask and agreed through ‘Schedule 7’ and ‘Appendices 7-A and 7-B’ documents related to Governance.
In addition to the robust governance structure, we also have a comprehensive delivery structure at multiple layers and with right SMEs and management coverage at onsite and offshore for seamless delivery of services.
This integrated managed services model is based on ITIL V3 framework, bringing in synergies between various teams, and driving efficiencies, quality and productivity improvements and ownership of services. While the teams will be organized by areas of expertise and core delivery, they will act as one cohesive team for Molina Healthcare acting in unison to deliver on time, on budget and on specifications.

The underlying core culture of the team will be to work in an entrepreneurial fashion that will support Molina’s business requirements. Integrated Service Delivery model through its various levers will provide Molina Healthcare increased synergies and seamless operations across geographies, and portfolios that will ultimately lead to superior service and reduced TCO.

pic9.jpg

Figure 2.
Steady State Integrated Service Delivery Model
Service Delivery Model for Infrastructure support to Molina Healthcare, is defined and aligned to the governance model given above, and caters to with the information required at all levels in the forms of reports and dashboards.
Below view, provide more details specific to infrastructure operations as part of the integrated service delivery model.


Page 17 of 17
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

pic10.jpg
Figure 3.
Infrastructure Operations
Following are the components of the proposed service model:
L1 - Global Service Desk:
Service Desk is the first point of contact for any IT support needs for Molina Healthcare round the clock - 24x7x365. Molina users can contact service desk via all current prevailing modes of communication viz., Web, Email, Phone etc. This layer provides an ‘integrated’ service for all IT needs, applications and infrastructure support.
Service Desk will be recording all the issues/requests coming to them in Molina’s Service Now instance, and thus enables end users to track progress on their tickets directly in the ticketing tool.
L1.5 – Integrated Command Center Operations:
Command center will be completely responsible for monitoring the entire IT estate function that includes job scheduling, Monitoring, Managing. Additionally, playing the role of Major Incident Management Team. Command Center will also supplement the other IT operations team with performance and capacity management inputs.
This layer is entrusted with the responsibility of keeping a vigilant eye on Molina’s infrastructure estate, leveraging existing monitoring tools like Splunk, SCOM, SolarWinds, etc. Infosys proposes to bring in Infosys Infrastructure Management Solution Suite (IIMSS), which would act as single pane of glass for this command center team, to monitor Molina’s entire infrastructure estate, and take relevant actions for immediate resolution of tickets and alerts themselves or escalate to the L2/L3 teams to resolve any alert/issue that needs specific technical skills and detailed system knowledge.

Job management will also be a significant part of their day to day operations. Infosys will leverage existing Molina’s job scheduling tool, Autosys for defining, scheduling and monitoring jobs on Unix/Windows systems. The job scheduling is done using Unix - Cron (or windows - AT) which is time based, it will fire the job based on the clock. We understand that all the batch sequences are already defined in Molina. Team will ensure the running of the jobs in order, thereafter ensure the completion and regular reporting. All the failures will be raised with the respective technical teams for further investigation. The standard actions will be part of the operating manual of the team to ensure the steps are taken before escalating further.

While Integrated Command Center will be based out of offshore and US locations, a part of the Security Operations Center (SOC) will also be based out of onsite/onshore location in USA. All the security logs data need to be located in the USA.
IIMSS is driven by the policy engine and inputs from estate monitoring tools to orchestrate, suppress, resolve and alert any incident proactively. It also offers best suggestions and course of actions by grouping the similar issues/incidents of past. IIMSS enables IT administrators, Infrastructure Operations team and other users of it to centrally manage the entire physical and virtual infrastructure, platforms and applications from a single interface.
Command Center team will be recording all such incidents in Molina’s Service Now instance, and would be working round the clock – 24X7X365.


Page 18 of 18
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

pic11.jpg
Figure 4.
Integrated Command Center
Major Incident Manager (MIM) role will be part of Command Center. MIM’s are staffed 24 x 7 and will be deployed both at Onsite – Long Beach, CA and Offshore – India delivery locations Level 2 – Operations and Administration & Level 3 – Engineering, Optimization, and Design
This layer is the core technical team comprising of L2 and L3 technical SMEs, who would resolve incident/service request for all ticket categories raised by Molina users or by Infosys Command Center team for alerts and issues.
Dedicated Level 2 operations team will have experienced technicians who will ensure day-to-day operation of the in-scope infrastructure components by responding to and resolving escalated incidents, executing change activities, performing proactive trend analysis, implementing routine changes and participating in transformational projects. This team will also be responsible for identifying, developing, and implementing scripts and knowledge base articles to enable the Command Center team to increase their first-pass resolution rate.
Dedicated Level 3 technical team for each tower will use their experience and expertise to design new solutions to solve Molina Healthcare’s technical problems. They will provide technical leadership to projects within the environment and mentor their Level 2 counterparts.
Performance management and ongoing capacity planning/optimization will also be performed by this team. Finally, they will serve as a “backstop” for troubleshooting and problem resolution for the most complex issues.
Infrastructure team will comprise of Infosys technical support professionals both at onsite and offshore for the following technologies:
    Servers
    Storage and Backup
    Networks & Telephony
    Database
    Middleware
    Collaboration Services
    End User Computing and
    Infrastructure Security
    Tools
    Azure Cloud

L2/L3 teams will be using Molina’s Service Now instances for working on the issues, and documenting the progress updates and resolution provided to the issue.


Page 19 of 19
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

In addition, Infosys proposes a Core-Flex model at Level 2, where the core layer will be the staff deployed full time as per Molina’s needs as elaborated in the proposal and flex layer is a readily deployable pool of trained Infosys staff that can be deployed anytime based on increase in demand from Molina Healthcare. The flex layer staff will be graduated from the proposed Molina academy, before being on-boarded.

Infosys will have hands and feet services for the Molina Datacenter locations. The Infosys hands and feet team will act in close collaboration with Infosys Global Service Desk (L1) team, and provide services, as shown in the Service Delivery Model above.
Delivery enablement functions
Service Delivery Office (SDO)
The Infosys Service Delivery office will play the key role of working closely with the various Molina Healthcare managers and Infosys teams to understand their needs and define engagement structures that can deliver the most optimal value to Molina. The Service Delivery Office will be responsible for directing the overall engagement to align with business and IT goals associated with delivering services to Molina. The Service Delivery office will comprise of delivery managers and program managers who will play the oversight role and brings the necessary support needed for day-to-day execution teams.
Service Level Management Office (SLMO)
Service Level Management office will monitor and implements process to measure various metrics governing the efficiency and efficacy of services provided. Service delivery and service level management office will be responsible for reporting health of service towers.
Service Excellence Office (SEO)
As part of the integrated service delivery model, Infosys will set up a dedicated Service Excellence Office (SEO) for Molina, constituting dedicated team of experts with proven ITIL and infrastructure experience, interfacing with multiple service delivery groups within Infosys and other partners. The ultimate goal of the SEO is to provide operational excellence and drive continuous improvement, by focusing on the following areas:
Resolution Optimization: Analyze incident data and identify candidate and to drive shift left of issue resolution on a continuous basis
Quality Oversight and Defect Management: SEO focuses on reporting, analysis and action plans for service defects, such as miss-assigned incident records, incorrect diagnosis, and excessive resolution times resulting in reduced MTTR.
Service Management Optimization: Variance and exception oriented reporting and analysis that helps to guide problem management efforts, as well as oversight of ticket coding accuracy and quality to maintain accurate information for data analysis and mining.
Cross Functional operational governance: Drive process adoption and adherence across infrastructure towers by performing ongoing review of operational team’s adherence to the cross functional service processes based on quality audits and process maturity results.
“Voice of the Customer”: A program designed around survey responses, and direct Molina feedback, to bring continual visibility and emphasis to the customer experience.
Industry Best-Practice Guidance: Recommend industry best-practice standards and create a roadmap for implementation and/or achievement.
Multi-Dimensional Metric Methodology aligned with Molina’s Business Goals: Develop Value Map Control Plan, including a value map that establishes and rationalizes all measurements against a clearly stated Business Goal, and accompanying Critical Success Factors.
Molina Academy:
Infosys has devoted a special focus on Learning and Knowledge Management since its inception and has built an integrated approach to manage its knowledge capital. This structured KM approach focusing on improving the ‘learnability’ and continuous knowledge improvement will help improve the quality of the deliverables, meet and exceed Service Levels and enable Molina Healthcare stay ahead of the technology curve.
All Molina specific documents (policies, procedures, standards, configurations etc.,) that form the part of the onboarding documentation under Molina academy will be located within Molina networks and should reside at the locations (SharePoint, Shared Drives, etc.,) as per Molina policy. These documents will be reviewed and approved by Molina before they become part of Molina Academy.


Page 20 of 20
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

While Molina Academy will store documents specific to Molina on Molina SharePoint, the Lex platform of Infosys will be accessible over Infosys and public internet as per Infosys current setup. Trainings on Lex are for upskilling and reskilling of the Infosys resources in technology, process and domain areas. These trainings are not Molina specific and do not contain Molina information.
Other enablers of the delivery model:
One of the key differentiators of the operating model are the Infosys enabler teams that will be engaged on demand for any Molina Healthcare specific priority issues and Transformation initiatives.
Training & Certification: Infosys mandates every employee to undergo one domain, one technical and one process certification each year. There are several certifications created by Infosys Research team on infrastructure platforms, Azure, AWS, ITIL and ITSM processes, fund accounting, security lending and other financial services domain specific modules. This will ensure that the Infosys Molina Healthcare project team acquires skills across technologies, domains, and are able to scale up for any new requirements in the future.
Strategic Delivery Risk Management: Infosys will provide a delivery risk management professional to ensure early identification and management of risks across Molina Healthcare engagements through our proven Delivery Risk Management framework.

2.2.1.1
Service Delivery Process
Infosys understands that service delivery for Molina Healthcare engagement is key to success of the program, and is divided into following two aspects, for better understanding:
Delivery model
Key elements of service delivery process
Infosys will leverage Global Delivery Model (GDM) for Molina Healthcare engagement, with dedicated onsite, near-shore and offshore resources, focusing on infrastructure services that includes server administration and management, storage services (including remote storage services), network administration, database administration and management, end user services, infrastructure tools administration, infrastructure security services and aligned service management services.
Onsite service location will be Molina Healthcare office at Long Beach, California, near-shore location will be Infosys delivery center at Arizona and offshore delivery location will be Bengaluru/Chandigarh, India. Service Desk will operate from Infosys facilities at Manila, Philippines and Bengaluru, India.
Infosys Global Delivery Model will enable -
Stricter compliance adherence for ‘qualified server environment’
Infrastructure team integrated with Intelligent Command Center to provide effective support
Standardized processes for Incident, Problem, and Change management processes
Implement Infosys’s best practices from knowledge gained in executing similar projects
Orchestration and automation bringing in operational improvements
Infrastructure optimization recommendations and exercise reducing technical debt

Infosys, following the ITIL V3 guidelines will work towards delivering service(s) following a staged process, where certain activities may run in parallel as well.


Page 21 of 21
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

pic.jpg
Figure 5.
Staged Service Delivery Process
Infosys Service Delivery Process will ensure following four critical elements of Service Delivery are always in play and help build more matured Service Delivery Ecosystem every day as the engagement runs with the baseline being set right from proposal stage (current stage) to day 1 of steady state.

Service Culture built on elements of leadership governance, direction and overall vision for this engagement. Here the governance mechanism, and the direction set during these governance sessions will play a critical role.
Employee Engagement of Infosys resources supporting Molina, where the resources have to undergo mandatory trainings from proposed Molina Academy before being on-boarded. Infosys resources will be trained for the technological changes, as appropriate during the engagement, relevant to the engagement. In addition, employees will be motivated through some fun-filled activities time to time, helping them enhance their team building and teamwork culture.
Service Quality, where Infosys in alignment to the proposed service delivery model will leverage strategies, service management processes and zero distance ideas, bringing in better quality of deliverables, adherence to agreed service levels with Molina and drive continuous service improvement process. This will help Molina realize their vision and objectives and serve as the firm foundation of partnership between Infosys and Molina Healthcare.
Enhanced End User Experience, where Infosys teams will work towards enhancing Molina end user experience, by understanding their issues, pain points for the services in scope, and will work towards providing the resolution/services for the same, in the best possible time and working towards adhering to the agreed service levels. Also, Infosys leadership will share the updates gained through joint governance sessions with Molina leadership time to time, and help design strategies for further improvement.
Major Incident Management Process:
Major Incident Management is a critical part of service operations and Infosys is committed to ensure robust and proven process to handle major incidents, adhering to the agreed service levels, and addressing them with quality with minimal disruption to business and keeping relevant stakeholders informed through the resolution process.


Page 22 of 22
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

pic2.jpg
Figure 6.
Major Incident Management Process
    


2.2.1.2
IMACD for Data Center Hardware

Infosys has extensive experience of providing IMACD services for data centers owned and managed by Infosys as well as owned by the client and managed by Infosys.
For IMACD services to Molina Data Centers, Infosys will have dedicated team in NMDC and Texas DC.
IMACD are of two types i.e. Hard IMACD and Soft IMACD. Hard IMACD services will be provided by local support resource (DC Partner or Infosys partner dispatch resource) whereas Infosys Remote Support Teams (Desk side/Service Desk /Infra) will resolve soft IMAC services remotely. Below is a typical checklist, which will be followed for equipment provisioning.
Ensure availability of all equipment components and related peripherals with no visible sign of damage
Assemble/Install hardware components and complete racking activities
Attach all related components/peripherals and complete POST test
Access equipment remotely via remote board (e.g. iLO, DRAC, etc) and start configuration
Install and configure equipment as per its build plan/standard build process
Test and confirm equipment accessibility and manageability
Check and ensure all errors are clear. Perform a sanity check to ensure equipment has been built as per standard requirement
Confirm equipment installations/readiness with the customer/stakeholder Teams
Take sign-off from Stakeholders for equipment readiness
Assist customer / stakeholder on equipment administration related requests (creating access, analyzing error logs, performance, etc.), Check and ensure no errors on the equipment.
Take confirmation from stakeholder team on install completion and any test report


Page 23 of 23
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Configure the equipment for its data backup and monitoring
Make sure Equipment’s are monitored as per requirement
Take signoff from Stakeholders Team
Update the Equipment Operations related documents and Update CMDB with equipment configuration details
Handover equipment and all relevant documents to support team
Ensure sign off and update stakeholders
Some common IMACD requests are as follows:
Installation of New device
Disposal of EOL or EOS devices
Movement/change of device
Installation of software’s and applications which are not possible for remote installations
Infosys team will leverage the current technology, best practices to provide all in-scope services including IMACDs work through fully trained engineers. However, Infosys attention shall always be on reducing IMAC’s by reducing dispatches and routing calls through / from Remote resolutions for a quick and permanent fix.
IMACD involves below activities:
Develop and manage IMAC-D process, forms and checklist contained in the Operations Manual that will be used for each IMAC-D transaction
Install, change or move devices upon request. Depending on the move, additional charges may apply
Redeploy equipment when possible for efficient use according to the deployment criteria
Preparation for disposal of any equipment that shall not be redeployed according to Molina policies.
Maintain documentation for the delivery to include operational checklists for pre-installation, installation and post installation.

2.2.1.3
Hardware Break-Fix for Data Center Hardware
Following diagrams depicts how service recovery scenario due to ‘server failure at datacenter (dispatch from OEM vendor assuming asset is under warranty)’ would look like in an integrated manner:
pic12.jpg
Figure 7.
Service Recovery Process Example



Page 24 of 24
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

The integrated command centre will be the central point for any pro-active incident resolution, which are identified from the monitoring systems. Command centre will cut across all our services for Molina. Command Centre team members will take the first attempts to resolve all pro-active incidents and will reach out / route the ticket to the respective L2/ L3 SME from applications and/or infrastructure teams for issues resolution (wherever necessary to be escalated).

In the scenario, once the root cause is identified as Asset part failure, the team will work with OEM / Third party vendor to replace the part if they are in warranty and extended support. In case the system is not in warranty, the team will try to bring the system up with spares and scavenge from the old systems.

2.2.1.4
Patch Management and Software Distribution
In order to ensure that the Molina environment is safeguard from known vulnerabilities, Infosys will ensure that appropriate patches received from various OEMs on the periodic basis are implemented following a thorough patch management process. Infosys will review existing patch management policy for datacenter infrastructure and end user devices and make the customization as per industry best practice.

The patch management process at a high level would remain the same for both the entities. However, the patch management for end user devices is described in the respective section (2.3.3.2). Infosys would further like to understand from Molina the frequency and prioritization of the patch assessment and implementation guidelines. Infosys will consider Molina patching policy as mandate and will follow the periodization matrix over the OEM default patch categorization.
The high-level patch management process is as follows:
pic3.jpg
Figure 8.
Patch Management Process

More details of the patch management process are as follows:

Vulnerability and patch identification and evaluation – In this stage, Infosys team will:
Monitor and identify new vulnerabilities
Analyze those identified vulnerabilities
Identify and classify required patches
Communicate patch requirements and
Raise the patching request

Monitor and identify new vulnerabilities
Infosys will monitor trusted sources for information on new vulnerabilities
The patch update advisory will be checked on planned intervals for new patches


Page 25 of 25
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Periodically (monthly) scan for the vulnerabilities
Vulnerabilities are tracked and assessed for applicability to Molina’s environment. As part of assurance, it will be validated if the vulnerabilities applicable to Molina are tracked and reported

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Table 20. [redacted]
Analyze vulnerabilities
-
Infosys team will analyse vulnerabilities related to Molina systems/third party software’s
-
Classification of a patch will specify a severity rating (in a range from “Low” to ‘Critical’), which in turn will give rise to a timescale for implementation
-
Each asset is categorized based on the criticality, specified by the respective stakeholder’s/application owner. It will be used to prioritize the assets and deployment of patches based on the risk assessment
-
Classification of a patch will be determined from analysis of associated vulnerabilities; in particular, the assessed risk to the systems / third party software(s). A risk assessment will allow Infosys to assess the severity of a vulnerability/patch.
-
Following factors are considered while conducting the risk assessment:
High value or high exposure assets impacted: increased risk
§
Assets historically attacked are impacted: increased risk
§
Mitigating controls already in place, or soon to be in place for all affected assets: decreased risk
§
Low risk of exposure for impacted assets: decreased risk
-
Time frame for implementation - Patch deployment status is tracked and reported as part of monthly vulnerability and patch management report
§
Patching for critical internet facing applications will be done in 7 days of patch release by OEM
§
Critical Patches rated as Critical / High will be done within 30 days
§
Non Critical Patches rated as Medium / Low will be done within 90 days
Communicate patch requirements / patch reports
Here Infosys team will communicate the requirements in the form of patching request to the different application teams, that may be Infosys application teams or from other service providers. This will help the respective teams to analyze on the patching details and other essential information beforehand.
Patch testing


Page 26 of 26
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

In this process, the Infosys patch management team will be testing the identified patch(es) in the testing environment, and publish success or failure report. Upon successful testing, the patch is confirmed, ready for deployment. This will be done, in accordance to the defined patch test plan, which would have – testing scope, testing schedule and detailed test scripts.
Resolve test issues
This is an optional step, and invoked in case any issue(s) is/are encountered during patch testing activity.
Define patch deployment and roll back plan
The final patch deployment plan is drafted and appended in the change request. It is further, discussed and approved for deployment in all environments. Also, as a precautionary step, and as a good practice, a roll back plan is produced and appended to the same change request, to be leveraged in case, the patching activity is to be abandoned and environments are to be kept in the original state.
Deploy patch
Post approval of the change request, the patch is applied, first in the lower environments and further into the production environment.

Patch reporting
Post conclusion of the above activity, a report is published to respective stakeholders and a communication is sent to all stakeholders, about the completion of the activity, following Molina’s communication guidelines. Infosys will ensure periodic communication is done to all impacted Molina, Infosys and other service provider stakeholders about the activity time to time from the initiation of the patching activity, to deployment to completion of the activity.
Emergency Patch Management (Zero day patches):
At times, depending on the type and extent of vulnerability and need of the hour, Infosys will go for an exception process and will follow the emergency patch management process. This will be done when the OEMs advice for the same, or the internal vulnerability assessment advices for the same.

In the overall patching exercise, Infosys will like to understand Molina’s policy and guidelines, as mentioned in the beginning, as well as would like to have their involvement so that informed decisions are jointly taken and executed.

Following the completion of the Transition, Service Provider will use commercially reasonable efforts to reduce the backlog of unapplied patches using available capacity of business as usual Service Provider Personnel.  Molina and Service Provider may implement a chargeable Project to accelerate the application of patches and reduce the backlog. The risks associated with vulnerabilities created by the backlog of unapplied patches remains with Molina. Service Provider will be excused from its obligations to meet Service Levels to the extent impacted by backlog of unapplied patches.

[redacted]

2.2.1.5
End-Point Protection
In order to ensure, and apart from the regular patching process, as described in the above section 2.2.1.5, end point protection is another critical action item and area of activity to safeguard the Molina environment.

In order to ensure that Molina estate is secured from the end-point protection perspective, following activities are performed:

All images will be updated with the latest Symantec SEP client version once the same is rolled out/deployed in the environment. Molina will provide list of other core infra (compute) end point protection agents to be included as part of compute images by Infosys.
Updated client version is pushed to the endpoints/servers
Infosys team will ensure that all the machines in the Molina Healthcare estate are updated with the latest AV updates
Non-compliant Molina machines will be reported to track for appropriate actions, in order to make them compliant in the near future, thereby minimize the risk
Endpoint testing will also be made part of the DR test exercise for the Molina environment


Page 27 of 27
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

License utilization will also be monitored
As part of the daily health checks, anti-virus versions update will be checked and reported
All external certificate renewals will be managed by Molina while Infosys will manage the installations and distribution.

2.2.2
Delivery Locations (Onshore, Nearshore, Offshore) and Associated Services

2.2.2.1
Service Delivery Location Details by Towers (Address, Photos, and Security Details)
Infosys shall perform the Services from the Approved Service Delivery Locations, in accordance with the Agreement.
Security at Infosys:
Infosys has very comprehensive security policies that covers all employees, contractors, facilities etc. We have a corporate security architecture group, which governs overall security infrastructure across all our Development centers. Following are Information Security Details at Infosys facilities across locations.

Infosys Information Security Policy framework is aligned and certified to ISO 27001:2013 Information Security Standard. The information security framework is supported by a set of supplementary policies, procedures & standards aimed at achieving the enterprise level information security objectives. The Information Security Policy provides an overview of the below areas, details of which are provided below:

    Policy Framework
    Awareness and people security
    Risk Management
    Third-Party Risk Management
    Business security
    Physical and environmental security
    Endpoint security
    Network security
    Infrastructure security
    Database security
    Platform security
    Application Security
    Cloud security
    Security Architecture
    Malware protection
    Data Protection
    Security Configuration
    Security Testing
    Emerging tech security
    System development
    Security monitoring

2.2.2.2
[redacted]

2.2.2.3
Alignment to Molina Contractual Requirements
Infosys is fully aligned to contractual requirements in Exhibit 2-A. The redlined document has been submitted complying with Molina contractual requirements as deemed applicable.

