10-Q

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

FORM 10-Q

(Mark One)

x QUARTERLY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the quarterly period ended September 30, 2008

or

¨ TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the transition period from             to            

Commission File Number: 1-12718

HEALTH NET, INC.

(Exact name of registrant as specified in its charter)

Delaware	95-4288333
(State or other jurisdiction of incorporation or organization)	(I.R.S. Employer Identification No.)
21650 Oxnard Street, Woodland Hills, CA	91367
(Address of principal executive offices)	(Zip Code)

(818) 676-6000

(Registrant’s telephone number, including area code)

(Former name, former address and former fiscal year, if changed since last report)

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.    x  Yes    ¨  No

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or a smaller reporting company. See the definitions of “large accelerated filer,” “accelerated filer” and “smaller reporting company” in Rule 12b-2 of the Exchange Act. (Check one):

x    Large accelerated filer ¨    Accelerated filer ¨    Non-accelerated filer ¨  Smaller reporting company

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).    ¨  Yes    x  No

Indicate the number of shares outstanding of each of the issuer’s classes of common stock as of the latest practicable date:

The number of shares outstanding of the registrant’s Common Stock as of November 4, 2008 was 103,689,582 (excluding 40,044,293 shares held as treasury stock).

HEALTH NET, INC.

INDEX TO FORM 10-Q

	Page
Part I—FINANCIAL INFORMATION
Item 1—Financial Statements (Unaudited)	3
Consolidated Statements of Operations for the Three and Nine Months Ended September 30, 2008 and 2007	3
Consolidated Balance Sheets as of September 30, 2008 and December 31, 2007	4
Consolidated Statements of Stockholders’ Equity for the Nine Months Ended September 30, 2008 and 2007	5
Consolidated Statements of Cash Flows for the Nine Months Ended September 30, 2008 and 2007	6
Condensed Notes to Consolidated Financial Statements	7
Item 2—Management’s Discussion and Analysis of Financial Condition and Results of Operations	24
Item 3—Quantitative and Qualitative Disclosures About Market Risk	42
Item 4—Controls and Procedures	42
Part II—OTHER INFORMATION
Item 1—Legal Proceedings	44
Item 1A—Risk Factors	44
Item 2—Unregistered Sales of Equity Securities and Use of Proceeds	47
Item 3—Defaults Upon Senior Securities	48
Item 4—Submission of Matters to a Vote of Security Holders	48
Item 5—Other Information	48
Item 6—Exhibits	48
Signatures	49

2

PART I. FINANCIAL INFORMATION

Item 1. Financial Statements

HEALTH NET, INC.

CONSOLIDATED STATEMENTS OF OPERATIONS

(Amounts in thousands, except per share data)

(Unaudited)

	Three Months Ended September 30,					Nine Months Ended September 30,
	2008		2007			2008		2007
REVENUES
Health plan services premiums	$	3,072,717	$	2,930,151		$	9,309,873	$	8,518,596
Government contracts		724,323		660,394			2,083,657		1,882,254
Net investment income		10,204		29,298			66,506		88,546
Administrative services fees and other income		11,607		12,085			37,071		35,622
Total revenues		3,818,851		3,631,928			11,497,107		10,525,018
EXPENSES
Health plan services (excluding depreciation and amortization)		2,689,790		2,631,211			8,133,259		7,353,564
Government contracts		687,848		613,345			1,983,680		1,750,962
General and administrative		294,178		397,168			943,931		958,456
Selling		93,232		91,524			268,067		237,495
Depreciation and amortization		17,255		12,738			42,607		29,384
Interest		10,413		7,401			32,386		24,785
Total expenses		3,792,716		3,753,387			11,403,930		10,354,646
Income (loss) from operations before income taxes		26,135		(121,459	)		93,177		170,372
Income tax provision (benefit)		7,665		(17,614	)		33,709		93,602
Net income (loss)	$	18,470	$	(103,845	)	$	59,468	$	76,770
Net income (loss) per share:
Basic	$	0.17	$	(0.93	)	$	0.55	$	0.69
Diluted	$	0.17	$	(0.93	)	$	0.55	$	0.67
Weighted average shares outstanding:
Basic		105,915		111,111			107,481		111,729
Diluted		106,869		111,111			108,796		114,357

See accompanying condensed notes to consolidated financial statements.

3

HEALTH NET, INC.

CONSOLIDATED BALANCE SHEETS

(Amounts in thousands, except per share data)

	September 30, 2008			December 31, 2007
	(Unaudited)
ASSETS
Current Assets:
Cash and cash equivalents	$	340,121		$	1,007,017
Investments—available for sale (amortized cost: 2008—$1,882,373; 2007—$1,557,411)		1,838,951			1,557,278
Premiums receivable, net of allowance for doubtful accounts (2008—$10,022; 2007—$6,724)		295,854			264,691
Amounts receivable under government contracts		235,064			189,976
Incurred but not reported (IBNR) health care costs receivable under TRICARE North contract		307,970			266,767
Other receivables		107,032			72,518
Deferred taxes		111,266			132,818
Other assets		238,615			210,039
Total current assets		3,474,873			3,701,104
Property and equipment, net		228,256			178,758
Goodwill		751,949			751,949
Other intangible assets, net		96,122			109,386
Deferred taxes		58,555			47,765
Other noncurrent assets		132,427			144,093
Total Assets	$	4,742,182		$	4,933,055
LIABILITIES AND STOCKHOLDERS’ EQUITY
Current Liabilities:
Reserves for claims and other settlements	$	1,348,681		$	1,300,432
Health care and other costs payable under government contracts		56,505			69,014
IBNR health care costs payable under TRICARE North contract		307,970			266,767
Unearned premiums		197,881			176,981
Borrowings under amortizing financing facility		26,693			35,000
Accounts payable and other liabilities		285,016			463,823
Total current liabilities		2,222,746			2,312,017
Senior notes payable		398,224			398,071
Borrowings under amortizing financing facility		119,900			112,363
Borrowings under revolving credit facility		100,000			—
Other noncurrent liabilities		206,187			235,022
Total Liabilities		3,047,057			3,057,473
Commitments and contingencies
Stockholders’ Equity:
Preferred stock ($0.001 par value, 10,000 shares authorized, none issued and outstanding)		—			—
Common stock ($0.001 par value, 350,000 shares authorized; issued 2008—143,733 shares; 2007—143,477 shares)		144			144
Additional paid-in capital		1,181,337			1,151,251
Treasury common stock, at cost (2008—40,043 shares of common stock; 2007—33,178 shares of common stock)		(1,367,302	)		(1,123,750	)
Retained earnings		1,908,565			1,849,097
Accumulated other comprehensive loss		(27,619	)		(1,160	)
Total Stockholders’ Equity		1,695,125			1,875,582
Total Liabilities and Stockholders’ Equity	$	4,742,182		$	4,933,055

See accompanying condensed notes to consolidated financial statements.

4

HEALTH NET, INC.

CONSOLIDATED STATEMENTS OF STOCKHOLDERS’ EQUITY

(Amounts in thousands)

(Unaudited)

	Common Stock				Additional Paid-In Capital			Common Stock Held in Treasury					Retained Earnings		Accumulated Other Comprehensive (Loss) Income			Total
	Shares		Amount					Shares		Amount
Balance as of January 1, 2007	140,690		$	140	$	1,027,878		(28,815	)	$	(891,294	)	$	1,653,478	$	(11,237	)	$	1,778,965
Implementation of FIN 48														1,922					1,922
Adjusted balance as of January 1, 2007	140,690		$	140	$	1,027,878		(28,815	)	$	(891,294	)	$	1,655,400	$	(11,237	)	$	1,780,887
Comprehensive income:
Net income														76,770					76,770
Change in unrealized loss on investments, net of tax impact of $435																1,461			1,461
Defined benefit pension plans:
Prior service cost and net loss																262			262
Total comprehensive income																			78,493
Exercise of stock options and issuance of shares	2,556			3		70,185													70,188
Share-based compensation expense						17,834													17,834
Tax benefit related to equity compensation plans						25,511													25,511
Repurchases of common stock and accelerated stock repurchase settlement	133					(125	)	(4,010	)		(213,610	)							(213,735	)
Forfeiture of restricted stock	(3	)				(88	)												(88	)
Amortization of restricted stock grants						94													94
Balance as of September 30, 2007	143,376		$	143	$	1,141,289		(32,825	)	$	(1,104,904	)	$	1,732,170	$	(9,514	)	$	1,759,184
Balance as of January 1, 2008	143,477		$	144	$	1,151,251		(33,178	)	$	(1,123,750	)	$	1,849,097	$	(1,160	)	$	1,875,582
Comprehensive income:
Net income														59,468					59,468
Change in unrealized loss on investments, net of tax impact of $16,610																(26,680	)		(26,680	)
Defined benefit pension plans:
Prior service cost and net loss																221			221
Total comprehensive income																			33,009
Exercise of stock options and issuance of shares	256					6,679													6,679
Share-based compensation expense						22,774													22,774
Tax benefit related to equity compensation plans						631													631
Repurchases of common stock and accelerated stock repurchase settlement								(6,865	)		(243,552	)							(243,552	)
Amortization of restricted stock grants						2													2
Balance as of September 30, 2008	143,733		$	144	$	1,181,337		(40,043	)	$	(1,367,302	)	$	1,908,565	$	(27,619	)	$	1,695,125

See accompanying condensed notes to consolidated financial statements.

5

HEALTH NET, INC.

CONSOLIDATED STATEMENTS OF CASH FLOWS

(Amounts in thousands)

(Unaudited)

	Nine Months Ended September 30,
	2008			2007
CASH FLOWS FROM OPERATING ACTIVITIES:
Net income	$	59,468		$	76,770
Adjustments to reconcile net income to net cash (used in) provided by operating activities:
Amortization and depreciation		42,607			29,384
Share-based compensation expense		22,771			17,841
Deferred income taxes		27,362			106,809
Excess tax benefit on share-based compensation		(815	)		(17,500	)
Other changes		11,269			(4,457	)
Changes in assets and liabilities, net of effects of dispositions or acquisitions:
Premiums receivable and unearned premiums		(10,263	)		(98,221	)
Other current assets, receivables and noncurrent assets		(42,560	)		(100,539	)
Amounts receivable/payable under government contracts		(57,597	)		25,010
Reserves for claims and other settlements		48,249			264,308
Accounts payable and other liabilities		(205,875	)		49,110
Net cash (used in) provided by operating activities		(105,384	)		348,515
CASH FLOWS FROM INVESTING ACTIVITIES:
Sales of investments		705,244			565,228
Maturities of investments		195,032			148,227
Purchases of investments		(1,255,406	)		(783,243	)
Sales of property and equipment		4			96,748
Purchases of property and equipment		(82,730	)		(47,508	)
Cash paid related to the acquisition of assets and businesses		—			(80,277	)
Sales and purchases of restricted investments and other		20,770			(29,571	)
Net cash used in investing activities		(417,086	)		(130,396	)
CASH FLOWS FROM FINANCING ACTIVITIES:
Proceeds from exercise of stock options and employee stock purchases		6,636			70,097
Excess tax benefit on share-based compensation		815			17,500
Repurchases of common stock		(243,155	)		(205,168	)
Proceeds from issuance of senior notes		—			393,535
Borrowings under revolving credit facility		345,000			100,000
Repayment of borrowings		(253,722	)		(600,000	)
Net cash used in financing activities		(144,426	)		(224,036	)
Net decrease in cash and cash equivalents		(666,896	)		(5,917	)
Cash and cash equivalents, beginning of year		1,007,017			704,806
Cash and cash equivalents, end of period	$	340,121		$	698,889
SUPPLEMENTAL CASH FLOWS DISCLOSURE:
Interest paid	$	16,363		$	26,836
Income taxes paid		90,368			126,982

See accompanying condensed notes to consolidated financial statements.

6

HEALTH NET, INC.

CONDENSED NOTES TO CONSOLIDATED FINANCIAL STATEMENTS

(Unaudited)

1. BASIS OF PRESENTATION

Health Net, Inc. (referred to herein as Health Net, the Company, we, us or our) prepared the accompanying unaudited consolidated financial statements following the rules and regulations of the Securities and Exchange Commission (SEC) for interim reporting. As permitted under those rules and regulations, certain notes or other financial information that are normally required by accounting principles generally accepted in the United States of America (GAAP) have been condensed or omitted if they substantially duplicate the disclosures contained in the annual audited financial statements. The accompanying unaudited consolidated financial statements should be read together with the consolidated financial statements and related notes included in our Annual Report on Form 10-K for the year ended December 31, 2007 (Form 10-K).

We are responsible for the accompanying unaudited consolidated financial statements. These consolidated financial statements include all normal and recurring adjustments that are considered necessary for the fair presentation of our financial position and operating results in accordance with GAAP. In accordance with GAAP, we make certain estimates and assumptions that affect the reported amounts. Actual results could differ from those estimates and assumptions.

Revenues, expenses, assets and liabilities can vary during each quarter of the year. Therefore, the results and trends in these interim financial statements may not be indicative of those for the full year.

Certain items presented in the operating cash flow section of the consolidated statements of cash flows for the nine months ended September 30, 2007 have been reclassified within the operating cash flow section for comparative presentation purposes. This reclassification had no impact on our operating cash flows, net earnings or balance sheets as previously reported.

2. SIGNIFICANT ACCOUNTING POLICIES

Comprehensive Income

Our comprehensive income is as follows:

	Three Months Ended September 30,						Nine Months Ended September 30,
	2008			2007			2008			2007
	(Dollars in millions)
Net income (loss)	$	18.5		$	(103.8	)	$	59.5		$	76.8
Other comprehensive income, net of tax:
Net change in unrealized losses on investments available for sale		(24.5	)		10.5			(35.5	)		1.5
Reclassification of unrealized losses to earnings		8.8			—			8.8			—
Defined benefit pension plans: Prior service cost and net loss amortization		0.1			0.1			0.2			0.2
Comprehensive income (loss)	$	2.9		$	(93.2	)	$	33.0		$	78.5

Earnings Per Share

Basic earnings per share excludes dilution and reflects net income divided by the weighted average shares of common stock outstanding during the periods presented. Diluted earnings per share is based upon the weighted average shares of common stock and dilutive common stock equivalents (this reflects the potential dilution that could occur if stock options were exercised and restricted stock units (RSUs) and restricted shares were vested) outstanding during the periods presented.

7

Common stock equivalents arising from dilutive stock options, restricted common stock and RSUs are computed using the treasury stock method. For the three and nine months ended September 30, 2008, these amounted to 954,000 and 1,315,000 shares, respectively, which included 309,000 and 288,000 common stock equivalents from dilutive RSUs and restricted common stock. There were 2,628,000 shares of common stock equivalents, including 217,000 RSUs and restricted common stock equivalents, for the nine months ended September 30, 2007. For the three months ended September 30, 2007, 2,408,000 shares of common stock equivalents, including 268,000 RSUs and restricted common stock equivalents, were excluded from the computation of loss per share due to their anti-dilutive effect.

Options to purchase an aggregate of 3,236,000 and 1,594,000 shares of common stock, during the three and nine months ended September 30, 2008, respectively, and 810,000, during the nine months ended September 30, 2007 were considered anti-dilutive and were not included in the computation of diluted earnings per share because the options’ exercise price was greater than the average market price of the common stock for each respective period. These options expire at various times through August 2018.

We have a $700 million stock repurchase program authorized by our Board of Directors. The remaining authorization under our stock repurchase program as of September 30, 2008 was $103 million (see Note 6). On November 4, 2008, we announced that our stock repurchase program is on hold as a consequence of the uncertain financial environment and the announcement by Health Net’s Board of Directors that Jay Gellert will be undertaking a review of the Company’s strategy.

Goodwill and Other Intangible Assets

The carrying amount of goodwill by reporting unit is as follows:

	Health Plan Services		Total
	(Dollars in millions)
Balance as of September 30, 2008 and December 31, 2007	$	752.0	$	752.0

The intangible assets that continue to be subject to amortization using the straight-line method over their estimated lives are as follows:

	Gross Carrying Amount		Accumulated Amortization			Net Balance		Weighted Average Life (in years)
	(Dollars in millions)
As of September 30, 2008:
Provider networks	$	40.5	$	(29.6	)	$	10.9	19.4
Employer groups		76.8		(15.3	)		61.5	6.5
Customer relationships and other		29.5		(6.9	)		22.6	11.1
Trade name		3.1		(2.7	)		0.4	1.5
Covenant not-to-compete		2.2		(1.5	)		0.7	2.0
	$	152.1	$	(56.0	)	$	96.1
As of December 31, 2007:
Provider networks	$	40.5	$	(27.7	)	$	12.8	19.4
Employer groups		75.0		(6.5	)		68.5	6.5
Customer relationships and other		29.5		(4.9	)		24.6	11.1
Trade name		3.1		(1.2	)		1.9	1.5
Covenant not-to-compete		2.2		(0.6	)		1.6	2.0
	$	150.3	$	(40.9	)	$	109.4

8

We performed our annual impairment test on our goodwill and other intangible assets as of June 30, 2008 for our health plan services reporting unit and also re-evaluated the useful lives of our other intangible assets. No goodwill impairment was identified in our health plan services reporting unit. We also determined that the estimated useful lives of our other intangible assets properly reflected the current estimated useful lives.

During the three months ended September 30, 2008, we recorded higher than expected health care costs and lowered our earnings guidance for the full-year 2008. The reduction in guidance was primarily driven by lower than expected commercial enrollment, higher than expected commercial health care cost trends, and the volatile economic environment. As a result of this revised outlook, we updated our annual impairment test on our goodwill asset as of September 30, 2008, which indicated that there was no impairment.

Estimated annual pretax amortization expense for other intangible assets for the current year and each of the next four years ending December 31 are as follows (dollars in millions):

Year	Amount
2008	$	19.3
2009		16.8
2010		16.3
2011		16.0
2012		15.6

Restricted Assets

We and our consolidated subsidiaries are required to set aside certain funds which may only be used for certain purposes pursuant to state regulatory requirements. We have discretion as to whether we invest such funds in cash and cash equivalents or other investments. As of September 30, 2008 and December 31, 2007, our restricted cash and cash equivalents balances totaled $53.4 million and $30.5 million, respectively, and are included in other noncurrent assets. Investment securities held by trustees or agencies were $64.5 million and $79.3 million as of September 30, 2008 and December 31, 2007, respectively, and are included in investments available-for-sale.

In connection with our purchase of The Guardian Life Insurance Company of America’s interest in the HealthCare Solutions business in 2007, we established escrowed funds to secure the payment of projected run-out claims for the purchased block of business. As of September 30, 2008 and December 31, 2007, this restricted cash balance amounted to $10.4 million and $37.0 million, respectively, and is included in other noncurrent assets on the accompanying consolidated balance sheets.

Interest Rate Swap Contracts

On December 19, 2007, we entered into a five-year, $175 million amortizing financing facility with a non-U.S. lender (see Note 7). In connection with the financing facility, we entered into an interest rate swap agreement under which we pay an amount equal to LIBOR times a notional principal amount and receive in return an amount equal to 4.3% times the same notional principal amount. The interest rate swap does not qualify for hedge accounting. Accordingly, the interest rate swap is reflected at positive fair value of $2.6 million in our consolidated balance sheet with an offset to net investment income in our consolidated statement of operations for the change in fair value during the three and nine months ended September 30, 2008.

CMS Risk Factor Adjustments

We have an arrangement with the Centers for Medicare & Medicaid Services (CMS) for certain of our Medicare products whereby periodic changes in our risk factor adjustment scores for certain diagnostic codes result in changes to our health plan services premium revenues. We recognize such changes when the amounts become determinable and supportable and collectibility is reasonably assured.

9

We recognized $20.2 million and $109.5 million of favorable Medicare risk factor estimates, most of which were for the 2008 payment years in our health plan services premium revenues for the three and nine months ended September 30, 2008, respectively. We also recognized $4.4 million and $27.9 million of capitation expense related to the Medicare risk factor estimates, most of which were for the 2008 payment years in our health plan services costs for the three and nine months ended September 30, 2008, respectively.

We recognized $26.9 million and $76.1 million of favorable Medicare risk factor estimates in our health plan services premium revenues for the three and nine months ended September 30, 2007, respectively. Of these amounts, $1.2 million and $14.8 million for the three and nine months ended September 30, 2007, respectively, were for 2006 and prior payment years. We also recognized $7.1 million and $22.1 million of capitation expense related to the Medicare risk factor estimates in our health plan services costs for the three and nine months ended September 30, 2007, respectively. Of these amounts, $0 and $4.7 million for the three and nine months ended September 30, 2007, respectively, were for 2006 and prior payment years.

TRICARE Contract Target Costs

Our TRICARE contract for the North Region includes a target cost and price for reimbursed health care costs which is negotiated annually during the term of the contract with underruns and overruns of our target cost borne 80% by the government and 20% by us. In the normal course of contracting with the federal government, we recognize changes in our estimate for the target cost underruns and overruns when the amounts become determinable, supportable and the collectibility is reasonably assured. During the three and nine months ended September 30, 2008, we recognized increases in revenues of $48 million and $48 million, respectively, and increases in costs of $62 million and $61 million, respectively. During the three and nine months ended September 30, 2007, we recognized an increase in revenues of $10 million and a decrease in revenues of $61 million, respectively, and decreases in costs of $7 million and $95 million, respectively.

Recently Issued Accounting Pronouncements

In March 2008, the Financial Accounting Standards Board (FASB) issued Statement of Financial Accounting Standards No. 161, Disclosures about Derivative Instruments and Hedging Activities-an amendment of SFAS No. 133 (SFAS No. 161). This statement changes the disclosure requirements for derivative instruments and hedging activities. Entities are required to provide enhanced disclosures about how and why an entity uses derivative instruments, how derivative instruments and related hedged items are accounted for under SFAS No. 133, Accounting for Derivative Instruments and Hedging Activities, and how derivative instruments and related hedged items affect an entity’s financial position, financial performance and cash flows. This statement requires that objectives for using derivative instruments be disclosed in terms of underlying risks and accounting designation. Fair values of derivatives and their gains and losses are required to be disclosed in a tabular format. SFAS No. 161 is effective for financial statements issued for fiscal years and interim periods beginning after November 15, 2008. We do not expect the adoption of SFAS No. 161 as of January 1, 2009 to have a material impact on our financial statements.

3. SEGMENT INFORMATION

We operate within two reportable segments: Health Plan Services and Government Contracts. Our Health Plan Services reportable segment includes the operations of our commercial, Medicare (including Part D) and Medicaid health plans, the operations of our health and life insurance companies and our behavioral health and pharmaceutical services subsidiaries. Our Government Contracts reportable segment includes government-sponsored managed care plans through the TRICARE program and other health care-related government contracts. Our Government Contracts segment administers one large, multi-year managed health care government contract and other health care related government contracts.

10

We evaluate performance and allocate resources based on segment pretax income. The accounting policies of the reportable segments are the same as those described in the summary of significant accounting policies in Note 2 to the consolidated financial statements included in our Form 10-K, except that intersegment transactions are not eliminated. We include investment income, administrative services fees and other income and expenses associated with our corporate shared services and other costs in determining our Health Plan Services segment’s pretax income to reflect the fact that these revenues and expenses are primarily used to support our Health Plan Services reportable segment.

Our segment information is as follows:

	Health Plan Services			Government Contracts		Eliminations			Total
	(Dollars in millions)
Three Months Ended September 30, 2008
Revenues from external sources	$	3,072.7		$	724.3	$	—		$	3,797.0
Intersegment revenues		12.5			—		(12.5	)		—
Segment pretax (loss) income		(10.4	)		36.5		—			26.1
Three Months Ended September 30, 2007
Revenues from external sources	$	2,930.2		$	660.4	$	—		$	3,590.6
Intersegment revenues		2.3			—		(2.3	)		—
Segment pretax (loss) income		(168.5	)		47.0		—			(121.5	)
Nine Months Ended September 30, 2008
Revenues from external sources	$	9,309.9		$	2,083.7	$	—		$	11,393.6
Intersegment revenues		40.7			—		(40.7	)		—
Segment pretax (loss) income		(6.8	)		100.0		—			93.2
Nine Months Ended September 30, 2007
Revenues from external sources	$	8,518.6		$	1,882.3	$	—		$	10,400.9
Intersegment revenues		6.8			—		(6.8	)		—
Segment pretax income		39.1			131.3		—			170.4

Our health plan services premium revenue by line of business is as follows:

	Three Months Ended September 30,				Nine Months Ended September 30,
	2008		2007		2008		2007
	(Dollars in millions)
Commercial premium revenue	$	1,951.5	$	1,923.1	$	5,873.8	$	5,520.6
Medicare premium revenue		859.2		704.4		2,651.3		2,102.6
Medicaid premium revenue		262.0		302.7		784.8		895.4
Total Health Plan Services premiums	$	3,072.7	$	2,930.2	$	9,309.9	$	8,518.6

4. INVESTMENTS

Investments classified as available-for-sale, which consist primarily of debt securities, are stated at fair value. Unrealized gains and losses are excluded from earnings and reported as other comprehensive income, net of income tax effects. The cost of investments sold is determined in accordance with the specific identification method and realized gains and losses are included in net investment income. We periodically assess our available-for-sale investments for other-than-temporary impairment. Any such other-than-temporary impairment loss is recognized as a realized loss and measured as the excess of amortized cost over fair value at the time the assessment is made.

11

During the three and nine months ended September 30, 2008, we recognized a $14.6 million loss from other-than-temporary impairments of our cash equivalents and available-for-sale investments. Such other-than-temporary impairments primarily were as a result of investments in corporate debt from Lehman Brothers, money market funds from The Reserve Primary Institutional Fund and preferred stock from Federal National Mortgage Association (Fannie Mae) and Federal Home Loan Mortgage Corporation (Freddie Mac).

In September 2008, Lehman Brothers Holdings Inc. filed for bankruptcy protection under Chapter 11 of the U.S. Bankruptcy Code. Accordingly, we deemed the recovery of our investments in Lehman Brothers bonds as remote and recognized a loss from other-than-temporary impairment of $8.3 million in the three months ended September 30, 2008. As of September 30, 2008, our investments in Lehman Brothers corporate debt were written down to a cost basis of zero.

Due to the Lehman bankruptcy, our investment in The Reserve Primary Institutional Fund fell below a net asset value of $1 per share. Lehman short-term debt is one of the underlying investments in this fund. Consistent with our treatment of our Lehman Brothers investments, we recognized a loss from other-than-temporary impairment of $4.1 million in the three months ended September 30, 2008, in connection with our investments in The Reserve Primary Institutional Fund. As of September 30, 2008, our investments in The Reserve Primary Institutional Fund had a market value and cost basis of $253.5 million. We also have $118.4 million in The Reserve Government Fund as of September 30, 2008 at an estimated net asset value of $1 per share. Accordingly, no impairment was recognized for this fund.

In September 2008, The Reserve announced its intention to liquidate all of its money market funds and froze all redemptions until an orderly liquidation process can be implemented. As a result, we reclassified $372 million in estimated net asset value we had invested in The Reserve money market funds from cash equivalents to investments available for sale as of September 30, 2008. On October 30, 2008, The Reserve made an initial distribution of approximately 50% of the account balance in The Reserve Primary Fund, which equated to about $130 million for our account. The Reserve expects to distribute the remaining amounts in the Primary Fund and the Government Fund by the end of 2008.

Recent actions taken by the U.S. government to seize control of Fannie Mae and Freddie Mac due to the financial condition and liquidity issues of these government-sponsored entities coupled with weakness in the banking and financial services sectors led us to conclude that the recovery of our investments in these securities is not expected in the near term. In the three months ended September 30, 2008, we recognized a loss from other-than-temporary impairments of Fannie Mae and Freddie Mac securities totaling $1.2 million. As of September 30, 2008, our investments in Fannie Mae and Freddie Mac preferred stock were written down to a cost basis of zero.

In addition, we recognized $1 million in losses from other-than-temporary impairments of other corporate debt and preferred stock primarily issued by financial institutions or banks. Due to credit downgrades and declines in fair values in light of current market conditions, we deemed such impairments to be other-than-temporary.

12

As of September 30, 2008 and December 31, 2007, the amortized cost, gross unrealized holding gains and losses, and fair value of our available-for-sale investments were as follows:

	September 30, 2008
	Amortized Cost		Gross Unrealized Holding Gains		Gross Unrealized Holding Losses			Carrying Value
	(Dollars in millions)
Asset-backed securities	$	602.5	$	1.7	$	(11.3	)	$	592.9
U.S. government and agencies		104.1		0.3		—			104.4
Obligations of states and other political subdivisions		554.9		0.5		(18.4	)		537.0
Corporate debt securities		620.5		0.9		(17.3	)		604.1
Other securities		0.4		0.2		—			0.6
	$	1,882.4	$	3.6	$	(47.0	)	$	1,839.0
	December 31, 2007
	Amortized Cost		Gross Unrealized Holding Gains		Gross Unrealized Holding Losses			Carrying Value
	(Dollars in millions)
Asset-backed securities	$	504.9	$	2.5	$	(3.1	)	$	504.3
U.S. government and agencies		197.7		0.4		(0.5	)		197.6
Obligations of states and other political subdivisions		563.0		2.8		(1.4	)		564.4
Corporate debt securities		290.0		1.0		(2.0	)		289.0
Other securities		1.8		0.1		—			1.9
	$	1,557.4	$	6.8	$	(7.0	)	$	1,557.2

The following table shows our investments’ gross unrealized losses and fair value for individual securities that have been in a continuous loss position through September 30, 2008:

	Less than 12 Months					12 Months or More					Total
	Fair Value		Unrealized Losses			Fair Value		Unrealized Losses			Fair Value		Unrealized Losses
	(Dollars in millions)
Asset-backed securities	$	346.1	$	(9.0	)	$	31.9	$	(2.3	)	$	378.0	$	(11.3	)
U.S. government and agencies		7.3		—			—		—			7.3		—
Obligation of states and other political subdivisions		421.9		(13.8	)		44.0		(4.6	)		465.9		(18.4	)
Corporate debt		164.0		(14.4	)		19.7		(2.9	)		183.7		(17.3	)
	$	939.3	$	(37.2	)	$	95.6	$	(9.8	)	$	1,034.9	$	(47.0	)

The following table shows the number of our individual securities that have been in a continuous loss position at September 30, 2008.