2.2.3
Staffing, Hours of Operation, and On-Demand Sourcing

2.2.3.1
Staffing Breakdown by Tower and Skillset Details
Infosys operating model will be enabled by an operations team based across 3 locations – Long Beach, CA (USA), Bengaluru/Chandigarh (India), Manila (Philippines), and Bengaluru (India) to help meet the coverage and resiliency requirements. This will ensure adequate service continuity for all the business operations with a cohesive workforce, making time zone differences transparent to business users.

Following will be the Skillsets, capabilities and experience of the resources working across various core infrastructure towers. Level of expertise and years of experience will vary based on the role played by the resources:



Page 28 of 28
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

SOW
Skill set / Responsibilities
Process Management
    Requirements Gathering (for addition/modification/retirement of services)
    Measurement and reporting
    Change Management and Training
    Continuous service improvement Activities
    Maintenance of the data accuracy in the Service Catalog through rigorous change control
    Collect process KPIs and Report to all stakeholders periodically
    Communicate Service Catalog changes to all stakeholders
    Conduct end user surveys and collect feedback to identify improvement areas
    Communicate Service Catalog changes to all stakeholders
    Coordinate service review meetings and document corrective actions
    Understand areas of improvements, create service improvement plans, analyze the impact of implementing the improvement
    Raise RFCs for the identified improvement areas
    Educate and Train all the stakeholders on the improvements made to the Service Catalog
    Improve Business users’ awareness of the services being provided through Catalog
    Regular Maturity Assessment of ITIL processes
    Co-ordination & Management of Processes
    Service Integration (Multi-Vendor Environment)
Middleware
    Creating new services
    Configuration of http settings and monitoring on web server
    Create & configure Domain\cluster
    Configuring a Web Server to Serve Content
    Server configuration parameters administration
    Configuring Request Processing for a Web Server
    Setting up environment variable
    Higher End Administration tasks
    Configure LDAP interfaces
    Create & Configure Work Managers
    Configuring Web Server Security
    Software install/re-install, patching and zone build
    Installing a proxy server and configuring it with tomcat
    Implementation of clustering and load balancing
    Performance management & tuning
Database
• Database backup/restore, maintenance plans – strategies and tools – Full/Diff/Incremental/log/archive-log backups - litespeed, RMAN etc.
• Experience in access control, security in DB area
• Database monitoring, issue identification and troubleshooting
• Querying Databases – joins, procedures along with knowledge of system objects – functions, views etc.
• High Availability – Mirroring, replication, Log shipping, Failover cluster, Always On – experience in set-up, maintenance and support
• Experience in Performance monitoring and improvement techniques, tools etc.
• Capacity/License management
• Performance tuning using EWR reports Query tuning
• Experience in DR
• Incident management/ problem management / Change management


Page 29 of 29
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

SOW
Skill set / Responsibilities
Compute
• Windows Server (2008/2012/2016) administration
• Windows servers and Cluster patching
• Linux/Unix administration
• Linux/Windows servers patching and hardening
• Shell scripting and automation
• Troubleshooting Incident and problems with windows/unix servers
• Active directory administration and Group policy administration
• Performing various troubleshooting and maintenance operations in Windows Server environments
• VM Servers build & rebuild deploying the New VM from the Template and Cloning an existing
• Hypervisor (Vmware/Vsphere/Hyper-V/etc.) administration
• Redhat/Microsoft certified
• Vendor coordination for hardware issues
Storage
• Knowledge of storage architecture and administration
• Provisioning/DE provisioning LUNs
• NAS file share creation/administration
• Configuration of NAS and SAN replication
• Brocade/Cisco San switch administration / Server to Storage Zoning and De-zoning
• Unix scripting/automation
• Troubleshooting multi pathing/Performance issues
• Migration between arrays
• Upgrade and patching
• Coordination with vendor for Hardware issues
• License/Capacity management
• Fabric upgrades
• Configure and manage local and remote replication
• Participation in DR drills
• Backup and Restore architecture
• Virtual and agent based backup concepts and technologies
• Hands-on backup tools (EMC Networker, Symantec Net backup, IBM TSM)
• Configuration and implementation of Backup server, Backup devices.
• Administering backup and restore jobs.
• Knowledge on reporting tool such as DPA
• Scripting for automation
• Troubleshooting backup failures
• Upgrade software versions/agents
• Vendor coordination for break fix


Page 30 of 30
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

SOW
Skill set / Responsibilities
Network
(Data & Voice)
• Understanding of LAN & WAN Technologies
• Understanding of Switching protocols, STP / RSTP / VTP
• Experience on Cisco Switches–2960, 3650, 3750 , 3850 , 4500, 6500, 9300 , 9400, 9500
• Experience on Meraki Switches – MS120, MS210, MS225, MS250, MS350, MS410, MS425
• Understanding of Meraki Dashboard management, Troubleshooting utilities
• Experience on Nexus 2K / 5K / 7K / 9K
• Understanding on technologies like – VPC / VDC / VSS / Layer 3 Switching
• Routing protocols – OSPF / BGP / IGRP / EIGRP.
• CCNA R&S / CCNP certified
• Basic understanding of VoIP, VoIP protocols like SIP, MGCP, MEGACO, H323 etc.
• Experience on Cisco IPT products – CUCM, UCCX , Unity , Arc , CME, SRST , Cisco IP phones
• Basic understanding of DHCP / DNS / AD to support Cisco Voice services
• Configuration like, hunt group / pickup group / extension mobility / shared line config / Bulk tool operations / Auto registration / Time based call routing
• Call flow designing and scripting for UCCX
• CCNA Collaboration / CCNP Collaboration certified

Table 21. Skillset vs Responsibility
2.2.3.2
[redacted]
Figure 9.
[redacted]
[redacted]

2.2.3.3
Infra On-Demand Sourcing Model (By Tower)
Infosys understands demand for infrastructure will be dynamic and varies based on business needs. Infosys has experience in handling such requirements based on our exposure to large number of clients. Below are different options, which will be leveraged, based on the requirement type and duration of the need(s)

Sourcing for the infra towers will be done using below options, as applicable:
In Stock/Spare Capacity
Lease/Loan
Public Cloud (Azure)
Outright purchase/procure

The decision on the approach will be based on following considerations:

Strategic considerations
Operational considerations
§    Time to Market
§    Technology Roadmap
§    Scalability & Availability considerations
§    Duration
§    Ease of use/adoptability
§    Role/Functions alignment
§    Power/space constraints

Table 22. On-demand Sourcing model
In this sourcing model, Infosys will be working with Molina procurement/sourcing team for any procurement taking into consideration following aspects:


Page 31 of 31
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

    Analyze Spend
    Procure to Pay
    Manage Suppliers
    Manage Contracts
    Track Pipeline
    Source

2.2.4
Day 1 and Year 1 Transformation (e.g., Migration, Consolidation, Layout)
2.2.4.1
Detailed Explanation of Transformation as Relates to Infrastructure (by Tower/Area)

See Schedule 4 to the Agreement for matters relating to transformation.

2.2.5
Flex Models (e.g., Scale Up, Scale Down, Migrate)
2.2.5.1
Solution Deep Dive

Infosys plans to provide the support for Molina’s Infrastructure in a Global Delivery Model composed of resources at two locations: Onsite at Molina’s office in Long Beach and Infosys Offshore DC (Bengaluru / Chandigarh).

Infosys also will have a Service Excellence Office as part of our delivery model, which will oversee the excellence in delivery including Continuous Service Improvement, Automations, ITIL Process Excellence and Service Transformation Strategies. This team will work with Molina on demand planning, re-skilling of resources.
    
2.2.5.2
Resource Supporting this Model

The support operations team is segregated by the functions and level of services as below:

Integrated Command Center team: Infosys proposes a dedicated team for Molina Healthcare to provide integrated proactive monitoring across all functional towers and this team will be enabled by “Command Center” console of Infosys’ IIMSS platform. Alerts through various monitoring tools will be integrated into the event management tool with auto-ticketing into proposed ITSM Suite. This team will be based out of Bengaluru/Chandigarh office
L2 / L3 teams: This will be a tower / area wise team for each technology area (server administration and management, storage services, network administration, database administration and management, end user services, infrastructure tools administration, infrastructure security services and aligned service management services). This team comprises of [redacted] of resources skilled in L2 work and [redacted] skilled in L3 work which will primarily focus on managing operational changes.
Infosys, through its COEs along with the operational teams, will work with Molina’s architecture team to define future roadmaps for Molina’s infrastructure, plan for transformation projects, create projects / resource plans and work on approvals from Molina management along with their architecture group.
Flex Team: In addition to the code team above, for any new projects or transformations, Infosys will ensure an on-time ramp-up using a tested demand management process. These resources will ramp-up for any agreed project / transformation and will be there until the project completion.
Below is a view of the ramp-up process:

[redacted]
Figure 10.
Resourcing Model

2.2.5.3
Required Commitment, Restrictions, and Limitations
In this section, we assume Molina wants to understand the requirements / commitments, which Infosys expects from Molina for this model to work.
 
Below are the things we expect from Molina for this model:



Page 32 of 32
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Provide a 90-day rolling window for any large ramp-up (e.g. [redacted] resources) needed for onboarding resources for new projects / transformations. Infosys will define a process for this capacity management and work with Molina to identify demands on time.
For individual ramp-ups for any niche work, Infosys expects a lead-time of [redacted] weeks for onsite and [redacted] weeks for offshore resource onboarding and [redacted] weeks for niche skill based out of offshore.
In any outcome-based project executed by Infosys, Infosys will take complete ownership of onboarding the resources with the right skills. For any staff augmentation resources onboarding, Molina can conduct interviews and Infosys will define the process for this with Molina

2.2.5.4
[redacted]

Figure 11.
[redacted]


2.3
Lift, Shift and Enhance for End-User Services (EUS)
End user support services as a function will collaborate closely with the Integrated Service Desk to deliver best-in-class services. Infosys views end user support as a holistic function wherein success is based on driving incident resolution and it is driven by Customer Experience. There are two levels of remote resolution. This is a major enabler to reducing cost and increasing customer satisfaction. Only if an end-user issue cannot be resolved remotely and there is need for physical access to the devices, as in the case of hardware break-fix or hard IMAC, the ticket will be assigned to desk-side support team (dedicated or dispatch). From that point on the desk-side support team will be responsible for resolving the issue and updating the ticket status. Our focus is to keep Dispatch at a minimum and drive high resolution through a combination of Self-service, Service Desk and Dedicated team members and proactive monitoring. The service desk is still the custodian of the ticket till it has been closed.
End-User Services section covers the below tracks:
IT Service Desk
Deskside & Walk up Support
Desktop Engineering
End user device management & Remote support

Operation Solution Highlights
Tailored Delivery Model - 24x7 Support English, Support delivered from Manila, Philippines and Bengaluru (India)
Walk-up services with dedicated technicians based out of 9 premium locations including [redacted]. [redacted] of the user base will be supported through [redacted] dedicated FTEs through walk-up desks, [redacted] of the user base will be supported through dispatch.
Persona based Service delivery with focus on enhancing customer satisfaction through industry best practices and proven methodologies
Differentiated support to end users based on their personas identified through ESM Café
Real time service level monitoring and reporting (Emilia)
Improved accountability through end-to-end ownership of tickets thereby reducing total support costs through a single point of contact, FCR-focused service desk
Shift-left (deskilling) to drive higher resolution at the service desk
Continuous Improvement through six sigma and process improvement initiatives
Effective problem management and RCA based approach to identify and eliminate recurring issues that drive ticket volumes
Knowledge Management

End User Service enhancement themes


Page 33 of 33
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Infosys will be working towards enhancing the End-user computing user experience. Some of key themes Infosys will be implementing to enhance end-user experience is given below
Enhanced Persona based delivery through ESM Café.
Enhancing Process/ Agent Efficiencies
Extreme Knowledge Management Improvisation
Self-Heal & Automated problem resolution for service desk and End user computing tracks
Trend and Performance Analysis to enhance operational efficiencies using Infosys tools Emilia and IIMSS
Standardization of service support in desktop engineering and smart hands support.

2.3.1
[redacted]

2.3.1.1
[redacted]

[redacted]

Figure 12.
[redacted]

[redacted]

2.3.1.2
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

Figure 13. [redacted]

2.3.1.2.1
[redacted]

[redacted]
Figure 14. [redacted]
[redacted]
Figure 15. [redacted]
[redacted]


Continuous Improvement initiatives:


Page 34 of 34
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Infosys envisions Molina’s L1 Service Desk landscape to evolve from its current state to a best in class industry standard which has a Next Gen contact center architecture, provides converged service management, aligned to business services and is based on one platform. The initiatives which will drive this transformation are:

Reduction in number of end user contacts:
-
Using tools such as chat bots to automate and eliminate simple, standard or repetitive application and infrastructure ticket categories.
-
Using Service Now service catalog based auto-routing to assign tickets directly to the correct L2/ L3 resolver groups without Service Desk intervention
-
Promote self-service through ChatBot and by creation of FAQs for frequently occurring easily resolvable issues and proving users access to clear and concise “How to” knowledge artifacts
-
Keep Customers Informed (KCI) on the ticket progress through proactive status alerts through their preferred channel to reduce the status update related contacts, duplicate tickets.

Enhanced process efficiency and agent performance:
-
Reduced handle times and handoffs through efficiency improvement projects based on Six Sigma and Lean methodologies
-
Dedicated quality analysts supporting action planning for improved customer experience
-
Improve agent utilization by analyzing aux code usage and staffing pattern intervention
-
Ongoing training programs targeted at improving agent’ soft skills and customer handling skills

Shift Left of resolution to Service Desk:
-
Conduct top trend analysis to identify issues which the Service Desk can resolve on First Contact
-
Conduct resolution reviews with the Level 2 teams and other resolver groups to identify opportunities and train Service Desk on recurring complex issues
-
Increase knowledge base contribution through regular updates to the knowledge base with new artefacts

Trend and performance analysis:
-
Trend and Root Cause Analysis to be performed for top call drivers and all high severity incidents and repetitive lower severity incidents; Statistical tools and methods like Pareto, Fishbone, etc. to be used
-
Six Sigma trained resource to perform Root Cause Analysis (RCA) on customer complaints and escalations, and deep dive analysis for key metrics
-
Perform deep dive analysis for key metric trends

Continuous SLAs improvements:
Infosys will implement a continuous improvement process for systemically improving service level targets annually. At the start of each service year, Infosys and Molina will jointly review the SLA performance/ trends for the past year and agree upon any changes in SLA parameters and measures. The initial plan will be to bring current Molina service levels to Industry Standards.

2.3.1.2.2
End-to-End Ownership of Incidents
Service Desk will act as the Single Point of Contact, and will own the ticket resolution End-to-End irrespective of the resolver group to which the ticket is escalated; the Service Desk will follow up and close the ticket in the committed time frame.
§
User creates a ticket for a request/incident that is received at L1 Service Desk
§
L1 Service Desk determines involvement of other Resolver Group(s); these could be Infosys, Molina or other third party Vendors groups
§
Same ticket is transferred to the correct Resolver Group
§
L1 Service Desk continuously monitors SLA’s and keeps Molina User updated on the request status; RCA is updated in knowledge database


Page 35 of 35
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

§
Ticket is closed by the resolver and notification goes to the Service Desk and Molina end user
§
Service Desk confirms resolution with Molina End User and closes the ticket.

Described below is the Level 1 end to end ticket ownership model.

pic4.jpg
Figure 16.
L1 End-to-end Ticket Flow
Apart from improving the resolution rate, ticket ownership will also drive enhanced end user satisfaction by keeping the users proactively informed regarding the status of their request/ ticket until closure.

2.3.1.2.3
Knowledge Management
We will implement a strong Knowledge Management process along with a comprehensive Knowledge Base for improved resolution at Service Desk.
Have a knowledge management team comprising of Team Leads, SMEs, Quality Analysts and Service Desk Analysts who will take complete ownership of updating the knowledge articles
Have a dedicated SME act as a Knowledge Manager who will be responsible for coordinating new entries or updates to current content to ensure the accuracy and quality of knowledge base entries, validate the knowledge relevance for retirement/archiving purposes and finally to publish and retire all reviewed knowledge entries
Implement audit process for measuring effectiveness of the Knowledge Base to ensure accuracy and effectiveness
Knowledge sharing sessions for all unique incidents and major issues
Rewards and recognition for Service Desk team to contribute to knowledge base
Implement a robust training program for the Service Desk Analyst to enable them to be effective and contribute towards continuous process improvement; training framework snapshot below:


Page 36 of 36
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

exhibit1036msaimage25.gif
Figure 17.
Training Process
The key areas to consider for efficient Knowledge Management include:
exhibit1036msaimage26.gif
Figure 18.
Key areas of Efficient KM
Infosys team will perform the following steps w.r.t Knowledge Management prior to go-live and then in an on-going manner.
Knowledge Entry Review:
-
Accuracy and quality review which includes review of all published articles, articles currently in the Molina’s Knowledge Database and all articles pending for retirement
-
This process also includes the review of archived/retired knowledge that can be used as baseline for knowledge entries
Process Owner: Infosys SMEs / Knowledge Manager
Knowledge Entry Creation/Update Process
-
Identify gaps in Knowledge Base and create relevant knowledge articles; the knowledge articles will either be leveraged from Infosys existing centralized repository or created in coordination with Molina SME if it is client specific
-
Submit the content to Molina SMEs for review
-
Upon successful review, Infosys SME will create the knowledge article following the KM template and submit the entry to the knowledge manager for final review and feedback prior to publishing the knowledge entry
Process Owner: Infosys SMEs/ Knowledge Manager & Molina SMEs



Page 37 of 37
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

pic5.jpg
Figure 19.
KA creation Process
Knowledge Entry Publishing: Upon successful review of knowledge entries, the Knowledge Manager will publish the entry and will cascade the new update/new entry to the team. The Service Now Knowledge Management module provides workflow and approval process which can be switched on to enable quality checks before posting. The created article goes for review to Molina Knowledge Manager/ other leads for approvals though a defined workflow before the expiry in Service Now. Additional features like commenting, rating, tagging ensures that the knowledge is usable.
Process Owner: Infosys Knowledge Manager
Knowledge Entry Retirement
-
Where it has been determined that the Knowledge Article can be retired, the Knowledge Management Team will archive the article from the Knowledge Management System and remove any links to the article from other Knowledge Articles
-
Team will publish the retirement of the Knowledge Article to all relevant stakeholders (details of Knowledge Articles retired from use are communicated via Monthly Reporting)
-
Knowledge entries will not contain an expiration date as the review and analysis of all knowledge entries will be done periodically; Identification of new processes will be the trigger of knowledge entry retirement
Process Owner: Infosys Knowledge Manager
We would require the following support from Molina to ensure the accuracy and effectiveness of the KB:
Provide a Knowledge Manager who will validate and confirm the accuracy of the knowledge provided
Review and provide inputs to update the knowledge article
Make available to team, any updates/changes to the processes, new products and services added to the scope
Communicate new offerings and changes to the scope to ensure readiness of the team to create and update the knowledge base

2.3.1.2.4
[redacted]
Figure 20. [redacted]
[redacted]

2.3.1.2.5
Escalation Management
A well-defined escalation procedure is must for seamless delivery of services. At the same time, care will be taken that each interaction needs to be maintained at the right levels of the organization hierarchy ensuring transparency to higher levels. Escalation matrix including timeframe for resolution will be jointly defined with Molina based on the governance structure. We will also work with Molina to facilitate transfer of Molina user(s) to appropriate Molina Supervisor or equivalent as applicable by incorporating the same into the escalation path.
A typical escalation path is illustrated in the table below:



Page 38 of 38
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

   Level
Unresolved Period
Team Manager
8 hours
Operations Manager
16 hours
Service Delivery Lead/ Client Partner
Over 48 hours
2.3.1.2.6
Monitoring and Reporting
We will utilize a combination of dedicated staffing such as Incident Manager, Real-Time/ MIS Analysts and tools such as Emilia for monitoring and reporting support.
Monitoring:
We will utilize Emilia, a robotic tool that mimics the role of both Incident Manager and RTA, and is responsible for managing the life cycle of all incidents and service request. It can be integrated with call center monitoring system and Service Now ITSM tool to monitor the critical environment for Service Desk.
The robot enables operations team to focus on their complex deliverables rather than queue and ticket monitoring/incident management tasks listed below. Its primary objective is to prevent incidents and service request to breach and minimize impact to business.

Real Time Analyst
Incident Management/Ticket Management
    Monitors Phone and Chat metric to ensure Service Levels are met
    Reminds agents of callback to ensures alignment to user commitment; Alerts generated via callout, chat or desktop
    It monitors real time status of agents such as agents on incorrect  auxiliary code, long handle time, long after call work, agents about to go on break or lunch, etc.,
    It monitors calls and chat wait times
    It monitors avail time and advises operations if they can go on team huddles, coaching, breaks
    Runs and sends customized reports to operations for better governance
    Quickly analyzes top call/chat drivers and inform operations
    Randomly assigns cases to available agent to avoid cherry picking and also alerts Team Leads of the assignment
    Alerts operations if there are high priority tickets
    Alerts operations of tickets about to breach (breach time can be customizable based on operations Service Levels and criteria)
    Sends ticket reports to operations
    Can implement Smart Ticket assignments
    Can monitor alerts based on operations criteria
Table 23. Monitoring & Reporting
Reporting:
Infosys has the capability to report all aspects of operations. Besides standard Service Desk operations report related to staffed hours, quality scores, AHT, service levels, abandonment rate etc., we can provide customized reports as well, at a frequency as desired by Molina. The format and frequency of reports will be customized to Molina’s requirements and will clearly depict a comparison of actual performance against the contracted service levels.
Infosys generates performance reports at three levels:


Page 39 of 39
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

#
Level
Report Type
1
Agent Level
    Transaction Quality
    AHT / Productivity
    Escalations
    Staffed Hours
2
Process Level
    Process quality
    Average Speed of Answer (ASA) percentage
    Abandoned Call Rate percentage
    First Contact Resolution percentage
    Same Day Resolution percentage
    Ticket Resolution time percentage
    At First Level resolution percentage
    Mean Time to Resolve (MTTR)
    Response Time (P1, P2, P3, P4)
    Resolution Time (P1, P2, P3, P4)
    Backlog (P1, P2, P3, P4)
    Case Chase/ Follow-up/ Update (P1, P2, P3, P4)
    Customer satisfaction score
    Sentiment Analysis
    Customer complaints
    Production hours
    Process AHT
    Attrition
    Capacity plans/ Seat utilization calibration
3
Organization Level
    Service levels
    Hierarchical Escalation
    Attrition Reports
    C-SAT Reports

These reports are referenced during performance feedback sessions and will be utilized to map improvements and set targets.

2.3.1.2.7
Service Desk Channels
Infosys will support the all the technology channels (inbound, outbound) as provided in the Agreement (including each SoW and this document) to communicate with Molina users including phone calls, chats, web-based tickets. The service desk will use Molina’s VDI for connecting to applications at Molina so that there is no data being moved.