	Less than 12 Months	12 Months or More	Total
Asset-backed securities	75	19	94
U.S. government and agencies	5	—	5
Obligation of states and other political subdivisions	156	8	164
Corporate debt	81	9	90
	317	36	353

13

The following table shows our investments’ gross unrealized losses and fair value for individual securities that have been in a continuous loss position through December 31, 2007:

	Less than 12 Months					12 Months or More					Total
	Fair Value		Unrealized Losses			Fair Value		Unrealized Losses			Fair Value		Unrealized Losses
	(Dollars in millions)
Asset-backed securities	$	23.1	$	(0.2	)	$	188.7	$	(2.9	)	$	211.8	$	(3.1	)
U.S. government and agencies		3.7		—			100.3		(0.5	)		104.0		(0.5	)
Obligation of states and other political subdivisions		110.8		(1.0	)		69.7		(0.4	)		180.5		(1.4	)
Corporate debt		26.5		(0.4	)		111.3		(1.6	)		137.8		(2.0	)
	$	164.1	$	(1.6	)	$	470.0	$	(5.4	)	$	634.1	$	(7.0	)

The following table shows the number of our individual securities that have been in a continuous loss position at December 31, 2007.

	Less than 12 Months	12 Months or More	Total
Asset-backed securities	15	63	78
U.S. government and agencies	3	27	30
Obligation of states and other political subdivisions	29	30	59
Corporate debt	10	37	47
	57	157	214

The securities with an unrealized loss position are comprised of fixed rate debt securities of varying maturities. The value of fixed income securities is sensitive to changes to the yield curve and other market conditions, with the value decreasing as rates increase and increasing as rates decrease.

The fixed income securities listed above are highly rated securities with an average rating of “AA” and “Aa1” as rated by S&P and Moody’s, respectively. At this time, there is no indication of default on interest or principal payments. Currently, we have the intent and the ability to hold to recovery the securities in the unrealized loss position.

5. OUTSOURCING ARRANGEMENTS

On August 19, 2008, we entered into a five-year agreement with International Business Machines Corporation (IBM) to outsource our IT infrastructure management services including data center services, IT security management and help desk support. The total commitments under the agreement for the five-years and a six-month transition period are approximately $310.7 million.

On September 30, 2008, we entered into a five-year agreement with Cognizant Technology Solutions U.S. Corporation (Cognizant) to outsource our software applications development and management activities to Cognizant. Under the terms of the agreement, Cognizant will, among other things, provide us with services including the following: application development, testing and monitoring services, application maintenance and support services, project management services and cross functional services. The total commitments under the agreement for the five-year term are approximately $109 million.

6. STOCK REPURCHASE PROGRAM

We have a $700 million stock repurchase program authorized by our Board of Directors. Subject to Board approval, additional amounts are added to the repurchase program from time to time based on exercise proceeds

14

and tax benefits the Company receives from employee stock options. We repurchased 3,652,495 shares and 6,851,595 shares of our common stock during the three and nine months ended September 30, 2008, respectively, for aggregate consideration of approximately $100 million and $243 million, respectively.

The remaining authorization under our stock repurchase program as of September 30, 2008 was $103 million. As of September 30, 2008, we had repurchased a cumulative aggregate of 36,623,347 shares of our common stock under our stock repurchase program at an average price of $34.40 per share for aggregate consideration of $1,259.8 million (which amount includes exercise proceeds and tax benefits the Company had received from the exercise of employee stock options). We used net free cash available to fund the share repurchases. On November 4, 2008, we announced that our stock repurchase program is on hold as a consequence of the uncertain financial environment and the announcement by Health Net’s Board of Directors that Jay Gellert will be undertaking a review of the Company’s strategy.

7. FINANCING ARRANGEMENTS

Amortizing Financing Facility

On December 19, 2007, we entered into a five-year, non-interest bearing, $175 million amortizing financing facility with a non-U.S. lender, and on April 29, 2008, we entered into an amendment to the financing facility, which was administrative in nature. In connection with the financing facility, we entered into an interest rate swap agreement (see Note 2). Under the interest rate swap agreement, we pay an amount equal to LIBOR times a notional principal amount and receive in return an amount equal to 4.3% times the same notional principal amount. The financing facility requires one of our subsidiaries to pay semi-annual distributions, in the amount of $17.5 million, to a participant in the financing facility. Unless terminated earlier, the final payment under the facility is scheduled to be made on December 19, 2012. The financing facility also provides that the financing facility may be terminated through a series of put and call transactions: (1) at the option of one of our wholly-owned subsidiaries at any time after December 20, 2009, or (2) upon the occurrence of certain defined acceleration events.

The financing facility includes limitations (subject to specified exclusions) on our and certain of our subsidiaries’ ability to incur debt; create liens; engage in certain mergers, consolidations and acquisitions; engage in transactions with affiliates; enter into agreements which will restrict the ability to pay dividends or other distributions with respect to any shares of capital stock or the ability to make or repay loans or advances; make dividends; and alter the character of the business we and our subsidiaries conducted on the closing date of the financing facility. In addition, the financing facility also requires that we maintain a specified consolidated leverage ratio and consolidated fixed charge coverage ratio throughout the term of the financing facility. As of September 30, 2008, we were in compliance with all of the covenants under the financing facility.

Senior Notes

On May 18, 2007, we issued $300 million in aggregate principal amount of 6.375% Senior Notes due 2017. On May 31, 2007, we issued an additional $100 million of 6.375% Senior Notes due 2017 which were consolidated with, and constitute the same series as, the Senior Notes issued on May 18, 2007 (collectively, Senior Notes). The aggregate net proceeds from the issuance of the Senior Notes were $393.5 million and were used to repay outstanding debt.

The indenture governing the Senior Notes limits our ability to incur certain liens, or consolidate, merge or sell all or substantially all of our assets. In the event of the occurrence of both (1) a change of control of Health Net, Inc. and (2) a below investment grade rating by any two of Fitch, Inc., Moody’s Investors Service, Inc. and Standard & Poor’s Ratings Services within a specified period, we will be required to make an offer to purchase the Senior Notes at a price equal to 101% of the principal amount of the Senior Notes plus accrued and unpaid interest to the date of repurchase. As of September 30, 2008, no default or event of default had occurred under the indenture governing the Senior Notes.

15

The Senior Notes may be redeemed in whole at any time or in part from time to time, prior to maturity at our option, at a redemption price equal to the greater of:

• 100% of the principal amount of the Senior Notes then outstanding to be redeemed; or

• the sum of the present values of the remaining scheduled payments of principal and interest on the Senior Notes to be redeemed (not including any portion of such payments of interest accrued to the date of redemption) discounted to the date of redemption on a semiannual basis (assuming a 360-day year consisting of twelve 30-day months) at the applicable treasury rate plus 30 basis points;

plus, in each case, accrued and unpaid interest on the principal amount being redeemed to the redemption date.

Each of the following will be an Event of Default under the indenture governing the Senior Notes:

• failure to pay interest for 30 days after the date payment is due and payable, provided that an extension of an interest payment period by us in accordance with the terms of the Senior Notes shall not constitute a failure to pay interest;

• failure to pay principal or premium, if any, on any note when due, either at maturity, upon any redemption, by declaration or otherwise;

• failure to perform any other covenant or agreement in the notes or indenture for a period of 60 days after notice that performance was required;

• (A) our failure or the failure of any of our subsidiaries to pay indebtedness for money we borrowed or any of our subsidiaries borrowed in an aggregate principal amount of at least $50,000,000, at the later of final maturity and the expiration of any related applicable grace period and such defaulted payment shall not have been made, waived or extended within 30 days after notice or (B) acceleration of the maturity of indebtedness for money we borrowed or any of our subsidiaries borrowed in an aggregate principal amount of at least $50,000,000, if that acceleration results from a default under the instrument giving rise to or securing such indebtedness for money borrowed and such indebtedness has not been discharged in full or such acceleration has not been rescinded or annulled within 30 days after notice; or

• events in bankruptcy, insolvency or reorganization of our Company.

Revolving Credit Facility

On June 25, 2007, we entered into a $900 million five-year revolving credit facility with Bank of America, N.A. as Administrative Agent, Swingline Lender, and L/C Issuer, and the other lenders party thereto. We entered into an amendment to the credit facility on April 29, 2008, which was administrative in nature. As of September 30, 2008, $100 million was outstanding under our revolving credit facility and the maximum amount available for borrowing under the revolving credit facility was $674.9 million (see “—Letters of Credit” below).

Amounts outstanding under our revolving credit facility will bear interest, at our option, at (a) the base rate, which is a rate per annum equal to the greater of (i) the federal funds rate plus one-half of one percent and (ii) Bank of America’s prime rate (as such term is defined in the facility), (b) a competitive bid rate solicited from the syndicate of banks, or (c) the British Bankers Association LIBOR rate (as such term is defined in the facility), plus an applicable margin, which is initially 70 basis points per annum and is subject to adjustment according to our credit ratings, as specified in the facility.

Our revolving credit facility includes, among other customary terms and conditions, limitations (subject to specified exclusions) on our and our subsidiaries’ ability to incur debt; create liens; engage in certain mergers, consolidations and acquisitions; sell or transfer assets; enter into agreements which restrict the ability to pay dividends or make or repay loans or advances; make investments, loans, and advances; engage in transactions with affiliates; and make dividends. In addition, we are required to maintain a specified consolidated leverage ratio and consolidated fixed charge coverage ratio throughout the term of the revolving credit facility.

16

Our revolving credit facility contains customary events of default, including nonpayment of principal or other amounts when due; breach of covenants; inaccuracy of representations and warranties; cross-default and/or cross-acceleration to other indebtedness of the Company or our subsidiaries in excess of $50 million; certain ERISA-related events; noncompliance by us or any of our subsidiaries with any material term or provision of the HMO Regulations or Insurance Regulations (as each such term is defined in the facility); certain voluntary and involuntary bankruptcy events; inability to pay debts; undischarged, uninsured judgments greater than $50 million against us and/or our subsidiaries; actual or asserted invalidity of any loan document; and a change of control. If an event of default occurs and is continuing under the credit facility, the lenders thereunder may, among other things, terminate their obligations under the facility and require us to repay all amounts owed thereunder.

Letters of Credit

We can obtain letters of credit in an aggregate amount of $400 million under our revolving credit facility. The maximum amount available for borrowing under our revolving credit facility is reduced by the dollar amount of any outstanding letters of credit. As of September 30, 2008 and December 31, 2007, we had outstanding letters of credit for $125.1 million and $120.8 million, respectively, resulting in the maximum amount available for borrowing under the revolving credit facility of $674.9 million and $779.2 million, respectively. As of September 30, 2008 and December 31, 2007, no amounts have been drawn on any of these letters of credit.

8. FAIR VALUE MEASUREMENTS

In September 2006, the FASB issued SFAS No. 157, Fair Value Measurements, which we adopted on January 1, 2008. SFAS No. 157 does not require any new fair value measurements, but it defines fair value, establishes a framework for measuring fair value in accordance with existing GAAP, and expands disclosures about fair value measurements. Assets and liabilities recorded at fair value in the consolidated balance sheets are categorized based upon the level of judgment associated with the inputs used to measure their fair value and the level of market price observability.

Investments measured and reported at fair value using Level inputs, as defined by SFAS No. 157, are classified and disclosed in one of the following categories:

Level 1—Quoted prices are available in active markets for identical investments as of the reporting date. The type of investments included in Level I include U.S. treasury securities and listed equities. As required by SFAS No. 157, we do not adjust the quoted price for these investments, even in situations where we hold a large position and a sale could reasonably impact the quoted price.

Level 2—Pricing inputs are other than quoted prices in active markets, which are either directly or indirectly observable as of the reporting date, and fair value is determined through the use of models or other valuation methodologies. Investments that are generally included in this category include asset-backed securities, corporate bonds and loans, municipal bonds, auction rate securities and interest rate swap asset.

Level 3—Pricing inputs are unobservable for the investment and include situations where there is little, if any, market activity for the investment. The inputs into the determination of fair value require significant management judgment or estimation.

In certain cases, the inputs used to measure fair value may fall into different levels of the fair value hierarchy. In such cases, an investment’s level within the fair value hierarchy is based on the lowest level of input that is significant to the fair value measurement. Our assessment of the significance of a particular input to the fair value measurement in its entirety requires judgment and considers factors specific to the investment.

17

The following table presents information about our assets and liabilities measured at fair value on a recurring basis at September 30, 2008, and indicate the fair value hierarchy of the valuation techniques utilized by us to determine such fair value.

	Level 1		Level 2		Level 3		Total
	(Dollars in millions)
Assets:
Investments—available for sale
Asset-backed securities	$	—	$	592.9	$	—	$	592.9
U.S. government and agencies		36.4		68.0		—		104.4
Obligations of states and other political subdivisions		—		526.8		10.2		537.0
Corporate debt securities		—		604.1		—		604.1
Other securities		0.6		—		—		0.6
	$	37.0	$	1,791.8	$	10.2	$	1,839.0
Interest rate swap asset		—		2.6		—		2.6
Total assets at fair value	$	37.0	$	1,794.4	$	10.2	$	1,841.6

The changes in the balances of Level 3 financial assets for the three and nine months ended September 30, 2008 were as follows (dollars in millions):

	Three Months Ended			Nine Months Ended
	September 30, 2008
Beginning balance	$	10.3		$	—
Total gains and losses
Realized in net income		—			—
Unrealized in accumulated other comprehensive income		—			—
Purchases, sales, issuances and settlements		(0.1	)		(11.6	)
Transfers into Level 3		—			21.8
Ending balance at September 30, 2008	$	10.2		$	10.2
Change in unrealized gains (losses) included in net income related to assets still held	$	—		$	—

During the nine months ended September 30, 2008, certain auction rate securities experienced “failed” auctions. As a result, these securities’ fair value could not be estimated based on observable market prices and unobservable inputs were used.

9. LEGAL PROCEEDINGS

Class Action Litigation

McCoy v. Health Net, Inc. et al, Wachtel v. Health Net, Inc., et al and Scharfman, et al v. Health Net, Inc., et al.

These three lawsuits are styled as nationwide class actions. McCoy and Wachtel were pending in the United States District Court for the District of New Jersey on behalf of a class of subscribers in a number of our large and small employer group plans. The Wachtel complaint initially was filed as a single plaintiff case in New Jersey State court on July 23, 2001. Subsequently, we removed the Wachtel complaint to federal court, and plaintiffs amended their complaint to assert claims on behalf of a class of subscribers in small employer group plans in New Jersey on December 4, 2001. The McCoy complaint was filed on April 23, 2003 and asserted claims on behalf of a nationwide class of Health Net subscribers. These two cases were consolidated for purposes of trial. Plaintiffs alleged that Health Net, Inc., Health Net of the Northeast, Inc. and Health Net of New Jersey,

18

Inc. violated the Employee Retirement Income Security Act of 1974 (ERISA) in connection with various practices related to the reimbursement of claims for services provided by out-of-network (ONET) providers. Plaintiffs sought relief in the form of payment of additional benefits, injunctive and other equitable relief, and attorneys’ fees.

In September 2006, the District Court in McCoy/Wachtel certified two nationwide classes of Health Net subscribers who received medical services or supplies from an out-of-network provider and to whom the defendants paid less than the providers billed charges from 1995 through August 31, 2004. Class notices were mailed and published in various newspapers at the beginning of July 2007.

On January 13, 2005, counsel for the plaintiffs in the McCoy/Wachtel actions filed a separate class action against Health Net, Inc., Health Net of the Northeast, Inc., Health Net of New York, Inc. and Health Net Life Insurance Co. captioned Scharfman, et al. v. Health Net, Inc., et al., 05-CV-00301 (FSH)(PS) (United States District Court for the District of New Jersey). On March 12, 2007, the Scharfman complaint was amended to add McCoy and Wachtel as named plaintiffs and to add a non-ERISA claim. The Scharfman complaint alleged both ERISA and Racketeer Influenced and Corrupt Organizations Act (RICO) claims based on conduct similar to that alleged in McCoy/Wachtel. The alleged claims in Scharfman ran from September 1, 2004 until the present. Plaintiffs in the Scharfman action sought relief in the form of payment of additional benefits, civil penalties, restitution, compensatory, and consequential damages, treble damages, prejudgment interest and costs, attorney’s fees and injunctive and other equitable relief.

In August 2007, we engaged in mediation with the plaintiffs resulting in an agreement in principle to settle McCoy, Wachtel and Scharfman. A final settlement agreement was signed with the plaintiffs on March 13, 2008. The material terms of our settlement agreement with the plaintiffs are as follows: (1) Health Net established a $175 million cash settlement fund which will be utilized to pay class members, plaintiffs’ attorneys’ fees and expenses and regulatory remediation of claims up to $15 million paid by Health Net to members in New Jersey relating to Health Net’s failure to comply with specific New Jersey state laws relating to ONET and certain other claims payment practices; (2) Health Net established a $40 million prove-up fund to compensate eligible class members who can prove that they paid out of pocket for certain ONET claims or who have received balance bills for such services after May 5, 2005; and (3) Health Net will implement various business practice changes relating to its handling of ONET claims, including changes designed to enhance information provided to its members on ONET reimbursements and enhanced reimbursement for certain ONET services. These amounts were accrued for in our consolidated statements of operations for the year ended December 31, 2007, and on January 28, 2008, we deposited $160 million into an escrow fund to be used, together with interest accrued thereon, as the cash settlement fund referenced above.

On April 24, 2008, the District Court conducted a preliminary fairness hearing and subsequently signed an order on that date preliminarily approving the settlement agreement. Notice of the settlement agreement’s terms, as well as class members’ rights to opt out of the settlement or object to the settlement, was provided to class members in May 2008. On July 24, 2008, the District Court conducted a final fairness hearing, at which objections to the settlement agreement were presented by certain class members. Immediately following the hearing, the District Court entered an order granting final approval of the settlement agreement. No appeals were filed from the District Court’s approval order. The terms of the settlement agreement are now in effect and we are in the process of implementing our obligations under the terms of the agreement.

Litigation Related to the Sale of Businesses

AmCareco Litigation

We are a defendant in two related litigation matters pending in Louisiana and Texas state courts, both of which relate to claims asserted by three separate state receivers overseeing the liquidation of three health plans in Louisiana, Texas and Oklahoma that were previously owned by our former subsidiary, Foundation Health

19

Corporation (FHC), which merged into Health Net, Inc. in January 2001. In 1999, FHC sold its interest in these plans to AmCareco, Inc. (AmCareco). We retained a minority interest in the three plans after the sale. Thereafter, the three plans became known as AmCare of Louisiana (AmCare-LA), AmCare of Oklahoma (AmCare-OK) and AmCare of Texas (AmCare-TX). In 2002, three years after the sale of the plans to AmCareco, each of the AmCare plans was placed under state oversight and ultimately into receivership. The receivers for each of the AmCare plans later filed suit against certain of AmCareco’s officers, directors and investors, AmCareco’s independent auditors and its outside counsel in connection with the failure of the three plans. The three receivers also filed suit against us contending that, among other things, we were responsible as a “controlling shareholder” of AmCareco following the sale of the plans for post-acquisition misconduct by AmCareco and others that caused the three health plans to fail and ultimately be placed into receivership.

The action brought against us by the receiver for AmCare-LA action originally was filed in Louisiana on June 30, 2003. That original action sought only to enforce a parental guarantee that FHC had issued in 1996. The AmCare-LA receiver alleged that the parental guarantee obligated FHC to contribute sufficient capital to the Louisiana health plan to enable the plan to maintain statutory minimum capital requirements. The original action also alleged that the parental guarantee was not terminated by virtue of the 1999 sale of the Louisiana plan. The actions brought against us by AmCare-TX and AmCare-OK originally were filed in Texas state court on June 7, 2004 and included allegations that after the sale to AmCareco we were nevertheless responsible for the mismanagement of the three plans by AmCareco and that the three plans were insolvent at the time of the sale to AmCareco. On September 30, 2004 and October 15, 2004, respectively, the AmCare-TX receiver and the AmCare-OK receiver intervened in the pending AmCare-LA litigation in Louisiana. Thereafter, all three receivers amended their complaints to assert essentially the same claims against us and successfully moved to consolidate their three actions in the Louisiana state court proceeding. The Texas state court ultimately stayed the Texas action and ordered that the parties submit quarterly reports to the Texas court regarding the status of the consolidated Louisiana litigation. On November 3, 2008, the Texas state court ordered the parties to submit an agreed scheduling order setting a trial of the AmCare-OK and AmCare-TX receivers’ claims no later than the week of June 15, 2009. We objected because the effect of the Louisiana trial court judgments is to bar and one of the Louisiana court of appeal rulings expressly precludes further litigation in Texas. The Texas court ordered the parties to include a briefing schedule on this objection in the scheduling order.

On June 16, 2005, a consolidated trial of the claims asserted against us by the three receivers commenced in state court in Baton Rouge, Louisiana. The claims of the receiver for AmCare-TX were tried before a jury and the claims of the receivers for the AmCare-LA and AmCare-OK were tried before the judge in the same proceeding. On June 30, 2005, the jury considering the claims of the receiver for AmCare-TX returned a verdict against us in the amount of $117.4 million, consisting of $52.4 million in compensatory damages and $65 million in punitive damages. The Court later reduced the compensatory and punitive damages awards to $36.7 million and $45.5 million, respectively and entered judgments in those amounts on November 3, 2005. We thereafter filed a motion for suspensive appeal and posted the required security as required by law.

The proceedings regarding the claims of the receivers for AmCare-LA and AmCare-OK concluded on July 8, 2005. On November 4, 2005, the Court issued separate judgments on those claims that awarded $9.5 million in compensatory damages to AmCare-LA and $17 million in compensatory damages to AmCare-OK, respectively. The Court later denied requests by AmCare-LA and AmCare-OK for attorneys’ fees and punitive damages. We thereafter filed motions for suspensive appeals in connection with both judgments and posted the required security as required by law, and the receivers for AmCare-LA and AmCare-OK each appealed the orders denying them attorneys’ fees and punitive damages. Our appeals of the judgments in all three cases have been consolidated in the Louisiana Court of Appeal. On January 17, 2007, the Court of Appeal vacated on procedural grounds the trial court’s judgments denying the AmCare-LA and AmCare-OK claims for attorney fees and punitive damages, and referred those issues instead to be considered with the merits of the main appeal pending before it. The Court of Appeal also has considered and ruled on various other preliminary procedural issues related to the main appeal. Oral argument on the appeals was held on October 4, 2007. We are currently waiting on decisions to be rendered by the Court on the various appeals.

20

On November 3, 2006, we filed a complaint in the U.S. District Court for the Middle District of Louisiana and simultaneously filed an identical suit in the 19th Judicial District Court in East Baton Rouge Parish seeking to nullify the three judgments that were rendered against us on the grounds of ill practice which resulted in the judgments entered. We have alleged that the judgments and other prejudicial rulings rendered in these cases were the result of impermissible ex parté contacts between the receivers, their counsel and the trial court during the course of the litigation. Preliminary motions and exceptions have been filed by the receivers for AmCare-TX, AmCare-OK and AmCare-LA seeking dismissal of our claim for nullification on various grounds. The federal magistrate, after considering the briefs of the parties, found that Health Net had a reasonable basis to infer possible impropriety based on the facts alleged, but also found that the federal court lacked jurisdiction to hear the nullity action and recommended that the suit be dismissed. The federal judge dismissed Health Net’s federal complaint and Health Net appealed to the U.S. Fifth Circuit Court of Appeals. On July 8, 2008, the Fifth Circuit issued an opinion affirming the district court’s dismissal of the federal complaint, albeit on different legal grounds from those relied upon by the district court. The state court nullity action has been stayed pending the resolution of Health Net’s jurisdictional appeal in the federal action.

We have vigorously contested all of the claims asserted against us by the plaintiffs in the consolidated Louisiana actions since they were first filed. We intend to vigorously pursue all avenues of redress in these cases, including the actions for nullification, post-trial motions and appeals, and the prosecution of our pending but stayed cross-claims against other parties. During the three months ended June 30, 2005, we recorded a pretax charge of $15.9 million representing the estimated legal defense costs for this litigation.

These proceedings are subject to many uncertainties, and, given their complexity and scope, their outcome, including the outcome of any appeal, cannot be predicted at this time. It is possible that in a particular quarter or annual period our results of operations, cash flow and/or liquidity could be materially affected by an ultimate unfavorable resolution of these proceedings depending, in part, upon the results of operations or cash flow for such period. However, at this time, management believes that the ultimate outcome of these proceedings should not have a material adverse effect on our financial condition.

Litigation Relating to Rescission of Policies

In recent years, there has been growing public attention in California to the practices of health plans and health insurers involving the rescission of members’ policies for misrepresenting their health status on applications for coverage. On October 23, 2007, the California Department of Managed Health Care (DMHC) and the California Department of Insurance (DOI) announced their intention to issue joint regulations limiting the rights of health plans and insurers to rescind coverage. The DMHC has issued draft proposed regulations but has not formally promulgated any regulations to date. The DOI has not issued any proposed regulations. In addition, effective January 1, 2008, newly enacted legislation in California requires health plans and insurers to pay health care providers who, under certain circumstances, have rendered services to members whose policies are subsequently rescinded. The issue of rescissions has also attracted increasing media attention, and both the DMHC and the DOI have been conducting surveys of the rescission practices of health plans, including ours. Other government agencies, including the Attorney General of California, are investigating, or have indicated that they may be interested in investigating, rescissions and related activities.

On February 20, 2008, the Los Angeles City Attorney filed a complaint against Health Net in the Los Angeles Superior Court relating to our underwriting practices and rescission of certain individual policies. The complaint seeks equitable relief and civil penalties for, among other things, alleged false advertising, violations of unfair competition laws and violations of the California Penal Code.

We are party to arbitrations and litigation, including a putative class action lawsuit filed in April 2008 in Los Angeles Superior Court, in which rescinded members allege that we unlawfully rescinded their coverage. The lawsuits generally seek to recover the cost of medical services that were not paid for as a result of the rescission, and in some cases they also seek damages for emotional distress, attorney fees and punitive damages.

21

On February 21, 2008, we received an arbitration decision in a case involving the rescission of an individual insurance policy. The arbitration decision ordered us to pay approximately $9.4 million in medical service costs, emotional distress and punitive damages together with attorney’s fees in an amount to be awarded at a later date. In the three months ended June 30, 2008, we paid $9.5 million to the plaintiff, including attorney fees.

We intend to defend ourselves vigorously in each of the cases involving rescission. The cases are subject to many uncertainties, and, given their complexity and scope, their final outcome cannot be predicted at this time. It is possible that in a particular quarter or annual period our results of operations, financial condition and/or liquidity could be materially and adversely affected by an ultimate unfavorable resolution of these cases.

Miscellaneous Proceedings

We have been the subject of a regulatory investigation in New Jersey related principally to the timeliness and accuracy of our claims payment practices for services rendered by out-of-network providers. The regulatory investigation included an audit of our claims payment practices for services rendered by out-of-network providers for 1996 through 2005 in New Jersey. The New Jersey Department of Banking and Insurance (DOBI) informed us that, based on the results of the audit, it would require us to remediate certain claims payments for this period and would assess a regulatory fine against us. On August 26, 2008, we entered into a consent order with DOBI and agreed to remediate certain claims and pay a $13 million fine. We completed remediation of the claims as of August 1, 2008. A portion of the $296.8 million charge that we recorded in the third quarter of 2007 relates to the remediation of the New Jersey claims and the fine assessed by DOBI.

On February 13, 2008, the New York Attorney General (NYAG) announced that his office was conducting an industry-wide investigation into the manner in which health insurers calculate “usual, customary and reasonable” charges for purposes of reimbursing members for out-of-network medical services. The NYAG’s office issued subpoenas to 16 health insurance companies, including us, in connection with this investigation. As described by the NYAG in a press conference on February 13, 2008, the threatened claims appear to be similar in part to those asserted by the plaintiffs in the McCoy, Wachtel and Scharfman cases described above. We are in the process of responding to the subpoena and are cooperating with the NYAG as appropriate in his investigation. On March 28, 2008, we received a request for voluntary production from the Connecticut Attorney General that sought information similar to that subpoenaed by the NYAG. We are in the process of responding to the request and are cooperating with the Connecticut Attorney General as appropriate in his investigation.