2.3.1.2.8
[redacted]

[redacted]
Figure 21. [redacted]
[redacted]
Figure 22. [redacted]

[redacted]

2.3.1.2.9
[redacted]

[redacted]


Page 40 of 40
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd


[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]






[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


2.3.1.2.10
Other Workflows

<Not Applicable>

2.3.1.3
IMACD for End-User Devices
Infosys’s IMACD delivery model is categorized into two key stages for every IMACD request i.e. IMACD Pre-Execution and IMACD Execution. The pre-execution phase ensures sufficient checks and balances are in place to execute the IMACD, while the execution phase addresses user issues during the IMACD and ensures proper closure of the request.
Key activities performed as part of IMACDs will be:
Provide and oversee, as appropriate, all installations, de-installations, cascades, moves, adds and Changes for all EUC Equipment, Software, and related Services at designated Customer Sites.
Coordinate, plan, and schedule IMACDs with all affected IT functions (whether the function is included within the Services provided by Infosys, as a Customer-retained function, or a Third Party); and
Coordinate all internal and external functions and activities to achieve high-quality execution of the IMACD, to meet Service Levels, and to minimize any operational interruption or disturbance to Molina
IMAC Pre-Execution
IMACD pre-execution will have the activities that will be done by Infosys to enable IMACD execution. The below are the key activities that will be performed by Infosys as part of IMACD Pre-Execution
Document the IMACD process and get client approval
Obtain list of Molina personnel authorized to approve these requests
Work with authorized personnel to resolve any issues identified with the IMACD
Co-ordinate with all third parties required to perform the IMACD and ensure availability
Confirm that all hardware and software necessary to perform IMACD is available in the site


Page 41 of 41
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Confirm the installation and de-installation procedures
Test the device used for IMACD
Co-ordinate with all stakeholders and schedule the IMACD.
IMAC Execution
Infosys asset manager assigns a replacement device to the end user
The pre-configured device with user specific image and core applications is checked, tested and will be provisioned from site stock room.
If the site has no stock room (site having <10 users), the request for shipment of device from nearest site will be raised.
The Device gets shipped to the user site.
In case of sites with dedicated FTEs:
-
The dedicated support engineer will schedule a time with the user in order to perform the IMACD
In case of dispatch sites:
-
Remote support team will work with user and schedule IMACD
-
Remote support team will arrange a dispatch engineer for the site on the same date or at best the next day based on user availability.
-
Dispatch engineer will travel to the site and perform IMACD
Following are the detailed activities that will be carried out during the IMACD execution. These are broken up across install, move, add and change.
Install
Connecting a new system unit (e.g. notebook/desktop, network printer)
Installing and connecting of directly attached peripheral devices that are a component of the standard configuration
Testing of the system unit to verify the hardware and software functionality with a network connection, provided that the network infrastructure is available.
Test additional hardware peripherals to verify proper functionality with the main system unit
User briefing on new device
Recovery of user data from one or more servers onto the new system within defined parameters
Ship the old device back to OEM if required with Molina 3rd party contract.
Move
Brief functional testing of the system.
Removal of the system unit including directly attached peripheral devices.
Packing (if necessary) of the equipment for dispatch/transportation from the user’s current place of work to the user’s destination place of work (within a location or between two locations).
Unpacking (if necessary) and connecting the system unit and the directly attached peripheral devices.
Taking back of packing materials and their conveyance within the Molina location to a place designated by Molina
Testing of the system unit to verify the functionality of the hardware and software with a network connection, providing the network infrastructure is available.
Hardware Add
Unpacking (if necessary) of new equipment
Installation of an external device (external modem, hard disks, printers, scanners, monitors) and the associated device drivers.
Software Add
Installation of an application or a software suite with integrated application (e.g. bespoke apps) from the approved supported software catalogue.
Only software published to the user’s SCCM profile shall be supported
Hardware Change


Page 42 of 42
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Modification of an existing system unit by a hardware upgrade (adding of functionality) or hardware downgrade (removal of functionality), including the drivers, if necessary.
Testing the system unit to ensure the functionality of the hardware and software and accessing of the network.
Software Change
Modification of an existing software configuration according to the specified documents/work instructions, such as the creation of network icons.
Testing the system unit to ensure the functionality of the hardware and software and accessing of the network.
Remove
Removal of the system unit including the directly attached peripheral devices, packing and conveyance of these devices to a store specified by Molina with having the option of picking up /scrapping.
Erasing of the data on the hard disk by predefined processes in the predetermined store.
Build
Receive, inspect, and store inventory at central and regional warehouse
Load, configure, and test standard software on to the workstation based on the standard “gold master” image via SCCM
Configure network parameters, User ID and password settings, network printer defaults, and other similar base
Add user specific software as specified
Test completed workstations, laptops, or other devices included in the standard hardware list
Apply asset tags and perform initial asset inventory scan (e.g. serial number capture) or enter configuration item (CI) information if required
Manage, track, and report inventory status and completion status of systems in work to central Infosys asset register
As required, repackage fully assembled hardware and bundled software using original packing materials or other available means), apply shipping labels, generate appropriate shipping documentation
The build activity may be performed at the user desk or a designated space within the Molina premises, where services are being delivered.
Quality Control and Improvements:
Faults Analysis within the Team:
Appearing problems and technician’s shortcomings are analyzed and corrected
Fast feedback from the supervisor
Information sharing within the whole team
Corrective Actions Reports
Project IMACDs Additional Responsibilities
Infosys and Molina will continue to monitor the utilization of Deskside resources. If there is any project IMAC such as large deployments which are time bound and critical, and require additional effort for a short period of time then it will be classified as a Project IMAC. For locations where there is a dispatch support it will be priced based on actual effort spent completing the project task.

[redacted]
Figure 23. [redacted]
[redacted]

2.3.1.4
[redacted]

[redacted]
Figure 24. [redacted]



Page 43 of 43
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

The effort for hardware break fix will be optimized by Infosys once transition to desktop as a Service model.
2.3.1.5
L1.5 (Smart Hands Support) /Remote “Hands & Feet”
The Field Services team will perform Smart Hands and Feet support for Incidents, service requests, change requests, installs, de-installs, moves, break-fix of equipment for server/ network equipment in remote locations.
Below is the broad list of activities that will be categorized as “Smart Hands” / “Remote Hands & Feet” in remote locations.
Perform network and server equipment shut down and restarts. Rack and stack for servers, routers, switches and other IT equipment
Un-racking of decommissioned IT equipment
Configure remote management on servers, switches etc. as per the guidance from the remote infra L2 / L3 team
Perform basic tasks like swapping out of a failed server disk / memory module etc. as per instructions from the remote infra team
Coordinate with Infosys L3 team to troubleshoot various IT related issues
Coordinate with remote team regarding any third party vendors related issues including replacements
Liaison with local facility teams to coordinate access and other activities as instructed by Infosys L3 team.
Liaison with users to understand issues and report back to Infosys L3 team
Wireless Support – assist in testing and installation of Wireless Access Points
-
Documentation – recording of IT inventory & IT processes at local sites including updating layout diagrams, rack view of the datacentre etc. as requested.
For Dispatch sites, we propose this to be a one-time activity during Knowledge Acquisition.

2.3.2
Deskside and Walkup Support (Exhibit 2-C)
2.3.2.1
[redacted]
Figure 25. [redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]



Page 44 of 44
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

Continuous Improvements
As shown in Figure below, Walk-Up services improves Molina employees’ productivity and end user experience.
exhibit1036msaimage28.gif

As a result of the continuous improvement and the analysis of the operation of Walk-Up Service centers and new trends and technologies available in the near future. We would establish new products demos sessions, trainings on increasing Self-Service Services.
2.3.2.2
[redacted]
2.3.2.3
[redacted]

2.3.3
Desktop Engineering (Exhibit 2-C)
2.3.3.1
Solution
Infosys has vast experience in providing Desktop Engineering services for multiple enterprise customers across the globe. We will bring our Desktop engineering implementation and operation capabilities, lessons learnt, to cater Molina’s benefit, with end to end service capabilities and ownership. Also we will analyze the scope during the DD/transition phase and enhance the service.
2.3.3.2
Patch Management and Software Distribution
Infosys as part of its services will provide Molina, support to End Users Software distribution, Software upgrades and updates through existing tool SCCM.
Desktop support team will provide support to Service desk for issues related to end user workstation issues. Using the Desktop engineering model, we will cater to services such as Software packaging, Software deployment, Software upgrades and updates


Page 45 of 45
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

through SCCM which will help us to cater to the end user requests and maintain a stable operating environment which is secured and monitored effectively.

Patch Management
Patch management service comprises of assessing threats and vulnerability, discovering new updates, Coordinate with Molina for patch qualification, Obtaining, testing and deploying required patches.

[redacted]
Figure 26.
Patch Management Process
We understand the significance of an effective patch management process as, in a network of hundreds of systems, all it takes is one machine to become compromised to open the door for multiple other machines to be compromised as well.
Patch Management process not only plays a significant role in upholding enterprise security posture but is also treated as the solution for majority of security vulnerabilities. The key tenets of Infosys’s Patch Management service are as follows:
-
Service Packs as a foundation of the patch strategy
-
Track the Product Lifecycle
-
Perform risk assessment using a Severity Rating System
-
Test updates before deployment
-
Patch prioritization and Scheduling

exhibit1036msaimage29.gif

The Patches would be distributed using the existing SCCM in Molina environment. The team would take control of the end user equipment and distribute the patches as per scheduled releases. The OS and Application patches would be tested and then released for distribution by the security team. A periodic report will be generated for Molina capturing the total amount of Patches released and distributed in a stipulated times frame.
Key points to note are as follows:
Patch Deployment will be done by Infosys.
Identification of patches would be a joint function of the security teams at Molina and Infosys


Page 46 of 46
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Patch Testing will be a collaborative process between Molina and Infosys.

Software Distribution
Infosys software distribution service apart from the distribution and deployment of the on-going patches and updates, Infosys will utilize Molina existing software distribution tool. Some of the Key activities include Deployment planning, deployment pilot test, deployment execution and coordination, monitoring and control.
Infosys will have a Software Distribution team for deployment and on-going patch and updates management utilizing Molina Automation’s in SCCM tool. Key activities that we will perform as part of software distribution are.
Establishing deployment plan for different user types
Deployment process customization and coordination
Software distribution to software repositories and clients
Deployment pilot test
Implementation of rollback plan

2.3.3.3
[redacted]
2.3.3.4
Desktop Management
Infosys will provide proactive management and testing of new hardware as part of an agreed roadmap of change with Molina.
Molina and Infosys will review and evaluate new Hardware based on Molina’s business requirements.
Infosys will test the Hardware against the standard Molina Images before being introduced in to production
Infosys will ensure that the changes to hardware models will be managed such that the hardware models are tested and qualified well before the current hardware reaches end of life or is not available for purchase.
exhibit1036msaimage30.gif
Figure 65.
Desktop Management
2.3.3.5
Mobile Device Management
Infosys will support the existing MobileIron platform environment for the Enterprise mobile devices. Mobile Iron offers capabilities for mobile device management, mobile application management, mobile content management, secure access to cloud services and unified endpoint management.
Operate
Provide support services for mobile devices which are in-scope.
Provide lifecycle management services of mobile devices such as procurement to retirement


Page 47 of 47
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Perform asset management services for mobile devices to the authorized users
Perform CMDB updates and periodic reconciliation
Perform patch management, device updates/fixes etc.
Develop, maintain documentation and standard operating procedures
Perform Install / uninstall / remote wipe etc. of applications and provide incident/ problem management services
Conduct periodic audit to ensure adherence of Molina policies / procedures & compliance regulations.
Provide support for mobile devices managed by other platforms if any, until all mobile devices are migrated to MobileIron.
Report of audit, inventory & exceptions to Molina IT team on mutually agreed intervals
Continuous improvement
Identify and propose integration methods for mobile applications
Implement best practices for improved performance, problem isolation and troubleshooting
Improve user experience
Improve compliance of the devices and usage
Perform stringent compliance management and identify / report security gaps
Roll out new features and enhancement updates

2.3.4
End-User Device (EUD) Management and Remote Support Model (Exhibit 2-C)
Infosys will manage the Molina’s IT assets throughout the life cycle from demand recognition and procurement to disposal using Molina’s existing management processes and tools.
The Device Management Services includes the following Service Components:
Device Lifecycle Management
Asset Management

Device Lifecycle Management responsibilities
Infosys will:
Use the Systems Management Toolset (SCCM) to install a Supported Image and core Software onto End Points as requested by Molina;
-
Perform End User state migration activities to ensure all data, Applications installed via the Software Distribution Service Component and locally stored preferences are transferred from one End Point to another;
-
Support the IMAC Service Component and Onsite Support Service Component as requested;
-
Perform quality assurance tests on all newly built or rebuilt End Points to ensure the following items are installed and operating as designed before the End Point is cleared for deployment:
§
All core Software as defined by Molina from time to time; and
§
All Software installed by the End User via the Software Distribution Service Component;
-
Provide Molina with reports detailing issues experienced/observed during the quality assurance steps outlined in this Service Component;
-
Record all issues experienced/observed during the quality assurance steps outlined in this Service Component to be able to provide such information to Molina on request;
-
Resolve any issues uncovered during quality assurance check before the End Point is cleared for deployment;
Update the Asset Management Database (CMDB) for Tracking and Reporting Service Component;
Configure End Points and update the CMBD with the unique identifier for the End Point and the date the End Point was built/rebuilt;
Hand over the End Point to the Onsite Support team and update the CMBD with details about owner, status, detailed location amongst other specifically requested details from Molina;
Being decommissioned:


Page 48 of 48
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

-
Ensure removal of the associated End Point AD Object from the Active Directory using the Active Directory Service Component;
-
Ensure removal of the associated End Point AD Object from the Systems Management Tool using the Systems Management Toolset Service Component;
-
Update the CMDB as described in the Tracking and Reporting Service Component;
-
Engage Stock Management Service Components for Repair or Disposal if appropriate;
-
Prepare End Point for redeployment and engage the Stock Management Service Component.

Asset Management responsibilities
Infosys will maintain a sufficient Stock of PC hardware and peripherals at Sites designated by Molina to meet the user demands through the End Point Provisioning, Re-provisioning and Decommissioning Service Component. Infosys will:
Do Spares forecasting for the Break / Fix Services
Manage Stock efficiently and only include Infosys supported/deployed End Points;
Transfer Stock between any depots, Molina Facilities as necessary (leverage existing Molina shipment contract);
Work with the Molina approved Hardware vendor(s) for fulfilment, warranty and non-warranty repair and disposal;
Order equipment, receive equipment, check-in to inventory, apply Asset Tag, record model, type, serial number, date, status, and Stock location in the CMDB;
Transfer to the Build Team and update the CMDB with new Molina locations and date moved as requested;
Collect Hardware from Build Teams and update stock numbers when not in use; and
Support the IMAC Service Component as requested.

Molina will own the Assets (Stocks, spares) and depots.
2.3.4.1
Remote Site Management
Infosys will leverage the existing BOMGAR tool of Molina to provide the remote support. Operational model for remote support is explained in section 1.1.2.
2.3.4.2
MDM, Cell Phone, and Hotspots Management
Solution summary
The key operational activities for devices are:
Provide support services for mobile devices which are in-scope
Provide lifecycle management services of mobile devices from procurement to retirement
Perform asset management services for mobile devices to the authorized users
Perform CMDB updates and periodic reconciliation
Perform patch management, device updates/fixes etc.
Develop, maintain documentation and standard operating procedures
Perform Install / uninstall / remote wipe etc. of applications and provide incident/ problem management services
Conduct periodic audit to ensure adherence of Molina policies / procedures & compliance
Report of audit, inventory & exceptions to Molina IT team on a mutually agreed intervals
Co-ordinate with 3rd party vendor / OEM for warranty replacements and/or disposal requirements
For Hotspots and bar code scanners: -
The operational activities include:
Perform initial configuration of device and create device account in the Active Directory.
Handle the needed certificates in rollout and updates processes.
Resolve device errors and Authorized User issues including Incidents that need involvement of Third Parties (such as WLAN Access point provider). Re-build the device if it seems to be configured incorrectly.
Handle communication with the external Hardware supplier.


Page 49 of 49
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd


[redacted]

[redacted]
[redacted]
 
[redacted]
[redacted]
 
[redacted]
[redacted]
 
[redacted]
[redacted]
 
[redacted]
[redacted]
 
[redacted]
[redacted]
 
[redacted]
[redacted]
 
[redacted]
[redacted]
 
 
[redacted]
 

Table 24. [redacted]
2.3.5
[redacted]

[redacted]
Figure 28. [redacted]
Figure 29. [redacted]
[redacted]
Figure 30. [redacted]

[redacted]

Figure 31. [redacted]

[redacted]

Figure 32. [redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


Page 50 of 50
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd



2.3.6
Network Operations Center
2.3.6.1
NOC Support Model
Infosys will be leveraging the intelligent command center to act as Network Operations Center (NOC). Molina will be able to proactively identify and resolve incidents before business is impacted through proactive monitoring by our Integrated Command Center.
Infosys will set up an Integrated Command Center (ICC) that will centralize support using unified processes, tools and technologies. The ICC will be staffed 24x7 to facilitate intelligent and timely action to “catch the yellows before they become reds”. The ICC team will play a pivotal role in critical incident management and will be responsible for SOP-based resolution thereby reducing the number of incidents escalated to L2. by [redacted]:
Monitor all events and correlate events to give actionable conditions
Prioritized based on business impact
Verified and enriched with extra state information and diagnostics
If application performance problem, triaged to determine probable cause area
Fix using run-book or route to appropriate team / co-ordinate with vendors
Own the event and critical incident management process
Reporting service level metrics on regular basis leveraging IIMSS
exhibit1036msaimage31.gif
Figure 33.
Integrated Command Center/NOC
Infosys integrated command center/NOC team will be leveraging IIMSS to perform L1.5 support for all the infrastructure tracks. Following IIMSS features will be leveraged to enhance the IT services across Infrastructure tracks
Single and unified management solution/portal to help users request, manage, monitor and govern the Hybrid IT resources while providing agility and ensuring adherence to enterprise policies and processes
To integrate, automate, and manage all its on premise, cloud resources and third-party cloud service providers (private/public, IaaS/PaaS/SaaS) in a central location
Streamlined and disciplined monitoring across a hybrid IT landscape with a centralized data source for monitoring
A single point of integration of alerts/alarms received from various monitoring tools into MOM (Monitors of Monitor) & other integration touch points
A single point of correlated alerting, notification and reporting data source mechanism


Page 51 of 51
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Proactively and predictively identify and resolve issues before the occurrence of a major outage incident
Visibility of alerts and current tickets that are either assigned, being triaged or resolved
Comprehensive reporting & dashboard capabilities based on various team reporting requirements including management and business teams
Data analytics and Machine learning algorithms for incidents/service request to identify the recurring patterns for automations
Service Management Layer
Infosys will be having a service management layer overarching the integrated command center and service desk. Service management layer will have dedicated incident, change and problem managers who will take end to ownership of MIM, Incident, change and problem management functions. Following are key objectives and activities which will be managed and monitored by up by Incident, change and Problem manager’s
Incident Manager
Objectives:
Resolving Incidents within Established Service Times.
Restore normalcy as quickly as possible.
Ensure Customer Satisfaction.
Key Activities:
Logging of incidents in the service management tool
Prioritization and categorization of the incident
Solve on the call if possible, else escalate it to the 2nd level / 3rd level support
Ownership throughout the life cycle of the incident
Knowledge base updates
Analyzing incident trends
Defining/updating KPI’s
Assisting the Major Incident Management Team
Implement Lean methodologies through automation of certain tasks (where ever possible) and improve business value
Problem Manager
Objective:
To prevent problems and resulting incidents from happening
To eliminate recurring incidents
To minimize the impact of incidents that cannot be prevented
Key Activities:
Identifying the recurring incidents and work on a permanent solution
Updating ServiceNow Known Error database, so further incidents can be resolved much more quickly
Assist the Major Incident Management Team
Closely work with Incident, Change, Event, Capacity and Performance Management processes
Risk Management by identifying the vulnerabilities and performing the preventive actions
Proactive Problem management through Continuous service improvement
Change Manager
Objectives:
Respond to the customer’s changing business requirements while maximizing value and reducing incidents, disruption and re-work
Respond to the business and IT requests for change
Clear and comprehensive release plans that enable Molina to align their activities with these plans.
Building, installing, testing and deploying a release on schedule


Page 52 of 52
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Identify specific Patch installation process

Key Activities:
Categorization and prioritization of a change
Validating the information provided by the change requester with Configuration Management, Test plan, Implementation plan, back out plan
Driving the Change management board meetings
Business Impact analysis on the change
Authorization and coordination during implementation of the change
Documentation and instruct Configuration management to update the CMDB
Release building
Release testing
Release planning
Release deployment
Release documentation control
[redacted]

Figure 34. [redacted]
2.3.6.2
[redacted]

[redacted]
Figure 35. [redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.4
[redacted]
2.4.1
[redacted]

2.4.1.1
[redacted]

[redacted]


Page 53 of 53
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd


Figure 36. [redacted]

[redacted]

2.4.1.2
[redacted]

[redacted]

Figure 37. [redacted]

[redacted]

2.4.2
Security Operations
Infosys engagement level controls with NIST Cybersecurity Framework
Infosys will follow NIST cyber security framework at an engagement level for supporting Molina’s compliance mandates from outsourced managed services standpoint. Infosys internally is ISO27001 certified for all its delivery locations. From an engagement standpoint, Infosys will –
Onboard and dedicated Information Security officer at offshore who will own –
SOA and security controls documentation for Molina engagement
-
Work with Molina security team and align on the security controls, their design and operational aspects. These will be documented in the “Information Security HandBook_Molina Health Care”.
-
Document a statement of applicability (SOA) to cross reference between controls, applicable services, processes, responsible parties, reporting and audit requirements, periodic assessment requirements.
Security training for Infosys team engaged with Molina
-
Understand Molina requirements from security training for all resources who are going to work on the engagement.
-
Ensure that the training is undertaken by resources and records are maintained and updated in an on-going basis.
Supporting Internal and external security audits for Molina-Infosys engagement
-
Create a calendar of internal and external audits, reviews, assessments by Infosys and Molina
-
Coordinate with internal and external stakeholders from Infosys and Molina perspective for such internal and external audits, reviews, assessments by Infosys and Molina
Advisory and guidance to Infosys teams to meet Molina compliance requirements (SOA).
-
Provide continuous guidance to Infosys and Molina teams on meeting the stated and implicit needs for security control compliance requirements.
-
Addressing any gaps discovered as a part of any audit or assessment
Report on KPIs
-
Align with Molina on reporting and KPI requirements
-
Ensure the committed reports and KPI reporting requirements are being adhered to and being met on a continuous basis.
Infosys will explore with Molina on automating the security controls maintenance, change management and operational effectiveness by the usage of suitable eGRC tools.
Infosys will create a statement of applicability of applicable controls – the SOA will be built by Infosys Information Security Officer and approved by Molina Security team. The applicable controls will be jointly arrived by referring to Molina security policy, compliance requirements, Infosys security policy and compliance requirements. The SOA will be a living document and will be updated as and when there is a change in the control design or implementation consideration. Future control requirement for Molina


Page 54 of 54
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Infosys team engaged in this program will be responsible for ensuring that the security controls are designed, implemented, enhanced, supported. Each Infosys team will identify a security SPOC who be responsible for ensuring compliance to the SOA and associated compliance and reporting mandates

2.4.2.1
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

Table 25. [redacted]
[redacted]

Figure 38. [redacted]

[redacted]

2.4.2.1.1
[redacted]

[redacted]


2.4.2.1.2
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

Figure 39. [redacted]