In the ordinary course of our business operations, we are also subject to periodic reviews by various regulatory agencies with respect to our compliance with a wide variety of rules and regulations applicable to our business, including, without limitation, rules relating to pre-authorization penalties, payment of out-of-network claims and timely review of grievances and appeals, which may result in remediation of certain claims and the assessment of regulatory fines or penalties.

In addition, in the ordinary course of our business operations, we are also party to various other legal proceedings, including, without limitation, litigation arising out of our general business activities, such as contract disputes, employment litigation, wage and hour claims, real estate and intellectual property claims, claims brought by members seeking coverage or additional reimbursement for services allegedly rendered to our members, but which allegedly were either denied, underpaid or not paid, and claims arising out of the acquisition or divestiture of various business units or other assets. We are also subject to claims relating to the performance of contractual obligations to providers, members, employer groups and others, including the alleged failure to properly pay claims and challenges to the manner in which we process claims. In addition, we are subject to claims relating to the insurance industry in general, such as claims relating to reinsurance agreements and rescission of coverage and other types of insurance coverage obligations.

These other regulatory and legal proceedings are subject to many uncertainties, and, given their complexity and scope, their final outcome cannot be predicted at this time. It is possible that in a particular quarter or annual

22

period our results of operations and cash flow could be materially affected by an ultimate unfavorable resolution of any or all of these other regulatory and legal proceedings depending, in part, upon the results of operations or cash flow for such period. However, at this time, management believes that the ultimate outcome of all of these other regulatory and legal proceedings that are pending, after consideration of applicable reserves and potentially available insurance coverage benefits, should not have a material adverse effect on our financial condition and liquidity.

Potential Settlements

We regularly evaluate litigation matters pending against us, including those described above, to determine if settlement of such matters would be in the best interests of the Company and its stockholders. The costs associated with any such settlement could be substantial and, in certain cases, could result in a significant earnings charge in any particular quarter in which we enter into a settlement agreement. We have recorded reserves and accrued costs for future legal costs for certain significant matters described above. These reserves and accrued costs represent our best estimate of probable loss, including related future legal costs for such matters, both known and incurred but not reported, although our recorded amounts might ultimately be inadequate to cover such costs. Therefore, the costs associated with the various litigation matters to which we are subject and any earnings charge recorded in connection with a settlement agreement could have a material adverse effect on our financial condition or results of operations.

23

Item 2. Management’s Discussion and Analysis of Financial Condition and Results of Operations.

CAUTIONARY STATEMENTS

The following discussion and other portions of this Quarterly Report on Form 10-Q contain “forward-looking statements” within the meaning of Section 21E of the Securities Exchange Act of 1934, as amended (Exchange Act), and Section 27A of the Securities Act of 1933, as amended, regarding our business, financial condition and results of operations. We intend such forward-looking statements to be covered by the safe harbor provisions for forward-looking statements contained in the Private Securities Litigation Reform Act of 1995, and we are including this statement for purposes of complying with these safe-harbor provisions. These forward-looking statements involve risks and uncertainties. All statements other than statements of historical information provided or incorporated by reference herein may be deemed to be forward-looking statements. Without limiting the foregoing, the words “believes,” “anticipates,” “plans,” “expects,” “may,” “should,” “could,” “estimate” and “intend” and other similar expressions are intended to identify forward-looking statements. Managed health care companies operate in a highly competitive, constantly changing environment that is significantly influenced by, among other things, aggressive marketing and pricing practices of competitors and regulatory oversight. Factors that could cause our actual results to differ materially from those reflected in forward-looking statements include, but are not limited to, the factors set forth under the heading “Risk Factors” in this report and in our Form 10-K and the risks discussed in our other filings from time to time with the SEC.

Any or all forward-looking statements in this Form 10-Q and in any other public filings or statements we make may turn out to be wrong. They can be affected by inaccurate assumptions we might make or by known or unknown risks and uncertainties. Many of the factors discussed in our filings with the SEC will be important in determining future results. These factors should be considered in conjunction with any discussion of operations or results by us or our representatives, including any forward-looking discussion, as well as comments contained in press releases, presentations to securities analysts or investors or other communications by us. You should not place undue reliance on any forward-looking statements, which reflect management’s analysis, judgment, belief or expectation only as of the date thereof. Except as may be required by law, we undertake no obligation to publicly update or revise any forward-looking statements to reflect events or circumstances that arise after the date of this report.

This Management’s Discussion and Analysis of Financial Condition and Results of Operations should be read in its entirety since it contains detailed information that is important to understanding Health Net, Inc. and its subsidiaries’ results of operations and financial condition.

OVERVIEW

General

We are an integrated managed care organization that delivers managed health care services through health plans and government sponsored managed care plans. We are among the nation’s largest publicly traded managed health care companies. Our mission is to help people be healthy, secure and comfortable. We provide health benefits to approximately 6.7 million individuals across the country through group, individual, Medicare (including the Medicare prescription drug benefit commonly referred to as “Part D”), Medicaid, TRICARE and Veterans Affairs programs. Our behavioral health services subsidiary, MHN, provides behavioral health, substance abuse and employee assistance programs to approximately 7.0 million individuals, including our own health plan members. Our subsidiaries also offer managed health care products related to prescription drugs, and offer managed health care product coordination for multi-region employers and administrative services for medical groups and self-funded benefits programs.

Summary of Key Financial Results

Total revenues increased by $186.9 million, or 5%, in the three months ended September 30, 2008 and by $972.1 million, or 9%, in the nine months ended September 30, 2008 as compared to the same periods in 2007.

24

These increases were primarily driven by 3% and 6% increases in our health plan services premiums on a per member per month (PMPM) basis in the three and nine months ended September 30, 2008, respectively, and 10% and 11% increases in our government contracts revenue from our TRICARE contract in the three and nine months ended September 30, 2008, respectively, as compared to the same periods in 2007. The increases in the revenues of our operating segments were partially offset by decreases in our net investment income in the three and nine months ended September 30, 2008 as compared to the same periods in 2007. The investment income decrease was primarily due to a $14.6 million other-than-temporary impairments write-down of our investment holdings in the three months ended September 30, 2008.

Our diluted earnings per share for the three and nine months ended September 30, 2008 were $0.17 and $0.55, respectively, compared with $(0.93) and $0.67, respectively, for the same periods in 2007. Our pretax margin was 0.7% and 0.8% for the three and nine months ended September 30, 2008, respectively, compared with (3.3)% and 1.6%, respectively, for the same periods in 2007. Our operating results for the three and nine months ended September 30, 2008 included $32 million and $127 million, respectively, of pretax charges related to realized losses from other-than-temporary impairment of investment securities and money market fund, operations strategy, and regulatory-related matters. Also included in the operating results for the three and nine months ended September 30, 2008 is $108 million and $202 million, respectively, of unfavorable prior period reserve development and higher than expected health care costs. Our operating results for the three and nine months ended September 30, 2007 include $297 million of charges related to litigation and regulatory-related matters.

Our total health plan membership remained relatively stable at 3,742,000 members at September 30, 2008 as compared to 3,746,000 at September 30, 2007. A decrease of 190,000 commercial and ASO members and 41,000 Medicaid members was partially offset by a 227,000 increase in Medicare Advantage and Medicare Part D stand-alone plan (Medicare Part D) members.

Our cash flows from operations decreased to a negative $(105.4) million for the nine months ended September 30, 2008 from a positive $348.5 million for the same period in 2007 primarily due to $264 million of payments related to our operations strategy and legal and regulatory-related matters.

How We Report Our Results

We currently operate within two reportable segments, Health Plan Services and Government Contracts, each of which is described below.

Our Health Plan Services reportable segment includes the operations of our commercial, Medicare (including the Medicare prescription drug benefit commonly referred to as “Part D”) and Medicaid health plans, the operations of our health and life insurance companies, and our behavioral health and pharmaceutical services subsidiaries. We have approximately 3.7 million members, including Medicare Part D members and ASO members in our Health Plan Services segment.

Our Government Contracts segment includes our government-sponsored managed care federal contract with the U.S. Department of Defense (the Department of Defense) under the TRICARE program in the North Region and other health care related government contracts. Under the TRICARE contract for the North Region, we provide health care services to approximately 3.0 million Military Health System (MHS) eligible beneficiaries (active duty personnel and TRICARE/Medicare dual eligible beneficiaries), including 1.8 million TRICARE eligibles for whom we provide health care and administrative services and 1.2 million other MHS-eligible beneficiaries for whom we provide ASO.

How We Measure Our Profitability

Our profitability depends in large part on our ability to, among other things, effectively price our health care products; manage health care costs, including reserve estimates and pharmacy costs; contract with health care providers; attract and retain members; and manage our general and administrative (G&A) and selling expenses. In addition, factors such as regulation, competition and general economic conditions affect our operations and

25

profitability. The effect of escalating health care costs, as well as any changes in our ability to negotiate competitive rates with our providers, may impose further risks to our ability to profitably underwrite our business, and may have a material impact on our business, financial condition or results of operations.

We measure our Health Plan Services segment profitability based on MCR and pretax income. The MCR is calculated as health plan services expense (excluding depreciation and amortization) divided by health plan services premiums. The pretax income is calculated as health plan services premiums and administrative services fees and other income less health plan services expense and G&A and other net expenses. See “—Results of Operations—Table of Summary Financial Information” for a calculation of our MCR and “—Results of Operations—Health Plan Services Segment Results” for a calculation of our pretax income.

Health plan services premiums include HMO, POS and PPO premiums from employer groups and individuals and from Medicare recipients who have purchased supplemental benefit coverage (which premiums are based on a predetermined prepaid fee), Medicaid revenues based on multi-year contracts to provide care to Medicaid recipients, and revenue under Medicare risk contracts, including Medicare Part D, to provide care to enrolled Medicare recipients. Medicare revenue can also include amounts for risk factor adjustments (see Note 2 to our consolidated financial statements). The amount of premiums we earn in a given year is driven by the rates we charge and enrollment levels. Administrative services fees and other income primarily include revenue for administrative services such as claims processing, customer service, medical management, provider network access and other administrative services. Health plan services expense includes medical and related costs for health services provided to our members, including physician services, hospital and related professional services, outpatient care, and pharmacy benefit costs. These expenses are impacted by unit costs and utilization rates. Unit costs represent the health care cost per visit, and the utilization rates represent the volume of health care consumption by our members.

G&A expenses include those costs related to employees and benefits, consulting and professional fees, marketing, premium taxes and assessments, occupancy costs and litigation and regulatory-related costs. Such costs are driven by membership levels, introduction of new products, system consolidations, outsourcing activities and compliance requirements for changing regulations. These expenses also include expenses associated with corporate shared services and other costs to reflect the fact that such expenses are incurred primarily to support the Health Plan Services segment. Selling expenses consist of external broker commission expenses and generally vary with premium volume.

We measure our Government Contracts segment profitability based on government contracts cost ratio and pretax income. The government contracts cost ratio is calculated as government contracts cost divided by government contracts revenue. The pretax income is calculated as government contracts revenue less government contracts cost. See “—Results of Operations—Table of Summary Financial Information” for a calculation of our government contracts cost ratio and “—Results of Operations—Government Contracts Segment Results” for a calculation of our pretax income.

Government Contracts revenue is made up of two major components: health care and administrative services. The health care component includes revenue recorded for health care costs for the provision of services to our members, including paid claims and estimated incurred but not reported claims (IBNR) expenses for which we are at risk, and underwriting fees earned for providing the health care and assuming underwriting risk in the delivery of care. The administrative services component encompasses fees received for all other services provided to both the government customer and to beneficiaries, including services such as medical management, claims processing, enrollment, customer services and other services unique to the managed care support contract with the government. Government Contracts revenue and expenses include the impact from underruns and overruns relative to our target cost under the applicable contracts (see Note 2 to our consolidated financial statements).

Recent Developments

On November 4, 2008, we announced several changes in senior management. Effective immediately, Jay Gellert, our President and Chief Executive Officer, will focus his efforts on the Company’s strategy and James

26

Woys, our Chief Operating Officer, will assume responsibility for all of the Company’s operational matters. In addition, we announced that Stephen Lynch, President of the Company’s Health Plan Division, will retire effective February 28, 2009. Mr. Lynch will serve as Special Advisor, Health Plan Division and report to Mr. Woys during this transition.

RESULTS OF OPERATIONS

Table of Summary Financial Information

The table below and the discussion that follows summarize our results of operations for the three and nine months ended September 30, 2008 and 2007.

	Three Months Ended September 30,						Nine Months Ended September 30,
	2008			2007			2008			2007
	(Dollars in thousands, except per share and PMPM data)
REVENUES
Health plan services premiums	$	3,072,717		$	2,930,151		$	9,309,873		$	8,518,596
Government contracts		724,323			660,394			2,083,657			1,882,254
Net investment income		10,204			29,298			66,506			88,546
Administrative services fees and other income		11,607			12,085			37,071			35,622
Total revenues		3,818,851			3,631,928			11,497,107			10,525,018
EXPENSES
Health plan services (excluding depreciation and amortization)		2,689,790			2,631,211			8,133,259			7,353,564
Government contracts		687,848			613,345			1,983,680			1,750,962
General and administrative		294,178			397,168			943,931			958,456
Selling		93,232			91,524			268,067			237,495
Depreciation		12,352			7,956			28,238			21,466
Amortization		4,903			4,782			14,369			7,918
Interest		10,413			7,401			32,386			24,785
Total expenses		3,792,716			3,753,387			11,403,930			10,354,646
Income (loss) from operations before income taxes		26,135			(121,459	)		93,177			170,372
Income tax provision (benefit)		7,665			(17,614	)		33,709			93,602
Net income (loss)	$	18,470		$	(103,845	)	$	59,468		$	76,770
Net income (loss) per share:
Basic	$	0.17		$	(0.93	)	$	0.55		$	0.69
Diluted	$	0.17		$	(0.93	)	$	0.55		$	0.67
Pretax margin		0.7	%		(3.3	)%		0.8	%		1.6	%
Health plan services medical care ratio (MCR) (a)		87.5	%		89.8	%		87.4	%		86.3	%
Government contracts cost ratio (b)		95.0	%		92.9	%		95.2	%		93.0	%
G&A expense ratio (c)		9.5	%		13.5	%		10.1	%		11.2	%
Selling costs ratio (d)		3.0	%		3.1	%		2.9	%		2.8	%
Health plan services premiums per member per month (PMPM) (e)	$	276.29		$	267.64		$	277.24		$	262.42
Health plan services costs PMPM (e)	$	241.86		$	240.33		$	242.20		$	226.53

(a) MCR is calculated as health plan services cost divided by health plan services premiums revenue.

(b) Government contracts cost ratio is calculated as government contracts cost divided by government contracts revenue.

(c) The G&A expense ratio is computed as G&A expenses divided by the sum of health plan services premiums and administrative services fees and other income.

(d) The selling costs ratio is computed as selling expenses divided by health plan services premiums revenue.

(e) PMPM is calculated based on total at-risk member months and excludes ASO member months.

27

Consolidated Segment Results

The following table summarizes the operating results of our reportable segments for the three and nine months ended September 30, 2008 and 2007:

	Three Months Ended September 30,						Nine Months Ended September 30,
	2008			2007			2008			2007
	(Dollars in millions)
Pretax (loss) income:
Health Plan Services segment	$	(10.4	)	$	(168.5	)	$	(6.8	)	$	39.1
Government Contracts segment		36.5			47.0			100.0			131.3
Income (loss) from operations before income taxes	$	26.1		$	(121.5	)	$	93.2		$	170.4

Health Plan Services Segment Membership

The following table below summarizes our health plan membership information by program and by state at September 30, 2008 and 2007:

	Commercial		ASO		Medicare		Medicaid		Health Plan Total
	2008	2007	2008	2007	2008	2007	2008	2007	2008	2007
	(Membership in thousands)
Arizona	130	136	—	—	67	49	—	—	197	185
California	1,385	1,469	5	5	131	112	742	698	2,263	2,284
Connecticut	143	164	25	54	57	44	—	87	225	349
New Jersey	75	90	4	18	—	—	46	44	125	152
New York	208	231	11	13	6	9	—	—	225	253
Oregon	137	133	—	—	22	21	—	—	159	154
Other states	—	—	—	—	10	4	—	—	10	4
	2,078	2,223	45	90	293	239	788	829	3,204	3,381
Medicare Part D	—	—	—	—	538	365	—	—	538	365
Total	2,078	2,223	45	90	831	604	788	829	3,742	3,746

Our total health plan membership decreased by 4,000, or 0.1%, from September 30, 2007 to September 30, 2008. The decrease in membership was primarily driven by a decline of 145,000 commercial members, 45,000 ASO members and 41,000 Medicaid members, partially offset by the addition of 173,000 Medicare Part D members and 54,000 Medicare Advantage members.

Membership in our commercial health plans decreased by 145,000 members, or 7%, at September 30, 2008 compared to September 30, 2007. This decrease was primarily attributable to our California plan, which experienced a decline of 84,000 commercial members, and Northeast plans, which experienced a loss of 59,000 commercial members, mostly in the large group. Our ASO enrollment declined by 45,000 members, or 50%, at September 30, 2008 compared to September 30, 2007 due to membership losses in our Northeast plans.

Membership in our Medicare Advantage program increased by 54,000 members, or 23%, at September 30, 2008 compared to September 30, 2007 due to membership growth primarily in California of 19,000 members, Arizona of 18,000 members and Connecticut of 13,000 members. Our Medicare Part D membership increased by 173,000 members, or 47%, at September 30, 2008 compared to September 30, 2007.

We participate in state Medicaid programs in California and New Jersey. California membership, where the program is known as Medi-Cal, represents 94% of our Medicaid membership at September 30, 2008. Membership in our Medicaid programs decreased by 41,000 members at September 30, 2008 compared to September 30, 2007 due to our withdrawal from the Connecticut Medicaid Program, which had 87,000 members at September 30, 2007, partially offset by a gain of 44,000 members in California due to higher enrollment in Fresno and San Diego counties and in the Healthy Families program.

28

Health Plan Services Segment Results

The following table summarizes the operating results for our health plan services segment for the three and nine months ended September 30, 2008 and September 30, 2007, respectively. Effective May 31, 2007, we purchased a 50% interest in the Healthcare Solutions (HCS) business from the Guardian Life Insurance Company of America. As a result, our health plan services premium revenue, health plan services costs and G&A expenses, and related metrics, for the three and nine months ended September 30, 2008 include 100% contribution from the HCS business.

	Three Months Ended September 30,						Nine Months Ended September 30,
	2008			2007			2008			2007
	(Dollars in millions, except PMPM data)
Health Plan Services segment:
Commercial premium revenue	$	1,951.5		$	1,923.1		$	5,873.8		$	5,520.6
Medicare premium revenue		859.2			704.4			2,651.3			2,102.6
Medicaid premium revenue		262.0			302.7			784.8			895.4
Health plan services premium revenues	$	3,072.7		$	2,930.2		$	9,309.9		$	8,518.6
Health plan services costs		(2,689.8	)		(2,631.2	)		(8,133.3	)		(7,353.6	)
Net investment income		10.2			29.3			66.5			88.5
Administrative services fees and other income		11.6			12.1			37.1			35.6
G&A		(294.2	)		(397.2	)		(943.9	)		(958.4	)
Selling		(93.2	)		(91.5	)		(268.1	)		(237.5	)
Amortization and depreciation		(17.3	)		(12.8	)		(42.6	)		(29.3	)
Interest		(10.4	)		(7.4	)		(32.4	)		(24.8	)
Pretax (loss) income	$	(10.4	)	$	(168.5	)	$	(6.8	)	$	39.1
MCR:		87.5	%		89.8	%		87.4	%		86.3	%
Commercial		86.7	%		93.2	%		86.5	%		87.1	%
Medicare		89.9	%		83.8	%		90.4	%		85.7	%
Medicaid		85.9	%		82.1	%		83.7	%		83.0	%
Health plan services premium PMPM	$	276.29		$	267.64		$	277.24		$	262.42
Health plan services costs PMPM	$	241.86		$	240.33		$	242.20		$	226.53
G&A expense ratio		9.5	%		13.5	%		10.1	%		11.2	%
Selling costs ratio		3.0	%		3.1	%		2.9	%		2.8	%

Health Plan Services Premiums

Total health plan services premiums increased by $142.5 million, or 5%, for the three months ended September 30, 2008 and by $791.3 million, or 9%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. On a PMPM basis, premiums increased by 3% for the three months ended September 30, 2008 and by 6% for the nine months ended September 30, 2008 as compared to the same periods in 2007.

Commercial premium revenues increased by $28.4 million, or 2%, for the three months ended September 30, 2008 and by $353.2 million, or 6%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. The commercial premium PMPM increased by 8% and 9% for the three and nine months ended September 30, 2008, respectively, as compared to the same periods in 2007. These increases were primarily attributable to our ongoing pricing discipline and premium rate increases, partially offset by decreases in our membership.

Medicare premiums increased by $154.8 million, or 22%, for the three months ended September 30, 2008 and by $548.7 million, or 26%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. These increases were primarily due to an increase in members participating in the Medicare Advantage

29

and Medicare Part D prescription drug program. In addition, we recognized $20.2 million and $26.9 million of Medicare risk factor estimates in our health plan services premium revenues in the three months ended September 30, 2008 and 2007, respectively, and $109.5 million and $76.1 million of Medicare risk factor estimates in our health plan services premium revenues in the nine months ended September 30, 2008 and 2007, respectively.

Medicaid premiums decreased by $40.7 million, or 13%, for the three months ended September 30, 2008 and by $110.6 million, or 12%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. These decreases were primarily due to a decrease in Connecticut Medicaid membership. We served the Connecticut Medicaid members on an ASO basis through the end of the first quarter of 2008, and we completed our exit from the Connecticut Medicaid program in April 2008. We recognized approximately $50.0 million and $145.1 million of premium revenue from our Connecticut Medicaid program during the three and nine months ended September 30, 2007, respectively.

Health Plan Services Costs

Health plan services costs increased by $58.6 million, or 2%, for the three months ended September 30, 2008 and by $779.7 million, or 11%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. Health plan MCR was 87.5% for the three months ended September 30, 2008 and 87.4% for the nine months ended September 30, 2008 as compared to 89.8% and 86.3% for the same periods in 2007, respectively. On a PMPM basis, health care costs increased by 1% for the three months ended September 30, 2008 and 7% for the nine months ended September 30, 2008 as compared to the same periods in 2007.

Our commercial MCR for the three months ended September 30, 2008 decreased to 86.7% from 93.2% for the same period in 2007. Our commercial MCR decreased to 86.5% from 87.1% for the nine months ended September 30, 2008 compared to the same period in 2007. Negative prior period reserve development of $39 million and higher than expected health care costs have impacted our commercial MCR for the three and nine months ended September 30, 2008. Our commercial MCR for the three and nine months ended September 30, 2007 is impacted by a $202 million charge for claims-related matters, class disbursements and remediation. The increase in the commercial health care cost trend on a PMPM basis was 0.2% and 8% for the three and nine months ended September 30, 2008, respectively, over the same periods in 2007. On a PMPM basis, physician and hospital costs rose 6% and 10%, respectively, and pharmacy costs rose 12% for the three months ended September 30, 2008 over the same period in 2007. Physician and hospital costs rose 12% and 13%, respectively, and pharmacy costs rose 13% for the nine months ended September 30, 2008 over the same period in 2007.

Our Medicare MCR, including Medicare Advantage and Part D, increased to 89.9% and to 90.4% for the three and nine months ended September 30, 2008, respectively, from 83.8% and 85.7% for the three and nine months ended September 30, 2007, respectively. These increases were primarily driven by higher inpatient and outpatient hospital and pharmacy costs and utilization. Medicare Advantage health care cost PMPM increased by 5% and 6% for the three and nine months ended September 30, 2008, respectively, as compared to the same periods in 2007. Part D health care cost PMPM increased by 8% for the three months ended September 30, 2008 compared to the same period in 2007, and was relatively flat for the nine months ended September 30, 2008 compared to the same period in 2007. We also recognized $4.4 million and $7.1 million of capitation expense related to the Medicare risk factor estimates in our health plan services costs in the three months ended September 30, 2008 and 2007, respectively, and $27.9 million and $22.1 million of capitation expense in the nine months ended September 30, 2008 and 2007, respectively.

Our Medicaid MCR increased to 85.9% and 83.7% for the three and nine months ended September 30, 2008, respectively, from 82.1% and 83.0% for the three and nine months ended September 30, 2007, respectively, primarily due to the decrease in the premium yield outpacing the decrease in the health care cost trend. Medicaid health care cost PMPM decreased by 5% in each of the three and nine months ended September 30, 2008, respectively, over the same periods in 2007 primarily due to the conversion of our Connecticut Medicaid contract to the ASO funding type during the three months ended March 31, 2008 and our ultimate exit from the Connecticut Medicaid program in April 2008.

30

Administrative Services Fees and Other Income

Administrative services fees and other income decreased by $0.5 million, or 4%, for the three months ended September 30, 2008 and increased by $1.5 million, or 4%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. The increase in the nine months ended September 30, 2008 was primarily due to $8.0 million in amortization of participation fees related to our amortizing financing facility, partially offset by a $3.4 million asset impairment related to a small, non-core subsidiary, and a $3.2 million decline in ASO fees primarily due to membership losses in our Northeast plans.

Net Investment Income

Net investment income decreased by $19.1 million, or 65%, for the three months ended September 30, 2008 and by $22.0 million, or 25%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. This decrease was primarily due to a $14.6 million loss from other-than-temporary impairments in our available-for-sale investments and money market fund recognized in the three months ended September 30, 2008.

General, Administrative and Other Costs

G&A expense decreased by $103.0 million, or 26%, for the three months ended September 30, 2008 and by $14.5 million, or 2%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. The decreases in the G&A expense were primarily due to operations strategy and litigation and regulatory-related charges of $17 million and $66 million for the three and nine months ended September 30, 2008, respectively. Litigation and regulatory related charges were $95 million for the three and nine months ended September 30, 2007. Our G&A expense ratio decreased to 9.5% from 13.5% for the three months ended September 30, 2008 compared to the same period in 2007, and decreased to 10.1% from 11.2% for the nine months ended September 30, 2008 compared to the same period in 2007.

The selling costs ratio decreased to 3.0% for the three months ended September 30, 2008 from 3.1% for the same period in 2007. The selling costs ratio for the nine months ended September 30, 2008 increased to 2.9% from 2.8% for the same period in 2007. These changes are a function of changes in our membership mix between large group and small and individual group members, and the growth of our Medicare Advantage business.

Amortization and depreciation expense increased by $4.5 million and by $13.3 million for the three and nine months ended September 30, 2008, respectively, as compared to the same periods in 2007. The increases were primarily due to property and equipment purchased during the third quarter of 2008, the addition of new assets placed in production related to various information technology system projects and the amortization of intangible assets from the purchase of the HCS business.

Interest expense increased by $3.0 million, or 41%, for the three months ended September 30, 2008 and by $7.6 million, or 31%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. The increases were primarily due to increased borrowings on our revolving credit facility and amortization of the discount on our amortizing financing facility completed in December 2007, partially offset by interest on our bridge loan paid off in March 2007 and term loan paid off in May 2007.

Government Contracts Segment Membership

Under our TRICARE contract for the North Region, we provided health care services to approximately 3.0 million eligible beneficiaries in the Military Health System (MHS) as of September 30, 2008 and approximately 2.9 million eligible beneficiaries as of September 30, 2007. Included in the 3.0 million eligibles as of September 30, 2008 were 1.8 million TRICARE eligibles for whom we provide health care and administrative services and 1.2 million other MHS-eligible beneficiaries for whom we provide administrative services only. As of September 30, 2008, there were approximately 1.5 million TRICARE eligibles enrolled in TRICARE Prime under our North Region contract.

31

In addition to the 3.0 million eligible beneficiaries that we service under the TRICARE contract for the North Region, we administer contracts with the U.S. Department of Veterans Affairs to manage community based outpatient clinics in nine states covering approximately 24,000 enrollees.

Government Contracts Segment Results

The following table summarizes the operating results for the Government Contracts segment for the three and nine months ended September 30, 2008 and 2007:

	Three Months Ended September 30,						Nine Months Ended September 30,
	2008			2007			2008			2007
	(Dollars in millions)
Government Contracts segment:
Revenues	$	724.3		$	660.4		$	2,083.7		$	1,882.3
Costs		687.8			613.4			1,983.7			1,751.0
Pretax income	$	36.5		$	47.0		$	100.0		$	131.3
Government Contracts Ratio		95.0	%		92.9	%		95.2	%		93.0	%

Government Contracts revenues increased by $63.9 million, or 10%, for the three months ended September 30, 2008 and by $201.4 million, or 11%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. Government Contracts costs increased by $74.5 million, or 12%, for the three months ended September 30, 2008 and by $232.7 million, or 13%, for the nine months ended September 30, 2008 as compared to the same periods in 2007. For the three months ended September 30, 2008, these increases were primarily due to an increase in health care cost trends for Option Period 5 as compared to the trends for Option Periods 3 and 4. For the nine months ended September 30, 2008, these increases were primarily due to an increase in health care cost trends for Option Periods 4 and 5 as compared to the trends for Option Periods 3 and 4.

Our TRICARE contract for the North Region includes a target cost and price for reimbursed health care costs, which is negotiated annually during the term of the contract with underruns and overruns of our target cost borne 80% by the government and 20% by us. In the normal course of contracting with the federal government, we recognize changes in our estimate for the target cost underruns and overruns when the amounts become determinable, supportable, and the collectibility is reasonably assured. During the three and nine months ended September 30, 2008, we recognized increases in revenues of $48 million and $48 million, respectively, and increases in costs of $62 million and $61 million, respectively. During the three and nine months ended September 30, 2007, we recognized an increase in revenues of $10 million and a decrease in revenues of $61 million, respectively, and decreases in costs of $7 million and $95 million, respectively.

The Government contracts ratio increased by 210 basis points for the three months ended September 30, 2008 as compared to the same periods in 2007. The Government contracts ratio increased by 220 basis points for the nine months ended September 30, 2008 as compared to the same period in 2007. These increases were primarily due to favorable Option Period 3 health care costs that impacted 2007.

Income Tax Provision

Our income tax expense and the effective income tax rate for the three and nine months ended September 30, 2008 and 2007 are as follows:

	Three Months Ended September 30,						Nine Months Ended September 30,
	2008			2007			2008			2007
	(Dollars in millions)
Income tax expense (benefit)	$	7.7		$	(17.6	)	$	33.7		$	93.6
Effective income tax rate		29.3	%		14.5	%		36.2	%		54.9	%

32

The effective income tax rate differs from the statutory federal tax rate of 35% in each period due primarily to state income taxes, tax-exempt investment income, interest on uncertain tax positions, and in the three months ended September 30, 2007, tax impacts from certain unusual events as described below.

The effective tax rates for the three months and nine months ended September 30, 2008 improved relative to the same periods in 2007 due to unusual and unfavorable tax impacts in the three months ended September 30, 2007. The unfavorable tax impacts arose from expenses associated with litigation matters and an increase in a deferred tax asset valuation allowance.

LIQUIDITY AND CAPITAL RESOURCES

Market and Economic Conditions

In the U.S., recent market and economic conditions have been unprecedented and challenging with tighter credit conditions and slower growth through the third quarter of 2008. Continued concerns about the systemic impact of inflation, energy costs, geopolitical issues, the availability and cost of credit, the U.S. mortgage market and a declining real estate market in the U.S. have contributed to increased market volatility and diminished expectations for the U.S. economy. In September 2008, added concerns fueled by the federal government conservatorship of the Federal Home Loan Mortgage Corporation and the Federal National Mortgage Association, the declared bankruptcy of Lehman Brothers Holdings Inc., the U.S. government provided loan to American International Group Inc. and other federal government interventions in the U.S. credit markets lead to increased market uncertainty and instability in both U.S. and international capital and credit markets. These conditions, combined with volatile oil prices, declining business and consumer confidence and increased unemployment have in recent weeks subsequent to the end of the quarter contributed to volatility of unprecedented levels.

As a result of these market conditions, the cost and availability of credit has been and may continue to be adversely affected by illiquid credit markets and wider credit spreads. Concern about the stability of the markets generally and the strength of counterparties specifically has caused many lenders and institutional investors to reduce, and in some cases, cease to provide funding to borrowers. While we have not experienced a reduction in the capital and funding available to us at this time, continued turbulence in the U.S. and international markets and economies may adversely affect our liquidity and financial condition. If these market conditions continue, they may limit our ability to timely replace maturing liabilities and access the capital markets to meet liquidity needs, which could adversely affect our financial condition and results of operations. Furthermore, if our customer base experiences cash flow problems and other financial difficulties, it could, in turn, adversely impact membership in our plans. For example, our customers may modify, delay or cancel plans to purchase our products, or may make changes in the mix or products purchased from us. In addition, if our customers experience financial issues, they may not be able to pay, or may delay payment of, accounts receivable that are owed to us. Further, our customers or potential customers may force us to compete more vigorously on factors such as price and service to retain or obtain their business. A significant decline in membership in our plans and the inability of current and/or potential customers to pay their premiums as a result of unfavorable conditions may adversely affect our business, including our revenues, profitability and cash flow.

Cash and Investments

As of September 30, 2008, we valued investment securities available for sale at $1.8 billion. We have most of our investment holdings in agency mortgage backed bonds and municipal bonds. We also hold high-quality corporate bonds. We evaluate and determine the classification of our investments based on management’s intent; currently, we have classified our investments as available-for-sale. We also closely monitor the fair values of our investment holdings and regularly evaluate them for any other-than-temporary impairments.

33

Our cash flow from investing activities is primarily impacted by the sales, maturities and purchases of our available-for-sale investment securities and restricted investments. Our investment objective is to maintain safety and preservation of principal by investing in a diversified mix of high-quality, investment grade securities while maintaining liquidity in each portfolio sufficient to meet our cash flow requirements and attaining the highest total return on invested funds. We do not own any investments that have direct subprime mortgage exposure.

Our investment portfolio includes $592.9 million, or 32.2% of our portfolio holdings, of mortgage-backed and asset-backed securities. The majority of our mortgage-backed securities are Fannie Mae, Freddie Mac and Ginnie Mae issues, and the average rating of our asset-backed securities is AA+/Aa1. As of September 30 2008 and December 31, 2007, our asset-backed and mortgage-backed securities had gross unrealized holding losses of $11.3 million and $3.1 million, respectively. We have the intent and ability to hold our debt investments for a sufficient period of time to allow for recovery of the principal amounts invested. However, any failure by Fannie Mae or Freddie Mac to honor the obligations under the securities they have issued or guaranteed could cause a significant decline in the value or cash flow of our mortgage-backed securities. Our investment portfolio also includes $20.2 million, or 1.1% of our portfolio holdings, of auction rate securities (ARS). These ARS have long-term nominal maturities for which the interest rates are reset through a dutch auction process every 7, 28 or 35 days. At September 30, 2008, $10.2 million of the ARS had at one point or are continuing to experience “failed” auctions. These securities are entirely municipal issues and rates are set at the maximum allowable rate as stipulated in the applicable bond indentures. We continue to receive income on all ARS. If all or any portion of the ARS continue to experience failed auctions, it could take an extended amount of time for us to realize our investments’ recorded value.

As discussed in Note 4 to the unaudited consolidated financial statements, we recognized a $14.6 million loss from other-than-temporary impairments of investment securities and money market fund in the third quarter of 2008. After this write-down, we had gross unrealized losses of $47 million as of September 30, 2008 compared to $7 million as of December 31, 2007. Unrealized losses at September 30, 2008 were generally caused by the widening of credit spreads relative to the interest rates on U.S. Treasury securities primarily caused by the recent decline in valuations in the financial sector. The lack of available credit, lack of confidence in the financial sector, increased volatility in the financial markets and reduced business activity has resulted in credit spreads widening during 2008, particularly during the three months ended September 30, 2008. While we believe that these impairments are temporary and that we have the intent and ability to hold such securities until maturity or recovery, given the current market conditions and the significant judgments involved, there is a continuing risk that further declines in fair value may occur and additional material other-than-temporary impairments may be recorded in future periods.

Included in the investment securities available for sale are $372 million of money market funds operated by The Reserve that had been appropriately classified as cash equivalents prior to September 2008 and that have subsequently been imposed restrictions on redemptions or have been frozen, and so no longer qualify as cash equivalents as of September 30, 2008. In September 2008 The Reserve announced its intention to liquidate all of its money market funds and froze all redemptions until an orderly liquidation process can be implemented. As a result, we reclassified $372 million in estimated net asset value we had invested in The Reserve money market funds from cash equivalents to investments available for sale as of September 30, 2008. On October 30, 2008, The Reserve made an initial distribution of approximately 50% of the account balance in The Reserve Primary Fund, which equated to about $130 million for our account. The Reserve expects to distribute the remaining amounts from the Primary Fund and the Government Fund by the end of the year 2008. However, we can provide no assurances that the full redemption will be made or the access to our other invested cash and cash equivalents will not be impacted by adverse conditions in the financial markets.

Liquidity

We believe that cash flow from operating activities, existing working capital, lines of credit and cash reserves are adequate to allow us to fund existing obligations, repurchase shares under our stock repurchase program, introduce new products and services, and continue to develop health care-related businesses. We

34

regularly evaluate cash requirements for current operations and commitments, and for capital acquisitions and other strategic transactions. We may elect to raise additional funds for these purposes, either through issuance of debt or equity, the sale of investment securities or otherwise, as appropriate. Based on the composition and quality of our investment portfolio, our expected ability to liquidate our investment portfolio as needed, and our expected operating and financing cash flows, we do not anticipate any liquidity constraints as a result of the current credit environment. However, continued turbulence in U.S. and international markets could adversely affect our liquidity.

Our cash flow from operating activities is impacted by, among other things, the timing of collections on our amounts receivable from our TRICARE contract for the North Region. Health care receivables related to TRICARE are best estimates of payments that are ultimately collectible or payable. The timing of collection of such receivables is impacted by government audit and negotiation and can extend for periods beyond a year. Amounts receivable under government contracts were $235.1 million and $190.0 million as of September 30, 2008 and December 31, 2007, respectively.

Our cash flow from operating activities is also impacted by the timing of collections on our amounts receivable from CMS. Our receivable related to our Medicare business was $154.8 million and $103.6 million as of September 30, 2008 and December 31, 2007, respectively.

Operating Cash Flows

Our net cash flow (used in) provided by operating activities for the nine months ended September 30, 2008 compared to the same period in 2007 is as follows:

	September 30, 2008			September 30, 2007		Change 2008 over 2007
	(Dollars in millions)
Net cash (used in) provided by operating activities	$	(105.4	)	$	348.5	$	(453.9	)

This decrease of $453.9 million in operating cash flow is primarily a result of $264 million of payments made in 2008 related to the litigation and regulatory-related matters and the operations strategy in 2008 and a TRICARE payment for Option 3 period underwriting fees of $100 million received in 2007.

Investing Activities

Our net cash flow used in investing activities for the nine months ended September 30, 2008 compared to the same period in 2007 is as follows:

	September 30, 2008			September 30, 2007			Change 2008 over 2007
	(Dollars in millions)
Net cash used in investing activities	$	(417.1	)	$	(130.4	)	$	(286.7	)

Net cash used in investing activities increased primarily due to the conversion of $372 million in The Reserve money market funds that no longer qualified as cash equivalents to investments available for sale in 2008.

Financing Activities

Our net cash flow used in financing activities for the nine months ended September 30, 2008 compared to the same period in 2007 is as follows:

	September 30, 2008			September 30, 2007			Change 2008 over 2007
	(Dollars in millions)
Net cash used in financing activities	$	(144.4	)	$	(224.0	)	$	79.6

35

Net cash used in financing activities decreased during the nine months ended September 30, 2008, primarily due to the reduction in net borrowings of $198 million, partially offset by increase in share repurchases of $38 million and decrease in stock option exercise proceeds of $80 million.

See “—Capital Structure” below for additional information regarding our stock repurchase program, Senior Notes, and our revolving credit facility.

Capital Structure

Share Repurchases. We have a $700 million stock repurchase program authorized by our Board of Directors. Subject to Board approval, additional amounts are added to the repurchase program from time to time based on exercise proceeds and tax benefits the Company receives from the employee stock options. We repurchased 3,652,495 shares and 6,851,595 shares of our common stock during the three and nine months ended September 30, 2008, respectively, for aggregate consideration of approximately $100 million and $243 million, respectively. We used net free cash available to fund the share repurchases. As of September 30, 2008, the remaining authorization under our stock repurchase program was $103 million. On November 4, 2008, we announced that our stock repurchase program is on hold as a consequence of the uncertain financial environment and the announcement by Health Net’s Board of Directors that Jay Gellert will be undertaking a review of the Company’s strategy.

Under the Company’s various stock option and long term incentive plans, employees and non-employee directors may elect for the Company to withhold shares to satisfy minimum statutory federal, state and local tax withholding and exercise price obligations arising from the vesting and/or exercise of stock options and other equity awards. These repurchases were not part of our stock repurchase program.

The following table presents monthly information related to repurchases of our common stock, including shares withheld by the Company to satisfy tax withholdings and exercise price obligations in 2008, as of September 30, 2008:

Period	Total Number of Shares Purchased (a)		Average Price Paid per Share		Total Average Price Paid		Total Number of Shares Purchased as Part of Publicly Announced Programs (b)(c)	Maximum Number (or Approximate Dollar Value) of Shares (or Units) that May Yet Be Purchased Under the Programs (c)(d)
January 1—January 31	—			—		—	—	$	346,159,116
February 1—February 29 (e)	1,904,010		$	46.78	$	89,064,600	1,895,300	$	257,491,899
March 1—March 31 (e)	1,306,123			41.51		54,214,053	1,303,800	$	203,349,454
April 1—April 30	—			—		—	—	$	203,349,454
May 1—May 31	—			—		—	—	$	203,349,454
June 1—June 30 (e)	2,236			30.21		67,550	—	$	203,349,454
July 1—July 31	—			—		—	—	$	203,349,454
August 1—August 31	2,450,000			27.56		67,526,830	2,450,000	$	135,822,624
September 1—September 30	1,202,495			27.00		32,473,146	1,202,495	$	103,349,478
	6,864,864	(e)	$	35.45	$	243,346,179	6,851,595

(a) We did not repurchase any shares of our common stock during the nine months ended September 30, 2008 outside our publicly announced stock repurchase program, except shares withheld in connection with our various stock option and long-term incentive plans.

(b) Our stock repurchase program was announced in April 2002. We announced additional repurchase authorization in August 2003, October 2006 and October 2007.

(c) As of September 30, 2008, a total of $700 million of our common stock could be repurchased under our stock repurchase program. Additional amounts may be added to the program based on exercise proceeds and tax benefits the Company receives from the exercise of employee stock options, but only upon further

36

approval by the Board of Directors. The remaining authority under our repurchase program included proceeds received from option exercises and tax benefits the Company received from exercise of employee stock options which have been approved for inclusion in the program by the Board.

(d) Our stock repurchase program does not have an expiration date. During the nine months ended September 30, 2008, we did not have any repurchase program that expired, and we did not terminate any repurchase program prior to its expiration date.

(e) Includes 8,710, 2,323 and 2,236 shares withheld by the Company to satisfy tax withholdings and exercise price obligations arising from the vesting and/or exercise of stock options and other equity awards in February, March and June 2008, respectively.

Amortizing Financing Facility. On December 19, 2007, we entered into a five-year, non-interest bearing, $175 million amortizing financing facility with a non-U.S. lender. We entered into an amendment to the financing facility on April 29, 2008, which was administrative in nature. For financial reporting purposes, this financing facility will have an effective interest rate of zero as a result of imputed interest being offset by other income related to the financing facility. The proceeds from the financing facility were used for general corporate purposes.

The financing facility requires one of our subsidiaries to pay semi-annual distributions, in the amount of $17.5 million to a participant in the financing facility. Unless terminated earlier, the final payment under the facility is scheduled to be made on December 19, 2012.

The financing facility includes limitations (subject to specified exclusions) on our and certain of our subsidiaries’ ability to incur debt; create liens; engage in certain mergers, consolidations and acquisitions; engage in transactions with affiliates; enter into agreements which will restrict the ability to pay dividends or other distributions with respect to any shares of capital stock or the ability to make or repay loans or advances; make dividends; and alter the character of ours or their business conducted on the closing date of the financing facility. In addition, the financing facility also requires that we maintain a specified consolidated leverage ratio and consolidated fixed charge coverage ratio throughout the term of the financing facility. As of September 30, 2008, we were in compliance with all of the covenants under the financing facility.

The financing facility provides that it may be terminated through a series of put and call transactions (1) at the option of one of our wholly-owned subsidiaries at any time after December 20, 2009, or (2) upon the occurrence of certain defined acceleration events. These acceleration events, include, but are not limited to:

• nonpayment of certain amounts due by us or certain of our subsidiaries under the financing facility (if not cured within the related time period set forth therein);

• a change of control (as defined in the financing facility);

• our failure to maintain the following ratings on our senior indebtedness by any two of the following three rating agencies: (A) a rating of at least BB by Standard & Poor’s Ratings Services (S&P), (B) a rating of at least BB by Fitch, Inc. (Fitch), and (C) a rating of at least Ba2 by Moody’s Investors Service, Inc. (Moody’s). As of November 7, 2008, the ratings with S&P, Fitch and Moody’s on our senior indebtedness were BB, BB+ and Ba3, respectively;

• cross-acceleration to other indebtedness of our Company in excess of $50 million;

• certain ERISA-related events;

• noncompliance by Health Net with any material term or provision of the HMO Regulations or Insurance Regulations (as each such term is defined in the financing facility);

• events in bankruptcy, insolvency or reorganization of our Company;

• undischarged, uninsured judgments in the amount of $50 million or more against our Company; or

• certain changes in law that could adversely affect a participant in the financing facility.

37

In addition, in connection with the financing facility, we entered into a guaranty which will require us to guarantee the payment of the semi-annual distributions and any other amounts payable by one of our subsidiaries to the financing facility participants under certain circumstances provided under the financing facility. Also in connection with the financing facility, we entered into an interest rate swap agreement with a non-U.S. bank affiliated with one of the financing facility participants. Under the interest rate swap agreement, we pay a floating payment in an amount equal to LIBOR times a notional principal amount and receive a fixed payment in an amount equal to 4.3% times the same notional principal amount from the non-U.S. bank counterparty in return in accordance with a schedule set forth in the interest rate swap agreement.

Senior Notes. On May 18, 2007, we issued $300 million in aggregate principal amount of 6.375% Senior Notes due 2017. On May 31, 2007, we issued an additional $100 million of 6.375% Senior Notes due 2017 which were consolidated with, and constitute the same series as, the Senior Notes issued on May 18, 2007 (collectively, the Senior Notes). The aggregate net proceeds from the issuance of the Senior Notes were $393.5 million and were used to repay outstanding debt.

The indenture governing the Senior Notes limits our ability to incur certain liens, or consolidate, merge or sell all or substantially all of our assets. In the event of the occurrence of both (1) a change of control of Health Net, Inc. and (2) a below investment grade rating by any two of Fitch, Inc., Moody’s Investors Service, Inc. and Standard & Poor’s Ratings Services within a specified period, we will be required to make an offer to purchase the Senior Notes at a price equal to 101% of the principal amount of the Senior Notes plus accrued and unpaid interest to the date of repurchase. As of September 30, 2008, no default or event of default had occurred under the indenture governing the Senior Notes.

The Senior Notes may be redeemed in whole at any time or in part from time to time, prior to maturity at our option, at a redemption price equal to the greater of:

• 100% of the principal amount of the Senior Notes then outstanding to be redeemed; or

• the sum of the present values of the remaining scheduled payments of principal and interest on the Senior Notes to be redeemed (not including any portion of such payments of interest accrued to the date of redemption) discounted to the date of redemption on a semiannual basis (assuming a 360-day year consisting of twelve 30-day months) at the applicable treasury rate plus 30 basis points

plus, in each case, accrued and unpaid interest on the principal amount being redeemed to the redemption date.

Each of the following will be an Event of Default under the indenture governing the Senior Notes:

• failure to pay interest for 30 days after the date payment is due and payable; provided that an extension of an interest payment period by us in accordance with the terms of the Senior Notes shall not constitute a failure to pay interest;

• failure to pay principal or premium, if any, on any note when due, either at maturity, upon any redemption, by declaration or otherwise;

• failure to perform any other covenant or agreement in the notes or indenture for a period of 60 days after notice that performance was required;

• (A) our failure or the failure of any of our subsidiaries to pay indebtedness for money we borrowed or any of our subsidiaries borrowed in an aggregate principal amount of at least $50,000,000, at the later of final maturity and the expiration of any related applicable grace period and such defaulted payment shall not have been made, waived or extended within 30 days after notice or (B) acceleration of the maturity of indebtedness for money we borrowed or any of our subsidiaries borrowed in an aggregate principal amount of at least $50,000,000, if that acceleration results from a default under the instrument giving rise to or securing such indebtedness for money borrowed and such indebtedness has not been discharged in full or such acceleration has not been rescinded or annulled within 30 days after notice; or

• events in bankruptcy, insolvency or reorganization of our Company.

38

Revolving Credit Facility. On June 25, 2007, we entered into a $900 million five-year revolving credit facility with Bank of America, N.A. as Administrative Agent, Swingline Lender, and L/C Issuer, and the other lenders party thereto. We entered into an amendment to the credit facility on April 29, 2008, which was administrative in nature. Our revolving credit facility provides for aggregate borrowings in the amount of $900 million, which includes a $400 million sub-limit for the issuance of standby letters of credit and a $50 million sub-limit for swing line loans. In addition, we have the ability from time to time to increase the facility by up to an additional $250 million in the aggregate, subject to the receipt of additional commitments. The revolving credit facility matures on June 25, 2012.

Amounts outstanding under the revolving credit facility will bear interest, at our option, at (a) the base rate, which is a rate per annum equal to the greater of (i) the federal funds rate plus one-half of one percent and (ii) Bank of America’s prime rate (as such term is defined in the facility), (b) a competitive bid rate solicited from the syndicate of banks, or (c) the British Bankers Association LIBOR rate (as such term is defined in the facility), plus an applicable margin, which is initially 70 basis points per annum and is subject to adjustment according to the our credit ratings, as specified in the facility.

Our revolving credit facility includes, among other customary terms and conditions, limitations (subject to specified exclusions) on our and our subsidiaries’ ability to incur debt; create liens; engage in certain mergers, consolidations and acquisitions; sell or transfer assets; enter into agreements which restrict the ability to pay dividends or make or repay loans or advances; make investments, loans, and advances; engage in transactions with affiliates; and make dividends. In addition, we are required to maintain a specified consolidated leverage ratio and consolidated fixed charge coverage ratio throughout the term of the revolving credit facility.

Our revolving credit facility contains customary events of default, including nonpayment of principal or other amounts when due; breach of covenants; inaccuracy of representations and warranties; cross-default and/or cross-acceleration to other indebtedness of the Company or our subsidiaries in excess of $50 million; certain ERISA-related events; noncompliance by us or any of our subsidiaries with any material term or provision of the HMO Regulations or Insurance Regulations (as each such term is defined in the credit facility); certain voluntary and involuntary bankruptcy events; inability to pay debts; undischarged, uninsured judgments greater than $50 million against us and/or our subsidiaries; actual or asserted invalidity of any loan document; and a change of control. If an event of default occurs and is continuing under the facility, the lenders thereunder may, among other things, terminate their obligations under the facility and require us to repay all amounts owed thereunder.

As of September 30, 2008, we were in compliance with all covenants under our revolving credit facility.

As of September 30, 2008, we had outstanding an aggregate of $125.1 million in letters of credit and outstanding borrowings under the revolving credit facility of $100.0 million. As a result, as of September 30, 2008, the maximum amount available for borrowing under our credit facility was $674.9 million, and no amounts had been drawn on the letters of credit.

Statutory Capital Requirements

Certain of our subsidiaries must comply with minimum capital and surplus requirements under applicable state laws and regulations, and must have adequate reserves for claims. Management believes that as of September 30, 2008 all of our health plans and insurance subsidiaries met their respective regulatory requirements in all material respects.

By law, regulation and governmental policy, our health plan and insurance subsidiaries, which we refer to as our regulated subsidiaries, are required to maintain minimum levels of statutory net worth. The minimum statutory net worth requirements differ by state and are generally based on balances established by statute, a percentage of annualized premium revenue, a percentage of annualized health care costs, or risk-based capital (RBC) requirements. The RBC requirements are based on guidelines established by the National Association of Insurance Commissioners. The RBC formula, which calculates asset risk, underwriting risk, credit risk, business risk and other factors, generates the authorized control level (ACL), which represents the minimum amount of

39

net worth believed to be required to support the regulated entity’s business. For states in which the RBC requirements have been adopted, the regulated entity typically must maintain the greater of the Company Action Level RBC, calculated as 200% of the ACL, or the minimum statutory net worth requirement calculated pursuant to pre-RBC guidelines. Because our regulated subsidiaries are also subject to their state regulators’ overall oversight authority, some of our subsidiaries are required to maintain minimum capital and surplus in excess of the RBC requirement, even though RBC has been adopted in their states of domicile. We generally manage our aggregate regulated subsidiary capital above 300% of ACL, although RBC standards are not yet applicable to all of our regulated subsidiaries. At September 30, 2008, we had sufficient capital to exceed the applicable RBC levels. In addition to the foregoing requirements, our regulated subsidiaries are subject to restrictions on their ability to make dividend payments, loans and other transfers of cash or other assets to the parent company.

As necessary, we make contributions to, and issue standby letters of credit on behalf of, our subsidiaries to meet RBC or other statutory capital requirements under state laws and regulations. During the nine months ended September 30, 2008, we made capital contributions of $19.0 million to certain of our subsidiaries in order to meet RBC or other statutory capital requirements. Health Net, Inc. did not make any capital contributions to its subsidiaries to meet RBC or other statutory capital requirements under state laws and regulations thereafter through November 7, 2008.

Legislation has been or may be enacted in certain states in which our subsidiaries operate imposing substantially increased minimum capital and/or statutory deposit requirements for HMOs in such states. Such statutory deposits may only be drawn upon under limited circumstances relating to the protection of policyholders.

As a result of the above requirements and other regulatory requirements, certain subsidiaries are subject to restrictions on their ability to make dividend payments, loans or other transfers of cash to their parent companies. Such restrictions, unless amended or waived, or unless regulatory approval is granted, limit the use of any cash generated by these subsidiaries to pay our obligations. The maximum amount of dividends, that can be paid by our insurance company subsidiaries without prior approval of the applicable state insurance departments, is subject to restrictions relating to statutory surplus, statutory income and unassigned surplus.

CONTRACTUAL OBLIGATIONS

Pursuant to Item 303(a)(5) of Regulation S-K, we identified our known contractual obligations as of December 31, 2007 in our Form 10-K. Significant changes to our contractual obligations as previously disclosed in our Form 10-K are as follows:

	Between October 1, 2008 and December 31, 2008		2009		2010		2011		2012		Thereafter		Total
	(Amounts in millions)
Draw on revolving credit facility (1)	$	100.0	$	—	$	—	$	—	$	—	$	—	$	100.0
Other purchase obligations (2)	$	12.9	$	93.1	$	87.9	$	79.7	$	72.9	$	69.2	$	415.7

(1) See Note 7 to the consolidated financial statements.

(2) See Note 5 to the consolidated financial statements.

OFF-BALANCE SHEET ARRANGEMENTS

As of September 30, 2008, we did not have any off-balance sheet arrangements as defined under Item 303(a)(4) of Regulation S-K.

40

CRITICAL ACCOUNTING ESTIMATES

In our Form 10-K, we identified the critical accounting policies which affect the more significant estimates and assumptions used in preparing our consolidated financial statements. Those policies include revenue recognition, health plan services, reserves for contingent liabilities, amounts receivable or payable under government contracts, goodwill and recoverability of long-lived assets and investments. We have not changed these policies from those previously disclosed in our Form 10-K. Our critical accounting policy on estimating reserves for claims and other settlements and the quantification of the sensitivity of financial results to reasonably possible changes in the underlying assumptions used in such estimation as of September 30, 2008 is discussed below. There were no other significant changes to the critical accounting estimates as disclosed in our Form 10-K.

Reserves for claims and other settlements include reserves for claims (incurred but not reported claims (IBNR) and received but unprocessed claims), and other liabilities including capitation payable, shared risk settlements, provider disputes, provider incentives and other reserves for our Health Plan Services reporting segment.

We estimate the amount of our reserves for claims primarily by using standard actuarial developmental methodologies. This method is also known as the chain-ladder or completion factor method. The developmental method estimates reserves for claims based upon the historical lag between the month when services are rendered and the month claims are paid while taking into consideration, among other things, expected medical cost inflation, seasonal patterns, product mix, benefit plan changes and changes in membership. A key component of the developmental method is the completion factor which is a measure of how complete the claims paid to date are relative to the estimate of the claims for services rendered for a given period. While the completion factors are reliable and robust for older service periods, they are more volatile and less reliable for more recent periods since a large portion of health care claims are not submitted to us until several months after services have been rendered. Accordingly, for the most recent months, the incurred claims are estimated from a trend analysis based on per member per month claims trends developed from the experience in preceding months. This method is applied consistently year over year while assumptions may be adjusted to reflect changes in medical cost inflation, seasonal patterns, product mix, benefit plan changes and changes in membership.

An extensive degree of actuarial judgment is used in this estimation process, considerable variability is inherent in such estimates, and the estimates are highly sensitive to changes in medical claims submission and payment patterns and medical cost trends. As such, the completion factors and the claims per member per month trend factor are the most significant factors used in estimating our reserves for claims. Since a large portion of the reserves for claims is attributed to the most recent months, the estimated reserves for claims are highly sensitive to these factors. The following table illustrates the sensitivity of these factors and the estimated potential impact on our operating results caused by these factors:

Completion Factor (a) Percentage-point Increase (Decrease) in Factor	Health Plan Services (Decrease) Increase in   Reserves for Claims
2%	$(59.5) million
1%	$(30.3) million
(1)%	$  31.4 million
(2)%	$  64.0 million
Medical Cost Trend (b) Percentage-point Increase (Decrease) in Factor	Health Plan Services Increase (Decrease) in   Reserves for Claims
2%	$  28.5 million
1%	$  14.3 million
(1)%	$(14.3) million
(2)%	$(28.5) million

41

(a) Impact due to change in completion factor for the most recent three months. Completion factors indicate how complete claims paid to date are in relation to the estimate of total claims for a given period. Therefore, an increase in the completion factor percent results in a decrease in the remaining estimated reserves for claims.