Figure 40. [redacted]


Page 55 of 55
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

2.4.2.1.3
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 26. [redacted]
2.4.2.1.4
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 27. [redacted]
[redacted]
Figure 41. [redacted]
[redacted]

2.4.2.1.4.1
[redacted]

[redacted]

Figure 42. [redacted]
[redacted]



Page 56 of 56
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.4.2.1.4.2
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.4.2.1.4.3
[redacted]
[redacted]

2.4.2.1.5
[redacted]
[redacted]

Figure 43. [redacted]

[redacted]



Page 57 of 57
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 28. [redacted]
[redacted]

2.4.2.1.6
[redacted]

[redacted]

Figure 44. [redacted]

Figure 45. [redacted]
[redacted]


2.5
[redacted]

2.5.1
[redacted]

[redacted]




Page 58 of 58
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


Figure 46. [redacted]
[redacted]

Figure 47. [redacted]
[redacted]

Figure 48. [redacted]
[redacted]

Figure 49. [redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
Table 29. [redacted]
[redacted]




Page 59 of 59
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]


[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

2.5.2
[redacted]

2.5.2.1
[redacted]

[redacted]

Figure 50. [redacted]
[redacted]
Figure 51. [redacted]

Identify Key Objectives for Monitoring like the ones mentioned below:
Identify gaps in the tools setup
Improvement in alert noise
Improved Dashboards and Reporting structure
Infosys will perform below Transition Activities for App and Infra support:
Request for the latest details (repository, Inventory, Application owner details) of all the Infra and applications which are being monitored
Take hand over of AppDynamics and Infra monitoring tools hardware details, software licenses and credentials of the servers forming the environment
Analyze their on boarding process, approval process to perform new enhancements
Get details of all the different application agents that are currently instrumented? (Java, .Net, PHP, Node.js etc.)
Analyse current monitoring tools integration with event management tool and identify pain areas
Create new account on Monitoring tools and deactivate old ones
Understand all the SOP’s, KB articles and process related documents
Get details of all out of the box functionalities currently used and customized functions deployed in the monitoring tools
Analyse default health rules and figure out any gaps in current setup
Get application owner details for application which are getting monitored


Page 60 of 60
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

From the tools leveraged in Molina, Infosys would analyse cases for redundancy and overlap of tools & functionality. After getting detailed information on Tools landscape, we can propose various idea to optimize the tools set by consolidating redundant tools.
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]
Figure 52. Sample Clarifications for tool rationalization
Tools Strategy During Cloud Migration Journey
Infosys understands that Molina will be embarking on the journey to migrate servers / applications to cloud in the upcoming years. This strategy will certainly have an impact on how the various monitoring and management tools would need to operate. Infosys will closely work with Molina architecture & security team in ensuring that appropriate strategies are defined to handle both the hybrid state of the environment with cloud & on premise existence and dedicated environments of only cloud or only on premise needs.
This strategy is anticipated to bring in the need for new tools to handle monitoring & management requirements in the cloud as well as the need for retiring / optimizing some of the existing tools. All changes related to Molina & Infosys tools will follow the defined release & change management processes including updating the necessary documentation of the tools.
2.5.2.2
Consolidation and optimization of existing tools
Solution Approach
Rationalize current tools and extend the capability for tools optimization across businesses and eliminate redundant tools in consultation with Molina
Deliver integrated and efficient operations to have robust tools and processes
Optimized tools with applicable configuration and customization of monitoring solution to ensure long-term needs are fulfilled
Integrate monitoring tools with IIMSS for event correlation
High-Level View of Integrated Monitoring environment with IIMSS Orchestration & Automation

Figure 53. [redacted]

2.5.3
[redacted]

[redacted]

2.5.4
[redacted]
[redacted]

2.5.4.1
[redacted]

[redacted]



Page 61 of 61
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

Figure 54. [redacted]


Page 62 of 62
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd


2.6
[redacted]
2.6.1
[redacted]
2.6.1.1
[redacted]

[redacted]

Figure 55. [redacted]
[redacted]
Figure 56. [redacted]
The proposed Strategic Governance Layer has been conceptualized to ensure overall governance to the service management initiative. This layer will be jointly owned by Infosys and Molina to ensure proper communication and effective governance. The strategic layer also follows a three-layer strategy, comprising of a Steering Committee, a Management Layer & an Operations Layer.
The Operation Service Integration Layer will pursue policy and process adoptions and adherence as well as drive standardization of processes across the board (including multiple vendors). This layer will focus on process operations as well as develop various reports of varying complexities. Multiple reports will be generated to target specific audiences to give an overall dynamic snapshot of the environment health. Continuous Improvement activities will be spearheaded by the Service Excellence Office across the board and will ensure that process maturity within the organization continues to improve at a steady pace.
Tools & Orchestration Layer will ensure integration of existing tools utilized by Molina and its vendors are appropriately integrated into ServiceNow. This will ensure seamless flow of information and enhanced governance of the infrastructure.
Tools & IP
ITSM process transformation solutions are intended to be built on the ServiceNow platform: Incident, Problem, Knowledge, SLM, Service Catalog, Change Management & CMDB, Reporting and Dashboard.
Persona Based Services: Persona information available to Service Desk agent to ask relevant questions while interacting with Molina business users.
CXO Dashboards and Reports
-
Leadership Dashboards will help making quick decision and analyse the health of IT operations at one glance
-
Operations Dashboards – This will be designed for the operations team to help in operational efficiency and prioritize their work easily
-
Trend Reports – These reports will give a snapshot view of how the performance has been for an organization over a period of time
-
Snapshot View – This will be designed for various operations team to provide a glimpse of current health of operations
Consulting Enablers
-
SIAM Maturity Assessment Framework
Our varied and diverse experience in the SIAM space has enabled us to conceptualize and implement a comprehensive SIAM Maturity Assessment Framework which will help Molina gauge its existing infrastructure maturity levels. This framework consists of an assessment tool which utilizes a rating mechanism based on a detailed questionnaire and the results/scores are benchmarked against our defined maturity levels. The questionnaire encompasses all conceivable process within the ITSM space and hence this detailed and in depth analysis will enable Molina to accurately identify the processes that need a maturity level up. This, in turn, helps Infosys and Molina to focus a concerted effort on the pain areas and improve corresponding maturity levels. Along with a scorecard, Infosys will also provide action items and a roadmap to help Molina improve maturity levels across the spectrum.
-
Infosys SIAM Readiness Framework
Infosys will also perform a SIAM Readiness Framework to gauge the effort and the pace in which the SIAM framework can be deployed across Molina environment. The multi-phased SIAM implementation approach will help us deploy process improvements at a much faster pace and hence save valuable time for Molina.
[redacted]


Page 63 of 63
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd


Figure 57. SIAM Readiness Framework
Process Aids
Infosys “iPrise” is an Infosys’ proprietary set of processes required for different streams in Infrastructure Services. It Draws out best practices from world known process frameworks such as ITIL, CMMI, COBIT, ISO 27001, PMBok, etc. It is a collection of accelerated process designs using ready to use designs from the process repository. This set is used as a baseline to customize and develop Processes for IT Infrastructure Management set-ups. “Infosys i-PRISE” enables organizations to save time & effort required for defining processes and provides easy access to industry best practices. It acts as a catalyst for process definition and implementation. It includes detailed levels of various parts of a process such as sub – processes, roles & responsibilities, requirements for tools, KPIs and Metrics, etc.
Key areas where iPrise can contribute are:
-
Enhancing existing processes and implement new capabilities to ensure core capabilities are defined
-
Setup of Service Excellence Office to provide the overarching governance during the process setup and ensure its improvement.
-
Ensure ITSM processes are defined, integrated, implemented and sustained. This will result in achieving processes with high end maturity level
-
Once the processes are rolled out, process maturity assessments, quality audits, trainings and governance will ensure the maturity is maintained and improved.
-
Rapid deployment of ITSM processes thereby saving significant time
Infosys recognizes and acknowledge Molina’s current ITSM maturity state at Level 2 .Infosys’s unique processes, frameworks and accelerators can help in reducing the short-comings. We will leverage our experience and Service Management Maturity Framework to improve the maturity of the processes at Molina.


[redacted]

Figure 58. [redacted]
SIAM governance forums
Governance Forums
Frequency
Infosys Participants
Infosys Attendance
Service Excellence & Innovation Forum
Quarterly
Delivery Manager
Engagement Manager
Mandatory
Commercial Review Forum
Quarterly
On Need basis
Delivery Manager
Engagement Manager
Mandatory
Service Review Forum
Monthly
On Need basis
Delivery Manager
Engagement Manager
Mandatory
Change Approval Board
Weekly
Infosys Change Coordinators / Initiators
Mandatory
Release Management Review Meeting
Weekly
Infosys Release coordinators / Initiators
Mandatory
Tower Operational Service Review Forum
Weekly
Tower Leads
Mandatory
Capacity Planning Forum
Monthly
Infosys Capacity
Co-coordinators
Mandatory
Service Change Forum
Monthly
Tower Leads, Change Coordinators
Mandatory
Service Management Operational Governance Forum
Monthly
Tower Leads
Delivery Manager
Mandatory
Service Design & Life cycle forum
Quarterly
On Need basis
Delivery Manager
By Invitation
SIAM Project Forum
Monthly
Delivery Manager
Project Manager
By Invitation


Page 64 of 64
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Integrated Performance Dashboards and Reporting
Infosys will maintain integrated IT Governance to build a seamless and service focused delivery structure. Based on our experience, we often notice that with dispersed data, IT Leadership often receives very different reports from each region, it’s hard to get an end to end overview of the IT operation, or to perform data analysis resulting in what we often refer to as ‘Water-Melon’ Effect (Green from outside, red inside); where Individually each vendor or region might be performing well, but collectively business is not happy.
Infosys has handled multiple accounts with this scenario and helped our Customers overcome these challenges by having a robust and comprehensive multi-tier Governance structure.
Infosys’ view on performance reporting focuses on enabling adequate visibility of performance of each Vendor/region/tower at various Organizational levels
At Strategic layer, high level performance summary or a dashboard view on all Suppliers and a Management summary related reports are produced
At Management Layer, the regular SLA reports as well as CSI reports are shared and discussed.
At operational layer, multiple reports at various stages of each process are produced and verified

2.6.2
DR / BC for Supplier Services in-Scope of This Agreement
Infosys understands the criticality and relevance of DR and BCM for supplier services to ensure continuity of services to our clients / partners under any disaster scenario. Infosys can provide 100% confidence to Molina for continuation of services via its thorough DR/BCM corporate level framework, guidelines and teams.
Infosys has a detailed Business Continuity and Disaster Recovery plan called “Phoenix” at the Corporate Level, Location Level and each account Level. Redundancy has been built into all the essential infrastructure including office space, network connectivity, power, computing resources and personnel, and the same would be applicable for Molina engagement.
Infosys BCMS conforms to the requirements of ISO 22301. Infosys is certified for ISO 22301-certification standard effective February’ 2013. The scope of the certification covers all Infosys India locations (including BPO locations).
The Business Continuity Management Plan is a comprehensive set of steps to be taken before, during, and after a disaster. The plan is documented, communicated and tested to ensure the continuity of business operations and availability of critical resources after disaster. This plan is made available at all of our Development Centers (DCs).
The BCMS Plans are driven systemically through the BCMS System, an in-house application for management of all the Business Continuity Plans and reviewed at least annually.
The BCMS system is used to develop the account level BCMS Plans and cover sections such as the account level BCMS team structure, Roles and responsibilities, Business Impact Analysis, Risk Assessment, recovery sites, Incident Management Workflow, Post Disaster Activities, Notification Directory, Tests and Exercises, Call Trees, Metrics to check on maturity tracking and compliance etc. This plan will be created for Molina as well and will go through an approval process before it gets baselined.
Tests and exercises are conducted at all three levels - Location, Function, Account. Once the Molina account level BCP gets created it will be tested as per the frequency updated in the test plan / agreed with Molina. Tests are conducted at least once a year by the Infosys Quality assurance team and BCM team.
These BCMS tests and exercises are planned to ensure the validation on the various BCMS strategies/controls in place. These are conducted to cover scenarios like unavailability of –
IT Infrastructure
Physical Infrastructure, and / or
Human Resources
Any issues or deficiencies identified during these tests are captured as action item in an Infosys BCMS tracking tool and driven to closure with follow-ups and execution.
As in any other engagement, Molina account team will have few DRRs – Disaster Recovery Representatives on the floor, to take care of any disaster situation. These are resources from the project, and are trained by the Infosys BCMS team, on how to act during the disaster situation.
Degree of Assurance
A minimum of [redacted] of the physical infrastructure is available as redundancy. Example – extra office space at Infosys DCs within the same city and / or another city
A minimum of [redacted] of the IT infrastructure is available as redundancy. Example – Laptops, Desktops, VoiPs etc.


Page 65 of 65
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

Upon occurrence of a disaster affecting Infosys offshore facilities, Infosys will implement the plans and procedures stated to ensure business continuity
For Molina, it is envisaged that services will be delivered using a combination of resources at onsite and one or more of Infosys’ development centers in India (Bengaluru and Chandigarh).
Following is the snapshot of the BCP/DR infrastructure for Molina is outlined below.

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.6.2.1
Backup and Storage (Process, Data Residency)
Infosys will be accessing Molina infrastructure / tools / applications from offshore (Bengaluru / Chandigarh) through Molina VDI / Citrix connections. Infosys will not have any Molina data stored in any of the Infosys site and systems. Molina data will stay within Molina’s Data Center and follow the agreed Molina DR/BCP. In case of any disaster at the Infosys service locations, Molina related data will not be affected since no data is stored within Infosys network / site.
2.6.2.2
Committed and On-Demand Equipment
From the current scope of work, Infosys understands the need to setup an Offshore ODC location, which will be setup in Bengaluru / Chandigarh for Molina. Following would be the committed equipment, to ensure steady execution of operations:
Router – for network connectivity from Infosys ODC to Molina DC
Laptops/Desktops – for all the on-boarded resources to carry out their work for Molina.
VoiP Phones – for the resources to join direct meetings within the teams located globally, with the Molina stakeholders
2.6.2.3
Support Services
In order to ensure smooth and continuous operations and to meet any DR/BCP situation, Infosys has the following internal teams / sources to provide support services:
Computers and Communication Department
Quality Assurance Team
Business Continuity Management team
Infosys Development center facilities team
Transport team



Page 66 of 66
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

2.7
[redacted]
2.7.1
[redacted]

[redacted]

2.7.2
[redacted]

[redacted]

2.7.3
[redacted]

[redacted]

2.7.4
[redacted]

[redacted]

2.8
[redacted]
2.8.1
[redacted]

[redacted]


2.8.2
[redacted]
[redacted]

2.8.2.1
[redacted]

[redacted]

2.8.2.2
[redacted]

[redacted]

2.8.2.3
[redacted]

[redacted]


2.8.3
[redacted]

[redacted]

Figure 59. [redacted]

2.8.3.1
[redacted]
[redacted]


Page 67 of 67
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.8.3.2
[redacted]
[redacted]

2.8.3.3
[redacted]

2.8.3.4
[redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.8.3.4.1
[redacted]
[redacted]


Page 68 of 68
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]

2.8.3.4.2
[redacted]
[redacted]
2.8.3.4.3
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.8.3.4.4
[redacted]
[redacted]

2.8.3.5
[redacted]
[redacted]
2.8.3.5.1
[redacted]
[redacted]


Page 69 of 69
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.8.3.5.2
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.8.3.5.3
[redacted]
[redacted]

2.8.3.5.4
Reporting
Following table provides list of reports / KPIs we propose for effective IAM support.
#
Report Parameter / KPI
Description / Action Item
1
Availability
Ensure availability of IAM systems and provide weekly / monthly report for the same in addition to live availability status (live availability is dependent on available monitoring systems)
2
Incident Count / Service Requests vs. Status
Adhere to SLAs
3
Top 10 IAM Incident Categories vs. Volume
With process optimization or automation, show decrease in incident numbers in same category
4
SOX Reports
Convert Ad-hoc / manual report generation into automated report generation over time for SOX queries
5
Audit Reports
Convert manual audit report generation into automated report generation over time
6
Operations Reports
Automate report generation for operational efficiency such as for data discrepancy over time
7
Usage Reports
Provide reports on usage of identity and access management system, password reset, progress of access certification cycle, etc. and monitor performance of environment vs. available capacity
8
Privilege Usage Reports
Provide reports for privilege access usage through available tools (Bomgar PAM and available analytics system)
9
Weekly / Monthly Trend Reports
Provide weekly / monthly trends for incidents, problems, service requests, availability, usage, etc.
10
Dashboard
Provide dashboard summarizing no of active users, key activities, key automation activities, etc. in addition to weekly / monthly trends


Page 70 of 70
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd


2.8.3.5.5
Continuous improvement opportunities
Based on understanding of current state and overall application landscape at Molina, Infosys has identified key areas for improvement/ automation which will result into a streamlined end to end IAM solution.

2.8.3.5.5.1
IAM Manual Activities
As part of due diligence and transition phase, Infosys will work on listing complete inventory of manual activities related to Identity and Access Management support, and will work on automation of the ones resulting into higher number of incidents and service requests. Following table provides a brief list of manual activities which are generally encountered in a typical IAM program of similar scale.
#
Typical Manual Activities
Mitigation / Automation
1
Data Quality – discrepancies and inconsistency in data between source system, IDM system and target systems
Data quality analysis during implementation;
Periodic data discrepancies reports and automated remediation of the same
2
Manual troubleshooting related to various access certifications
Log analytics;
Automated troubleshooting;
Verified process
3
System Management (including backup, storage, logs)
Automated operational management (such as automated log rotation, archival, purge)
4
Support to internal / external audit queries
Define requirement in alignment with audit teams;
Enable solution for automated reporting of audit requirements
5
Incidents related to self-services including password reset
Provide self-services for account unlock, password expiry, etc.;
Enable help desk / L1 support to resolve such incidents
6
Requests pending for approval
Enable delegated approvals using IDM system
7
Assign access in PAM system for local administrative rights or deployment rights for a short window
Automate on-demand privilege access management through process and technical optimizations

2.8.3.6
[redacted]
[redacted]

2.8.3.6.1
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.8.3.6.2
[redacted]
[redacted]


Page 71 of 71
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.8.3.6.3
[redacted]
[redacted]

2.8.3.6.4
Reporting
Security Infrastructure tools support team will create daily/weekly/monthly reports and share the update with Molina team. The reports that will be shared with Molina are as follows:
Area
Frequency
Target Stakeholders
Report Example
Operational Reporting
Weekly

Infra leads, App Leads, SOC Manager/team, CSIRT team
§    Total incidents, problem, change tickets, status of tickets (open/closed)
§    Weekly trends
§    Any open issues
Trend Reporting

Monthly
SOC Manager, IT Managers

§    Administrative changes Trends
§    Point solutions like AV, IPS, FW trends
§    Traffic Trends (services, ports, users)
§    SLAs
Incident and Service Status reporting
Daily, Weekly
SOC Manager
§    Incidents by Priority
§    Incident by Stages
§    Incidents by Age
§    Incident Trend by Priority
§    SLA Compliance/breaches
§    Average Incident response time by priority
§    Ad-Hoc Report delivery
Compliance Reports
On-Demand
Compliance Auditors
§    Access and Change Validation
§    Administrative Activities

2.8.3.6.5
Continuous improvement opportunities
Security Infrastructure tools support will continuously be looking for improvement opportunities and provide Molina with transformation ideas well. Some of the typical opportunities for improvement in supported, existing tools.



Page 72 of 72
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

2.8.3.7
[redacted]
[redacted]

Figure 60. [redacted]
[redacted]

Figure 61. [redacted]
[redacted]

Figure 62. [redacted]
2.8.3.7.1
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


Page 73 of 73
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd


2.8.3.7.2
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


2.8.3.7.3
[redacted]
[redacted]

2.8.3.7.4
Reporting
Following table provides list of reports:
#
Report Parameter / KPI
Description / Action Item
1
Application Scan Vulnerability Report
After each scan completion, Infosys team will provide a report to Application owner to fix the identified vulnerabilities
2
Weekly Report
Provide insights of total number of applications or assets scanned in a week, total vulnerabilities identified, fixed and closed
3
Weekly Infrastructure Vulnerability Scan Report
Will be shared with IT Ops or Assets owners for their remediation action
4
Monthly Infrastructure Vulnerability Scan Report
This report will provide insights of cumulative scan performance and the left over vulnerabilities to be fixed
5
Yearly Infrastructure Vulnerability Scan Report
Toward end of year, a complete scan will be conducted to find out if there are still vulnerabilities exist

2.8.3.7.5
Continuous improvement opportunities
During the Steady State, Infosys will assess the possibilities of identifying opportunities for improvement. Some of such improvement ideas are:
Vulnerability management life-cycle process assessment and improvements
Vulnerability backlog clearing initiative for CVSS 7+ vulnerabilities
Reporting of vulnerabilities by asset and application criticality matrix
Bring in secure SDLC as a part of application development and release process

2.8.3.8
[redacted]
[redacted]

Figure 63. [redacted]

2.8.3.8.1
[redacted]
[redacted]


Page 74 of 74
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]

2.8.3.8.2
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


2.8.3.8.3
[redacted]
[redacted]

2.8.3.8.4
Reporting
Following table provides list of reports:
#
Report Parameter / KPI
Description / Action Item
1
Weekly Report
Provides Total number of Incidents and Requests serviced by Infosys team
2
SLA Report
This report will bring the view of how Infosys is performing against agreed SLA in handling incidents
2.8.3.8.5
Transformation ideas/initiatives
During the course of Steady State, if there are automation opportunities or Data Center to Cloud migration opportunities or Major upgrade initiatives, Infosys will be partnering to deliver the transformational initiatives.