(b) Impact due to change in annualized medical cost trend used to estimate the per member per month cost for the most recent three months.

Other relevant factors include exceptional situations that might require judgmental adjustments in setting the reserves for claims, such as system conversions, processing interruptions or changes, environmental changes or other factors. All of these factors are used in estimating reserves for claims and are important to our reserve methodology in trending the claims per member per month for purposes of estimating the reserves for the most recent months. In developing our best estimate of reserves for claims, we consistently apply the principles and methodology described above from year to year, while also giving due consideration to the potential variability of these factors. Because reserves for claims include various actuarially developed estimates, our actual health care services expense may be more or less than our previously developed estimates. Claims processing expenses are also accrued based on an estimate of expenses necessary to process such claims. Such reserves are continually monitored and reviewed, with any adjustments reflected in current operations.

Item 3. Quantitative And Qualitative Disclosures About Market Risk.

We are exposed to interest rate and market risk primarily due to our investing and borrowing activities. Market risk generally represents the risk of loss that may result from the potential change in the value of a financial instrument as a result of fluctuations in interest rates and/or market conditions and in equity prices. Interest rate risk is a consequence of maintaining variable interest rate earning investments and fixed rate liabilities or fixed income investments and variable rate liabilities. We are exposed to interest rate risks arising from changes in the level or volatility of interest rates, prepayment speeds and/or the shape and slope of the yield curve. In addition, we are exposed to the risk of loss related to changes in credit spreads. Credit spread risk arises from the potential that changes in an issuer’s credit rating or credit perception may affect the value of financial instruments. As discussed in Note 4 to the unaudited consolidated financial statements, we recognized a $14.6 million loss from other-than-temporary impairments of investment securities and money market fund in the third quarter of 2008. After this write-down, we had gross unrealized losses of $47 million as of September 30, 2008 compared to $7 million as of December 31, 2007. Unrealized losses at September 30, 2008 were generally caused by the widening of credit spreads relative to the interest rates on U.S. Treasury securities primarily caused by the recent decline in valuations in the financial sector. The lack of available credit, lack of confidence in the financial sector, increased volatility in the financial markets and reduced business activity has resulted in credit spreads widening during 2008, particularly during the three months ended September 30, 2008. While we believe that these impairments are temporary and that we have the intent and ability to hold such securities until maturity or recovery, given the current market conditions and the significant judgments involved, there is a continuing risk that further declines in fair value may occur and additional material other-than-temporary impairments may be recorded in future periods. For a more detailed discussion of our market risks relating to these activities, refer to Item 7A, Quantitative and Qualitative Disclosures about Market Risk, included in our 2007 Form 10-K.

Item 4. Controls and Procedures.

Evaluation of Disclosure Controls and Procedures

We maintain disclosure controls and procedures (as such term is defined in Rules 13a-15(e) and 15d-15(e) under the Exchange Act) that are designed to ensure that information required to be disclosed in the reports we file or submit under the Exchange Act is recorded, processed, summarized and reported within the time periods specified in the SEC’s rules and forms, and that such information is accumulated and communicated to our management, including our Chief Executive Officer and our Chief Financial Officer, as appropriate, to allow timely decisions regarding required disclosure. In designing and evaluating the disclosure controls and procedures, management recognized that any controls and procedures, no matter how well designed and

42

operated, can provide only reasonable assurance of achieving the desired control objectives, and management necessarily was required to apply its judgment in evaluating the cost-benefit relationship of possible controls and procedures.

As required by Rule 13a-15(b) under the Exchange Act, we carried out an evaluation, under the supervision and with the participation of our management, including our Chief Executive Officer and our Chief Financial Officer, of the effectiveness of the design and operation of our disclosure controls and procedures as of the end of the period covered by this report. Based upon the evaluation of the effectiveness of the design and operation of our disclosure controls and procedures as of the end of the period covered by this report, our Chief Executive Officer and Chief Financial Officer concluded that our disclosure controls and procedures were effective at the reasonable assurance level as of the end of such period.

Changes in Internal Control Over Financial Reporting

There have not been any changes in the Company’s internal control over financial reporting (as such term is defined in Rules 13a-15(f) and 15d-15(f) under the Exchange Act) during the nine months ended September 30, 2008 that have materially affected, or are reasonably likely to materially affect, the Company’s internal control over financial reporting.

43

PART II—OTHER INFORMATION

Item 1. Legal Proceedings.

A description of the legal proceedings to which the Company and its subsidiaries are a party is contained in Note 9 to the consolidated financial statements included in Part I of this Quarterly Report on Form 10-Q.

Item 1A. Risk Factors.

The risk factors set forth below update, and should be read together with, the risk factors disclosed in Part I, Item 1A of the Company’s Form 10-K and Part II, Item 1A of each subsequent Form 10-Q filed by the Company.

If the current unfavorable economic conditions continue or further deteriorate, it could adversely affect our business.

Recent market and economic conditions in the United States have been challenging and unprecedented. Continued concerns about the systemic impact of inflation, energy costs, rising unemployment rates, geopolitical issues, the availability and cost of credit and other capital, the U.S. mortgage market, consumer spending and a declining real estate market have contributed to increased market volatility and diminished expectations for the U.S. economy and this is expected to continue going forward. These market conditions expose us to a number of risks, including risks associated with the potential financial instability of our customers. If our customer base experiences cash flow problems and other financial difficulties, it could, in turn, adversely impact membership in our plans. For example, our customers may modify, delay or cancel plans to purchase our products, or may make changes in the mix or products purchased from us. In addition, if our customers experience financial issues, they may not be able to pay, or may delay payment of, accounts receivable that are owed to us. Further, our customers or potential customers may force us to compete more vigorously on factors such as price and service to retain or obtain their business. A significant decline in membership in our plans and the inability of current and/or potential customers to pay their premiums as a result of unfavorable economic conditions may adversely affect our business, including our revenues, profitability and cash flow.

The current economic environment and volatility in the financial markets could have an adverse impact on the value of our investment portfolio and our goodwill.

Our investment portfolio is comprised primarily of available-for-sale investment securities. As of September 30, 2008, our available-for-sale investment securities were $1.8 billion. We closely monitor the fair values of our investment securities and regularly evaluate them for any other-than-temporary impairments. We have the intent and ability to hold our investments for a sufficient period of time to allow for recovery of the principal amount invested.

The current economic environment and recent volatility of the U.S. and global capital markets have increased the difficulty of assessing investment impairment and the same influences tend to increase the risk of potential impairment of these assets. In the third quarter of 2008, we recognized a $14.6 million loss from other-than-temporary impairments in our available-for-sale investments and money market fund. After this write-down, we had gross unrealized losses of $47 million as of September 30, 2008. Over time, the economic and capital market environment may further deteriorate or provide additional insight regarding the fair value of certain securities, which could change our judgment regarding the impairment of certain investments. This could result in realized losses relating to other-than-temporary declines being charged against future income. Given the current market conditions and the significant judgments involved, there is continuing risk that further declines in fair value may occur and material other-than-temporary impairments may result in realized losses in future periods, which could have an adverse effect on our results of operations, liquidity and financial condition. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations – Liquidity and Capital Resources” for additional information regarding our investment portfolio.

44

The economic environment and crisis in the financial markets has also resulted in fluctuations in our market capitalization. If the decline in our market capitalization continues and is determined to be other-than-temporary, we may need to perform an interim goodwill impairment test as of December 31, 2008. Depending on the results of the impairment test, we could be required to take an impairment charge to reduce the carrying amount of our goodwill. If we were required to take such a charge, it would be non-cash and would not affect our liquidity, tangible equity or regulatory capital levels but could have a significant adverse effect on our results of operations.

Adverse conditions in the credit markets may materially affect our ability to obtain credit.

The U.S. and global capital and credit markets have been experiencing extreme volatility and disruption. Concern about the stability of the markets generally has lead many lenders to reduce and in some cases cease to provide funding to borrowers. If current levels of market disruption and volatility continue or worsen, they may materially and adversely affect our ability to access additional capital to meet liquidity needs, which could have an adverse effect on our financial condition and results of operations.

Regulatory activities and litigation relating to the rescission of coverage, if resolved unfavorably, could adversely affect us.

In our individual business in certain states, persons applying for insurance policies are required to provide information about their medical history as well as that of family members for whom they are seeking coverage. These applications are subjected to a formal underwriting process to determine whether the applicants present an acceptable risk. If coverage is issued and the health plan or insurer subsequently discovers that the applicant materially misrepresented their or their family members’ medical history, the health plan or insurer has the legal right to rescind the policy in accordance with applicable legal standards. Although rescission has long been a legally authorized practice, the decisions of health plans to rescind coverage and decline payment to treating providers, as well as the procedures used to do so, have recently generated public attention, particularly in California. As a result, there have been both legislative and regulatory actions, as well as significant litigation, in connection with this issue.

As of January 1, 2008, health plans and insurers in California, under certain defined circumstances, are obligated to pay providers for services they have rendered despite the rescission of a member’s policy. On October 23, 2007, the California Department of Managed Health Care (DMHC) and the California Department of Insurance (DOI) announced that they would be issuing joint regulations that would restrict the ability of health plans and insurers to rescind a member’s coverage and deny payment to treating providers. The DMHC has issued draft proposed regulations but has not formally promulgated any regulations to date. The DOI has not issued any proposed regulations and at this time it is not known whether or when either agency will issue regulations.

On October 16, 2007, the DMHC initiated a survey of Health Net of California’s activities regarding the rescission of policies for the period January 1, 2004 through June 30, 2006. This survey is similar to ones the DMHC has already conducted of other health plans in California, which have resulted in administrative penalties. During the course of the survey, the DMHC alleged that Health Net of California had failed to timely provide information to the DMHC’s survey team. As a result of this allegation, the DMHC required Health Net of California to pay an administrative penalty of $1 million. Following completion of the survey, on May 15, 2008, Health Net of California entered into a settlement agreement with the DMHC. The settlement agreement requires Health Net of California to (1) pay a $300,000 administrative fine, (2) offer future coverage to all 85 HMO enrollees who had coverage rescinded from January 1, 2004 through May 15, 2008, (3) offer those enrollees an opportunity to participate in an expedited review process where the enrollee could seek to resolve claims for out of pocket medical expenses and other damages incurred as a result of the rescission, and (4) file a corrective action plan for various internal procedural changes by June 30, 2008. Health Net of California filed the corrective action plan by the due date. Failure to substantially implement the actions set forth in the corrective action plan will subject Health Net of California to a potential additional penalty of up to $3 million.

45

On April 7, 2008, the DOI commenced an audit of Health Net Life Insurance Company’s rescission practices and related claims settlement practices for the period January 1, 2004 through February 29, 2008. On September 12, 2008, Health Net Life entered into a settlement agreement with the DOI which resolves all DOI matters regarding Health Net Life’s rescission practices from January 2004 to date. Under the settlement agreement, Health Net Life paid a $3.6 million penalty in October 2008 and agreed to certain corrective actions, including offering future coverage to all 926 rescinded PPO insureds and offering an opportunity to participate in an expedited review process that allows former insureds to seek to resolve their claims for damages incurred as a result of their rescission. On October 7, 2008, Health Net Life filed a corrective action proposal for various procedure changes. Failure to substantially comply with the settlement agreement subjects Health Net Life to a potential additional monetary penalty of up to $3.6 million.

We are also party to arbitrations and litigation, including a putative class action, in which rescinded members allege that we unlawfully rescinded their coverage. The lawsuits generally seek reimbursement for the cost of medical services that were not paid as a result of the rescission, and also seek to recover for emotional distress, attorneys’ fees and punitive damages. One of these arbitrations was decided on February 21, 2008, and resulted in an award paid to the claimant of approximately $9.4 million. Recent court of appeal decisions in California adverse to health plans and insurers have increased the risks associated with rescissions of policies based on applications containing material misrepresentations of medical history, and may make it more difficult to rescind policies in the future. Additionally, the Los Angeles City Attorney recently filed a complaint against us relating to our underwriting practices and rescission of certain individual policies. The complaint seeks equitable relief and civil penalties for, among other things, alleged false advertising, violations of unfair competition laws and violations of the California Penal Code. Other government agencies, including the Attorney General of California, have indicated that they are investigating, or may be interested in investigating, rescissions and related activities. These developments, together with increased media scrutiny of health plans’ and insurers’ rescission practices, may also increase the risk of additional litigation in this area.

We cannot predict the outcome of the anticipated regulatory proposals described above, nor the extent to which we may be affected by the enactment of those or other regulatory or legislative activities relating to rescissions. Such legislation or regulation, including measures that would cause us to change our current manner of operation or increase our exposure to liability, could have a material adverse effect on our results of operations, financial condition and ability to compete in our industry. Similarly, given the complexity and scope of rescission lawsuits, their final outcome cannot be predicted with any certainty. It is possible that in a particular quarter or annual period our results of operations, financial condition and/or liquidity could be materially and adversely affected by an ultimate unfavorable resolution of these cases.

Federal and state audits, review and investigations of us and our subsidiaries could have a material adverse effect on our operations.

We have been and, in some cases, currently are, involved in various federal and state governmental audits, reviews and investigations. These include routine, regular and special investigations, audits and reviews by the Centers for Medicare & Medicaid Services (CMS), state insurance and health and welfare departments and others pertaining to financial performance, market conduct and regulatory compliance issues. Such audits, reviews and investigations could result in the loss of licensure or the right to participate in certain programs, or the imposition of civil or criminal fines, penalties and other sanctions. In addition, disclosure of any adverse investigation or audit results or sanctions could negatively affect our reputation in various markets and make it more difficult for us to sell our products and services.

Many regulatory audits, reviews and investigations in recent years have focused on the timeliness and accuracy of claims payments by managed care companies and health insurers. Our subsidiaries have been the subject of audits, reviews and investigations of this nature. Depending on the circumstances and the specific matters reviewed, regulatory findings could require remediation of claims payment errors and payment of penalties of material amounts that could have a material adverse effect on our results of operations. For example,

46

we are currently the subject of a regulatory investigation in New Jersey that relates to the timeliness and accuracy of our claim payments for services rendered by out-of-network providers. This investigation includes an audit of our claims payment practices for services rendered by out-of-network providers for 1996 through 2005 in New Jersey. On August 26, 2008, we entered into a consent order with the New Jersey Department of Banking and Insurance (DOBI) and agreed to remediate certain claims, which has been completed, and pay a fine of $13 million. A portion of the $296.8 million charge that we recorded in the third quarter of 2007 relates to the remediation of the New Jersey claims and the fine assessed by DOBI.

In addition, on February 13, 2008, the New York Attorney General (NYAG) announced that his office is conducting an industry-wide investigation into the manner in which health insurers calculate “usual, customary and reasonable” charges for purposes of reimbursing members for out-of-network medical services. The NYAG’s office has issued subpoenas to 16 health insurance companies, including us, in connection with this investigation. As described by the NYAG in a press conference on February 13, 2008, the threatened claims appear to be similar to those asserted by the plaintiffs in the McCoy, Wachtel and Scharfman cases described in Note 9 of the financial statements included elsewhere in this report. We are in the process of responding to the subpoena and are cooperating with the NYAG as appropriate in his investigation. On March 28, 2008, we received a request for voluntary production from the Connecticut Attorney General that seeks information similar to that subpoenaed by the NYAG. We are in the process of responding to the request and are cooperating with the Connecticut Attorney General as appropriate in his investigation. There can be no assurance that other state attorneys’ general will not take actions similar to those taken by the NYAG.

Our New Jersey, Connecticut and New York health plans have also been subject to other investigations by DOBI, the Connecticut Department of Insurance and the New York Department of Insurance on a variety of other matters and in some cases have entered into consent agreements relating to, and have agreed to pay fines in connection with, these practices. Similarly, Health Net of California, our California HMO, has entered into a Consent Agreement with the California DMHC regarding its prepayment line item review and repricing processes, and both the California and Oregon plans are currently undergoing reviews relating to rescission practices.

In addition, from time to time, agencies of the U.S. government investigate whether our operations are being conducted in accordance with regulations applicable to government contractors. Government investigations of us, whether relating to government contracts or conducted for other reasons, could result in administrative, civil or criminal liabilities, including repayments, fines or penalties being imposed upon us, or could lead to suspension or debarment from future U.S. government contracting, which could have a material adverse effect on our financial condition and results of operations.

Item 2. Unregistered Sales of Equity Securities and Use of Proceeds.

(c) Purchases of Equity Securities by the Issuer

Our Board of Directors has authorized a $700 million stock repurchase program. As of September 30, 2008, the remaining authorization under our stock repurchase program was $103 million. On November 4, 2008 we announced that our stock repurchase program is on hold as a consequence of the uncertain financial environment and the announcement by Health Net’s Board of Directors that Jay Gellert will be undertaking a review of the Company’s strategy.

Under the Company’s various stock option and long term incentive plans, employees and non-employee directors may elect for the Company to withhold shares to satisfy minimum statutory federal, state and local tax withholding and exercise price obligations arising from the vesting and/or exercise of stock options and other equity awards.

47

A description of the Company’s stock repurchase program and tabular disclosure of the information required under this Item 2 is contained in Part I—“Item 2. Management’s Discussion and Analysis of Financial Condition and Results of Operations—Liquidity and Capital Resources—Capital Structure—Share Repurchases.”

Item 3. Defaults Upon Senior Securities.

None.

Item 4. Submission of Matters to a Vote of Security Holders.

None.

Item 5. Other Information.

None.

Item 6. Exhibits.

The following exhibits are filed as part of this Quarterly Report on Form 10-Q:

Exhibit Number	Description
10.1*	Master Agreement between Health Net, Inc. and International Business Machines Corporation dated August 19, 2008.
10.2*	Master Services Agreement between Health Net, Inc. and Cognizant Technology Solutions U.S. Corporation dated September 30, 2008.
31.1	Certification of Chief Executive Officer pursuant to Section 302 of the Sarbanes-Oxley Act of 2002.
31.2	Certification of Chief Financial Officer pursuant to Section 302 of the Sarbanes-Oxley Act of 2002.
32.1	Certification of Chief Executive Officer and Chief Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002.

* This Exhibit has been redacted pursuant to a request for confidential treatment under Rule 24b-2 of the Securities Exchange Act of 1934, as amended.

48

SIGNATURES

Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned thereunto duly authorized.

	HEALTH NET, INC. (REGISTRANT)
Date: November 7, 2008	By:	/s/    JOSEPH C. CAPEZZA
		Joseph C. Capezza
		Chief Financial Officer
Date: November 7, 2008	By:	/s/    BRET A. MORRIS
		Bret A. Morris
		Senior Vice President and Corporate Controller
		(Principal Accounting Officer)

49

EXHIBIT INDEX

Exhibit Number	Description
10.1*	Master Agreement between Health Net, Inc. and International Business Machines Corporation dated August 19, 2008.
10.2*	Master Services Agreement between Health Net, Inc. and Cognizant Technology Solutions U.S. Corporation dated September 30, 2008.
31.1	Certification of Chief Executive Officer pursuant to Section 302 of the Sarbanes-Oxley Act of 2002.
31.2	Certification of Chief Financial Officer pursuant to Section 302 of the Sarbanes-Oxley Act of 2002.
32.1	Certification of Chief Executive Officer and Chief Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002.

* This Exhibit has been redacted pursuant to a request for confidential treatment under Rule 24b-2 of the Securities Exchange Act of 1934, as amended.

EX-10.1

Exhibit 10.1

Final Execution Version

MASTER AGREEMENT

Between

Health Net, Inc.

and

International Business Machines Corporation

Dated

August 19, 2008

The mark *** indicates that text has been redacted pursuant to a request for confidential treatment under Rule 24b-2 of the Securities Exchange Act of 1934, as amended, and filed separately with Securities and Exchange Commission.

General Terms and Conditions- Health Net / IBM Confidential

Final Execution Version

TABLE OF CONTENTS

1.        PREAMBLE		1
1.1	BACKGROUND AND PURPOSE	1
1.2	OBJECTIVES	1
1.3	STRUCTURE OF AGREEMENT	2
1.4	CONSTRUCTION OF PREAMBLE	5
2.        DEFINITIONS		5
2.1	DEFINED TERMS	5
2.2	OTHER TERMS	9
3.        SERVICES		9
3.1	PROVISION OF SERVICES DURING TRANSITION	9
3.2	PROVISION OF THE STEADY-STATE SERVICES	9
3.3	IMPLIED SERVICES	10
3.4	EVOLUTION OF THE SERVICES	10
3.5	USERS OF THE SERVICES	10
3.6	SERVICES NOT EXCLUSIVE; VARIABLE	11
3.7	COOPERATION AND COORDINATION WITH OTHER PARTIES	11
3.8	NEW SERVICES	12
4.        TERM AND REGULATORY APPROVALS		12
4.1	INITIAL TERM	12
4.2	RENEWAL TERMS	12
4.3	REGULATORY APPROVALS AND FEDERAL BUSINESS	12
5.        PERFORMANCE		13
5.1	PERFORMANCE, GENERALLY	13
5.2	PLACE OF PERFORMANCE	13
5.3	TIME OF PERFORMANCE	13
5.4	MANNER OF PERFORMANCE	14
5.5	QUALITY ASSURANCE AND CONTINUOUS IMPROVEMENT	15
5.6	USER SATISFACTION	15
6.        SERVICE LEVELS		15
6.1	GENERAL	15
6.2	FAILURE TO PERFORM	15
7.        SUPPLIER PERSONNEL		16
7.1	PROVISION OF SUITABLE PERSONNEL	16
7.2	SCREENING AND BACKGROUND CHECKS	16
7.3	RESPONSIBILITY FOR SUPPLIER PERSONNEL, GENERALLY	17
7.4	KEY SUPPLIER POSITIONS	17
7.5	REMOVAL AND REPLACEMENT OF SUPPLIER PERSONNEL	18
7.6	CONTROLLING TURNOVER OF SUPPLIER PERSONNEL	18
7.7	SUBCONTRACTING	18
7.8	MANAGED THIRD PARTIES	19
8.        HEALTH NET RESPONSIBILITIES		20
8.1	APPOINTMENT OF HEALTH NET PROGRAM MANAGEMENT OFFICE (PMO) PERSONNEL	20
8.2	HEALTH NET COOPERATION DUTIES	20
8.3	SAVINGS CLAUSE	20

General Terms and Conditions- ii Health Net / IBM Confidential

Final Execution Version

9.        CHARGES		20
9.1	PASS-THROUGH EXPENSES	21
9.2	INCIDENTAL EXPENSES	22
9.3	TAXES	22
9.4	BENCHMARKING	24
10.        INVOICING AND PAYMENT		29
10.1	INVOICING	29
10.2	PAYMENT DUE	30
10.3	ACCOUNTABILITY	31
10.4	PRORATION	31
10.5	REFUNDABLE ITEMS	31
10.6	DEDUCTIONS	31
10.7	DISPUTED CHARGES	31
11.        TRANSFER OR USE OF RESOURCES		32
11.2	TRANSFER OF PERSONNEL	32
11.3	HEALTH NET OWNED EQUIPMENT	32
11.4	HEALTH NET LEASED EQUIPMENT	33
11.5	HEALTH NET THIRD PARTY SERVICE CONTRACTS	34
11.6	HEALTH NET OWNED SOFTWARE	34
11.7	HEALTH NET LICENSED SOFTWARE	35
11.8	INTENTIONALLY OMITTED	36
11.9	HEALTH NET FACILITIES	36
11.10	TERMS APPLICABLE TO HEALTH NET FACILITIES, GENERALLY	36
11.11	REQUIRED CONSENTS	38
11.12	HEALTH NET RESOURCES PROVIDED TO SUPPLIER PERSONNEL WORKING ON-SITE	38
12.        RESOURCE ACQUISITIONS DURING THE TERM		39
12.1	GENERAL RESPONSIBILITY AND COMPATIBILITY	39
12.2	EQUIPMENT	39
12.3	THIRD PARTY SERVICES	40
12.4	SOFTWARE	40
12.5	NETWORK CONNECTIVITY	41
12.6	HEALTH NET APPROVAL OF CERTAIN RESOURCE ACQUISITIONS	41
12.7	HEALTH NET RIGHTS TO CERTAIN SOFTWARE UPON TERMINATION/EXPIRATION	42
13.        TRANSITION AND TRANSFORMATION		46
13.1	“TRANSITION” DEFINED	46
13.2	SUPPLIER SOLUTION DESCRIPTION AND TRANSITION PLAN	46
13.3	CONDUCT OF THE TRANSITION AND TRANSFORMATION	47
13.4	HEALTH NET COOPERATION AND SUPPORT	47
13.5	COMPLETION OF TRANSITION AND TRANSFORMATION	47
14.        DATA SECURITY AND PROTECTION		48
14.1	“HEALTH NET DATA” DEFINED	48
14.2	HEALTH NET DATA, GENERALLY	48
14.3	DATA SECURITY	48
14.4	COMPLIANCE WITH DATA PRIVACY AND DATA PROTECTION LAWS, REGULATIONS AND POLICIES	49
14.5	IMPORT/EXPORT CONTROLS	50
14.6	COMPLIANCE WITH GRAMM-LEACH-BLILEY (“GLB ACT”)	50
15.        INTELLECTUAL PROPERTY RIGHTS		51
15.1	DEFINED TERMS	51

General Terms and Conditions- iii Health Net / IBM Confidential

Final Execution Version

15.2	INDEPENDENT IP	51
15.3	DEVELOPED MATERIALS	52
15.4	INTELLECTUAL PROPERTY RIGHTS AGREEMENTS WITH SUPPLIER PERSONNEL	53
15.5	OTHER OBLIGATIONS AND RIGHTS REGARDING WORK PRODUCT	53
15.6	MENTAL IMPRESSIONS	53
16.        TERMINATION		54
16.1	TERMINATION BY HEALTH NET	54
16.2	TERMINATION DUE TO ADVERSE CHANGES IN SUPPLIER’S FINANCIAL CIRCUMSTANCES	56
16.3	TERMINATION BY SUPPLIER	56
16.4	EXTENSION OF TERMINATION/EXPIRATION DATE	57
16.5	PARTIAL TERMINATION	57
16.6	DISENGAGEMENT ASSISTANCE	57
16.7	SURVIVAL	59
16.8	BID ASSISTANCE	60
16.9	TERMINATION OF THE CROSS TOWER SERVICES OR THE NETWORK SERVICES TOWERS	60
17.        GOVERNANCE AND MANAGEMENT		61
17.1	GOVERNANCE STRUCTURE AND PROCESSES	61
17.2	MEETINGS	61
17.3	REPORTS	62
17.4	PROCEDURES MANUAL	62
17.5	CHANGE CONTROL	63
17.6	ANNUAL TECHNOLOGY PLAN	64
18.        AUDITS AND RECORDS		65
18.1	AUDIT RIGHTS	65
18.2	AUDIT FOLLOW-UP	66
18.3	CONFIDENTIALITY OF AUDITS	66
18.4	RECORDS RETENTION	66
18.5	SUPPLIER AUDITS	67
18.6	FINANCIAL REPORTS	68
18.7	OVERCHARGES	68
19.        REPRESENTATIONS, WARRANTIES AND COVENANTS OF SUPPLIER		68
19.1	WORK STANDARDS	68
19.2	MAINTENANCE	69
19.3	EFFICIENCY AND COST-EFFECTIVENESS	69
19.4	TECHNOLOGY	69
19.5	DELIVERABLES	69
19.6	DOCUMENTATION	69
19.7	COMPATIBILITY	70
19.8	NON-INFRINGEMENT	70
19.9	VIRUSES	71
19.10	DISABLING CODE	71
19.11	COMPLIANCE WITH HEALTH NET POLICIES AND PROCEDURES	71
19.12	COMPLIANCE WITH LAWS; EXPORT CONTROL	71
19.13	CORPORATE SOCIAL RESPONSIBILITY	71
19.14	SUBCONTRACTOR CONFIDENTIALITY AND ASSIGNMENT	72
19.15	NO IMPROPER INDUCEMENTS	72
20.        MUTUAL REPRESENTATIONS AND WARRANTIES; DISCLAIMER		72
20.1	MUTUAL REPRESENTATIONS AND WARRANTIES	72
21.        CONFIDENTIALITY		73

General Terms and Conditions- iv Health Net / IBM Confidential

Final Execution Version

21.1	“CONFIDENTIAL INFORMATION” DEFINED	73
21.2	OBLIGATIONS OF CONFIDENTIALITY	74
21.3	NO IMPLIED RIGHTS	75
21.4	COMPELLED DISCLOSURE	75
21.5	CONFIDENTIAL TREATMENT OF THIS AGREEMENT	75
21.6	DISCLOSURE OF INFORMATION CONCERNING TAX TREATMENT	75
21.7	RETURN OR DESTRUCTION	75
21.8	DURATION OF CONFIDENTIALITY OBLIGATIONS	76
22.        INSURANCE		76
23.        INDEMNIFICATION		76
23.1	“CLAIM” AND “LOSSES” DEFINED	76
23.2	INDEMNIFICATION BY SUPPLIER	77
23.3	INFRINGEMENT CLAIMS	78
23.4	INDEMNIFICATION BY HEALTH NET	78
23.5	INDEMNIFICATION PROCEDURES	79
23.6	SUBROGATION	80
24.        LIABILITY		80
24.1	GENERAL INTENT	80
24.2	LIMITATIONS OF LIABILITY	80
24.3	FORCE MAJEURE	82
25.        RULES OF CONSTRUCTION		83
25.1	ENTIRE AGREEMENT	83
25.2	CONTRACTING PARTIES; NO THIRD PARTY BENEFICIARIES	83
25.3	CONTRACT AMENDMENTS AND MODIFICATIONS	84
25.4	GOVERNING LAW	84
25.5	RELATIONSHIP OF THE PARTIES	84
25.6	CONSENTS AND APPROVALS	84
25.7	WAIVER	84
25.8	REMEDIES CUMULATIVE	84
25.9	REFERENCES	85
25.10	RULES OF INTERPRETATION	85
25.11	ORDER OF PRECEDENCE	85
25.12	SEVERABILITY	85
25.13	COUNTERPARTS	86
25.14	READING DOWN	86
26.        DISPUTE RESOLUTION		86
26.1	INFORMAL DISPUTE RESOLUTION	86
26.2	LITIGATION	87
26.3	CONTINUED PERFORMANCE	87
26.4	EQUITABLE REMEDIES	87
26.5	WAIVER OF JURY TRIAL	87
26.6	DISCLAIMER OF UNIFORM COMPUTER INFORMATION TRANSACTIONS ACT	88
27.        GENERAL		88
27.1	BINDING NATURE AND ASSIGNMENT	88
27.2	NONDISCRIMINATION	89
27.3	NOTICES	89
27.4	NON-SOLICITATION OF EMPLOYEES	90
27.5	LEGAL COMPLIANCE	90
27.6	COVENANT OF GOOD FAITH	90

General Terms and Conditions- v Health Net / IBM Confidential

Final Execution Version

27.7	PUBLIC DISCLOSURES	90
27.8	SERVICE MARKS	91
27.9	MUTUALLY NEGOTIATED	92

General Terms and Conditions- vi Health Net / IBM Confidential

Final Execution Version

Master Agreement

This Master Agreement, effective as of August 19, 2008 (the “Effective Date”), is entered into by and between Health Net, Inc. (“Health Net”), a Delaware corporation with its principal place of business located at 21650 Oxnard Street, Woodland Hills, CA 91367 and International Business Machines Corporation (“IBM” or “Supplier”), a New York corporation with a place of business located at Route 100, Somers, NY 10589, U.S.A. (each, a “Party” and collectively, the “Parties”). The Parties agree that the following terms and conditions shall apply to the services to be provided by IBM to Health Net under this Agreement, in consideration of certain payments to be made by Health Net, all as more specifically described below.

1. PREAMBLE

1.1 Background and Purpose

This Agreement is made and entered into with reference to the following:

(a) Health Net is among the nation’s largest publicly traded managed health care companies. Its mission is to help people be healthy, secure and comfortable. The company’s health plans and government contracts subsidiaries provide health benefits to approximately 6.7 million individuals across the country through group, individual, Medicare, Medicaid and TRICARE and Veterans Affairs programs.

(b) Supplier has acknowledged that Supplier is a leading provider of outsourcing services and have the skills, qualifications and experience necessary to perform and manage the information technology and telecomunications services required by Health Net under the framework of this Agreement in an efficient and controlled manner, with a high degree of quality and responsiveness resulting in the consolidation, rationalization and standardization of Health Net’s information technology and telecommunications infrastructure services.

(c) Supplier specializes, amongst other things, in performing for others the types of services contemplated to be performed under the framework of this Agreement. Supplier acknowledges that it is skilled and experienced in providing similar services for others.

(d) After a comprehensive evaluation and negotiation process, Health Net has selected Supplier to provide the Services during the Term of the Agreement, and Supplier desires to provide to Health Net the Services through the execution of this Agreement and the attached schedules, exhibits and appendices, all of which are governed by the terms and conditions set forth in this Agreement.

1.2 Objectives

(a) Health Net and Supplier have agreed upon the following over-arching goals and objectives as those they expect to be accomplished by their execution of this Agreement and the performance of Services entered into pursuant to the Agreement:

General Terms and Conditions- 1 Health Net / IBM Confidential

Final Execution Version

(i) A seamless transition of outsourced services to Supplier from Health Net and incumbent vendors in a manner that will minimize business disruption and business risk to Health Net;

(ii) A service delivery environment that is scalable and responsive to change;

(iii) Quality of service consistent with that of the world’s leading providers of similar services and continuous improvement;

(iv) A service delivery environment and Services that keep pace with modernization and consumerization of technology;

(v) Lighter, simpler, and effective IT solutions;

(vi) Supplier accountability for integration among IT&T service providers to Health Net and service-wide responsibility for the Services; and

(vii) Services and solutions that are continuously aligned to Health Net business needs and imperatives – i.e., a Service Delivery Environment and platform that will support rapid scalability, growth, and change in the composition and location of Health Net’s businesses.

(b) The goals and objectives set out in this Section 1.2(a) are intended to be a general introduction to, and statement of the spirit of, this Agreement. While they do not expand or reduce the scope of the Parties’ express obligations under this Agreement, Supplier’s performance under this Agreement will be measured, in part, based on the extent to which Supplier’s performance causes or contributes to the achievement of them. Further, to the extent that the terms of this Agreement do not address a particular circumstance, are unclear or ambiguous, or require the Parties to discuss, negotiate or agree on a particular matter, such terms will be negotiated in good faith to be in accordance with, and each Party will endeavor to act to give the fullest possible effect to, the goals and objectives set out in this Section 1.2(a).

1.3 Structure of Agreement

This document (the “General Terms and Conditions”) sets out the basic terms and conditions under which the Parties will conduct the transactions contemplated by this Agreement. In addition, there will be a number of Schedules and Exhibits attached to the Terms and Conditions, including:

Schedule A (Services)

Exhibit A-1 (Equipment Refresh Plan)

Exhibit A-2 (Transition Description)

Exhibit A-3 (Solution Description)

Exhibit A-3-1 (Transformation Key Health Net Dependencies)

Exhibit A-4 (Transition & Transformation Plans)

Attachment A-4-1 (Transition Project Plan)

Attachment A-4-2 (Transformation Project Plan)

General Terms and Conditions- 2 Health Net / IBM Confidential

Final Execution Version

Exhibit A-5 (Existing DR Contracts)

Exhibit A-6 (HNFS Requirements)

Attachment A-6-1 (HNFS Requirements Exceptions)

Exhibit A-7 (Change Control Process)

Exhibit A-8 (Citrix Enabled Applications)

Exhibit A-9 (Asset Tracking Information)

Exhibit A-10 (Project Framework)

Attachment A-10-1 (Deliverable Acceptance Procedures)

Exhibit A-11 (In Flight Projects)

Exhibit A-12 (System Decommissioning Questionnaire)

Exhibit A-13 (Facilities Services Responsibility Matrix)

Schedule B (Service Levels)

Exhibit B-1 (Service Level Metrics)

Exhibit B-2 (Formula Definitions)

Exhibit B-3 (Remedy Incident and Problem Priority Definitions)

Exhibit B-4 (Scheduled Maintenance)

Exhibit B-5 (Service Request Priority Definitions)

Schedule C (Charges)

Exhibit C-1 (Resource Units)

Exhibit C-2 (Resource Baselines)

Exhibit C-3 (Annual Service Charge)

Exhibit C-4 (ARC / RRC Rates)

Exhibit C-5 (Time & Materials Rates)

Exhibit C-6 (Pure Pass Through and Managed As Pass-Through Expenses)

Exhibit C-7 (Form Invoice)

Exhibit C-8 (Termination Charges)

Exhibit C-9 (IMAC Counting Rules)

Exhibit C-10 (Joint Verification Process)

Exhibit C-11 (ITG Budget)

Schedule D (Key Supplier Positions)

Schedule E (Transitioned Employees)

Exhibit E-1 (Affected Employees)

Exhibit E-2 (Affected Employees on Leave)

Schedule F (Health Net Facilities)

Schedule G (Governance)

Schedule H (Insurance)

Schedule I (Third Party Service Contracts)

Exhibit I-1 (Third Party Service Contracts to be Assigned to IBM)

General Terms and Conditions- 3 Health Net / IBM Confidential

Final Execution Version

Exhibit I-2 (Third Party Service Contracts Managed In ASC)

Exhibit I-3 (Third Party Service Contracts Managed As Pass Through)

Exhibit I-4 (Third Party Service Contracts As Pure Pass Through)

Exhibit I-5 (Third Party Service Contracts to be Retained by Health Net)

Schedule J (Software)

Exhibit J-1 (Health Net Software)

Exhibit J-1-1 (Assumed)

Exhibit J-1-2 (Managed In ASC)

Exhibit J-1-3 (Managed As Pass Through Expense)

Exhibit J-1-4 (Retained)

Exhibit J-1-5 (Pure Pass Through Expense)

Exhibit J-2 (Supplier Software)

Exhibit J-2-1 (Supplier Provided Software (Commercially Available))

Exhibit J-2-2 (Supplier Provided Software (Non-Commercially Available))

Exhibit J-2-3 (Supplier Proprietary Delivery Tools)

Exhibit J-2-4 (Supplier Third Party Software used to provide the Services (Commercially Available))

Exhibit J-2-5 (Supplier Third Party Software used to provide the Services (Non-Commercially Available))

Exhibit J-3 (Health Net Proprietary Software)

Schedule K (Business Associate Addendum)

Schedule L (Disengagement Assistance)

Schedule M [INTENTIONALLY LEFT BLANK]

Schedule N (Equipment)

Exhibit N-1 (Health Net Owned Equipment to be Purchased by Supplier)

Exhibit N-1-1 (Desktops)

Exhibit N-1-2 (Assets from GE Profile)

Exhibit N-1-3 (Mid Range Owned Assets)

Exhibit N-1-4 (Mainframe Owned Assets)

Exhibit N-1-5 (Voice Network)

Exhibit N-1-6 (Voice Call Manager)

Exhibit N-1-7 (Video Conferencing)

Exhibit N-1-8 (iSeries)

Exhibit N-2 (Health Net Leased Equipment to be Assumed by Supplier (i.e., take assignment and title of Asset))

Exhibit N-3 (Health Net Owned Equipment that Health Net Will Retain)

Exhibit N-4 (Health Net Leased Equipment that Health Net Will Retain)

Exhibit N-5 (Health Net Leased Equipment to be paid by Supplier and retained in Health Net’s name)

General Terms and Conditions- 4 Health Net / IBM Confidential

Final Execution Version

Schedule O (Policies and Procedures)

Schedule P (Approved Subcontractors)

Schedule Q (Outline of Policies and Procedures)

Schedule R [INTENTIONALLY LEFT BLANK]

Schedule S (Asset Responsibility Matrix)

Schedule T (Form Bill of Sale)

Schedule U (Glossary)

Schedule V (Supplier Competitors)

Schedule W (Reports)

Schedule X (Audits)

1.4 Construction of Preamble

The provisions of this Section 1 are intended to provide a general introduction to this Agreement and a context in which to interpret this Agreement’s terms and conditions in circumstances where their meanings are unclear or ambiguous. It is not intended to alter the plain meaning of this Agreement or to expand the scope of the Parties’ express obligations under it.

2. DEFINITIONS

2.1 Defined Terms

The following capitalized terms, when used in this Agreement, will have the meanings given them below:

(a) “Affiliate” means, with respect to an entity, any other entity or person Controlling, Controlled by or under common Control with such entity.

(b) “Agreement” shall mean the Services Agreement between Health Net and Supplier contemplated by this Term Sheet, including its schedules, exhibits, and appendices, as the same may be amended by the Parties from time to time in accordance with Section 25.3.

(c) “Application” or “Application Software” means Software that performs specific End User-related data processing, data management and telecommunications tasks.

(d) “Beneficiary” means a person who has enrolled in and/or is eligible to receive services under a Benefit Program at the time services are rendered. The Parties acknowledge that the term “member” may be used by Health Net and for purposes of this Agreement, the term Beneficiary includes the term “member” wherever used.

(e) “Benefit Program” means a plan offered by Health Net or its Affiliates whereby Health Net or a Health Net Affiliate is obligated to provide or arrange for health care services, or compensation therefor, to Beneficiaries in accordance with the provisions contained in such plans.

General Terms and Conditions- 5 Health Net / IBM Confidential

Final Execution Version

(f) “Commercially Available” shall mean Software that the applicable software vendor routinely licenses to the general public through separately established standard terms and conditions and standard rates, and for which such software vendor provides ongoing maintenance and updates.

(g) “Commercially Reasonable Efforts” means taking all such steps and performing in such a manner as a well managed company would undertake where it was acting in a determined, prudent and reasonable manner to achieve a particular desired result for its own benefit.

(h) “Contract Year” means any consecutive twelve (12) month period commencing on March 1, 2009, or any anniversary thereof during the Term. If the final Contract Year is less than twelve (12) months, non-specific references to amounts and other requirements for such Contract Year shall be appropriately and equitably pro-rated.

(i) “Control” and its derivatives, such as “Controlling” means with regard to any entity the legal, beneficial or equitable ownership, directly or indirectly, of: (i) fifty percent (50%) or more of the capital stock (or other ownership interest if not a stock corporation) of such entity ordinarily having voting rights; or (ii) (A) twenty percent (20%) or more of the capital stock (or other ownership interest if not a stock corporation) and (B) either (1) a greater percentage than any other juridical person wherein such person has the power to exercise, directly or indirectly, a controlling influence on the entity’s management or policies, or (2) management control in fact or by agreement.

(j) “Deliverable” means any tangible Work Product produced in the course of performing the Services that is listed or described in this Agreement, or in a project plan or service request document executed pursuant to this Agreement, or that is otherwise required to be delivered by Supplier to Health Net in order to satisfy Supplier’s obligations with respect to any item to be provided by Supplier under this Agreement or in project plan or other service request document. For the avoidance doubt, Deliverable include all reports delivered to Health Net, the Procedures Manual and any training materials created or provided in order to fulfill IBM’s training obligations under this Agreement.

(k) “Disengagement Assistance” means, collectively, the Functions that Health Net requests from Supplier or that are otherwise required to enable an orderly transfer of Services from Supplier to Health Net or its designees without unreasonable interruption or adverse effect to Health Net in connection with the cessation of any Services, or the expiration or earlier termination (for any reason) of this Agreement, in whole or in part, including the Functions described in Section 16.6 and Schedule L (Disengagement Assistance).

(l) “Disengagement Assistance Period” shall mean the period of time that Supplier is obligated to provide Disengagement Assistance pursuant to Section 16.6(b).

(m) “Documentation” means written materials (including materials published on an Internet or Intranet site or otherwise online) that are available or necessary to instruct or assist End Users, operators or systems personnel in the installation, development, maintenance, operation, use or modification of any Equipment,

General Terms and Conditions- 6 Health Net / IBM Confidential

Final Execution Version

Software, system, or Deliverable (including applicable functional and technical specifications), as such documentation is updated from time to time.

(n) “Effective Date” has the meaning set forth in the preamble.

(o) “End Users” means direct users of the Services provided under this Agreement.

(p) “Equipment” means any computer and telecommunications machines or other hardware (without regard to the entity owning or leasing it) used by the Supplier in the provision of the Services, including all associated attachments, features, accessories and peripheral devices.

(q) “Financial Responsibility” has the meaning given in Section 2.1(e) of Schedule C.

(r) “Former Health Net Affiliate” means: (i) any entity affiliated with Health Net at any time during the Term (such designation expiring at the end of the twenty-fourth (24^th) month after the date that such entity ceases to Control, be Controlled by, or be under common Control with, Health Net); or (ii) the purchaser of all or substantially all of the assets of any line of business of Health Net or its Affiliates (such designation (A) applying only with respect to the business so acquired; and (B) expiring at the end of the twenty-fourth (24^th) month after the date of such purchase.) At Health Net’s option, each Former Health Net Affiliate shall be deemed to be an Affiliate of Health Net.

(s) “Health Net Facility” means a Health Net office or business location at which, or with respect to which, Supplier performs the Services. The Health Net Facilities are set forth in Schedule F (Facilities).

(t) “IT Infrastructure” means the Equipment and Software (regardless of ownership) that comprise the infrastructure of Health Net’s and its Affiliates’ information technology organizations.

(u) “Law” means: (i) any applicable law, statute, regulation, ordinance or subordinate legislation in force from time to time to which a Party or any of its Affiliates is subject; (ii) the common law as applicable to the Parties or any of their Affiliates from time to time; (iii) any binding court order, judgement or decree (including consent agreements); and (iv) any applicable directive, policy, rule or order that is binding on a Party or any of its Affiliates and that is made or given by any government, an agency thereof, or any regulatory body; of any country, the European Union, or other national, federal, commonwealth, state, provincial or local jurisdiction, and of any exchange or association (including the New York Stock Exchange and the National Association of Securities Dealers) whose regulations are binding on either Party pursuant to a self-regulating mechanism approved by a governmental entity.

(v) “Non-Commercially Available” shall mean Software that is not Commercially Available.

(w) “Out-of-Pocket Expenses” means reasonable, demonstrable and actual out-of-pocket expenses incurred by Supplier for Equipment, materials, supplies or services provided to or for Health Net as identified in this Agreement, but not

General Terms and Conditions- 7 Health Net / IBM Confidential

Final Execution Version

including Supplier’s actual or allocated overhead costs, administrative expenses or other mark-ups.

(x) “Required Consents” means such consents as may be required for (i) the assignment to a Party, or the grant to a Party of rights of access and use, of resources otherwise provided to or licensed by the other Party, and (ii) with respect to any resource (e.g., Software, Equipment, third party services) for which the corresponding contract is to be assigned to Health Net or its designee pursuant to Disengagement Assistance (including any resource existing as of the Effective Date and assigned to Supplier, as well as any resource utilized or introduced after the Effective Date during the Term), the disclosure of the corresponding contract terms to Health Net or its designee, or the assignment of such contract to Health Net or it designee, as part of Disengagement Assistance.

(y) “Service Commencement Date” shall mean one-hundred and eighty (180) days following the Effective Date unless the Parties agree to another date through an amendment to this Agreement.

(z) “Service Tower” has the meaning given in Schedule C (Charges).

(aa) “Software” means program code (in both object code and Source Code forms) and all supporting documentation, media, on-line help facilities and tutorials, including any update, enhancement, modification, releases and Derivative Work of any item comprising Software.

(bb) “Source Code” means the computer code of Software in programming languages, including all comments and procedural code, and all related development documents (e.g., flow charts, schematics, statements of principles of operations, End User manuals, architectural standards, Documentation, and any other specification that are used to create or that comprise the computer code, of the Software concerned.

(cc) “Systems Software” means those programs or programming (including the supporting Documentation, media, on-line help facilities and tutorials) that perform (i) tasks basic to the functioning of Equipment and which are required to operate the Applications Software or a system; or (ii) tasks other than as performed by Applications Software of a system. If programs or programming are not Applications Software, they are deemed to be Systems Software. Systems Software includes mainframe, midrange and desktop operating systems, server operating systems, network operating systems, systems utilities (including measuring and monitoring tools), data security Software and telecommunications monitors.

(dd) “Supplier Personnel” means, collectively, any and all personnel furnished or engaged by Supplier to perform any part of the Services, including: (i) the employees of Supplier; (ii) Subcontractors; and (iii) the employees of such Subcontractors.

(ee) “Supplier Software” means Software owned by Supplier or any Supplier Affiliate. Software owned by Supplier Affiliates shall be treated as Supplier Software rather than third party Software under this Agreement.

General Terms and Conditions- 8 Health Net / IBM Confidential

Final Execution Version

(ff) “Use” means to access, use, copy, maintain, modify, enhance, perform, display, distribute and create derivative works; provided, when used in the context of a Software license, the right to create derivative works shall only apply to Software for which Health Net is expressly granted a right to (i) use or obtain Source Code or (ii) create derivative works.

2.2 Other Terms

Other capitalized terms used in this Agreement but not defined above are defined where they are used and have the meanings there indicated, or such terms appear in the Glossary attached to the Agreement. Those terms, acronyms, and phrases utilized in the information technology or health and wellness industry which are not otherwise defined in this Agreement shall be interpreted in accordance with their generally understood meaning in such industry or business context.

3. SERVICES

3.1 Provision of Services During Transition

(a) Starting on the Effective Date, Supplier shall begin performing Services required to conduct the Transition.

(b) Starting on the Effective Date, Supplier shall (i) assume the Health Net Equipment leases, Third Party Service Contracts and Health Net Licensed Software pursuant to Section 11, and (ii) as Affected Employees are transitioned to IBM, commence assuming responsibility for meeting Service Levels as provided in Schedule B (Service Levels) and its Exhibits thereto.

(c) Starting on October 16, 2008 and continuing until the Service Commencement Date, Supplier shall:

(i) hire certain Transitioned Employees as provided in Schedule E, and assume responsibility for all functions performed by such employees in the ordinary course of their responsibilities prior to the date of transfer to Supplier;

(ii) assume responsibility for managing and performing the Services, with the assistance of Affected Employees retained by Health Net;

(iii) assume responsibility for meeting certain Service Levels as provided in Schedule B; and

(iv) assume responsibility for managing and performing In-Flight Projects.

3.2 Provision of the Steady-State Services

Starting on the Service Commencement Date, Supplier will provide the following services, functions and responsibilities, as they may be supplemented, enhanced, modified or replaced (collectively, the “Services”):

(a) the functions, responsibilities, activities and tasks (collectively, “Functions”) described in Schedule A (Services) or elsewhere in this Agreement;

General Terms and Conditions- 9 Health Net / IBM Confidential

Final Execution Version

(b) any Functions performed during the *** preceding the Effective Date by Health Net’s or its Affiliates’ personnel (including employees and contractors) in the ordinary course of their responsibilities who were transitioned to Supplier or displaced, or whose Functions were displaced, as a result of this Agreement even if the Functions are not specifically described in this Agreement; and

(c) performance, management, and completion of the projects listed or described in Exhibit A-11 (In-Flight Projects), the Transition and Transformation as described in Exhibits A-2, A-3, and A-4, and any projects set forth in this Agreement or any project plans, Work Orders, or other similar document executed by the Parties.

3.3 Implied Services

If any Functions, related to the Services, other than those retained by Health Net under this Agreement, are required for the proper performance and provision of the Services, regardless of whether they are specifically described in the Agreement, they shall be deemed to be implied by and included within the scope of the Services to be provided by Supplier to the same extent and in the same manner as if specifically described in the Agreement. Except as otherwise expressly provided in the Agreement, Supplier shall be responsible for providing the facilities, personnel and other resources as necessary to provide the Services.

3.4 Evolution of the Services

Throughout the Term, Supplier will seek to improve the quality, efficiency and effectiveness of the Services to keep pace with technological advances and support Health Net’s (and its Affiliates’) evolving business needs and efforts to maintain competitiveness in the markets in which it (and they) competes. Without limiting the generality of the foregoing, Supplier will: (i) identify and apply ‘best practice’ techniques and methodologies in performing and delivering the Services, (ii) train Supplier Personnel in new techniques and technologies used generally within Supplier’s organization or the IT services industry and approved by Health Net for use in rendering the Services; and (iii) make investments to maintain the currency of the tools, infrastructure and other resources used by Supplier to render the Services. Changes in the Services pursuant to this Section 3.4 will not be considered New Services.

3.5 Users of the Services

(a) Supplier will provide the Services to Health Net and, as designated by Health Net from time to time, its Affiliates, Former Health Net Affiliates, licensees, customers, providers, contractors and other entities with whom Health Net has a business relationship with Health Net which is broader than the mere resale of Services (each such entity a “Service Recipient”) for the Charges provided in Schedule C. For purposes of this Agreement, Services provided to such entities shall be deemed to be Services provided to Health Net.

(b) With respect to Former Health Net Affiliates, Supplier will continue to provide the Services being provided as of the date of divestiture to such Former Health Net Affiliates under this Agreement as is requested by Health Net for as long as such entity continues to meet the definition of “Former Health Net Affiliate” (or such shorter period of time designated by Health Net). There shall be no additional charge or fee (i.e., in addition to the Charges for the actual Services as

General Terms and Conditions- 10 Health Net / IBM Confidential

Final Execution Version

provided in this Agreement) for the provision of Services to Former Health Net Affiliates; provided if Health Net requires Supplier to make changes to its operations in order to continue providing Services to a Former Health Net Affiliate (e.g., create a separate infrastructure environment), the Parties shall allocate any incremental costs required to implement such changes through the Change Control Process.

3.6 Services Not Exclusive; Variable

(a) This Agreement is non-exclusive. Nothing in this Agreement shall be construed to limit in any way Health Net’s ability to request that other third parties provide, or propose to provide, services that are the same as or similar to the Services. Health Net (and its Affiliates) may contract with other suppliers for any products and services, including products and services that are similar to or competitive with the Services or that formerly were part of the Services. In the case of Health Net’s withdrawal of portions of the Services from Supplier, the Charges shall be reduced in accordance with this Agreement, including the unit rates and charging methodologies provided in Schedule C (Charges), or otherwise in an equitable manner to the extent such unit rates and charging methodologies do not apply to the withdrawn portions of the Services.

(b) The Services are variable in volume. Such variations are provided for in the charging mechanisms set forth in Schedule C (Charges). Supplier shall be responsible for adjusting the resources used to provide the Services to accommodate the changes in volume (regardless of the amount of time remaining in the Term) in such a manner as to comply with all Service Levels. Supplier shall not be entitled to receive an adjustment to the Charges resulting from such variations in volume except as set forth in Schedule C (Charges).

(c) Except as set forth in Section 4.5 of Schedule C (Charges), Health Net (and its Affiliates), make no commitment for any minimum or maximum volume, scope, or value of the Services under this Agreement or to any minimum or maximum payments to be made to Supplier.

3.7 Cooperation and Coordination with Other Parties

(a) If Health Net performs itself, or retains a third party to perform, any services that interface or interact with the Services, or that formerly were part of the Services, Supplier will cooperate and coordinate with Health Net or such third party as reasonably required for Health Net or the third party to perform such services. Supplier’s cooperation and coordination will include, as applicable: (i) providing reasonable access to the facilities being used by Supplier to provide the Services as necessary for Health Net or the third party to perform its work; (ii) providing reasonable access to the Equipment and Software used in providing the Services to the extent permitted under any applicable agreements with third parties; and (iii) providing such information regarding the operating environment, system constraints and other operating parameters as a person with reasonable commercial skills and expertise would find reasonably necessary for Health Net or the third party to perform its work.

(b) Third parties retained by Health Net who utilize Supplier’s resources shall comply with Supplier’s reasonable security and confidentiality requirements and,

General Terms and Conditions- 11 Health Net / IBM Confidential

Final Execution Version

as relevant, with Supplier’s reasonable work standards, methodologies and procedures, if provided in writing by Supplier to Health Net and such third parties. Supplier shall immediately notify Health Net if an act or omission of such a third party may cause a problem or delay in providing the Services and shall work with Health Net to prevent or circumvent such problem or delay.

3.8 New Services

(a) “New Services” means functions, responsibilities, activities, and tasks Health Net requests Supplier to perform under this Agreement:

(i) that are materially different from, and in addition to, the Services, and

(ii) for which there is no existing charging mechanism in this Agreement.

(b) Supplier will not perform any additional functions, responsibilities, activities, or tasks that would constitute New Services prior to informing Health Net what the additional charges would be for performing them, and receiving Health Net’s authorization to proceed. Additionally, if Supplier does perform additional functions, responsibilities, activities, or tasks without Health Net’s prior authorization, they will be deemed to have been performed as part of the Services at no charge.

4. TERM AND REGULATORY APPROVALS

4.1 Initial Term

The term of this Agreement shall commence on the Effective Date and expire on February 14, 2014 unless it is terminated earlier or is extended pursuant to the terms of this Agreement (such period, together with all extensions thereof, the “Term”).

4.2 Renewal Terms

By giving notice to Supplier no less than three months prior to the then-existing expiration date of the Agreement, Health Net may extend the Term for a period designated by Health Net of up to six (6) months on the terms and conditions (including pricing) then in effect. Health Net shall have three (3) such extension options of up to six months each.

4.3 Regulatory Approvals and Federal Business

(a) Health Net’s obligations under this Agreement are conditioned upon Health Net obtaining regulatory consents and approvals from the appropriate governmental or other regulatory body necessary or advisable for Health Net to obtain in order to proceed with the transactions contemplated by this Agreement. In the event that Health Net is not able to obtain such a consent or approval, Health Net shall have the right to remove any impacted services from the scope of this Agreement without charge, and the Parties shall cooperate to make such changes as may be necessary to remove such Services from scope, subject to Section 4.5 and Section 10 in Schedule C.

(b) Supplier shall comply with provisions arising out of Health Net’s contracts for federal business, including restrictions against providing services from offshore and audit requirements.

General Terms and Conditions- 12 Health Net / IBM Confidential

Final Execution Version

5. PERFORMANCE

5.1 Performance, Generally

Supplier is responsible for managing and successfully performing, completing, and delivering the Services, subject to the overall direction of Health Net and with the cooperation and support of Health Net as specified in this Agreement.