2.8.3.9
[redacted]
[redacted]

Figure 64. [redacted]
2.8.3.10
[redacted]
[redacted]

2.8.3.10.1
[redacted]
[redacted]

2.8.3.10.2
[redacted]
[redacted]
Figure 103.
[redacted]



Page 75 of 75
995601.6
Technical Solution to Tooling for Future State    Infosys Ltd

2.8.3.10.3
[redacted]
[redacted]

2.8.3.10.4
[redacted]
[redacted]



Appendix


[redacted]



Page 76 of 76
995601.6


[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]




995601.6
CONFIDENTIAL TREATMENT REQUESTED



[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]




Page 78 of 78
995601.6

[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


CONFIDENTIAL TREATMENT REQUESTED



[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
















Schedule 23

BUSINESS CONTINUITY AND DISASTER RECOVERY





CONTENTS
 
 
Page
1.
Definitions
- 1 -
2.
Principles
- 3 -
3.
Service Provider’s BCP/DR Plan
- 3 -
4.
Recovery Time Objectives and Recovery Point Objectives
- 6 -
5.
Reviews, Exercises and Testing
- 6 -
6.
Continuity Risk Management
- 9 -
7.
Audit
- 9 -
8.
Remediation of Issues, Risks and Deficiencies
- 10 -
9.
Service Provider Disaster Coordinator
- 10 -
10.
Declaration of a Disaster
- 11 -
11.
Records and Logs
- 12 -
12.
Management and Training
- 12 -
13.
Contact List
- 13 -
14.
Use of Subcontractors
- 13 -


(i)



1.
DEFINITIONS
1.1
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) to this Agreement. In this Schedule:
BCP/DR Tests” means the tests performed to assess the success of the BCP/DR Plan(s). The test includes:
(a)
participation in the planning sessions leading up to a test;
(b)
executing Recovery activities which are the responsibility of the Service Provider;
(c)
supporting Recovery activities which are the responsibility of any Other Service Provider;
(d)
participating in post-test debriefs and reviews; and
(e)
contribution to and execution of follow up actions, as part of the Disaster Action Log;
Disaster Action Log” means a document that records all the open and closed actions that were identified as part of a response to:
(a)
a Disaster;
(b)
an audit, Risk Assessment, review, Planned Exercise or BCP/DR Test;
Disaster Recovery Service” means:
(c)
producing, implementing, maintaining and testing the BCP/DR Plan(s);
(d)
managing and completing the activities as documented in the BCP/DR Plan(s) in the event of a Disaster and including performing Disaster Recovery; and
(e)
fulfilling any obligations, set out in this Schedule 23 (Business Continuity and Disaster Recovery);
Exercise and Test Report” means a report that contains the results of a review, Planned Exercise or BCP/DR Test, and includes full details of the results, activities performed and evaluates the performance against agreed objectives and Service Levels;
Planned Exercise” means reviewing a BCP/DR Plan(s) to ensure their viability and effectiveness, and alignment of each other BCP/DR Plan(s);
Recover” means to recover a backup from backup media in accordance with the Recovery Point Objective as specified in this Schedule 23 (Business Continuity Management and Disaster Recovery) and “Recovery” shall be construed accordingly;

1


Recovery Point Objective” or “RPO” means the point in time to which the data is restored using the last back up as set out in Appendix 23A (BCP/DR Plan Requirements);
Recovery Time Objective” or “RTO” means the period of time from the invocation of a Disaster to when the System should be Restored as set out in Appendix 23A (BCP/DR Plan Requirements);
Remedy Plan” means a document that describes the activities and resources needed to remediate issues identified in the Disaster Action Log, which may include changes required to the BCP/DR Plan(s);
Restore” means to restore Services and the impacted part of the Systems to normal operation in accordance with the Service Levels and “Restoration” shall be construed accordingly;
Risk Assessment” means an assessment to ensure that the Approved Service Delivery Locations and those Services and Systems delivered from the Approved Service Delivery Locations comply with the Molina Policies, and includes:
(a)
identifying whether the likelihood of a Disaster has changed;
(b)
identifying new threats, vulnerabilities, issues experienced and opportunities for improvement in relation to the continuity capabilities of Services and Systems in those Approved Service Delivery Locations;
(c)
ensuring new, obsolete or modified processes are analyzed and classified by criticality;
(d)
ensuring mapping between the Services and Systems delivered from the Approved Service Delivery Locations remains correct and is appropriately reflected within the configuration management database; and
(e)
providing updates to any risk assessments conducted by or on behalf of Molina in relation to the Approved Service Delivery Locations, Services, Systems, or business processes;
Risk Assessment Report” means a report that summarizes the results of the Risk Assessment, and includes details of:
(a)
criticality of the Services and Systems to Molina;
(b)
single points of failure, including potential issues caused by centralization or a lack of physical separation and geographic spread;
(c)
amount of physical spare capacity available;
(d)
interdependencies, including dependencies on Other Service Providers; and
(e)
recommendations for improvement and/or plans as required by the remediation of issues, risks and deficiencies section of this Schedule.

2


Service Provider Disaster Coordinator” means the Service Provider person serving as the point of contact concerning Disaster Recovery in the event of a Disaster.
2.
PRINCIPLES
2.1
This Schedule sets out the Service Provider’s obligations in relation to the BCP/DR Plan(s) and Disaster Recovery Service.
2.2
The Service Provider shall develop and maintain its BCP/DR Plan(s) in accordance with paragraphs 3 and 3.17 respectively.
2.3
In meeting the requirements set out in this Schedule, the Service Provider shall:
(a)
take appropriate actions to minimize interruption to Molina business activities during a Disaster;
(b)
manage all aspects concerning the ability to continuously provide Services according to the Service Levels, Recovery Time Objectives and Recovery Point Objectives; and
(c)
deliver the ability to manage the Recovery and Restoration of Services and Systems following a Disaster with minimum impact on Molina.
2.4
The Service Provider shall manage the Service Provider resources required to meet the requirements set out in this Schedule for all Approved Service Delivery Locations.
2.5
The Service Provider shall:
(a)
have a documented BCP/DR Plan(s) for (i) Approved Service Delivery Locations, and (ii) designated Systems (i.e., Systems used by Service Provider to provide the Services); and
(b)
each year during the Term, provide written confirmation to Molina that the Service Provider has a documented BCP/DR Plan.
2.6
The Service Provider shall store the latest, up-to-date version of the BCP/DR Plan(s), Service Provider briefings to Molina, if any, on the BCP/DR Plan(s), and supporting documents produced by the Service Provider under this Schedule on the Contract Management Portal.
2.7
During an outage or disaster, Service Levels will not apply unless the Disaster Recovery Plan specifies otherwise; provided, however, that the Service Levels shall apply in any event where the Disaster Recovery Plan was enacted in response to a breach of the Agreement by the Service Provider (as opposed to being enacted in response to a Force Majeure Event).
3.
SERVICE PROVIDER’S BCP/DR PLAN
3.1
Molina shall provide the Service Provider a prioritized list for the Recovery and Restoration of the Services.
3.2
The Service Provider shall develop, implement and maintain the BCP/DR Plan(s).

3


3.3
The BCP/DR Plan(s) shall be developed for (i) Approved Service Delivery Locations, and (ii) designated Systems in accordance with this paragraph 3, unless otherwise agreed or directed by Molina.
3.4
Each BCP/DR Plan shall cover reasonably foreseeable events (together with any other events agreed with Molina) and consequences including loss of designated Systems, loss of Services, loss of Systems provided by a Subcontractor, and total or partial loss of any single building or group of buildings for each relevant Service and designated System.
3.5
Each BCP/DR Plan shall provide for the following in the event of a Disaster:
(a)
ensuring the safety of Service Provider Personnel and Molina Personnel (if applicable);
(b)
minimizing potential economic/business loss to both the Service Provider and Molina;
(c)
reducing disruptions to Services and Systems;
(d)
ensuring organizational stability and reducing reliance on certain key individuals;
(e)
minimizing decision-making and providing an orderly Recovery;
(f)
minimizing the Service Provider’s legal liability by adhering to Applicable Law as set out in the Agreement; and
(g)
seeking to protect the Services and Systems containing Molina Data.
3.6
The BCP/DR Plan shall include details of the following:
(a)
the events that may trigger a Disaster;
(b)
communication channels;
(c)
the detailed activities required to be taken by the Service Provider in the event of a Disaster to Restore impacted Services and Systems;
(d)
the sequence of the activities required to Restore Services and designated Systems;
(e)
the dependencies the Service Provider has on Molina and Other Service Providers in order for the Service Provider to complete the activities to Recover and Restore impacted Services and Systems;
(f)
details about the prioritization of Recovery and Restoration activities to be performed in relation to the designated Systems and Services;
(g)
resources involved in each activity in the BCP/DR Plan;
(h)
the testing activities that will be completed after each activity;
(i)
potential Workarounds which may be deployed in the event of a Disaster to partially or fully Recover and Restore Services and designated Systems; and

4


(j)
the activities to failback a Service or designated Systems to its state before a Disaster occurred.
3.7
Each BCP/DR Plan shall comply with all relevant Molina Policies, Applicable Law and Good Industry Practice and shall conform to ISO 27001, and cover all Key Personnel, resources, Services and actions required to manage the required Disaster Recovery processes and achieve the RPO and RTO set out in Appendix 23A (BCP/DR Plan Requirements). Service Provider will use commercially reasonable efforts to support RTO and RPO as architected in the current Systems. If changes to the architecture or investment in Capital is required to achieve the RTO / RPO requirements listed in Appendix 23A, Molina will be responsible to fund these changes to the underlying systems, but as long as the service provider identifies these requirements promptly following the first DR test with Molina.
3.8
The Service Provider shall work with Subcontractors to ensure the BCP/DR Plan can be supported by Subcontractors as required.
3.9
The Service Provider shall:
(a)
submit a draft of the BCP/DR Plan(s) that meets all of the requirements set out in this Schedule 23 (Business Continuity and Disaster Recovery) to Molina within 180 days after the Service Commencement Date; and
(b)
update the BCP/DR Plan(s) within 10 Business Days after receiving notification from Molina that an update to the BCP/DR Plan(s) is required following a Planned Exercise with the details of the updates required, and at the Service Providers cost continue to update the BCP/DR Plan(s) until Molina provides approval or the Parties escalate the matter to the relevant Governance Board in accordance with Schedule 7 (Governance).
3.10
The Service Provider shall cause the BCP/DR Plans developed and, as applicable, implemented by it pursuant to this Schedule 23 to account for and to be coordinated with the Molina BCP/DR plan set out in Appendix 23B.
3.11
Molina shall approve or reject the BCP/DR Plan(s) within ten (10) Business Days of receipt of the draft BCP/DR Plan from the Service Provider. If Molina rejects the BCP/DR Plan(s) then Molina shall provide reasoning for the rejection to the Service Provider. Where Molina rejects a BCP/DR Plan, the Service Provider shall make all required changes in accordance with paragraph 3.12(b).
3.12
The Service Provider shall:
(a)
co-operate with all Other Service Provider(s) and Molina in the development of BCP/DR Plan(s); and
(b)
provide input into Other Service Providers’ business continuity and disaster recovery plan(s) as reasonably requested by Molina.

5


3.13
The Service Provider shall define and provide evidence to Molina on how the BCP/DR Plan(s) will be coordinated with Other Service Providers’ business continuity and disaster recovery plans.
3.14
The Service Provider shall perform reviews, Planned Exercises and BCP/DR Tests of the BCP/DR Plan(s) in accordance with paragraph 5, and the Service Provider shall provide evidence to Molina, in the form of an Exercise and Test Report, that the reviews, Planned Exercises and BCP/DR Tests were completed as per the review, Planned Exercise and BCP/DR Test schedule in accordance with paragraph 5.4.
3.15
If a Disaster occurs that would trigger a BCP/DR Plan and, as a result, the Service Provider has to allocate scarce Resources between accounts, the Service Provider must treat Molina no less favorably than other similarly situated clients receiving similar services to the Services on a like–for–like basis.
3.16
The Service Provider shall record the BCP/DR Plan(s) in the Contract Management Portal to ensure the BCP/DR Plan(s) are continuously available to Molina. The Service Provider shall produce and maintain a report, on the Contract Management Portal, that includes:
(a)
a list of the BCP/DR Plan(s) in scope for the Service Provider;
(b)
the date of the last update for each BCP/DR Plan;
(c)
the date of the next scheduled review, Planned Exercise and BCP/DR Test; and
(d)
any missed activities or performance gaps.
3.17
The Service Provider shall continuously review the BCP/DR Plans and make necessary updates to reflect the status of the Services, Recovery strategies, technical solutions and related Recovery (subject to approval by Molina to any amendments).
4.
RECOVERY TIME OBJECTIVES AND RECOVERY POINT OBJECTIVES
4.1
All of the Services and designated Systems shall be maintained or Restored in accordance with the Recovery Time Objectives set out in Appendix 23A (BCP/DR Plan Requirements) and each BCP/DR Plan.
4.2
All agreed data shall be backed-up, maintained and Recovered in accordance with the Recovery Point Objectives set out in Appendix 23A (BCP/DR Plan Requirements) and each BCP/DR Plan.
4.3
The Service Provider shall reasonably co-operate and work together with Other Service Providers and Molina in implementing the Recovery Time Objectives, Recovery Point Objectives in accordance with the BCP/DR Plans.
5.
REVIEWS, EXERCISES AND TESTING
5.1
General principles

6


(a)
The BCP/DR Plan(s) shall be reviewed, exercised and tested in accordance with this paragraph 5.
(b)
Reviews, Planned Exercises and BCP/DR Tests will be scheduled with consideration of seasonal business cycles, the number of processing systems or platforms involved and the time required to perform the review, Planned Exercise or BCP/DR Test and shall only be performed if approved by Molina. The Service Provider shall take appropriate actions to avoid reviews, Planned Exercises and BCP/DR Tests having an impact on the delivery of Services, unless specifically approved by Molina.
(c)
In each Contract Year a Planned Exercise or a BCP/DR Test, will be scheduled for each System which is eligible for Disaster Recovery Service.
(d)
The Service Provider shall develop the Planned Exercise and BCP/DR Test schedule of the BCP/DR Plan(s), Molina shall review the Planned Exercise and BCP/DR Test schedule with the Service Provider, and Molina shall approve the Planned Exercise and BCP/DR Test schedule. The Service Providers shall execute the Planned Exercise and BCP/DR Test as specified in the Planned Exercise and BCP/DR Test schedule approved by Molina. The approved Planned Exercise and BCP/DR Test schedule will be available on the Contract Management Portal.
(e)
For all Planned Exercises and BCP/DR Tests, a scenario and detailed list of objectives will be developed and agreed between Molina and the Service Provider prior to the Planned Exercise or BCP/DR Test commencing. The Parties shall agree:
(i)
scenarios which represent realistic Recovery parameters to ensure all components of the BCP/DR Plan(s) can be demonstrated, e.g., simulation of Recovery from losing a data center, Recovery of a business critical application environment;
(ii)
objectives written in such a way that success criteria are clearly defined and understood and so that overall performance can be measured against those objectives; and
(iii)
reporting format and content.
(f)
Unless otherwise specified, Molina shall provide the facilities, operations, networks and equipment necessary for the Planned Exercises and BCP/DR Tests of the BCP/DR Plans.
(g)
The Service Provider shall continue to provide the Services and Systems with minimal interruption in accordance with the Service Levels during the performance of the Planned Exercises or BCP/DR Tests of the BCP/DR Plans.
5.2
BCP/DR Plan reviews
(a)
The Service Provider shall formally review the BCP/DR Plan(s) once a year, by:

7


(i)
performing a structured walk-through of the BCP/DR Plans’ capabilities; and
(ii)
reviewing the BCP/DR Plan(s) to identify any perceived gaps and provide recommendations and rationale for amendments to the BCP/DR Plan(s).
(b)
Following such a review, the Service Provider shall update the BCP/DR Plan(s) as necessary to comply with the requirements of this Schedule 23 (Business Continuity and Disaster Recovery).
5.3
BCP/DR Plan Planned BCP/DR Test
(a)
As set out in paragraph 5.1(c), the Service Provider shall perform a BCP/DR Test of the BCP/DR Plan(s) once a year.
(b)
The BCP/DR Test shall:
(i)
test that all purposes of the BCP/DR Plan(s) are being achieved;
(ii)
test the state of readiness of the organization to respond to and cope with a Disaster;
(iii)
determine whether backup Data and documentation stored off-site are adequate to support the resumption of business operations and failback to the state of business operations before a Disaster;
(iv)
determine whether the activities and operating procedures are adequate to support the resumption of business operations and failback to the state of business operations before a Disaster;
(v)
determine whether the BCP/DR Plan(s) have been properly maintained to reflect annual resumption, Recovery and Restoration needs and failback to the state of business operations before a Disaster;
(vi)
consider and test for exposure to new risks;
(vii)
test that Service Provider Personnel are adequately trained for Disaster Recovery;
(viii)
consider lessons learned from the occurrence of an Incident and test these against the current processes;
(ix)
test against changes in technology and/or processes;
(x)
test against the introduction of or change to any Applicable Law, to the extent the Service Provider is responsible for complying with Applicable Law as set out in the Agreement, or Molina Policies, in each case to the extent Molina has communicated the change and the impact to the Service Provider.; and

8


(xi)
consider any changes to any Service and Systems.
(c)
The Service Provider shall conduct an additional Planned Exercise following:
(i)
an Agreement Change that requires a change to the BCP/DR Plan(s) or requires a different manner of implementation, including different people to implement the BCP/DR Plan(s);
(ii)
subject to the Change Control Process a re-organization of Molina;
(iii)
a re-organization of the Service Provider;
(iv)
a Disaster; or
(v)
an Incident where the associated BCP/DR Plan(s) or associated Disaster Recovery capabilities fails to maintain Services at the required level or fails to meet RTOs or agreed Service Levels.
(d)
The Service Provider shall manage and coordinate the BCP/DR Test of the BCP/DR Plan(s).
(e)
Following such a BCP/DR Test, the Service Provider shall update the BCP/DR Plan(s) as necessary to enable the execution of all activities in compliance with the requirements of this Schedule.
5.4
BCP/DR Plan Exercise and Test Reporting
(a)
Within ten (10) Business Days following the completion of each BCP/DR Plan review, Planned Exercise or BCP/DR Test, the Service Provider shall prepare and communicate the Exercise and Test Report.
(b)
Each Exercise and Test Report shall be stored on the Contract Management Portal.
(c)
Where the agreed test objectives and/or Service Levels are not met, the remediation of issues, risks and deficiencies section, paragraph 8, of this Schedule 23 (Business Continuity Management and Disaster Recovery) shall apply.
6.
CONTINUITY RISK MANAGEMENT
6.1
The Service Provider shall conduct Risk Assessments at least once per year for each Service Provider Approved Service Delivery Location where there are Systems or from where the Service Provider delivers Services.
6.2
The Service Provider shall prepare a Risk Assessment Report in relation to each Risk Assessment within ten (10) Business Days of completing each Risk Assessment.
7.
AUDIT

9


7.1
Without limiting Clause 38 (Audit and Information Access) of the Agreement, Molina reserves the right to audit, with reasonable prior written notice, the Service Provider’s adherence to the BCP/DR Plan(s) at any time.
7.2
At a minimum, the Service Provider shall make available to Molina for audit purposes, the most recent approved version of the:
(a)
Risk Assessment Report;
(b)
BCP/DR Plan(s);
(c)
Exercise and Test Reports; and
(d)
Disaster Action Log.
8.
REMEDIATION OF ISSUES, RISKS AND DEFICIENCIES
8.1
If:
(a)
Molina invokes a BCP/DR Plan(s) and the Service Provider has not met its obligations in relation to the BCP/DR Plan; or
(b)
a Planned Exercise or BCP/DR Test fails to achieve stated objectives; or
(c)
an audit under paragraph 7 of this Schedule 23 (Business Continuity and Disaster Recovery) or Clause 38 (Audit and Information Access) of the Agreement or Risk Assessment related to an event under paragraph 6 identifies that the Service Provider has failed to achieve stated objectives, and such failure is due to the fault of the Service Provider,
the Service Provider shall produce and share with Molina a Remedy Plan within ten (10) Business Days of the failed result, to remedy any deficiencies or risks identified.
8.2
Molina shall approve or reject the Remedy Plan within ten (10) Business Days of receipt from the Service Provider. If Molina rejects the Remedy Plan, Molina shall provide reasons for the rejection.
8.3
Where Molina rejects the Remedy Plan, the Service Provider shall revise the Remedy Plan taking into consideration all Molina’s comments and within five (5) Business Days of Molina’s rejection, re-submit the revised Remedy Plan to Molina to obtain Molina’s approval in accordance with paragraphs 8.2 and 8.3.
8.4
Where Molina does not approve or reject the Remedy Plan or Molina rejects a revised Remedy Plan, the Parties shall escalate the Remedy Plan (or revised Remedy Plan) to the relevant Governance Board in accordance with Schedule 7 (Governance).
8.5
Where Molina approves the Remedy Plan, the Service Provider shall rectify non-compliant areas as per Molina’s approved Remedy Plan. Should the Service Provider remain non-

10


compliant sixty (60) Business Days after Remedy Plan activities were due to be completed then the Parties shall escalate the matter to the relevant Governance Board in accordance with Schedule 7 (Governance) and Molina may require an additional audit, Risk Assessment, review, Planned Exercise and/or BCP/DR Test (as applicable) at the Service Provider’s expense, for every subsequent thirty (30) Business Day period until the matter is resolved in accordance with the Remedy Plan.
9.
SERVICE PROVIDER DISASTER COORDINATOR
9.1
The Service Provider shall appoint a Service Provider Disaster Coordinator who shall:
(a)
be available 24 x 7 and have suitable experience;
(b)
be responsible for maintaining the BCP/DR Plan(s);
(c)
conduct and coordinate testing and reviews of the BCP/DR Plan(s);
(d)
manage and coordinate the execution of the BCP/DR Plan(s) in the event of a Disaster;
(e)
ensure all Service Provider Personnel and Service Provider Subcontractors have awareness of the obligations within the BCP/DR Plan(s);
(f)
liaise with the Service Provider Subcontractors as required; and
(g)
liaise with Molina as required by Molina.
10.
DECLARATION OF A DISASTER
10.1
If the Service Provider becomes aware of a Disaster, the Service Provider shall notify Molina immediately.
10.2
Upon Molina instructing the Service Provider to invoke the BCP/DR Plan, Service Provider shall commence the processes and activities outlined in this Schedule 23 (Business Continuity and Disaster Recovery), and specifically those processes and activities in paragraph 10.4 of this Schedule 23 (Business Continuity and Disaster Recovery), and the BCP/DR Plan(s), immediately.
10.3
The Service Provider’s Disaster Coordinator shall co-operate with all Other Service Provider’s disaster coordinators and Molina’s disaster coordinator and Molina personnel as required during a Disaster.
10.4
In the event Molina declares a Disaster the Service Provider shall:
(a)
invoke, and execute the activities set out within, the relevant BCP/DR Plan(s) which cover the Services and Systems affected by the Disaster;
(b)
mobilize and activate the teams necessary to facilitate the resumption of time-sensitive business operations;

11


(c)
work with Other Service Providers as needed to support end-to-end Recovery of technologies, services and applications to a functional state;
(d)
continually assess and report Incident impact in accordance with the BCP/DR Plan(s), extent of damage and disruption to the Services and Molina’s business operations;
(e)
organize and manage any meetings with Molina and Other Service Providers as necessary to keep them informed of the activities being undertaken by the Service Provider and the status of the Services;
(f)
attend and contribute to any meetings organized by Molina;
(g)
if applicable, co-ordinate the relocation and/or migration of operations and support functions from temporary recovery facilities to repaired or new facilities;
(h)
participate in any post Disaster Recovery debriefs; and
(i)
contribute to and execute follow-up actions to the extent that they require the Service Provider’s knowledge related to the affected Services and Systems.
11.
RECORDS AND LOGS
11.1
The Service Provider Disaster Coordinator shall maintain the Disaster Action Log for actions related to the BCP/DR Plan(s) as a result of any of the following:
(a)
a Disaster; and
(b)
an audit, Risk Assessment, review, Planned Exercise or BCP/DR Test of the BCP/DR Plan(s).
11.2
The Service Provider shall maintain the latest version of the Disaster Action Log, in the Contract Management Portal.
11.3
The Disaster Action Log shall be used during Recovery and Restoration activities to ensure that all actions for a particular plan are carried out and for evaluation purposes after the Disaster, or an audit, Risk Assessment, review, Planned Exercise and/or BCP/DR Test, to ensure lessons learned are noted and future BCP/DR Plans are amended accordingly as required by paragraph 8.
11.4
At a minimum, the Disaster Action Log shall cover:
(a)
all actions carried out and the start/end times for each;
(b)
reasons for taking such action;
(c)
any delegation of actions;
(d)
remote escalations;

12


(e)
dependencies on Molina or Service Provider; and
(f)
any deviations from defined BCP/DR Plans and operating procedures and any Workarounds implemented.
12.
MANAGEMENT AND TRAINING
12.1
The Service Provider shall nominate a duly authorized Service Provider Person (who may be the same person as the Service Provider Disaster Coordinator) to be primarily responsible for Disaster Recovery Services, and for ensuring the Service Provider’s compliance with this Schedule.
12.2
The Service Provider shall ensure that a key group of Service Provider Personnel at each Service Provider Approved Service Delivery Location where there are Systems or from where the Services are provided, are trained in all aspects of the Disaster Recovery Services and the Service Provider shall maintain training records showing the training received by and the attendance of such Service Provider Personnel. Such training records shall be available for inspection by Molina at any time.
12.3
The Service Provider shall ensure all Approved Subcontractors and key Service Provider Personnel required to deliver any Disaster Recovery Services have sufficient capability to meet the requirements stated within this Schedule or within any plan required under this Schedule.
12.4
The Service Provider shall provide Service Provider Personnel with immediate access to all relevant operating procedures and documentation relating to the Disaster Recovery Services in the event of a Disaster or where required to meet the obligations set out in this Schedule.
12.5
The Service Provider shall ensure that Service Provider Personnel are aware of, understand and comply with the obligations set out in this Schedule.
12.6
The Service Provider shall maintain a list of key contacts and notification operating procedures for Molina, Service Provider Personnel and Subcontractor Personnel relating to the Disaster Recovery Services.
13.
CONTACT LIST
13.1
Molina shall produce, maintain and record, on the Contract Management Portal, the Molina contact list, which includes the Molina contacts to be notified in an event of a Disaster.
13.2
The Service Provider shall produce, maintain and record, on the Contract Management Portal, the Service Provider Personnel contact list, which includes the Service Provider Personnel contacts to be contacted in the event of a Disaster being declared.
14.
USE OF SUBCONTRACTORS
14.1
In the event the Service Provider engages a Subcontractor for the provisioning and delivery of Disaster Recovery Services (e.g., recovery facility, recovery/replacement hardware and/or

13


staffing resources), the Service Provider shall be responsible for the management, oversight and performance of those Subcontractors in accordance with Clause 63 (Subcontracting) of the Agreement.
14.2
Molina reserves the right to review and either approve or reject the use of Subcontractors supporting the delivery of Disaster Recovery Services in accordance with Clause 63 (Subcontracting) of the Agreement.