5.2 Place of Performance

(a) Supplier will perform the Services primarily at the Health Net Facilities described in Section 2 of Schedule F (Facilities), and the Supplier facilities and Approved Subcontractor facilities described in Sections 3 and 4 of Schedule F (Facilities), respectively, (the “Supplier Facilities”). During the Term, Supplier will not change any location from which it provides Services to Health Net, or materially reallocate the volume or nature of work processed between locations from which it provides Services to Health Net, without Health Net’s prior written approval, which may be granted or withheld in Health Net’s discretion. Supplier will manage any approved relocations in accordance with this Agreement and a migration plan to be prepared by Supplier and approved by Health Net. Prior to seeking Health Net’s approval of any proposed relocation, Supplier will fully examine and evaluate the risks and anticipated effects of the contemplated relocation on the Services and Health Net, including the operational, technical, security, regulatory, and other effects, and will prepare and submit to Health Net an analysis of the effects. Supplier will be responsible for all costs, taxes and other expenses incurred by Supplier, and any new or additional costs, taxes and other expenses incurred by Health Net and reasonably demonstrated to Supplier that are related to any Supplier-initiated relocation of an operational facility from which the Services are provided.

(b) Restrictions on Offshore Services.

(i) Exhibit A-3 (Solution Description) describes certain Services Supplier is permitted to perform from locations outside the United States. Supplier shall not perform any other Services from a location outside the United States without Health Net’s prior written consent, which may be granted or withheld in Health Net’s discretion.

(ii) Schedule F shows the address of the Supplier Facilities outside the United States from which Supplier shall provide Services. Supplier shall not relocate the specific location (i.e., facility) from which Supplier provides such Services without Health Net’s prior written consent.

5.3 Time of Performance

(a) Supplier will (and will provide the resources necessary to) perform and complete the Services diligently and in a timely manner and in accordance with any applicable time schedules set forth in this Agreement.

(b) Supplier will promptly notify Health Net upon becoming aware of any circumstances that may reasonably be expected to jeopardize the timely and successful completion (or delivery) of any Service, project or Deliverable.

General Terms and Conditions- 13 Health Net / IBM Confidential

Final Execution Version

Supplier will use Commercially Reasonable Efforts to avoid or minimize any delays in performance and will inform Health Net of the steps Supplier is taking or will take to do so, and the projected actual completion (or delivery) time.

(c) If Supplier believes a delay in performance by Health Net (or a third party service provider Health Net is responsible for managing) has caused or will cause Supplier to be unable to perform its obligations on time, Supplier will promptly so notify Health Net and use Commercially Reasonable Efforts to perform its obligations on time notwithstanding Health Net’s (or its third party service provider’s) failure to perform. If Supplier’s use of Commercially Reasonable Efforts to perform on time in such a circumstance would cause Supplier to incur significant Out-of-Pocket Expenses, Supplier will so notify Health Net. In that case, Supplier’s obligation to continue its efforts to work around the Health Net-caused delay will be subject to Health Net agreeing to reimburse Supplier for its additional Out-of-Pocket Expenses incurred in the course of such efforts.

5.4 Manner of Performance

Except as this Agreement expressly provides otherwise, Supplier will perform the Services at least at the same level and with at least the same degree of accuracy, quality, timeliness, responsiveness and efficiency as was provided prior to the Effective Date by or for Health Net and other Service Recipients and in compliance with the following:

(a) all applicable Service Levels;

(b) the Procedures Manual;

(c) applicable standards, policies and procedures of Health Net (and its Affiliates) listed in Schedule O (Health Net Policies and Procedures) which the Parties acknowledge have been disclosed to Supplier prior to the Effective Date, and any new or amended Health Net standards, policies and procedures disclosed to Supplier after the Effective Date. If compliance with any new or revised Health Net standards, policies and procedures requires Supplier to incur additional costs, and such compliance is not otherwise required by Supplier under this Agreement, then the following shall apply:

(i) if such compliance requires Supplier to perform additional functions that would be considered New Services or Projects under this Agreement, then the corresponding processes for authorizing and pricing New Services and Projects shall apply; or

(ii) if such compliance requires Supplier to change the manner in which it provides existing Services, then such Changes shall be implemented through the Change Control Process.

(d) Laws for which Supplier is responsible pursuant to Section 27.5; and

(e) In cases where this Agreement does not prescribe or otherwise regulate the manner of Supplier’s performance of the Services, proven best practices followed by the leading providers of similar services as required under Section 19.1.

General Terms and Conditions- 14 Health Net / IBM Confidential

Final Execution Version

5.5 Quality Assurance and Continuous Improvement

In performing the Services, Supplier will follow commercially reasonable quality assurance procedures designed to ensure that the Services are performed with a high degree of professional quality and reliability. Such procedures shall include checkpoint reviews, testing, acceptance, and other procedures for Health Net to confirm the quality of Supplier’s performance. Supplier, as part of its total quality management process, will provide continuous quality assurance and quality improvement through: (i) the identification and application of proven techniques and tools from other installations within its operations; and (ii) the implementation of concrete programs, practices and measures designed to improve performance (including the Service Levels). Supplier will utilize project management tools, including productivity aids and project management systems, as appropriate in performing the Services.

5.6 User Satisfaction

(a) Working in consultation with Health Net, Supplier will conduct a survey annually (or on such other frequency as the Parties may agree) of an agreed percentage of Health Net’s internal user community (i.e., not including Health Net customers). The surveys will be designed to determine the level of satisfaction with the Services and identify areas where satisfaction could be improved. The surveys will include representative samples of each major category of Health Net internal users and an agreed number of in-depth, face-to-face or telephone interviews. Health Net and Supplier will mutually agree on the form and content of the surveys, which will be no less thorough than those used customarily by Supplier. The Parties will jointly review the results of the surveys, and Supplier will develop and carry out a plan to improve satisfaction in areas where Health Net considers it to be lower than it should be.

(b) Health Net’s satisfaction with the Services will be taken into account by Supplier in its performance appraisals of Supplier Personnel.

6. SERVICE LEVELS

6.1 General

Quantitative performance standards for certain of the Services (“Service Levels”) are set forth in Schedule B (Service Levels).

6.2 Failure to Perform

(a) Supplier will place an amount equal to the Amount at Risk (as defined in Schedule B) at risk each month for Service Level Credits. Supplier’s obligation to pay Service Level Credits is further described in Schedule B.

(b) Health Net may allocate two hundred fifty (250) percentage points among Critical Service Levels for the purpose of calculating Service Level Credits, as further described in Schedule B.

(c) The total Service Level Credits payable in any calendar month will not exceed the Amount at Risk for such month.

General Terms and Conditions- 15 Health Net / IBM Confidential

Final Execution Version

(d) Upon notice to Supplier, Health Net may, in its sole discretion, (i) change the designation of any Service Level to a Critical Service Level, or change the designation of any Critical Service Level to a non-Critical Service Level; and (ii) change the Weighting Factors for the existing or newly designated Critical Service Levels; provided that (i) Health Net may provide only one such notice during any calendar quarter (which notice may contain multiple changes) and (ii) the total Weighing Factors may not exceed *** percentage points.

(e) Health Net shall have the right to add new Service Levels and Critical Service Levels pursuant to Schedule B (Service Levels).

7. SUPPLIER PERSONNEL

7.1 Provision of Suitable Personnel

Supplier will assign an adequate number of Supplier Personnel to perform the Services who are properly educated, trained, familiar with and fully qualified for the Services they are assigned to perform, and Supplier shall ensure (to the extent reasonably possible) that any outgoing Supplier Personnel leaving the Health Net account spend a reasonable period of time training the new Supplier Personnel who will be replacing such outgoing personnel. Supplier is responsible for taking action at its own expense such that Supplier Personnel assigned to perform Services have the legal right to work in the countries in which they are assigned to work.

7.2 Screening and Background Checks

(a) Supplier shall, at no additional expense to Health Net, and prior to placing any Supplier Personnel at Health Net or on the Health Net account, complete background checks for all such personnel (“Background Checks”). Background Checks shall include I-9 completion, screening in State, county, federal and other applicable jurisdictions to identify felonies and misdemeanor convictions and verify the social security number of such personnel, if applicable to such personnel, and any other screening required to comply with applicable Law. If requested by Health Net, Supplier shall perform additional background checks of Supplier Personnel at Health Net’s expense.

(b) The personnel will be asked for education and, with respect to United States resident personnel, the last seven (7) years of residences. Subject to applicable Law, Supplier Personnel may be tested for drugs and/or alcohol whenever Supplier or Health Net has reasonable suspicion that the personnel is under the influence of drugs and/or alcohol in the workplace or has violated the substance abuse policy. Such personnel have the right to refuse to submit to drug or alcohol testing, however, personnel who do so will be subject to removal from the Health Net account. Results of Background Checks and drug testing will remain Supplier’s Confidential Information and will not be provided to Health Net, but any negative or questionable Background Check or drug test of a personnel will require Supplier to remove or not assign such personnel. Supplier shall hire all Supplier Personnel and other personnel involved in the Health Net account strictly in accordance with all Laws applicable to the hiring and employment of individuals including, without limitation, the Fair Labor Standards Act, Immigration Reform and Control Act and all equal employment opportunity Laws.

General Terms and Conditions- 16 Health Net / IBM Confidential

Final Execution Version

7.3 Responsibility for Supplier Personnel, Generally

Supplier will manage, supervise and provide direction to Supplier Personnel and cause them to comply with the obligations and restrictions applicable to Supplier under this Agreement. Supplier will make Supplier Personnel aware of, and cause them to comply with, Health Net’s safety and security policies that have been made known to Supplier while they are performing Services at Health Net Facilities or accessing Health Net Data or systems. As between Supplier and Health Net, Supplier is responsible for all wages, salaries and other amounts due Supplier Personnel, and for all tax withholdings, unemployment insurance premiums, pension and social welfare plan contributions, and other employer obligations with respect to Supplier Personnel. Supplier is responsible for the acts and omissions of Supplier Personnel under or relating to this Agreement.

7.4 Key Supplier Positions

(a) “Key Supplier Positions” means those positions designated as Key Supplier Positions in Schedule D (Key Supplier Positions). Supplier’s Project PE will be one of the Key Supplier Positions. Supplier will cause each of the Supplier Personnel filling the Key Supplier Positions (whether as of the Effective Date, or replacement personnel filling such Key Supplier Position during the Term) to devote substantially full time and effort to the provision of the Services. Supplier Personnel approved as of the Effective Date to fill the Key Supplier Positions are listed in Schedule D (Key Supplier Positions).

(b) Before the initial and each subsequent assignment of an individual to a Key Supplier Position, Supplier will notify Health Net of the proposed assignment, introduce the individual to appropriate Health Net representatives and, consistent with Supplier’s personnel practices, provide Health Net a curriculum vitae and other information about the individual reasonably requested by Health Net. Upon request, Supplier will provide Health Net representatives an opportunity to meet with the individual. If Health Net in good faith objects to the proposed assignment, the Parties will attempt to resolve Health Net’s concerns on a mutually agreeable basis. If the Parties have not been able to resolve Health Net’s concerns within five (5) Business Days, Supplier may not assign the individual to that position and must propose the assignment of another suitably qualified individual.

(c) Health Net may from time to time change the positions designated as Key Supplier Positions under this Agreement. However, without Supplier’s consent, the number of Key Supplier Positions may not exceed the number designated in Schedule D (Key Supplier Positions) as of the Effective Date, except as set forth in Footnote 3 of Schedule D.

(d) Supplier will not reassign or replace any person assigned to a Key Supplier Position during the time period described in Footnote 1 to Schedule D. Supplier will give Health Net, where reasonably possible, at least ninety (90) days advance notice of a proposed change in personnel filling a Key Supplier Position, and will discuss with Health Net any objections Health Net may have. Supplier will arrange, at no charge, for the proposed replacement to work side-by-side with the individual being replaced during the notice period to effectuate a seamless transfer of knowledge prior to the incumbent leaving the Key Supplier Position. Individuals filling Key Supplier Positions may not be transferred or re-assigned until a suitable replacement has been approved by Health Net, and no

General Terms and Conditions- 17 Health Net / IBM Confidential

Final Execution Version

such re-assignment or transfer may occur at a time or in a manner that would have an adverse impact on delivery of the Services or Health Net’s operations. Supplier will establish and maintain an up-to-date succession plan for the individuals serving in Key Supplier Positions.

7.5 Removal and Replacement of Supplier Personnel

Health Net may immediately remove any Supplier Personnel from any Health Net Facilities if the person is threatening or abusive, commits a crime, engages in an act of dishonesty while performing Services for Health Net or violates Health Net’s policies and procedures pertaining to safety, security or use of Health Net Facilities. If Health Net determines in good faith that the continued assignment to Health Net’s account of any of the Supplier Personnel is not in the best interests of Health Net, then Health Net may give Supplier written notice to that effect. After receipt of such a notice, Supplier will have a reasonable period of time (not to exceed ten (10) Business Days) in which to investigate the matters stated in the notice, discuss its findings with Health Net and resolve Health Net’s concerns. If, following such process, Health Net requests replacement of the individual, Supplier will replace the individual with another suitably qualified person.

7.6 Controlling Turnover of Supplier Personnel

Health Net and Supplier agree that it is in their mutual best interests to keep the turnover rate of Supplier Personnel to a reasonably low level. Accordingly, if Health Net believes that Supplier’s turnover rate is excessive and so notifies Supplier, Supplier will provide data concerning its turnover rate and meet with Health Net to discuss the reasons for, and impact of, the turnover rate. If appropriate, Supplier will submit to Health Net its proposals for reducing the turnover rate and the Parties will mutually agree on a program to bring the turnover rate down to an acceptable level. In any event, Supplier will use Commercially Reasonable Efforts to keep the turnover rate to a reasonably low level. Notwithstanding any turnover of Supplier Personnel, Supplier remains obligated to perform the Services in compliance with the requirements of this Agreement.

7.7 Subcontracting

“Subcontractor” means a third party engaged by Supplier to provide products and/or services used by Supplier in rendering the Services, as well as any entity to whom a Subcontractor further subcontracts (or otherwise sub-delegates) any of its subcontracted duties or obligations. Supplier may subcontract or delegate the performance of Services only in accordance with the following:

(a) Supplier may subcontract the performance of Services to any of its wholly-owned Affiliates who are qualified to conduct business in the United States.

(b) Except as provided in Section 7.7(a), Supplier shall not subcontract for performance of, or delegate any of its responsibilities under this Agreement without first obtaining the prior written approval of Health Net, provided such approval shall not be required for subcontracts with an annual contract value of less than $500,000. When seeking such approval, Supplier will (i) give Health Net reasonable prior written notice specifying the components of the Services affected, the scope of the proposed subcontract, the identity and qualifications of the proposed Subcontractor and the results of any due diligence carried out with regard to the proposed Subcontractor; and (ii) at Health Net’s request, provide Health Net a description of the scope. Health Net may approve or reject proposed Subcontractors in its discretion. Health Net may require Supplier to

General Terms and Conditions- 18 Health Net / IBM Confidential

Final Execution Version

replace any previously approved Subcontractor found, in the reasonable judgment of Health Net, to be unacceptable. Any such Subcontractors approved by Health Net, in its discretion, shall be an “Approved Subcontractor” hereunder.

(c) IBM shall provide Health Net with a quarterly report identifying (i) each subcontract with an annual spend of greater than $500,000, including subcontracts that began below $500,000 and grew during the term; and (ii) the annual spend of such subcontract (expressed as a percentage of the then-current Annual Services Charge).

(d) Approved Subcontractors as of the Effective Date are listed in Schedule P (Approved Subcontractors).

(e) In any subcontracts entered into by Supplier after the Effective Date for performance of the Services, Supplier will require the Subcontractor to be bound to Supplier by all applicable terms of this Agreement and to assume toward Supplier all of the applicable obligations and responsibilities that Supplier, by this Agreement, has assumed toward Health Net.

(f) Supplier may use Approved Subcontractors to perform the Services to the extent permitted by Health Net’s approval. Supplier is responsible for managing all Subcontractors. Supplier remains responsible for all Functions delegated to Subcontractors to the same extent as if such Functions were to be performed by Supplier acting through its officers, directors, employees, and agents and, for purposes of this Agreement, such Functions will be deemed Functions performed by Supplier. Supplier will be Health Net’s sole point of contact regarding the Services, including with respect to payment.

(g) Supplier may disclose Health Net Confidential Information only to Approved Subcontractors who have agreed in writing to protect the confidentiality of such Confidential Information in a manner substantially equivalent to that required of Supplier under this Agreement and to permit both Supplier and Health Net, or both, to enforce such terms directly against such Subcontractor. As between the Parties, Supplier shall be responsible for all acts and omissions of (i) Supplier’s independent contractors and other Subcontractors as if they were Supplier’s employees (including acts and omissions of such independent contractors and other Subcontractors for purposes of determining Supplier’s liability under this Agreement or responsibility for indemnity claims made under this Agreement) and (ii) any third party to whom Supplier permits access to Health Net Data or Health Net Confidential Information.

7.8 Managed Third Parties

“Managed Third Parties” are third parties under contract to Health Net or its Affiliates who supply products and services used by Supplier in rendering the Services. Examples of Managed Third Parties are the suppliers under the Health Net contracts referenced in Section 11 (Transfer and Use of Resources) that have not been assigned to Supplier. Except where Schedule A (Services) provides otherwise, Supplier is responsible for coordinating with and managing the performance of the Managed Third Parties. Supplier’s responsibilities with respect to Managed Third Parties are set forth in Schedule A.

General Terms and Conditions- 19 Health Net / IBM Confidential

Final Execution Version

8. HEALTH NET RESPONSIBILITIES

8.1 Appointment of Health Net Program Management Office (PMO) Personnel

(a) Health Net will designate an individual to serve as Health Net’s “Program Manager”, who will be Supplier’s principal point of contact for obtaining decisions, information, approvals and acceptances required from Health Net.

(b) Health Net will also designate individuals to serve in the Health Net PMO roles described in the Contract Governance Plan pursuant to Schedule G (Governance).

8.2 Health Net Cooperation Duties

(a) In support of Supplier’s performance of the Services and subject to Section 8.3, Health Net will perform the Functions identified in this Agreement as retained Health Net Functions and provide or make available to Supplier the Equipment, Software, Health Net Facilities and other resources that this Agreement specifies are to be provided by Health Net.

(b) Health Net will cooperate with Supplier, including by making available management decisions, information, approvals and acceptances, as reasonably requested by Supplier so that Supplier may accomplish its obligations and responsibilities under this Agreement.

8.3 Savings Clause

Health Net’s failure to perform its responsibilities set forth in this Agreement (or cause them to be performed) will not constitute grounds for termination by Supplier except as provided in Section 16.3 (Termination by Supplier). Supplier’s nonperformance of its obligations under this Agreement will be excused if and to the extent (a) such Supplier nonperformance results from Health Net’s failure to perform its responsibilities, and (b) Supplier provides Health Net with reasonable notice of such nonperformance and uses Commercially Reasonable Efforts to perform notwithstanding Health Net’s failure to perform. If Supplier’s use of Commercially Reasonable Efforts to perform in such a circumstance would cause Supplier to incur significant Out-of-Pocket Expenses, Supplier may so notify Health Net. If it does, Supplier’s obligation to continue its efforts to work around Health Net’s failure to perform will be subject to Health Net agreeing to reimburse Supplier for its additional Out-of-Pocket Expenses incurred in the course of such efforts. SUPPLIER ACKNOWLEDGES THAT HEALTH NET WOULD NOT BE WILLING TO ENTER INTO THIS AGREEMENT WITHOUT ASSURANCE THAT THIS AGREEMENT MAY NOT BE TERMINATED BY SUPPLIER AND THAT SUPPLIER SHALL NOT HAVE THE RIGHT TO SUSPEND PERFORMANCE OF THE SERVICES EXCEPT, AND ONLY TO THE EXTENT, EXPLICITLY PROVIDED HEREIN.

9. CHARGES

Schedule C (Charges) sets forth all the Charges payable to Supplier for performing the Services and the associated invoicing and payment procedures and terms. Health Net will not be required to pay Supplier any amounts for or in connection with performing the Services and fulfilling Supplier’s obligations under this Agreement other than those amounts payable to Supplier under Schedule C (Charges) and the following Sections: Section 5.3 (Time of Performance);

General Terms and Conditions- 20 Health Net / IBM Confidential

Final Execution Version

Section 8.3 (Savings Clause); Section 11.10 (Terms Applicable to Health Net Facilities, Generally); Section 16.1 (Termination by Health Net); Section 16.4 (Extension of Termination Date); and Section 18.4 (Records Retention).

9.1 Pass-Through Expenses

(a) “Managed As Pass-Through Expenses” means third party charges that are to be both (A) paid by IBM and reimbursed by Health Net on an Out-of-Pocket Expenses basis, and (B) administered by Supplier. All Managed As Pass-Through Expenses are identified in Schedules I, J and N. Additional Managed As Pass-Through Expenses may be added pursuant to Exhibit C-10 to Schedule C or as otherwise mutually agreed by the Parties. Supplier shall arrange for delivery by third parties to Supplier of invoices for Managed As Pass-Through Expenses, and Supplier promptly shall review such invoices and provide Health Net with the original invoice together with a statement identifying which charges are proper and valid and should be paid by Supplier as set forth above. Supplier will pay Managed As Pass-Through Expenses invoices on time and will be responsible for any late fees, interest, or other similar payments incurred, unless late payment is due to the fault of Health Net. Supplier shall track the payment status of Managed As Pass-Through Expenses and provide a consolidated report of such status upon Health Net’s request.

(b) “Pure Pass-Through Expenses” means third party charges for which (i) Health Net shall retain responsibility for all obligations for such contracts, including obligations to review each invoice for accuracy; and (ii) Supplier’s only obligation with regard to such Pure Pass-Through Expenses shall be as a payment agent and as set forth below. All Pure Pass-Through Expenses are identified in Schedules I, J and N. Additional Pure Pass-Through Expenses may be added pursuant to Exhibit C-10 to Schedule C or as otherwise mutually agreed by the Parties. So long as Health Net provides to Supplier the invoice for a Pure Pass-Through Expense and the funds to be used for the payment of such invoice within a period of time prior to the due date of such invoice that is reasonably sufficient to enable Supplier to pay such invoice prior to such due date, Supplier will pay such Pure Pass-Through Expense invoice on time and will be responsible for any late fees, interest, or other similar payments incurred due to Supplier’s failure to pay such invoice on time. Except as set forth above, Supplier shall have no further obligations with regard to such payment (implied or otherwise). Supplier shall track the payment status of Pure Pass-Through Expenses and provide a consolidated report of such status upon Health Net’s request.

(c) Supplier shall use Commercially Reasonable Efforts to minimize the amount of Managed As Pass-Through Expenses. With respect to services or materials paid for on a Managed As Pass-Through Expenses basis, Health Net reserves the right to: (i) obtain such services or materials directly from a third party; (ii) designate the third party source for such services or materials; (iii) designate the particular services or materials (e.g., equipment make and model) Supplier shall obtain; (iv) designate the terms for obtaining such services or materials (e.g., purchase or lease and lump sum payment or payment over time); (v) require Supplier to identify and consider multiple sources for such services or materials or to conduct a competitive procurement; and (vi) review and approve the applicable

General Terms and Conditions- 21 Health Net / IBM Confidential

Final Execution Version

Managed As Pass-Through Expenses before entering into a contract for particular services or materials.

9.2 Incidental Expenses

Supplier acknowledges that, except as may be otherwise provided in this Agreement, expenses that Supplier expects to incur in performing the Services (including travel and lodging, document reproduction and shipping, and long-distance telephone) are included in Supplier’s Charges and rates set forth in this Agreement. Accordingly, such Supplier expenses are not separately reimbursable by Health Net unless, on a case-by-case basis for unusual expenses, Health Net has agreed in advance and in writing to reimburse Supplier for the expense.

9.3 Taxes

The Parties’ respective responsibilities for taxes arising under or in connection with this Agreement shall be as follows:

(a) Each Party shall be responsible for any personal property taxes on property it owns or leases, for franchise and privilege taxes on its business, and for taxes based on its net income or gross receipts.

(b) Supplier shall be responsible for any sales, use, excise, value-added, services, consumption and other taxes and duties payable by Supplier on the goods or services used or consumed by Supplier in providing the Services where the tax is imposed on Supplier’s acquisition or use of such goods or services and the amount of tax is measured by Supplier’s costs in acquiring such goods or services.

(c) Health Net shall be responsible for any sales, use, excise, value-added, services, consumption or other tax existing as of the Effective Date that is assessed on the provision of the Services as a whole, or on any particular Service by any governmental or taxing authority within the United States; provided, however, that (i) Supplier invoices reflect on a current basis (and in any event before any such tax becomes due and payable) the amount of any such tax in each jurisdiction and the taxable Services to which such tax relates, (ii) if Supplier fails to reflect on its invoice any such tax on a current basis, Supplier shall be financially responsible for any penalties and interest assessed by the taxing authority with respect to such tax, and (iii) if Supplier fails to reflect any such tax on a Supplier invoice within *** after such tax should have been invoiced, Supplier shall be financially responsible for the full amount of such tax, including any penalties and interest. Subject to Health Net’s right to terminate the Agreement relating to taxes set forth in Section 16.1(h), Health Net shall bear the responsibility for any sales, use, excise, value-added, services, consumption or other tax becoming applicable during the Term (or that is increased during the Term) that is assessed on the provision of the Services as a whole, or on any particular Service by any governmental or taxing authority within the United States (subject to items (i)-(iii) above).

(d) Supplier shall be responsible for any sales, use, excise, value-added, services, consumption or other tax that is assessed on the provision of the Services as a whole, or on any particular Service by any governmental or taxing authority outside the United States as of the Effective Date or during the Term.

General Terms and Conditions- 22 Health Net / IBM Confidential

Final Execution Version

(e) Supplier shall be responsible for any payments required to compensate Supplier Personnel for compensatory tax treatment resulting from Supplier Personnel traveling to perform services, subject to the remainder of this paragraph. In the event that the assignment (or potential assignment) of particular Supplier Personnel to perform Services for Health Net has reached a point such that the continued assignment of such particular personnel is likely to trigger compensatory tax treatment of the travel related expenses reimbursed to such particular Supplier Personnel, Supplier may inform Health Net in writing that Supplier is close to becoming subject to compensatory tax treatment as a result of such assignment, and shall provide an estimate of the amount of such compensatory tax liability. If Supplier fails to so notify Health Net, Supplier shall remain responsible for any amounts resulting from compensatory tax treatment of such particular Supplier personnel. Following such notice by Supplier, Health Net may then elect by sending written notice to Supplier to be financially responsible for any payments required to compensate Supplier with respect to such particular Supplier Personnel in an amount equal to the compensatory taxes assessed to such particular Supplier Personnel as the result of such assignment to the Health Net account. If Health Net does not so elect, Supplier shall remain responsible for any amounts resulting from compensatory tax treatment of such particular Supplier Personnel, provided, however, Supplier may then relocate such personnel to avoid such taxes, and the Parties shall cooperate to make other arrangements so that the Services will be performed without interruption.

(f) In the event that a sales, use, excise, value added, services, consumption or other tax is assessed on the provision of any of the Services, the Parties shall work together to segregate the payments under this Agreement into three (3) payment streams:

(i) those for taxable Services;

(ii) those for which Supplier functions merely as a payment agent for Health Net in receiving goods, supplies, or services (including leasing and licensing arrangements); and

(iii) those for other nontaxable Services.

(g) The Parties agree to cooperate with each other to enable each to more accurately determine its own tax liability and to minimize such liability to the extent legally permissible. Supplier’s invoices shall separately state the amounts of any taxes Supplier is collecting from Health Net, and Supplier shall remit such taxes to the appropriate authorities. Each Party shall provide and make available to the other any resale certificates, information regarding out-of-state or out-of-country sales or use of equipment, materials or services, and other exemption certificates or information reasonably requested by the other Party.

(h) Supplier shall promptly notify Health Net of, and coordinate with Health Net the response to and settlement of, any claim for taxes asserted by applicable taxing authorities for which Health Net is responsible hereunder, it being understood that with respect to any claim arising out of a form or return signed by a Party to this Agreement, such Party shall have the right to elect to control the response to and settlement of the claim, but the other Party shall have all rights to participate

General Terms and Conditions- 23 Health Net / IBM Confidential

Final Execution Version

in the responses and settlements that are appropriate to its potential responsibilities or liabilities. If Health Net requests Supplier to challenge the imposition of any tax, Supplier shall do so in a timely manner and Health Net shall reimburse Supplier for the reasonable legal fees and expenses it incurs. Health Net shall be entitled to any tax refunds or rebates granted to the extent such refunds or rebates are of taxes that were paid by Health Net.

(i) Supplier is responsible, at its own risk and expense, for determining the extent (if any) to which Supplier will be required to collect and remit national, federal, state or local (or foreign) taxes: (i) on (or in respect of) any products or Services provided by Supplier or any of its Approved Subcontractors under this Agreement in the jurisdictions in (or from) which Supplier chooses to provide the Services, or (ii) on (or in respect of) Supplier’s charges to Health Net under this Agreement.

9.4 Benchmarking

(a) Benchmark Towers: For purposes of this Section 9.4, the “Network Towers” shall mean the Service Towers (as defined in Schedule C) for (1) Voice Network Services and (2) Data Network Services; and the “IT Towers” shall mean all Service Towers other than the Network Towers.