14


APPENDIX 23A
BCP/DR PLAN REQUIREMENTS

[redacted]


14


APPENDIX 23B
MOLINA ENTERPRISE BCP/DR PLAN
See the attached.


Page 15


pic6.jpg

Page 1


Document Control

Revision History

Date
Version
Description
Author
02/01/2013
1
Initial draft (based on MIT DRP, MMS DRP and QNXT 4.8 DRP documents).
Kurt Dufresne
02/07/2013
2
Further revisions to initial draft. Changed to version 02 to preserve content removed from version 01.
Kurt Dufresne
02/28/2013
3
Removed business continuity material and excessively specific sections.
Kurt Dufresne
07/19/2013
4
Iterative revisions.
Kurt Dufresne
08/26/2013
5
Revised structure of the document and selected content.
Kurt Dufresne
04/11/2014
6
Revisions based on Arizona-Texas data center migration.
Kurt Dufresne
12/03/2014
7
Revisions, minor edits, updated broken links.
Amelia Directo
04/26/2016
8
Annual revisions. Updated URLs. Added recent test results.
Kurt Dufresne
05/19/2017
9
Annual Revisions/Updates
Rajesh Sukumar


Approval

Date
Version
Approver
04/11/2014
6
So Ling Balschi
 
 
 


Distribution

The primary electronic copy of this plan is located on the Molina Healthcare, Inc. (MHI), disaster recovery (DR) SharePoint site:


A secondary electronic copy of this plan is stored on the RecoveryPlanner RPX site (login required):


A hard copy is also retained at the DR Manager’s desk:

Meeker Baker Building, 3rd Floor
650 Pine Avenue, Long Beach, CA



Page 2


Document Classification: Molina Confidential

This document is confidential and proprietary to Molina Healthcare Corporation. It is not to be used, reproduced, or disclosed outside Molina Healthcare without the written consent of Molina Healthcare Corporation. The information in this document is furnished for use by Molina Healthcare support personnel in servicing customer equipment or by a customer under a license agreement with Molina Healthcare.

Refer to Information Services Policy and Procedure, IS 72.00, Data Classification, for additional information and required handling procedures.


Privacy Rules

The Health Insurance Portability and Accountability Act of 1996 (HIPAA – Public Law 104-191), the HIPAA Privacy Final Rule, and the American Recovery and Reinvestment Act (ARRA) of 2009 require that covered entities protect the privacy and security of individually identifiable health information.

Protected health information (PHI) includes demographic information and other health information and confidential information, whether verbal, written, or electronic, created, received, or maintained by Molina Healthcare about members and patients. It is health care data plus identifying information that would allow the data to tie the medical information to a particular person. PHI relates to the past, present, and future physical or mental health of any individual or recipient; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual. Claims data, prior authorization information, and attachments such as medical records and consent forms are all PHI.


Copyright © 2019 Molina Healthcare, Inc.

Page 3



Table of Contents
1
Introduction
6
1.1
Objective
6
1.2
Scope
6
1.2.1
Application Recovery Procedures
6
1.2.2
Application Tier
8
1.2.3
Application Recovery Priority
8
1.3
Plan Review
9
1.4
DR Strategy
9
1.5
Testing Strategy
9
1.5.1
Test Date and Authorization
9
1.5.2
Test Location
10
1.6
Definitions and Acronyms
11
1.6.1
Definitions
11
1.6.2
List of Acronyms
12
2
Data Center Overview
14
2.1
New Mexico Data Center (DC01)
14
2.2
Unitas Global Richardson Data Center (DC02)
15
2.3
Network Infrastructure
17
2.4
Telephony Overview
19
3
Data Handling and Protection
21
3.1
Data Backup
21
3.2
Replication Process
22
3.3
Microsoft Exchange Server
22
4
Molina IT Organization
23
5
DR Roles and Responsibilities
24
5.1
Disaster Recovery Team (DRT)
25
5.1.1
DRT Responsibilities
25
5.1.2
DRT Members
26
5.1.3
DRT Key Activities
26
5.2
Disaster Recovery Analyst
27
5.2.1
DRA Responsibilities
27
6
Communication Plan
28
6.1
Emergency Notification System
28
6.2
Status Emails
28
6.3
Conference Bridges
28
7
Disaster Identification and DR Plan Activation
29
7.1
DR Activation Summary
30
7.2
Disaster Scenarios
33
7.3
Restoration to the Primary Site
34
Appendix A:
DR Test Results
35



Page 4



Table of Figures

Figure 2‑1:
New Mexico Data Center Production Environment
14
Figure 2‑2:
DC02 Data Center Floor Layout
15
Figure 2‑3:
Molina Data Center Wide Area Network (WAN)
16
Figure 2‑4:
Molina Site Wide Area Network (WAN)
17
Figure 2‑5:
Molina Telephony Architecture
18
Figure 2‑6:
Telephony Acronyms
19
Figure 4‑1:
Molina IT Organization for DR
22
Figure 5‑1:
IT Role in ICS Organization
23
Figure 7‑1:
Disaster Recovery Call Tree
32





Page 5


1.
Introduction

1.1
Objective

This Disaster Recovery Plan (DRP) is designed to provide immediate response and recovery procedures from major events that would result in the loss of critical processing capabilities at the Molina Healthcare, Inc., data center in Albuquerque, New Mexico. The DRP covers procedures which provide for a smooth transition of critical functions to an alternate location that facilitates the resumption of normal business operations.

The DRP is closely integrated with the business continuity plan (BCP), and provides for the recovery of information technology (IT) services that support the business processes covered in the BCP. Both the DRP and BCP are pursuant to Molina Information Services policy and procedure IS-56.10 Contingency Planning.



1.2
Scope

The DRP provides guidance and procedures to enable the timely recovery from unplanned crises and to facilitate an orderly transition of functions to the alternate location. This allows for smooth resumption of critical processing capabilities for Molina Healthcare, Inc., to restore services within the contractually required time period after a declared disaster.
This document serves as an overall IT DR plan. Detailed technical recovery procedures are also being developed for critical applications. These are essentially addenda to the overall DR plan. Refer to the list below for these procedural documents.

1.2.1
[redacted]

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]


Page 6



1.2.2
Application Tier

The Business Continuity Management (BCM) team conducted a business impact analysis (BIA) to identify critical business functions and gather information pertaining to the impact incurred by a disruption of these services. The BIA defined the tier classification as the period of time in which a business function needs to be restored. Four tier categories were specified.

[redacted]

IT systems support business processes, so this same tier stratification is used for IT systems. The recovery time objective (RTO) and recovery point objective (RPO) for a given application determine which tier classification it is assigned.

Recovery time objective is the duration of time within which a business process (or application) must be restored after a disaster or disruption in order to avoid unacceptable consequences associated with a break in business continuity.

Recovery point objective refers to the maximum allowable time frame between the last restorable data point and the time of disaster. Some of this data can be recovered by alternate means such as paper re-entry, batch re-runs, etc.

RTO and RPO vary according to the system and the business function it supports. Therefore, they may be found in the application-specific DR plan.

1.2.3
Application Recovery Priority

The order in which applications are restored is a function of their criticality and dependency relationships. Below is the recovery priority for applications with documented DR plans.

[redacted]

Page 7



1.3
Plan Review

The IT DR Plan is a living document and therefore will be reviewed after any significant change to the infrastructure, processes, or related information, such as IT organizational structure. The DR plan will be reviewed at least annually.


1.4
DR Strategy

Core IT systems are located in Molina’s primary data center in Albuquerque, New Mexico, and protected by a co-location/disaster recovery (DR) data center located in Richardson, Texas. Near real-time storage replication ensures that critical production data is available at the DR site. Production data backups are also copied to the DR site, providing a secondary data protection measure.

In the event of a disaster preventing application functionality at the primary data center, the Disaster Recovery Coordinator works with the IT infrastructure and application teams to coordinate the efforts needed to bring up the DR servers and connect them with the replicated data, according to the DR plan documentation. This documentation is available for on-site review upon request.


1.5
Testing Strategy

Having a DR Plan by itself does not prepare any business unit to cope with business interruption in an effective manner. The DR Plan must be tested regularly in order to ensure staff awareness and effectiveness in response to any business interruption. A scenario of the DR Plan is tested annually and the results documented. The DR Coordinator will coordinate the annual testing with other internal and external parties.

Any major change or modification to normal business procedures must be considered under DR and business continuity (BC) planning and its impact documented. In case there is substantial impact to the DR or BC Plan, the DR and the BC Plans must be appropriately updated and tested.

Refer to Appendix A for a summary of test results.

1.5.1
Test Date and Authorization

Disaster recovery testing is conducted at least once each calendar year to demonstrate Molina’s ability to restore system functions at the DR data center. Tests are planned by the DR Coordinator to

Page 8


take advantage of the regularly scheduled application maintenance window, where applicable. Testing may be internally conducted by IT, and may also involve business users.

Authorization to conduct DR tests is secured from the IT application owner in conjunction with the business. The Business Continuity Management team works with the business team to identify an agreeable date for the business, and the DR Coordinator then works with the IT application owner for confirmation. An email is solicited from the IT application owner granting approval. This approval is attached to the ticket submitted for the conduct of the test.

1.5.2
Test Location

Disaster recovery tests involve system administrators remotely accessing production systems in New Mexico and DR systems at the alternate site. Business users are also involved at their respective plan locations in their home states. Users may be accessing systems from their home or office, as individual circumstances warrant.


Page 9



1.6
Definitions and Acronyms

1.6.1
Definitions

The following terms pertain to the DR plan.

Disaster, as defined for this document, is any unplanned major event or condition, whether environmental (e.g., fire, flood, tornado, earthquake, hurricane), mechanical (e.g., major equipment failure, sabotage, theft), loss of environmental systems (e.g., power, air conditioning), loss of telecommunications capability, or other damage to hardware, operating system, or physical plant, that results in a loss of major operations at the New Mexico data center, thereby preventing the normal scheduling and processing of business information. Acts of war are not covered in these procedures. For the purposes of this document, the disaster is assumed to be at the New Mexico Data Center in Albuquerque, New Mexico. Once a disaster has been declared, Molina Healthcare will work to restore services within the contractually required time period after the declaration of disaster.

Incident or event is a circumstance caused by any unexpected situation that disrupts the normal flow of critical operating processes or functions, thereby preventing and/or causing significant delay in the completion of scheduled activities or expected outcomes.

Incident Command System (ICS) – The Incident Command System (ICS) is a systematic tool used for the command, control, and coordination of emergency response operations of all types and complexities. ICS is a subcomponent of the National Incident Management System (NIMS), as released by the U.S. Department of Homeland Security in 2004. ICS is the overarching framework for managing incidents at Molina.

Incident Management Team (IMT) – The Incident Management Team is a group of operational leaders with the authority and ability to make decisions about controlling an incident on behalf of the organization.

Crisis Management Team (CMT) – The Crisis Management Team (CMT) is comprised of senior business leadership functioning as a planning and policy group. This team has the responsibility for the protection of the business, the staff, and the customers. It renders decisions about corporate policies, legalities and liabilities, ethical issues, brand image, approval of emergency funding, corporate communications, and interfacing with shareholders and the Board of Directors.

The Disaster Recovery Team (DRT) is assembled if a disaster occurs to manage IT disaster recovery (DR) activities. The composition of this team includes the infrastructure teams needed to recover IT systems at the secondary site.


Page 10


The Disaster Recovery Analyst(s) (DRA) is (are) responsible for coordinating among the members of the DRT during recovery operations. The DRA is also responsible for periodic verification and updating of the DRP, as well as the coordination and oversight of DR tests.

The Recovery Time Objective (RTO) is the duration of time within which a business process must be restored after a disaster or disruption in order to avoid unacceptable consequences associated with a break in business continuity.

The Recovery Point Objective (RPO) refers to the maximum allowable time frame between the last restorable data point and the time of disaster. The RPO indicates the maximum amount of data loss that is permissible. Some of this data can be recovered by alternate means such as paper re-entry, batch re-runs, etc.

The secondary or alternate site is a data center providing usage on a system configuration that is compatible with that of the New Mexico Data Center, tailored to meet the requirements for disaster recovery.

Recovery procedures are documented actions necessary to respond to an incident and recover business operations to the alternate site.

Restoration procedures are documented actions necessary to restore processing and operations to the primary site where the disaster occurred.

1.6.2
List of Acronyms

Acronym
Description
ACS
Automatic Call Distribution
AT&T
American Telephone and Telegraph
BCP
Business Continuity Plan
BCM
Business Continuity Management
CIO
Chief Information Officer
CMT
Crisis Management Team
CTI
Computer Telephony Integration
DR
Disaster Recovery
DRA
Disaster Recovery Analyst
DRP
Disaster Recovery Plan
DRT
Disaster Recovery Team
EDI
Electronic Data Interchange
EMC
Company name or Electronic Media Claims
ESC
Electronic Submission of Claims or Error Status Codes

Page 11


Acronym
Description
FAX
Facsimile; also known as the telephonic transmission of scanned-in hardcopy or printed materials
HIPAA
Health Insurance Portability and Accountability Act
HR
Human Resources
ICS
Incident Command System
IMT
Incident Management Team
IP
Internet Protocol
ISP
Internet Service Provider
IT
Information Technology
IVR
Interactive Voice Response
LAN
Local Area Network
MS
Microsoft
NAG
Network Access Gateway
NAS
Network Attached Storage
NOC
Network Operations Center
PC
Personal Computer
POS
Point of Sale or Place of Service or Point of Service
RPA
RecoverPoint Appliance
RPO
Recovery Point Objective
RRI
Recognition Research Inc., purchased by SunGard
RTO
Recovery Time Objective
SAN
Storage Area Network
SQL
Structured Query Language
TBD
To Be Determined
UAT
User Acceptance Testing
UPS
Uninterrupted Power Source
VAN
Value Added Network
VLAN
Virtual Local Area Network
VPN
Virtual Private Network
WAN
Wide Area Network



Page 12



2.
Data Center Overview

The business operations for Molina Healthcare, Inc., are supported by the New Mexico Data Center, and the Unitas Global Richardson Data Center.

2.1
New Mexico Data Center (DC01)

The Molina Healthcare Data Center (DC01) located in Albuquerque, New Mexico, is the primary production data center for all of Molina’s IT infrastructure. DC01 is designed to support Molina’s existing and future computing for all of the state health plans, Molina Medicaid Solutions, and internal Molina services.

At the 10,800 square foot New Mexico Data Center, Molina employs top-tier infrastructure components to ensure continued quality of service for our remote office locations. Telephony is provided by a Cisco infrastructure which provides VoIP, voicemail, call center functions, and instant messaging capabilities to users across the United States. WAN and Internet connectivity is provided on a Cisco-based network utilizing redundant 10 and 20 Mbps MPLS-based network connections to remote offices, direct OC-12 connections to the disaster recovery site and redundant 1 Gbps links to the Internet over multiple carriers. Partner network connectivity is provided via frame relay or MPLS and is segregated from Molina internal traffic via Cisco firewalls and Intrusion Detection Systems. Each rack is serviced by redundant feeds from separate UPS systems, with two power domains feeding racks to entirely separate utility or generator sources.

The New Mexico Data Center is protected by perimeter security features including video surveillance, alarms, and roaming security guards. Access to the building is available 24/7. Entrances to the building, the main computer room, and telecom service rooms are monitored by surveillance cameras and controlled by electronic badge access. Employees who have the required security access must utilize badges to gain access into the office space and other critical areas of the facility. All visitors are required to sign in and must be escorted at all times. Molina management reviews the authorized access list on a regular basis, and procedures are in place to modify the access list immediately if required.

The New Mexico Data Center is staffed by experienced Molina server engineering and network engineering personnel, and Critical Facilities Management team members. Figure 2-1 provides a visual representation of the DC01 floor plan.


Page 13



Figure 2‑1:    [redacted]

2.2
Unitas Global Richardson Data Center (DC02)

Molina has contracted with Unitas Global for data center co-location services in the Unitas Global data center located in Richardson, Texas. The Unitas Global Richardson Data Center (DC02) is the disaster recovery data center for Molina’s IT infrastructure and is designed to support Unitas Global Richardson’s existing and future customer needs in a safe and secure environment. Molina’s contract with Unitas Global Richardson includes the option for Remote Hands Services (technical services for physical, on-site support) at the data center for on-site coordination of hardware and support issues, with both Molina and subcontractors. Molina supports the infrastructure remotely for all platform areas, and sends personnel on-site when needed. Molina orchestrates the disaster recovery activities within the DC02 data center utilizing Molina staff, third party vendors, and assistance from Remote Hands Services, if needed.

At the 8,700 square foot Unitas Global Richardson Data Center (DC02), Molina employs top-tier infrastructure components to ensure continued quality of service for remote office locations. Telephony is provided by a Cisco infrastructure which provides VoIP, voicemail, call center functions and instant messaging capabilities to users across the United States. WAN and Internet connectivity are provided on a Cisco-based network utilizing redundant 1 Gbps WAN circuits to Molina’s MPLS cloud, redundant 10 and 20 Mbps MPLS-based network connections to remote offices, dual 6 Gbps and 10 Gbps connections to the production site, and redundant 1 Gbps links to the Internet over multiple carriers. Partner network connectivity is provided via Frame-relay or MPLS and is segregated from Molina internal traffic via Cisco firewalls and Intrusion Detection Systems. Each rack is serviced by redundant feeds from separate UPS systems, with two power domains feeding racks to entirely separate utility or generator sources.

The Unitas Global Richardson Data Center (DC02) is protected by perimeter security features including video surveillance, alarms and roaming security guards. Entrances to the building, the main computer room and telecom service rooms are monitored by surveillance cameras and controlled by electronic badge access. All employees must badge into the office space and other critical areas of the facility to gain access. All visitors are required to sign in and must be escorted at all times. Unitas Global Richardson management reviews the authorized access list on a regular basis, and procedures are in place to modify the access list immediately if required.

Figure 2-2 provides a visual perspective of the DC02 data center environment floor space.

Figure 2‑2:    [redacted]


Page 14


2.3
Network Infrastructure

The Molina corporate network provides network communications for these facilities. In case of a disaster at the New Mexico Data Center, data communications will be routed through the Unitas Global Richardson Data Center (Figures 2-3 and 2-4) to enable the recovery and continuation of business operations.

Figure 2‑3:    [redacted]

Figure 2‑4:    [redacted]

2.4
Telephony Overview

Molina uses several models of Cisco IP desk phones. Some other telephone types and models are also in use to a limited extent. The data behind the desk phone itself resides in both the primary data center and the DR data center. The network circuits carry both voice and data, and are protected by redundant circuits. If desk phones lose connectivity, the user’s computer would lose access to the network as well because both use the same network lines.

Separate servers handle call control and call center functions. The servers are configured in geographically dispersed clusters, offering high availability with fully-automated failover between data centers.

Some call centers have undergone cross-training and perform call sharing, mutually supporting each other during normal operations. This also allows one site to take all calls for the other site in the event that the other site goes down.

The following diagram illustrates the Molina telephony architecture.

Figure 2‑5:    [redacted]

Figure 2‑6:    Telephony Acronyms

Acronym
Meaning
AW
Admin Workstation
CER
Cisco Emergency Responder
CTL
CenturyLink
CUBE
Cisco Unified Border Element
CUCM
Cisco Unified Communications Manager
CUIC
Cisco Unified Intelligence Center

Page 15


Acronym
Meaning
CUSP
Cisco Unified SIP Proxy
CVP
Cisco Unified Customer Voice Portal
DID
Direct Inward Dialing
ELM
Enterprise License Manager
HDS
Historical Data Server
HSRP
Hot Standby Router Protocol
ICM
Intelligent Contact Management
MML
Man-Machine Language
MPLS
Multiprotocol Label Switching
MR-PG
Media Routing Peripheral Gateway
PG
Peripheral Gateway
PRI
Primary Rate Interface
PSTN
Public Switched Telephone Network
SIP
Session Initiation Protocol
TDM
Time-Division Multiplexing
TFN
Toll-Free Number
TFTP
Trivial File Transfer Protocol
TTS
Text-to-Speech
UCCE
Cisco Unified Contact Center Enterprise
UWF
Upstream Works for Finesse
VLAN
Virtual Local Area Network
VXML
VoiceXML
VZ
Verizon
XML
Extensible Markup Language



Page 16



3.
Data Handling and Protection

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) sets security standards for the protection of Electronic Protected Health Information (ePHI), which is commonly known as the Security Rule. All customer data is protected by a variety of methods including processes and policies that are defined into the way that ePHI is handled. Upon request, the full policies or procedures can be provided by Molina.

3.1
Data Backup

Data backups are performed on a server by server basis, so there are some variations based on what is requested. But daily and weekly backups are performed. Typically, a full backup is performed every weekend (“weekly” backup). An incremental backup is performed nightly (“daily” backup). The first weekly backup of the month is identified as the monthly backup.

Symantec NetBackup is currently the primary backup software tool in use. Each backup is retained on local disk storage at the primary data center for 35 days, and duplicated to identical storage at the DR site where it is also retained for 35 days. The “weekly” that occurs on the first weekend of the month is designated as the “monthly” backup. In addition to being duplicated to the DR site for 35 days, it is also duplicated to encrypted tape and sent off-site for secure storage.

The encrypted backup tapes are picked up for off-site secure storage by Iron Mountain. An Iron Mountain representative comes to the primary data center on Wednesdays to pick up tapes. The tapes are transported in secured containers. The individual signs in, validates the containers being picked up and signs them out. Bringing tapes back for restoration follows the same procedure. Retrieval of tapes may be expedited upon request. Backup tapes are retained for 10 years.

Test restores are randomly conducted to validate data integrity and the ability to restore from tapes. Application teams also frequently request restores of production data to non-production environments for development purposes, further validating the ability to successfully restore from tape.

Further information pertaining to backup and restore procedures:

[redacted]

Iron Mountain tape hand off procedures:

[redacted]


Page 17


3.2
Replication Process

In addition to the NetBackup, EMC’s RecoverPoint solution is also being used for critical production SQL Server databases to be able to do geographically dispersed replication of the databases online. EMC RecoverPoint provides a continuous remote replication technology that uses software to “split” application writes to send each write to the designated storage volumes and to RecoverPoint Appliances (RPAs) on the source side, which then sends the writes to remote RPAs. Replicated data is contained in a journal volume on the RPAs then written to target volumes on the remote site. All application data is maintained in a consistency group that retains write-order dependencies across all volumes in the consistency group. Repository volumes are used to retain configuration data and allow an RPA to assume replication for a failed RPA for high-availability purposes. RecoverPoint runs on an out-of-band RPA and combines continuous data-protection with broadband efficient technology allowing it to protect data remotely. This solution will limit the time frame for potential data loss.


3.3
Microsoft Exchange Server

Microsoft Outlook, part of the Microsoft Office suite, is the email and calendar software solution used across the Molina enterprise. Outlook leverages data on Microsoft Exchange Server. The Exchange Server environment is completely virtual. The primary Exchange virtual machines (VMs) are hosted in the New Mexico Data Center (DC01), and redundant servers are located in the Unitas Global Richardson Data Center (DC02). Employee mailboxes are hosted on Exchange mailbox databases in Database Availability Groups (DAGs), a multi-copy, high availability solution that spans across the two data centers. There are no Exchange servers at local sites.


Microsoft Exchange Server is highly resilient, and can be fully or partially failed over to DC02. It can be operated with any combination of components running in New Mexico or Texas. The mailbox servers are also protected by weekly full and daily differential backups. Molina Healthcare corporate IT services provides all backup and restoration functions.


Page 18



4.
Molina IT Organization

The below diagram represents the high-level functional organization of Molina’s Enterprise Infrastructure Services (EIS) as it pertains to disaster recovery. The Disaster Recovery Team works with the Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) Service Delivery and Service Operations groups for DR activities. DR testing and the invocation of the DR plan in an actual disaster situation primarily involve the Disaster Recovery Team working in concert with the IaaS and PaaS Service Operations teams.

Figure 4‑1:    [redacted]

5.
DR Roles and Responsibilities

This section discusses the roles, responsibilities, and membership of the various teams involved in DR activities. Disaster recovery operations typically fall under the umbrella of the Incident Command System (ICS). The Disaster Recovery Team (DRT) is responsible for the recovery of IT systems in support of the Incident Management Team (IMT) and Business Continuity Team (BCT) recovering business functions.

Figure 5‑1:    IT Role in ICS Organization


Page 19


pic8.jpg


5.1
Disaster Recovery Team (DRT)

5.1.1
DRT Responsibilities

Upon notification of a disaster, the Disaster Recovery Team (DRT) is responsible for all IT recovery efforts until completed. The overall role of the DRT is to analyze the damage to the primary data center and recommend the escalation to disaster status, if appropriate, in order to initiate the declaration process. The Disaster Recovery Analyst serves as a liaison between the EIS groups and coordinates IT recovery efforts. Responsibilities of the DRT and its members include the following:


Page 20


Contact the DR Coordinator to organize the movement of any and all materials and media required to the recovery location, including backup tapes, paper forms, and other hardware or software.

Make the determination, depending on the extent of the damage, whether to begin the recovery effort at the affected facility or an alternate location.

If the damage is extensive and restoration at the primary facility is not feasible, begin the process of moving to the alternate location.

If necessary, coordinate logistics, including travel and lodging, for all employees involved in the recovery effort.

Determine the status of the batch cycles, databases, backups, production deliverables, and the telecommunications network.

Contact the DR Coordinator to determine the status of the DR environment needed for the recovery effort and assure appropriate priority is given to this validation.

Implement the detailed recovery plan, including establishing priorities, as defined in the application disaster recovery documentation.

The DRT will support recovery efforts throughout the recovery process. If recovery is at the alternate location, the DRT will also manage the transition to the alternate location.

The DRT will support all restoration efforts at the operational sites and the New Mexico data center to move back from the alternate site once the disaster situation has passed.

The DRT will also focus on the restoration of capabilities within the existing primary facility or determine the need for a new permanent facility location.



5.1.2
DRT Members

The membership of the DRT will vary depending upon the nature and extent of the disaster. Typical members include key staff drawn from within the Enterprise Infrastructure Services (EIS) organization, as shown below. If damage is localized, employees with specific expertise may also be included on the DRT.

EIS Vice President
EIS Associate Vice Presidents
EIS Directors
EIS Managers

Page 21


Disaster Recovery team

The IaaS Service Delivery and Service Operations groups each contain personnel with expertise in the traditional technology areas.

Server Engineering
Storage Engineering
Backup and Restore Engineering
Network Engineering
Telephony Engineering
Network Operations Center (NOC)
Enterprise Service Desk

The PaaS Service Delivery and Service Operations groups each contain personnel with expertise in the following technology areas.

Database Administration
Business Automation Services
Enterprise Monitoring Services


5.1.3
DRT Key Activities

The following outlines the key activities that take place after recognition of an incident or event and prior to a declaration of a disaster.

Follow instructions when being notified of an incident or event.
DRT will perform a business impact assessment of the IT infrastructure damage.
Validate that the current version of the DR Plan is being referenced by all parties.
Contact the HR manager for contact information if required.

The following outlines the key activities that take place during the initial 24 hours following the declaration of a disaster at the primary data center:

NOC notifies DRT that a disaster has been declared.
DRT arranges travel for DRT members and key personnel (if necessary).
DRT and key personnel travel to the alternate site (if necessary).
DRT begins redirecting network connections.
DRT begins recovery of servers.
DRT implements the recovery plan and verifies the application standup priority list.
Key personnel set up operations units at the alternate site, as necessary.
DRT conducts network verification to ensure performance at normal standards.
DRT conducts system verification to ensure performance at normal standards.
DRA notifies the DRT that systems are ready for production processing.

Page 22


Production operations resume at the alternate site.


5.2
Disaster Recovery Analyst (DRA)

The Disaster Recovery Analysts represent the leads at each site for both the recovery and restoration efforts, and serve as an overall lead.

5.2.1
DRA Responsibilities

The Disaster Recovery Analyst will coordinate all recovery and restoration activities at all sites through completion and provide updates to the DRT.

The DRA is responsible for the following activities:

Coordinate and manage the DRAs for each site.
Coordinate the failover of production to the alternate site.
Assist with the recovery at the alternate site and the restoration of the operational facilities and the primary data center.
Routinely report to the DRT the progress of restoration efforts, and communicate to any resources necessary for the successful restoration.
Work with the DRT to coordinate the return of operations after a disaster to the recovered or new site when it is ready for production operations again.
Assist with the recovery at the recovery site and the restoration of the permanent primary data center facility as necessary.
Identify to the DRT the resources required for restoration of the permanent data center facility as necessary, including facility, hardware, software, personnel, and expendable supplies.
Work with key members of the Molina Healthcare infrastructure and engineering teams to develop a detailed restoration plan for the restoration of the primary data center facility based on the findings of the DRT members.
The DR Coordinator is responsible for supplying the DR Plan to all stakeholders, potential DRT members, and any other relevant parties upon the yearly update to this plan.

6.
Communication Plan

The communication plan is the core portion of the Disaster Recovery and Business Continuity processes, as it serves to make sure that all of the parties are constantly updated on the status of the disaster and the recovery state. To do this Molina has some automated tools that help with the notification of a disaster, as well as with coordination of activities throughout the DR Lifecycle.



Page 23


6.1
Emergency Notification System

Molina utilizes an automated notification system to send communication of events. The Molina Incident Notification System (MINS) is the vehicle to bring the DR teams together to start working on the recovery process. The system allows for the following:

Creation of Users and Groups
Multiple Notification Methods: Telephone, Email, SMS Text Message
Managed Broadcasts
Reporting: Broadcast, Ad Hoc

Messages may be broadcast to the entire company or designated groups, as appropriate. Notifications will typically be sent via email and telephone messages to staff participating in the disaster recovery procedures and other key stakeholders. The email or phone message will prompt the recipient to acknowledge receipt, which is then tracked. Emails from MINS will show the sender as Notifications@MolinaHealthcare.com.


6.2
Status Emails

Status emails may be sent as needed during the course of disaster recovery operations or testing. During testing, communications with the business users will be via MINS and initiated by the Business Continuity Management (BCM) team. The DR Coordinator will communicate with the infrastructure teams and the BCM team via email. The DR Coordinator will send status emails after milestone events, such as scheduled checkpoints, and at other times as required. Status emails will be sent more frequently if issues are encountered.


6.3
Conference Bridges

The Network Operations Center (NOC) will open a conference bridge upon disaster notification to serve as a focal communication outlet. During DR testing, two conference bridge lines will typically be opened for direct voice communications. The DR Coordinator and BCM team will each monitor one of the lines.



Page 24



7.
Disaster Identification and DR Plan Activation

Molina’s DR plan addresses procedures for recovering from a disaster at the primary data center which renders one or more production applications unusable in the primary site.

Lower level system failures and localized system outages would be addressed through the normal production monitoring, notification, troubleshooting, and escalation procedures. As such, they would not normally warrant invocation of the DR plan. The DR plan would only be activated when a failure, whatever the cause, renders an application unusable in the primary data center. These failures may be procedurally categorized into two main types:

A major disaster resulting in catastrophic damage to the primary data center.
A technical issue that develops to the point where a decision is made to fail one or more applications over to the DR site.

A major disaster event at the primary data center would be quickly detected by Molina staff in New Mexico and/or the Network Operations Center (NOC) personnel who monitor systems 24 hours a day, seven days a week. The NOC would notify the Enterprise Service Desk and then follow the established troubleshooting, notification and escalation procedures to summon the appropriate on-call subject matter experts (SMEs). For complex issues, which certainly include a major disaster, the NOC would open a conference bridge to provide a central communication and collaboration venue. Damage assessment would be performed by the Critical Facilities Management team in New Mexico in conjunction with the IaaS Service Operations - Infrastructure staff located in New Mexico. Decisions would be made by senior management on how to meet the demands of the situation from within the framework of the Incident Command System (ICS). Data center recovery is beyond the scope of this document, but additional detail may be found in the primary data center Emergency Response Plan, available for on-site review upon request.

Since the probability of such a catastrophic event is very remote, a more realistic scenario would involve an issue that is detected and develops to the point where a decision is made to fail an application over to the DR site.

Detection of an incident or impending event affecting an application could be made by any number of Molina staff, but most likely, the NOC, the application support team, or a business user would be the first to identify it.

The Enterprise Service Desk is the single point of contact for reporting of all incidents. The initial response of any Molina employee or business user detecting an issue should be to call the Service Desk at [redacted]. The Service Desk technician will follow the established procedures to document, diagnose and remediate the issue.


Page 25


If the Service Desk technician is unable to resolve the issue or determines that it is a Severity 1 incident and requires escalation, he or she will follow the prescribed procedures to notify the NOC [redacted].

If the NOC is the first to identify the issue, the NOC would also notify the Service Desk and proceed to follow the NOC’s established triage, notification and escalation procedures, summoning the appropriate EIS and application on-call personnel. The NOC would open and maintain a bridge line for team collaboration.

As part of the troubleshooting procedures, infrastructure and application management are notified and engaged. Management personnel would reach out to the business community as appropriate. The decision to fail over an application to the DR site is the outcome of collaboration between the infrastructure, application, and business teams. Failover execution does not necessarily involve the formal declaration of a disaster. Formal declaration of disaster can only be made by senior executive leadership.


7.1
[redacted]

[redacted] 1 

















 
1 two pages have been redacted in their entirety


Page 26



Figure 7‑1:    Disaster Recovery Call Tree

pic7.jpg

Once the initial notification occurs, the Molina Network Operations Center (NOC) takes on the task of making sure that the DR communication flow is maintained, working with the DR Team.


Page 27


Corporate Communications will work with the Public Relations department and site communications to address media, legislative and regulatory inquiries. The Public Relations department is the only group authorized to communicate with the media in cases of emergencies that impact the company.


7.2
Disaster Scenarios

The DR plan may be activated in the event of:

A major disaster resulting in catastrophic damage to the primary data center.
Damage or a technical issue of any type that renders an application unusable in the primary data center.

Recovery of the most critical systems should generally be achieved in [redacted]. Data loss could range from milliseconds for replicated data to [redacted] for systems restored from backup.

Transactions at the time of outage.

Data keyed in by a user (Molina employee or business user) that has not yet been backed up or replicated will be lost and will have to be re-entered per the department’s manual procedures. Data replication is near real-time, however, there is a slight lag, so some data loss may occur. File transfers or batch processing in transit at the time of an outage may have to be re-sent.

Compromise of the integrity of production data.

If production data appears to have been lost, the replicated data in DR would be evaluated to determine if it were there. If it indeed was, the missing data would be restored to the production environment rather than failing over to the DR environment. For corruption of production data, the approach to restoration would be to restore from backup, not invoke the DR plan. Corrupt production data would be replicated to DR as corrupt data. If the backup is corrupt, it would be necessary to go to the latest clean backup copy.

Unscheduled system unavailability.

The most common reasons for unscheduled system unavailability would be a network outage or an application or hardware issue that would be handled by troubleshooting and resolving as a production issue, not invoking the DR plan. A production issue could possibly escalate into a major issue which could warrant executing the DR plan, as previously noted. Molina utilizes redundant network circuits from different vendors to mitigate the risk of a network outage. Failure of a vendor-managed circuit is outside of Molina’s control.

Malicious acts


Page 28


Molina’s IT Security department has a Security Operations Center (SOC) that monitors systems for unusual activity around the clock. Processes and procedures are in place to prevent malicious acts and to remediate them when detected. The Information Security Incident Response Plan documents the steps to take for remediation. For malicious acts by internal workforce members, this includes engaging the individual’s supervisor, and the Human Resources and HIPAA Program Management Office teams, in addition to the SOC’s investigation. The individual will be closely monitored, and the user account will be disabled if necessary. Disciplinary measures, and possibly legal action, will be taken where appropriate. The workforce member’s workload will be distributed among the other members of his or her team to ensure continuity of operations.

The SOC maintains constant vigilance for malware attacks. For suspected malware infections, the Computer Incident Response Team (CIRT) will investigate. For desktop or laptop computers, the infected device will be quarantined, a forensic analysis will be performed, and the computer will be reimaged. For servers, the infected server will also be quarantined, to include eviction from any cluster it may be a part of. Cluster resources will be distributed across the remaining nodes. If the scale of the malware intrusion warrants it, systems may be failed over to the DR site. In all malware incidents, the CIRT will conduct a thorough investigation.


7.3
Restoration to the Primary Site

Restoration mode is the return to normal operations of the actual production environment, either to the existing primary site or to a new facility. The procedures to restore operations to the primary data center are analogous to those followed to fail systems over to the DR site. Once the primary site is available, replication will be initiated from the DR site back to the primary site. Backup copies will also be sent to the primary site. At an agreed upon time, fail back procedures are executed. Restoration of the most critical systems should generally be accomplished in [redacted].





Page 29


Appendix A:    DR Test Results

Result details of the annual DR test are contained in a separate document.

[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
[redacted]
 
[redacted]








SCHEDULE 24
CERTAIN SECURITY REQUIREMENTS


(i)



CONTENTS
 
 
Page
1.
Definitions
1
2.
Introduction
1
3.
Information Security Obligations
1
Attachment 24A Business Associate Agreement
4
Attachment 24B Certain Information Security Requirements
13
Attachment 24C Certain Cybersecurity Requirements
18


(i)



1.DEFINITONS
Capitalized terms used but not defined in this Schedule shall have the meanings given in Schedule 1 (Definitions and Interpretation) to this Agreement.
2.INTRODUCTION
2.1
This Schedule sets out certain security requirements with which the Service Provider must comply in connection with the Services.
2.2
Nothing in this Schedule relieves the Service Provider of any of its obligations under this Agreement or any Project Work Order, or requires any Other Service Provider to perform any of the Service Provider’s obligations under this Agreement or any Project Work Order, including not limiting the Service Provider’s obligation to comply with Policies as set out in this Agreement. Nothing in this Schedule, including references to principles or to evaluations of circumstances and practices by the Service Provider, shall relieve the Service Provider from performing any of its other obligations in the Agreement (including as may be set out in the Policies).
3.INFORMATION SECURITY OBLIGATIONS
3.1
The Service Provider shall designate a Security Official to oversee and direct the Service Provider’s information security program and ensure that the information security obligations contained herein are adhered to.
3.2
The Service Provider shall have implemented and documented reasonable and appropriate administrative, technical, and physical safeguards to protect Molina Data and In-Scope Personal Data against accidental or unlawful destruction, alteration, unauthorized or improper disclosure or access. The Service Provider shall monitor access to, use and disclosure of Molina Data and In-Scope Personal Data whether in physical or electronic form. The Service Provider shall regularly test and monitor the effectiveness of its safeguards, controls, systems and procedures. The Service Provider shall periodically identify reasonably foreseeable internal and external risks to the security, confidentiality, integrity, and availability of Molina Data and In-Scope Personal Data, and ensure that these risks are addressed. The Service Provider shall use secure user identification and authentication protocols, including, but not limited to unique user identification, use of appropriate access controls, and strict measures to protect identification and authentication processes.
3.3
Prior to allowing any employee or contractor to access, use, transmit, store, modify, or process any Molina Data and In-Scope Personal Data, the Service Provider shall (i) conduct an appropriate background investigation of the individual (and receive an acceptable response),

 
 
 



(ii) require the individual to execute an enforceable confidentiality agreement that has at least as stringent requirements regarding In-Scope Personal Data as this Schedule, and (iii) provide the individual with appropriate privacy and security training. The Service Provider shall also monitor its workers for compliance with the security program requirements. Upon request following the unauthorized access to, or use or modification of, any Molina Data and In-Scope Personal Data, the Service Provider shall provide to Molina a list of all individuals who have (or have had) relevant access to the applicable data.
3.4
If the access, use, transmission, storage or processing of Molina Data and In-Scope Personal Data involves the transmission of In-Scope Personal Data, the Service Provider shall have implemented appropriate supplementary measures to protect such In-Scope Personal Data against the specific risks presented by such activity, including, but not limited to, the transmission of Molina Data and In-Scope Personal Data only in an encrypted format in accordance with the U.S. Department of Health and Human Services’ Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals. If the In-Scope Personal Data is stored on systems with direct connections to wireless, insecure or public networks, the Service Provider shall encrypt all In-Scope Personal Data stored on such systems in accordance with the U.S. Department of Health and Human Services’ Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals and as further described in the Annual Security Plan.
3.5
The Service Provider shall cause all portable or mobile devices or media (including, without limitation, laptop computers, removable hard disks, USB or flash drives, personal digital assistants (PDAs) or mobile phones, DVDs, CDs or computer tapes) used in connection with the provision of the Services to be encrypted in accordance with the U.S. Department of Health and Human Services’ Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals. The Service Provider shall not store In-Scope Personal Data on any portable or mobile devices or media (including, without limitation, laptop computers, removable hard disks, USB or flash drives, personal digital assistants (PDAs) or mobile phones, DVDs, CDs or computer tapes) unless the In-Scope Personal Data is encrypted in accordance with the U.S. Department of Health and Human Services’ Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals.
3.6
Upon Molina’s request, the Service Provider shall provide Molina with information about the Service Provider’s information security program. The Service Provider shall also submit to a review of its security program by Molina or its designees, which shall be carried out by Molina (or by an independent inspection company designated by Molina). The Service Provider shall reasonably cooperate with any such review. In the event that the review under such a review reveals material gaps or weaknesses in the Service Provider’s security program, Molina shall

 
2
 



notify the Service Provider promptly and shall be entitled to suspend transmission of Molina Data and In-Scope Personal Data to the Service Provider and suspend the portion of the Services involving the impacted Molina Data and In-Scope Personal Data until such gap or weakness is eliminated to Molina’s satisfaction.
3.7
The Service Provider shall promptly and thoroughly investigate all allegations, suspicions, and potential and actual discoveries of unauthorized or improper access to, use, modification, disclosure or destruction (collectively, a "Security Incident") of the Molina Data and In-Scope Personal Data, especially those involving In-Scope Personal Data, under the control of the Service Provider or Subcontractors. The Service Provider shall notify Molina promptly of any Security Incident, including Security Breaches, but no later than the sooner of (a) the notification requirement set out in the applicable BAA and (b) twenty-four (24) hours after it is discovered. Molina’s designated form of BAA is set forth in Attachment 24A.
3.8
When the Service Provider ceases to perform Services for Molina or upon termination of the applicable data retention period specified in the Agreement or by Applicable Law for Molina Data and In-Scope Personal Data required to be retained by the Service Provider after termination of the Services, the Service Provider shall either (i) return such Molina Data and In-Scope Personal Data (and all media containing copies thereof) to Molina, or, at Molina’s request, (ii) purge, delete and destroy the applicable Molina Data and In-Scope Personal Data. Electronic media containing Molina Data and In-Scope Personal Data shall be disposed of by the Service Provider in a manner that renders such Molina Data and In-Scope Personal Data unrecoverable. Upon written request, the Service Provider shall provide Molina with a certificate executed by an officer of the Service Provider to certify its compliance with this provision. If required by Applicable Law or by the Agreement, the Service Provider may retain an archival copy of such Molina Data and In-Scope Personal Data as and for the period required by the Applicable Law or Agreement. Such archival copy shall not be used or disclosed for any purpose except for disclosures to Molina upon request or as required by Applicable Law. All other terms and conditions of this Schedule shall survive for so long as the Service Provider has not returned such archival copy to Molina or securely destroyed it in accordance with this Schedule.
3.9
The Service Provider shall comply with the requirements set forth in Attachment 24B in connection with the Services.
310
The Service Provider shall comply with the requirements set forth in Attachment 24C in connection with the Services.
3.11
Without prejudice to anything else contained in the Agreement or this Schedule, the Service Provider shall at all times comply with Molina’s Security Policies, as set out in Schedule 14 (Molina Policies) and with NIST SP800-53, NY DFS Cybersecurity and HIPAA.

 
3
 



Attachment 24A

Business Associate Agreement
[Note: See following pages

 
4
 



BUSINESS ASSOCIATE AGREEMENT
This Business Associate Agreement (this “BAA”), effective Select Date (the “Effective Date”), is entered into by and between Infosys Ltd (the “Business Associate”) and Molina Healthcare, Inc., its subsidiaries and affiliates (the “Company”) (each a “Party” and collectively the “Parties”).
WHEREAS, the Parties have engaged or intend to engage in one or more agreements (each, an “Agreement” and collectively, the “Agreements”) which may require the use or disclosure of PHI in performance of services described in such Agreement or Agreements (the “Services”) on behalf of the Company;
WHEREAS, the Parties are committed to complying with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act (“HITECH) and any regulations promulgated thereunder (collectively the “HIPAA Rules”); and
WHEREAS, this BAA, in conjunction with the HIPAA Rules, sets forth the terms and conditions pursuant to which protected health information (in any format) that is created, received, maintained, or transmitted by, the Business Associate from or on behalf of the Company, will be handled between the Business Associate and the Company and with third parties during the term of the Agreement(s) and after its termination.
NOW THEREFORE, the Parties agree as follows:

1.    DEFINITIONS
Unless otherwise provided for in this BAA, terms used in this BAA shall have the same meanings as set forth in the HIPAA Rules including, but not limited to the following: “Availability,” “Confidentiality,” “Data Aggregation,” “Designated Record Set,” “Health Care Operations,” “Integrity,” “Minimum Necessary,” “Notice of Privacy Practices,” “Required By Law,” “Secretary,” and “Subcontractor.” Specific definitions are as follows:
Breach” shall have the same meaning as the term “breach” at 45 CFR 164.402.
Business Associate” shall have the same meaning as the term “business associate” at 45 CFR 160.103 and in reference to the party to this BAA, shall mean the first party listed in the first paragraph of this BAA.
Compliance Date” shall mean, in each case, the date by which compliance is required under the referenced provision of the HIPAA, the HITECH Act or the HIPAA Rules, as applicable; provided that, in any case for which that date occurs prior to the effective date of this BAA, the Compliance Date shall mean the effective date of this BAA.

 
5
 



Electronic Protected Health Information” or “Electronic PHI” shall have the same meaning as the term “electronic protected health information” at 45 CFR 160.103.
HIPAA Rules” shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164.
Protected Health Information” or “PHI” shall have the same meaning as the term “protected health information” at 45 CFR 160.103.
Privacy Rule” means the Standards for Privacy of Individually Identifiable Health Information, set forth at 45 CFR Parts 160 and 164.
Security Incident shall have the same meaning as the term “security incident” at 45 CFR 164.304.
Security Rule” means the Security Standards for the Protection of Electronic Protected Health Information, set forth at 45 CFR Parts 160 and 164.
Services” shall mean, to the extent and only to the extent they involve the creation, use or disclosure of PHI, the services provided by the Business Associate to the Company under the Agreement(s), including those set forth in this BAA, as amended by written consent of the parties from time to time.
Unsecured PHI shall have the same meaning as the term “unsecured Protected Health Information” at 45 CFR 164.402.

2.    GENERAL PROVISIONS
2.1    Effect. This BAA supersedes any prior business associate agreement between the Parties and those portions of any Agreement between the Parties that involve the disclosure of PHI by the Company to Business Associate. To the extent any conflict or inconsistency between this BAA and the terms and conditions of any Agreement exists, the terms of this BAA shall prevail.
2.2     Amendment. The Company may, without Business Associate’s consent, amend this BAA to maintain consistency and/or compliance with any state or federal law, policy, directive, regulation, or government sponsored program requirement, upon forty-five (45) business days’ notice to the Business Associate unless a shorter timeframe is necessary for compliance. The Company may otherwise materially amend this BAA only after forty-five (45) business days prior written notice to the Business Associate and only if mutually agreed to by the parties as evidenced by the amendment being executed by each party hereto. If the Parties fail to execute a mutually agreeable amendment within forty-five (45) days of the Business Associate’s receipt of the Company’s written notice to amend this BAA, the Company shall have the right to immediately terminate this BAA and any Agreement(s) between the Parties which may require the Business Associate’s use or disclosure of PHI in performance of services described in such Agreement(s) on behalf of the Company.

 
6
 




3.    SCOPE OF USE AND DISCLOSURE
3.1    The Business Associate may use or disclose PHI as required to provide Services and satisfy its obligations under the Agreement(s), if such use or disclosure of PHI would not violate the Privacy Rule.
3.2    The Business Associate may not use or further disclose PHI in a manner that would violate the Privacy Rule if done by the Company, except that the Business Associate may use or disclose PHI as necessary:
a.
for the proper management and administration of the Business Associate as provided in Section 3.3; and
b.
to provide Data Aggregation services relating to the Health Care Operations of the Company if required under the Agreement.
3.3    The Business Associate may use or disclose PHI for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate. Any disclosures of PHI under this section may be made only if:
a.
the disclosures are required by law, or
b.
the Business Associate obtains reasonable assurances from the person to whom the PHI is disclosed that the PHI will remain confidential and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the PHI has been breached.
3.4    The Business Associate shall not request, use or release more than the Minimum Necessary amount of PHI required to accomplish the purpose of the use or disclosure and shall comply with 42 U.S.C. § 17935(b) as of its Compliance Date. The Business Associate hereby acknowledges that all PHI created or received from, or on behalf of, the Company, is as between the parties, the sole property of the Company.
3.5    The Business Associate or its agents or Subcontractors shall not perform any work outside the United States of America that involves access to, use of, or disclosure of, PHI without the prior written consent of the Company in each instance.

4.    OBLIGATIONS OF THE BUSINESS ASSOCIATE
The Business Associate shall:
4.1     Not use or disclose PHI other than permitted or required by this BAA or as Required by Law.
4.2     Establish and use appropriate safeguards to prevent the unauthorized use or disclosure of PHI.

 
7
 



4.3    Implement administrative, physical, and technical safeguards that reasonably and appropriately protect the Confidentiality, Integrity, and Availability of the Electronic PHI that it creates, receives, maintains, or transmits on behalf of the Company. The Business Associate shall, as of the Compliance Date, comply with the applicable standards at Subpart C of 45 CFR Part 164.
4.4    Promptly report to the Company any unauthorized use or disclosure of PHI, Breach of Unsecured PHI, or Security Incident, within no more than five (5) days, after Business Associate becomes aware of the unauthorized use or disclosure of PHI, Breach of Unsecured PHI or Security Incident. The Business Associate shall take all reasonable steps to mitigate any harmful effects of such unauthorized use or disclosure, Breach of Unsecured PHI, or Security Incident. The Business Associate shall indemnify the Company against any losses, damages, expenses or other liabilities including reasonable attorney’s fees incurred as a result of the Business Associate’s or its agent’s or Subcontractor’s unauthorized use or disclosure of PHI, Breach of Unsecured PHI, or Security Incident, including, but not limited to, the costs of notifying individuals affected by a Breach of Unsecured PHI. Indemnification is subject to an ability to demonstrate that no agency relationship exists between the parties.
4.5    The Business Associate shall, following discovery of a Breach of Unsecured PHI, notify the Company of such Breach as required at 45 CFR 164.410, without unreasonable delay, and in no event more than thirty (30) days after the discovery of the Breach. The notification by the Business Associate to the Company shall include: (1) the identification of each individual whose Unsecured PHI was accessed, acquired, used or disclosed during the Breach; and (2) any other available information that the Company is required to include in its notification to individuals affected by the Breach including, but not limited to, the following:
a.
a brief description of what happened, including the date of the Breach and the date of the discovery of the Breach;
b.
a description of the types of Unsecured PHI that were involved in the Breach; and
c.
a brief description of what the Business Associate is doing to investigate the Breach, to mitigate harm to individuals, and to protect against any further Breaches.
4.6    In accordance with 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, ensure that any Subcontractors or agents that create, receive, maintain, or transmit PHI on behalf of the Business Associate agree to the same restrictions, conditions, and requirements that apply to the Business Associate with respect to such information.
4.7    Within ten (10) days of receiving a request, make available PHI in a Designated Record Set to the Company as necessary to satisfy the Company’s obligations under 45 CFR 164.524.

 
8
 



4.8    Within fifteen (15) days of receiving a request, make any amendment(s) to PHI in a Designated Record Set as directed or agreed to by the Company pursuant to 45 CFR 164.526.
4.9    Maintain and make available to the Company, within twenty (20) days of receiving a request, the information required to provide an accounting of disclosures to the individual as necessary to satisfy the Company’s obligations under 45 CFR 164.528.
4.10    Make its internal practices, books and records relating to the use or disclosure of PHI received from or on behalf of the Company available to the Company or the U. S. Secretary of Health and Human Services for purposes of determining compliance with the HIPAA Rules.
4.11    To the extent the Business Associate conducts Standard Transaction(s) (as defined in the HIPAA Rules) on behalf of the Company, Business Associate shall comply with the HIPAA Rules, “Administrative Requirements,” 45 C.F.R. Part 162, by the applicable compliance date(s) and shall not: (a) change the definition, data condition or use of a data element or segment in a standard; (b) add any data elements or segments to the maximum defined data set; (c) use any code or data elements that are either marked “not used” in the standard’s implementation specification or are not in the standard’s implementation specification(s); or (d) change the meaning or intent of the standard’s implementation specifications. The Business Associate shall comply with any applicable certification and compliance requirements (and provide the Secretary with adequate documentation of such compliance) under subsection (h) of Title 42 U.S.C. Section 1320d-2.
4.12    To the extent the Business Associate is to carry out one or more of the Company’s obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the Company in the performance of such obligation(s).
5.    MISCELLANEOUS
5.1    Indemnification. In addition to any indemnities set forth in the Agreement(s), each party will indemnify and defend the other party from and against any and all third party claims, losses, damages, expenses or other liabilities (including reasonable attorney’s fees) incurred as a result of any breach by such party of any representation, warranty, covenant, agreement or other obligation expressly contained herein by such party, its employees, agents, Subcontractors or other representatives.
5.2    Interpretation. Any ambiguity in this BAA shall be interpreted to permit compliance with the HIPAA Rules.
5.3    No Third Party Beneficiaries. Nothing express or implied in this BAA is intended to confer, nor shall anything herein confer, upon any person other than the Parties and the respective successors or assigns of the Parties, any rights, remedies, obligations, or liabilities whatsoever.

 
9
 



5.4    Governing Law and Venue. This BAA shall be governed by California law notwithstanding any conflicts of law provisions to the contrary. The venue shall be Los Angeles, California.
5.5    Notices. Any notices to be given hereunder to a Party shall be made via certified U.S. Mail or express courier to such Party’s address given below, and/or (other than for the delivery of fees) via facsimile to the facsimile telephone numbers listed below:
If to Business Associate, to:
If to the Company, to:

Infosys Ltd

2400 N Glenville Dr

Richardson, TX 75082

Attn: General Counsel

Fax:


Molina Healthcare, Inc.

200 Oceangate, Suite 100

Long Beach, CA 90802

Attn: Privacy Official

Fax: 562-499-0789

6.    TERM AND TERMINATION OF BAA
6.1    Term. The Term of this BAA shall be effective as of the effective date set forth in the first paragraph of this BAA, and shall terminate on date that the last Agreement remaining in force between the parties is terminated or expires, or on the date the Company terminates for cause as authorized in paragraph 6.2 below, whichever is sooner. 
6.2    Termination for Cause. Notwithstanding any other provision of this BAA or the Agreement(s), the Company may terminate this BAA and any or all Agreement(s) upon five (5) days written notice to Business Associate if the Business Associate has violated a material term of this BAA and fails to cure its breach within thirty (30) days after receiving written notice of the breach.
6.3    Obligations of Business Associate Upon Termination. Upon termination of this BAA for any reason, Business Associate shall return to the Company or, if agreed to by the Company, destroy all PHI received from the Company, or created, maintained, or received by Business Associate on behalf of the Company, that the Business Associate still maintains in any form.   If PHI is destroyed, Business Associate agrees to provide the Company with certification of such destruction. Business Associate shall not retain any copies of PHI except as Required By Law. If return or destruction of all PHI, and all copies of PHI, received from the Company, or created, maintained, or received by Business Associate on behalf of the Company, is not feasible, Business Associate shall:

 
10
 



a.
Continue to use appropriate safeguards and comply with Subpart C of 45 CFR Part 164 with respect to Electronic PHI to prevent use or disclosure of the PHI, other than as provided for in this Section 6, for as long as Business Associate retains the PHI; and
b.
Not use or disclose the PHI retained by Business Associate other than for the purposes for which such PHI was retained and subject to the same conditions set forth in Section 3 above which applied prior to termination.
6.4    Survival.  The obligations of Business Associate under this Section shall survive the termination of this BAA and remain in force as long as Business Associate stores or maintains PHI in any form or format (including archival data). Termination of the BAA shall not affect any of the provisions of this BAA that, by wording or nature, are intended to remain effective and to continue in operation.
[Rest of page intentionally left blank]

 
11
 



INTENDING TO BE LEGALLY BOUND, the parties hereto have caused this BAA to be executed by their duly authorized representatives.

“Business Associate”

“Company”


               
Signature

               
Print Name

                
Title Date


               
Signature

Timothy Zevnik
Print Name

Privacy Official          
Title Date



 
12
 



Attachment 24B

Certain Information Security Requirements
[Note: See following pages]

 
13
 



1. Network Security.
Contractor agrees at all times to maintain network security that–at a minimum –includes: network firewall provisioning, intrusion and threat detection, and regular third party vulnerability assessments upon request of the Client (no more frequently than once every six months). Contractor agrees to maintain network security that conforms to generally recognized industry standards and best practices that Contractor shall apply to its own network (refer to “12. Industry Standards”).
2. Application Security.
Contractor agrees at all times to provide, maintain, and support its software and subsequent updates, upgrades, and bug fixes such that the software is, and remains, secure from those vulnerabilities in accordance with industry practices or standards.
3. Data Security.
Contractor agrees to preserve the confidentiality, integrity and accessibility of Client data with administrative, technical and physical measures that conform to generally recognized industry standards and best practices that Contractor then applies to its own processing environment (refer to “12. Industry Standards”). Maintenance of a secure processing environment includes but is not limited to the timely application of patches, fixes and updates to operating systems and applications as provided by Contractor or open source support.
4. Data Storage.
Contractor agrees that any and all Client data will be stored, processed, and maintained solely on designated target servers and that no Client data at any time will be processed on or transferred to any portable or laptop computing device or any portable storage medium, unless that device or storage medium is in use as part of the Contractor's designated backup and recovery processes and encrypted (refer to “6. Data Encryption”).
5. Data Transmission.
Contractor agrees that any and all electronic transmission or exchange of system and application data with Client and/or any other parties expressly designated by Client shall take place via secure means (using HTTPS or SFTP or equivalent) and, if applicable, solely in accordance with Federal Information Processing Standard Publication 140-2 (“FIPS PUB 140-2”) and Section 7 (Data Re-Use).
6. Data Encryption.
Contractor agrees to store all Client backup data as part of its designated backup and recovery processes in encrypted form, using a commercially supported encryption solution. Contractor further agrees that any and all Client data defined as personally identifiable information under current legislation or regulations stored on any portable or laptop computing device or any portable storage medium be likewise encrypted. Encryption solutions will be deployed with no

 
14
 



less than a 128-bit key for symmetric encryption, a 1024 (or larger) bit key length for asymmetric encryption, and FIPS PIB 140-2.

7. Data Re-Use.
Contractor agrees that any and all data exchanged shall be used expressly and solely for the purposes enumerated in the Current Agreement and this Addendum. Data shall not be distributed, repurposed or shared across other applications, environments, or business units of the Contractor. Contractor further agrees that no Client data of any kind shall be transmitted, exchanged or otherwise passed to other Contractors or interested parties except on a case-by-case basis as specifically agreed to in writing by the Client.
8. End of Agreement Data Handling.
Contractor agrees that upon termination of this Agreement and upon Client’s written approval it shall erase, destroy, and render unrecoverable all Client data and certify in writing that these actions have been completed within thirty (30) days of the termination of this Agreement or within seven (7) days of the request of an agent of the Client, whichever shall come first. At a minimum, a “Clear” media sanitization is to be performed according to the standards enumerated by the National Institute of Standards and Technology (“NIST”) Guidelines for Media Sanitization (SP800-88, Appendix A).
9. Security Breach Notification.
Contractor agrees to comply with all applicable laws that require the notification of Client, in the event of an unauthorized disclosure or breach of information or other events requiring notification. Client will then decide on further action including, but not limited to, notification to effected individuals or government entities. In the event of a breach of any of Contractor’s security obligations, or other events requiring notification under applicable law, Contractor agrees to:
a. Notify the Client Chief Information Security Officer by telephone and email of such an event within twenty-four (24) hours of discovery;
b. Upon Client’s prior written request, assume responsibility for informing all such individuals in accordance with applicable law; and
c. Indemnify, hold harmless and defend Client and its trustees, officers, and employees from and against any claims, damages, or other harm related to such event.
10. Right to Audit
The Client or a client-appointed audit firm (“Auditors”) has the right to audit the Contractor and the Contractor’s sub-contractors or affiliates that provide a service for the processing, transport or

 
15
 



storage of Client’s data. Client will announce their intent to audit the Contractor by providing at a minimum of ten (10) business days’ notice to the Contractor. This notice will go to the Contractor that this contract is executed with. A scope document along with a request for deliverables will be provided at the time of notification of an audit. If the documentation requested cannot be removed from the Contractor’s premises, the Contractor will allow the Client or Auditors access to their site or share on the desktop screen in an audio-video conference. Where necessary, the Contractor will provide a personal site guide for the Client or Auditors while on site. If site visit is necessary, the Contractor will provide a private workspace on site with electrical and internet connectivity for data review, analysis and meetings. The Contractor will make necessary employees or contractors available for interviews in person or on the phone during the time frame of the audit.
In lieu of the Client or its appointed audit firm performing their own audit, if the Contractor has an external, independent audit firm that performs a certified SOC or HITRUST review, the Client has the right to review the controls tested as well as the results, and has the right to request additional controls to be added to the certified SOC or HITRUST review for testing the controls that have an impact on Client data. Audits will be at the Client’s sole expense, except where the audit reveals material noncompliance with contract specifications, in which case the cost will be borne by the Contractor.
11. Contractor Warranty
Contractor (i) warrants that the services provided in this agreement will be in substantial conformity with the information provided in Contractor's response to the Client’s Due Diligence/Security Assessment questionnaire and that Contractor's response to the Client’s Due Diligence/Security Assessment questionnaire is accurate as of the date of such response; (ii) agrees to inform Client promptly of any material variation in operations from that reflected in the Contractor’s response to the Client’s Due Diligence/Security Assessment; and (iii) agrees that any material deficiency in operations from those as described in the Contractor’s Response to the Client’s Due Diligence/Security Assessment questionnaire will be deemed a material breach of this agreement.
12. Industry Standards
Generally recognized industry standards include but are not limited to the current standards and benchmarks set forth and maintained by the:
a. Center for Internet Security - http://www.cisecurity.org
b. Payment Card Industry/Data Security Standards (“PCI/DSS”) - http://www.pcisecuritystandards.org/
c. National Institute for Standards and Technology (NIST 800-53) - http://csrc.nist.gov
d. Federal Information Security Management Act (“FISMA”) - http://csrc.nist.gov

 
16
 



e. ISO/IEC 27000-series - http://www.iso27001security.com/
f. HIPAA and HITECH
g. Federal Risk and Authorization Management Program (“FedRamp”)

 
17
 



Attachment 24C

Certain Cybersecurity Requirements
[Note: See following pages]

 
18
 



1. Client is required by law to implement a Cybersecurity Program that, among other things:
A. protects the confidentiality, integrity, and availability of its Information Systems;
B. identifies and assesses internal and external cybersecurity risks that may threaten its Nonpublic Information stored on its Information Systems;
C. uses defensive infrastructure and implements policies and procedures to protect its Information Systems and Nonpublic Information from unauthorized access, use or malicious acts;
D. detects Cybersecurity Events;
E. responds to identified or detected Cybersecurity Events;
F. recovers and restores normal operations; and
G. fulfills applicable regulatory reporting obligations.
2. As part of its Cybersecurity Program, Client is also required by law to ensure the security of its Information Systems and Nonpublic Information accessible to or held by Third Party Service Providers (“TPSPs”) such as Contractor. Therefore, TPSPs must have, and permit Client to audit via written request, the cybersecurity measures, safeguards and standards used by such TPSPs including, but not limited to, the policies, procedures and practices:
A. Delineating access controls, including Multi-Factor Authentication, to limit access to Client’s Information Systems and Nonpublic Information accessible to or held by the TPSP;
B. Using encryption to protect Client’s Nonpublic Information, in transit and at rest, accessible to or held by the TPSP;
C. Requiring notice to be provided to Client if a Cybersecurity Event threatens or affects Client’s Information Systems or Nonpublic Information accessible to or held by the TPSP. Such notice must be provided to Client within seventy-two (72) hours from a determination that a Cybersecurity Event has occurred that is either of the following:
(i) Cybersecurity Events impacting Client of which notice is required to be provided to any government body, self-regulatory agency or any other supervisory body; or
(ii) Cybersecurity Events that have a reasonable likelihood of materially harming any material part of the normal operation(s) of Client; and
D. Ensuring the security of Client’s Information Systems and Nonpublic Information accessible to or held by the TPSP.

 
19
 



Defined terms in this Attachment 24C:
Affiliate” means any Person that controls, is controlled by or is under common control with another Person. For purposes of this subsection, control means the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of a Person, whether through the ownership of stock of such Person or otherwise.
Cybersecurity Program” means a program designed to protect the confidentiality, integrity and availability of the Covered Entity’s Information Systems.
Cybersecurity Event” means any act or attempt, successful or unsuccessful, to gain unauthorized access to, disrupt or misuse an Information System or information stored on such Information System.
Multi-Factor Authentication” means authentication through verification of at least two of the following types of authentication factors: (1) Knowledge factors, such as a password; (2) Possession factors, such as a token or text message on a mobile phone; or (3) Inherence factors, such as a biometric characteristic.
Nonpublic Information” means all electronic information that is not publicly available information and is:
(1) Business related information of Client the tampering with which, or unauthorized disclosure, access or use of which, would cause a material adverse impact to the business, operations or security of Client;
(2) Any information concerning an individual which because of name, number, personal mark, or other identifier can be used to identify such individual, in combination with any one or more of the following data elements: (i) social security number, (ii) drivers’ license number or non-driver identification card number, (iii) account number, credit or debit card number, (iv) any security code, access code or password that would permit access to an individual’s financial account; or (v) biometric records;
(3) Any information or data, except age or gender, in any form or medium created by or derived from a health care provider or an individual and that relates to (i) the past, present or future physical, mental or behavioral health or condition of any individual or a member of the individual's family, (ii) the provision of health care to any individual, or (iii) payment for the provision of health care to any individual.
Information System” means a discrete set of electronic information resources organized for the collection, processing, maintenance, use, sharing, dissemination or disposition of electronic information, as well as any specialized system.

 
20
 



Third Party Service Provider” (“TPSP”) means an entity that (i) is not an affiliate of Client, (ii) provides services to Client, and (iii) maintains, processes or otherwise is permitted access to Nonpublic Information through its provision of services to Client.
All other provisions of the Agreement shall remain unchanged and in full force and effect.




 
21