(b) Frequency. Health Net shall have the right at any time during the Term, beginning March 1, 2010, to benchmark the Charges for one or more Service Towers, each benchmark to be of all the Services within such Service Tower in the aggregate, provided that benchmarking of Charges for a particular Service Tower cannot be initiated (i) more than one (1) time in any ***period or (ii) more than *** times during the Term, and further provided that Health Net shall not be permitted to benchmark the Cross Tower Services Tower separately, but Cross Tower Services Charges attributable to a Service Tower being benchmarked shall be factored into the Charges for such benchmarked Service Tower in conducting the benchmarking for such Service Tower. The Parties acknowledge that for purposes of applying the time periods above, a benchmarking shall begin after a contract with a Benchmarker has been executed and the Benchmarker has commenced performance of services under that contract (each a “Benchmarking Commencement Date”). For example, Health Net may initiate the benchmarking process in 2009 provided the Benchmarking Commencement Date does not occur until March 1, 2010.

(c) Engagement of Benchmarker and Cooperation. A benchmarking under this Section shall be conducted by an independent industry-recognized benchmarking service provider designated by Health Net and approved by Supplier (“Benchmarker”), subject to the following:

(i) Subject to Section 9.4(c)(v), the Benchmarker shall not be a Supplier Competitor as set forth in Schedule V (Supplier Competitors).

(ii) The Benchmarker will execute a tripartite agreement with Health Net and Supplier which shall reflect the requirements set forth in this Agreement. Neither Party shall have the right to require terms in such tripartite agreement that either (A) are materially different from the applicable confidentiality provisions set out in this Agreement, or (B) are not set out

General Terms and Conditions- 24 Health Net / IBM Confidential

Final Execution Version

in this Agreement but would cause unreasonable delay in executing such tripartite agreement.

(iii) The Benchmarker shall not be compensated on a contingency fee or incentive basis.

(iv) Prior to conducting the benchmark, the Benchmarker will execute appropriate confidentiality agreements with Health Net and Supplier, which will (A) be consistent with the confidentiality provisions of this Agreement and (B) prohibit the Benchmarker from using data provided by Health Net and Supplier for any purpose other than conducting the benchmark of the Services.

(v) The Parties agree that Gartner, Inc. and Nautilus Advisors, LLC are acceptable Benchmarkers.

(vi) The Parties shall each be responsible for fifty percent (50%) of the charges for the Benchmarker.

(vii) The Parties shall cooperate with the Benchmarker, including, as appropriate, promptly making available knowledgeable personnel and pertinent documents and records.

(d) Benchmark Process. The Benchmarker shall perform the benchmarking in accordance with the following benchmark process (the “Benchmark Process”):

(i) The Benchmarker will conduct the benchmark using a Representative Sample (defined below).

(ii) Prior to performing the benchmark comparison, the Benchmarker will provide and review the Benchmarker’s methodology with Health Net and Supplier, and will explain the normalization approach that will be applied.

(iii) Health Net and Supplier will work with the Benchmarker to appropriately document any changes they mutually agree to make to the Benchmarker’s methodology.

(iv) The Benchmarker shall make adjustments to data relating to each of the Comparators in the Representative Sample to the extent necessary to account for differences between the Services provided to Health Net and the services provided to the respective Comparators that may impede a true “like-for-like” comparison, taking into consideration the following normalization factors:

(A) scope and nature of services;

(B) respective services environments;

(C) the hardware or software used or required to provide the services;

General Terms and Conditions- 25 Health Net / IBM Confidential

Final Execution Version

(D) geographic disparity of services delivery locations (including the percentage of services delivered outside the United States) and recipient locations;

(E) industry differences affecting information technology costs;

(F) volume of services being provided;

(G) duration of the contractual commitment;

(H) service levels;

(I) complexity factors (including operating environment);

(J) degree of standardization;

(K) financial engineering, investments and allocations;

(L) financing provided by Supplier;

(M) any additional or value added services performed by Supplier and not received by the Comparator(s) (or performed for Comparators and not for Health Net) including Health Net’s or the Comparators’ unique requirements, limitations and human resources terms and conditions; and

(N) any other relevant factors.

(v) The Benchmarker will meet with Health Net and Supplier to explain how the normalization was performed on each Comparator in the Representative Sample and will provide Health Net and Supplier the pre-adjustment and post-adjustment Comparator data in a format customarily disclosed by the Benchmarker, to the extent such data can be disclosed while preserving the confidentiality of the Comparators. Each Party shall have the right to raise objections to the normalization performed by the Benchmarker within twenty (20) days after such meeting (the “Normalization Objection Period”), provided however that if Health Net and Supplier in good faith are unable to agree upon a resolution of any such objection within twenty (20) days after the conclusion of such Normalization Objection Period, then the Benchmarker shall proceed as it deems appropriate in its professional judgment and the benchmarking shall continue as described below.

(vi) Neither Health Net nor Supplier will be required to disclose to the Benchmarker actual performance against Service Levels or other actual performance comparison.

(vii) During the thirty (30) day period after the Benchmarker completes the data gathering, but before the Benchmarker has concluded the Benchmark analysis, Health Net and Supplier will have an opportunity to consult with the Benchmarker about how such data gathering activities conformed to the agreed Benchmark process.

General Terms and Conditions- 26 Health Net / IBM Confidential

Final Execution Version

(viii)  Health Net and Supplier agree to participate jointly in all discussions with the Benchmarker and to cooperate reasonably with the Benchmarker in the benchmark activities; provided, however, in no event will Supplier be required to provide the Benchmarker with Supplier data about Supplier’s underlying actual costs and/or cost structure (unless the charges are based on “cost-plus” or are for Managed As Pass-Through or Pure Pass-Through pricing) or data from other Supplier customers.

(ix) Health Net and Supplier agree that all information provided to or obtained from the Benchmarker will be provided to both Health Net and Supplier, unless otherwise agreed.

(x) Health Net and Supplier agree that the benchmark will be conducted in a manner that will not unreasonably disrupt either Party’s operations or performance of the Services.

(e) Representative Sample.

(i) The Benchmarker shall compare the Charges under this Agreement for the Services being benchmarked to the charges being incurred in a representative sample of IT operations (as applicable and in accordance with the Benchmark Process hereunder) by or for other outsourced entities that have outsourced information technology services comparable to the Services to be benchmarked (“Representative Sample”). “Comparator” shall mean an entity within the Representative Sample.

(ii) The Benchmarker shall select the Representative Sample from entities identified by the ***.

(iii) The Representative Sample shall include not less than ***, and may include entities that are outsourcing customers of Supplier.

(iv) The Representative Sample used by the Benchmarker for the Benchmark will be reasonably current (generally based on services provided to Health Net and the Comparators no more than eighteen (18) months prior to the start of the Benchmark).

(f) Performance and Output of Benchmark. The Benchmarker is to conduct a benchmarking as promptly as is prudent in the circumstances. At the conclusion of the benchmarking process the Benchmarker shall issue an initial report of its findings and conclusions to Health Net and Supplier no later than ninety (90) days from the conclusion of the benchmark. Health Net and Supplier will review the initial report and raise any issues with the Benchmarker regarding such report within thirty (30) days following receipt (the “Review Period”). The Benchmarker will review the issues and any materials provided by either Party and will use reasonable efforts to resolve such issues with Health Net and Supplier, provided that if Health Net and Supplier in good faith are unable to agree upon a resolution of any issue within thirty (30) days after the conclusion of the Review Period, then ***. Upon conclusion of the Review Period, and discussion of issues (if any) raised by either Party within the thirty (30) day period described in the prior sentence, the Benchmarker will submit a final benchmark report, including any approved revisions (“Final Benchmarker

General Terms and Conditions- 27 Health Net / IBM Confidential

Final Execution Version

Report”). Absent fraud, the Final Benchmarker Report shall be final and binding on the Parties.

(g) Adjustments Based on Final Benchmarker Report.

(i) The Benchmarker shall determine if Health Net’s Charges fall within the top quartile, as calculated using the MSExcel “QUARTILE” Function as (viewed from the perspective most favorable to Health Net) of charges in the Representative Sample for each benchmarked Service Tower (“Benchmark Level”).

(ii) If in the Final Benchmarker Report, the aggregate Charges to Health Net under this Agreement for the Service Tower that is the subject of the benchmark are higher than the Benchmark Level for such Service Tower, and the difference between the Benchmark Level and the current Contract Year’s aggregate Charges for the benchmarked Service Tower that were in effect as of the Effective Date is equal to, or less than ***

(iii) If in the Final Benchmarker Report, the Charges to Health Net under this Agreement for the Service Tower that is the subject of the benchmark is in the aggregate higher than the Benchmark Level for such Service Tower, and the difference between the Benchmark Level and the aggregate Charges for the benchmarked Service Tower are greater than the *** then Supplier will ***reduce such Charges for such Services Tower for the remainder of the Term to bring the Charges for such benchmarked Service Tower within *** without requiring modifications to any Service Levels or other terms under this Agreement; subject to the following limitations (“Benchmarking Adjustment Caps”), unless otherwise agreed:

(A) Supplier shall not be required to reduce the aggregate Charges for a benchmarked Service Tower that is one of the IT Towers pursuant to this Section 9.4 following any individual benchmark or multiple benchmarks by more *** the Charges that were in effect as of the Effective Date for such Services Tower in a Contract Year; and in no event shall the total of any and all adjustments to the Charges for all benchmarks that are performed on all IT Towers in aggregate exceed *** the total Charges for all IT Towers that were in effect as of the Effective Date for any Contract Year; and

(B) Supplier shall not be required to reduce the aggregate Charges for a benchmarked Service Tower that is one of the Network Towers pursuant to this Section 9.4 following any individual benchmark or multiple benchmarks by more than *** of the Charges that were in effect as of the Effective Date for such Services Tower in a Contract Year.

(C) The IT Towers and Network Towers for purposes of benchmarking are separate and distinct; a benchmark in one pool shall have no effect on the calculation or adjustment limitations on the other.

General Terms and Conditions- 28 Health Net / IBM Confidential

Final Execution Version

(D) The Benchmark Adjustment Caps shall be calculated separately for each Contract Year of the Term. For example, ***.

(E) ***

(iv) In addition, and without limiting Supplier’s obligation under Section 9.4(g)(iii) above, if following each individual benchmark of a Service Tower an adjustment in excess of one (or if applicable, both) Benchmarking Adjustment Caps is required to bring the Charges for such Service Tower within the Benchmark Deadband, and Supplier is unwilling to make such adjustment for the portion in excess of the applicable Benchmarking Adjustment Cap(s), then Health Net may terminate the affected benchmarked Service Tower (including the applicable portion of the Cross Tower Services Tower) by providing Supplier at least ninety (90) days notice and paying the Wind Down Costs and Balance Sheet Items for such Service Tower as set forth in Schedule C (Charges); provided that if a Service Tower to be terminated is a Network Tower, Health Net shall terminate all Service Towers that are Network Towers (rather than terminate one Network Tower but not the other Network Tower).

(v) Any changes made to the Charges pursuant to a Benchmark will take effect on a prospective basis thirty (30) days following the Benchmarker’s delivery of the Final Benchmark Report.

10. INVOICING AND PAYMENT

10.1 Invoicing

(a) Supplier shall invoice Health Net for all amounts due under this Agreement on a monthly basis as follows: Supplier shall submit two (2) invoices to Health Net by the tenth (10^th) day of each month. The first invoice shall include the Annual Services Charge for the current month (“ASC Invoice”); the second invoice shall include ARCs and RRCs, Managed As Pass-Through Expenses, Pure Pass-Through Expenses and any other Charges payable under this Agreement for Services delivered in the prior month (“Variable Charge Invoice”). Each invoice shall, for each charge on the invoice, cite the specific section of the Agreement on which such charge is based. Supplier shall include the calculations utilized to establish the Charges.

(b) To the extent a credit may be due Health Net pursuant to this Agreement, Supplier shall provide Health Net with an appropriate credit against amounts then due and owing. If no further payments are due to Supplier, Supplier shall pay such amounts to Health Net within thirty (30) days.

(c) Supplier shall render a consolidated ASC Invoice and consolidated Variable Charge Invoice for each month’s Charges showing such details as reasonably specified by Health Net, including as necessary to satisfy Health Net’s internal accounting and chargeback requirements (such as allocating charges among Service components, locations and departments). The approved form of invoice as of the Effective Date is attached as Exhibit C-7 to Schedule C (“Form Invoice”). Any changes to such Form Invoice must be approved by Health Net. Supplier agrees that it shall maintain the chargeback capability and processes that

General Terms and Conditions- 29 Health Net / IBM Confidential

Final Execution Version

Health Net has in place as of the Effective Date. Charges for Services relating to Health Net’s Federal Services business shall be separately identifiable on each invoice.

(d) Each month’s invoices shall be complete as to the Charges for such month, except as provided in the remainder of this Section. Supplier may not charge Health Net any additional amounts for a month for which an invoice has been rendered more than *** after such additional amounts should have been invoiced pursuant to Section 10.1(a), except:

(i) With respect to Managed As Pass-Through Expenses, Supplier may include such Managed As Pass-Through Expenses on a later invoice, although in no event shall any such expenses be billed more than *** after such expense was due and payable to the third party vendor; and

(ii) With respect to charges for Services rendered by AT&T to Health Net, Supplier may include such AT&T invoice amounts on a later invoice, although in no event shall these be billed more than *** after such amounts should have been invoiced pursuant to Section 10.1(a).

(iii) With respect to the expenses and charges described in Section 10.1(d)(i) and Section 10.1(d)(ii) above, Supplier shall use Commercially Reasonable Efforts to bill such amounts sooner than the time permitted under such Sections. Supplier shall notify Health Net if Supplier is unable to bill any such expense or charge prior to the due date of such expense or charge, including due to a failure to receive the invoice from the third party vendor. For clarity, (A) this Section 10.1(d)(iii) shall not apply to Pure Pass-Through Expenses, and (ii) if Supplier satisfies the conditions set forth in this Section and is still unable to provide the invoice for any Managed As Pass-Through Expense item prior to the due date for such item, then Supplier shall be relieved from the limitations set forth in Section 10.1(d)(i) above with respect to such Managed As Pass-Through Expense item, but not the limitations set forth in Section 10.1(d)(ii) above with respect to AT&T charges.

(e) All charges shall be invoiced and payable in U.S. currency in accordance with the charges set forth in the applicable pricing schedule. Supplier shall bear any and all currency fluctuation risks inherent in its election to provide elements of the Services from offshore locations.

10.2 Payment Due

Subject to the other provisions of this Section 10, invoices provided for under Section 10.1 and properly submitted to Health Net by the tenth (10^th ) day of the month pursuant to Section 10.1 and other terms of this Agreement shall be due and payable by Health Net twenty (20) days following receipt for the ASC Invoice and thirty (30) days following receipt for the Variable Charge Invoice (each a “Payable Date”). Any amount due under this Agreement for which a time for payment is not otherwise specified shall be due and payable within *** days after receipt of a proper invoice for such amount. If any undisputed payments or portions thereof payable under this Agreement are not received by Supplier within five (5) business days after the Payable Date, (a) Supplier shall promptly notify Health Net of the non-payment; and (b) Health Net shall pay Supplier simple (non-compounded) interest on the unpaid amounts for each day between

General Terms and Conditions- 30 Health Net / IBM Confidential

Final Execution Version

and including the sixth (6^th) day after the Payable Date and the date Supplier receives such unpaid amounts at a rate equal to the lesser of: (i) eighteen percent (18%) per annum; or (ii) the maximum amount permissible by applicable law.

10.3 Accountability

Supplier shall maintain complete and accurate records of and supporting documentation for the amounts billable to and payments made by Health Net hereunder. Supplier agrees to provide Health Net with documentation and other information with respect to each invoice as may be reasonably requested by Health Net to verify accuracy and compliance with the provisions of this Agreement.

10.4 Proration

Except as may be otherwise provided in this Agreement, periodic charges under this Agreement are to be computed on a calendar month basis, and shall be prorated for any partial month.

10.5 Refundable Items

(a) Prepaid Amounts. Where Health Net has prepaid for a service or Function for which Supplier is assuming Financial Responsibility under this Agreement, Supplier shall refund to Health Net, upon either Party identifying the prepayment, that portion of such prepaid expense which is attributable to periods on and after the Effective Date.

(b) Refunds and Credits. If Supplier should receive a refund, credit or other rebate for goods or services previously paid for by Health Net, Supplier shall promptly notify Health Net of such refund, credit or rebate and shall promptly pay the full amount of such refund, credit or rebate, as the case may be, to Health Net.

10.6 Deductions

With respect to any amount to be paid by Health Net hereunder, Health Net may deduct from such amount any amount that Supplier is obligated to pay Health Net hereunder.

10.7 Disputed Charges

(a) Subject to Section 10.6, Health Net shall pay undisputed charges when such payments are due under this Section 10 and Schedule C. Subject to Section 10.7(b), Health Net may withhold and/or set off payment of particular charges that Health Net disputes in good faith (“Disputed Charges”), and may set off amounts due and owing to Health Net as credits against charges payable to Supplier under this Agreement. If any such Disputed Charges have already been paid, Health Net may deduct such Disputed Charges from future amounts owed by Health Net to Supplier. If an invoiced amount is disputed in good faith by Health Net, then Health Net shall provide written notification to Supplier of the dispute and the basis for such dispute, and the Parties shall utilize the procedures in Section 26.1 to resolve the issue. In the event that charges cover both disputed and undisputed items, Health Net shall pay all undisputed items in accordance with this Agreement.

(b) The maximum Disputed Charges Health Net may withhold pursuant to Section 10.7(a) at any time under this Agreement shall not in the aggregate

General Terms and Conditions- 31 Health Net / IBM Confidential

Final Execution Version

exceed an amount equal to Supplier’s charges for the Services (excluding Managed As Pass-Through Expenses and Pure Pass-Through Expenses) under this Agreement for the *** full calendar months immediately preceding such time (the “Disputed Charges Cap”). Health Net shall pay Supplier any Disputed Charge in excess of the Disputed Charges Cap without prejudice to any and all rights to contest Supplier’s entitlement to such Disputed Charge.

11. TRANSFER OR USE OF RESOURCES

(a) This Section 11 sets forth the processes by which certain resources used by Health Net prior to the Effective Date will be transferred or otherwise made available to Supplier for use in providing the Services. RIGHTS OF USE GRANTED BY HEALTH NET TO SUPPLIER UNDER THIS SECTION 11 ARE GRANTED ON AN ‘AS-IS, WHERE-IS’ BASIS, WITHOUT WARRANTIES OF ANY KIND.

(b) Schedule S (Asset Responsibility Matrix) sets forth the Financial Responsibility Model. For each intersection that is designated in Schedule S as Supplier’s Financial Responsibility, the Charges compensate Supplier for providing the applicable function or resource, and Health Net shall not be required to pay Supplier any amounts in addition to the Charges for such function or resource. For each intersection that is designated in Schedule S as Health Net’s Financial Responsibility, Health Net is required to pay for such function or resource in addition to the Charges (i.e., to Supplier for payment to a third party on a Managed As Pass-Through Expense or Pure Pass-Through Expense basis, directly to a third party, or to Supplier in addition to the Charges under this Agreement).

11.2 Transfer of Personnel

Schedule E (Transitioned Employees) provides general terms and conditions governing the recruitment and transition of certain existing Health Net personnel to Supplier.

11.3 Health Net Owned Equipment

(a) “Health Net Owned Equipment” means Equipment owned by Health Net (or a Health Net Affiliate) that is to be either sold to Supplier or made available to Supplier for use in providing the Services. The Health Net Owned Equipment is listed or described in Schedule N (Equipment).

(b) Beginning as of the Effective Date, Health Net shall have the option to sell, and upon the exercise of such option, Supplier shall purchase, the Health Net Owned Equipment so designated in Exhibit N-1 to Schedule N (Equipment) at a purchase price equal to Fair Market Value as of the month immediately preceding the date of sale of the Equipment. The purchase price and the Health Net Owned Equipment to be sold shall be subject to adjustment pursuant to Section 11.1 of Schedule C (Charges). The sale shall occur on the date set forth in Health Net’s notice to Supplier, provided Health Net shall give Supplier not less than thirty (30) days written notice prior to the effective date of such sale. The Parties will execute a Bill of Sale in the form set forth as Schedule T (Bill of Sale) to evidence the conveyance. The aggregate purchase price will be set forth in the Bill of Sale.

General Terms and Conditions- 32 Health Net / IBM Confidential

Final Execution Version

(c) As of the Effective Date, Health Net grants to Supplier, without sale, the right to use the Health Net Owned Equipment listed in Exhibit N-3 to Schedule N (Health Net Equipment) during the Term during its remaining useful life until, for each item of Equipment, the earlier of (i) the date the applicable Equipment is sold to Supplier pursuant to Section 11.3(b) of the General Terms and Conditions; (ii) the date Supplier is required to refresh such Equipment in accordance with the Agreement; (iii) the cessation or termination of the applicable Services; or (iv) the expiration of the Term. After such time that Health Net is obligated to make such Health Net Owned Equipment available to Supplier, then Supplier shall be responsible for replacing such asset in accordance with Section 12.2(a).

(d) When any Health Net Owned Equipment not purchased by Supplier is no longer required for performance of the Services, and in any event upon the earlier of (i) the date the Equipment is sold to Supplier pursuant to Section 11.3(b); (ii) the date Supplier is required to refresh such Equipment; (iii) the cessation or termination of the applicable Services; or (iv) the expiration of the Term, Supplier will return such Equipment to Health Net in substantially the same condition it was when Supplier began use of it. Supplier will be responsible for damage to the Health Net Owned Equipment caused by Supplier Personnel, subject to reasonable wear and tear.

11.4 Health Net Leased Equipment

(a) “Health Net Leased Equipment” means Equipment leased by Health Net (or a Health Net Affiliate) that is to be made available to Supplier for use in providing the Services. The Health Net Leased Equipment is listed or described as such in Schedule N (Equipment).

(b) Subject to Supplier having obtained any Required Consents pursuant to Section 11.11 (Required Consents), as of the Effective Date, Health Net assigns to Supplier, and Supplier accepts assignment of, the leases for the Health Net-leased equipment designated as Assumed in Schedule N-2 (Equipment). Supplier will comply with the duties imposed on Health Net by such leases.

(c) As of the Effective Date, Health Net grants to Supplier, without assignment of the lease and solely for the purpose of providing the Services, the right to use the Health Net Leased Equipment listed or described in Exhibit N-4 to Schedule N (Equipment) during the Term (or the applicable lease term, if shorter) solely to perform the Services. Until the earlier of (A) the date Supplier is required to refresh such Equipment in accordance with Exhibit A-1 to Schedule A of the Agreement, (B) the cessation or termination of the applicable Services, or (C) the end of the applicable lease term, Supplier will comply with the duties imposed on Health Net by the leases for such equipment that have been disclosed to Supplier. After such time that Health Net is obligated to make such Health Net Leased Equipment available to Supplier, then Supplier shall be responsible for replacing such asset in accordance with Section 12.2(a).

(d) When any Health Net Leased Equipment is no longer required for performance of the Services, and in any event until the earlier of (A) the date Supplier is required to refresh such Equipment; (B) the cessation or termination of the applicable Services; or (C) the end of the applicable lease term, Supplier will

General Terms and Conditions- 33 Health Net / IBM Confidential

Final Execution Version

return it to Health Net in substantially the same condition it was in when Supplier began use of it. Supplier will be responsible for damage to the Health Net Leased Equipment caused by Supplier Personnel, subject to reasonable wear and tear.

11.5 Health Net Third Party Service Contracts

(a) “Health Net Third Party Service Contracts” means third party service contracts of Health Net (or a Health Net Affiliate) that are to be assigned or made available to Supplier for use in providing the Services. The Health Net Third Party Service Contracts are listed in Schedule I (Health Net Third Party Service Contracts).

(b) Subject to the Parties having obtained any Required Consents pursuant to Section 11.11 (Required Consents), as of the Effective Date, Health Net assigns to Supplier, and Supplier accepts assignment of, the Health Net Third Party Service Contracts so designated as Assumed in Exhibit I-1 to Schedule I (Health Net Third Party Service Contracts). Supplier will comply with the duties imposed on Health Net by such Health Net Third Party Service Contracts. Health Net intends to assign the Health Net Third Party Service Contracts to the Supplier, to the extent possible. If it is not possible to assign to the Supplier any Health Net Third Party Service Contracts designated as Assumed in Exhibit I-1 to Schedule I as of the Effective Date, then such Third Party Service Contracts shall be treated as Managed in ASC.

(c) Subject to Section 11.5(d), Health Net grants to Supplier, without assignment of such contract, but subject to the Parties obtaining any Required Consents pursuant to Section 11.11, the right to use the services provided to Health Net under the other Health Net Third Party Service Contracts listed or described as Managed in ASC, Managed As Pass-Through and Retained in Exhibits I-2, I-3 and I-4, respectively to Schedule I (Health Net Third Party Service Contracts) during the applicable contract term solely as necessary to perform the Services. Supplier will comply with the duties imposed on Health Net by the Health Net Third Party Contracts that have been disclosed to Supplier.

(d) When Health Net Third Party Service Contracts are no longer required for performance of the Services, and in any event upon the earlier of (i) the time period set forth in Exhibits I-2, I-3, I-4, and I-5 respectively to Schedule I and described in Section 3 of Schedule S relating to the period that Health Net is obligated to make such Third Party Service Contracts available to Supplier to provide the Services, or (ii) the cessation or termination of the applicable Services, or (iii) the end of the applicable contract term, Supplier will cease use of such Health Net Third Party Service Contracts. After such time that Health Net is obligated to make such Health Net Third Party Service Contract available to Supplier, including as may be designated in Schedule I, then Supplier shall be responsible for replacing such asset in accordance with Section 12.3(a) or the asset will be moved into the Managed in ASC category, as set forth in Section 3 of Schedule S.

11.6 Health Net Owned Software

(a) “Health Net Owned Software” means Software owned (i.e., in which the copyright is owned) by Health Net (or a Health Net Affiliate) that is to be made

General Terms and Conditions- 34 Health Net / IBM Confidential

Final Execution Version

available to Supplier for use in providing the Services. The Health Net Owned Software includes the Software listed or described as such in Exhibit J-3 to Schedule J (Software). Supplier acknowledges that Schedule J (Software) contains Health Net’s good faith list of the major items of Health Net Owned Software, but that the Health Net Owned Software may include additional Software that is not listed or described in Schedule J ( Software).

(b) Health Net (and each of its Affiliates) retains all of its right, title and interest in and to the Health Net Owned Software. As of the Effective Date, Health Net grants to Supplier a fully paid-up, nonexclusive license during the Term to Use the Health Net Owned Software solely to perform the Services. The Health Net Owned Software will be made available to Supplier in object code form (and, at Health Net’s election, Source Code form) in an agreed format, together with available documentation and other related materials. Supplier is not permitted to Use Health Net Owned Software for the benefit of any entity other than Health Net (and other Service Recipients under this Agreement) without the prior written consent of Health Net, which may be withheld in Health Net’s discretion.

(c) When Health Net Owned Software is no longer required for performance of the Services, or in any event upon the earlier of (i) the cessation or termination of the applicable Services, or (ii) the expiration of the Term, Supplier will return such Software to Health Net in an agreed format or, at Health Net’s election, destroy it and certify the destruction of all copies in Supplier’s (or any of its Subcontractor’s) possession or control.

11.7 Health Net Licensed Software

(a) “Health Net Licensed Software” means Software owned (i.e., in which the copyright is owned) by a party other than Health Net (or a Health Net Affiliate) that is licensed by Health Net (or a Health Net Affiliate) and is to be assigned or made available by Health Net to Supplier for use in providing the Services. Health Net Licensed Software includes the Software listed or described as such in Schedule J (Software).

(b) Subject to the Parties having obtained any Required Consents pursuant to Section 11.11 (Required Consents), as of the Effective Date, Health Net assigns to Supplier, and Supplier accepts assignment of, the Health Net Licensed Software designated as Assumed in Exhibit J-1-1 to Schedule J, along with any corresponding maintenance agreement. Supplier will comply with the duties imposed on Health Net by such Health Net Licensed Software licenses and maintenance agreements provided that if Health Net is not in compliance with the terms and conditions of a Software license as of the Effective Date (e.g., excess users), Health Net shall be financially responsible for any charges under such license to bring Health Net into legal compliance as of the Effective Date. Supplier acknowledges certain of the Health Net Licensed Software may not be receiving or eligible for maintenance or current in terms of fixes, patches and versions, and notwithstanding such status of such licenses, Supplier shall provide the Services in accordance with this Agreement, including Schedule A and Schedule B, without additional compensation from Health Net.

(c) Subject to the Parties having obtained any Required Consents pursuant to Section 11.11 (Required Consents), as of the Effective Date, Health Net grants to

General Terms and Conditions- 35 Health Net / IBM Confidential

Final Execution Version

Supplier, without assignment of the license, such rights during the Term (or the applicable license term, if shorter) as Health Net has (or later obtains) to Use the Health Net Licensed Software designated as Managed in ASC, Managed As Pass-Through Expense and Retained in Exhibits J-1-2, J-1-3, and J-1-4, respectively to Schedule J, solely to perform the Services. The Health Net Licensed Software will be made available to Supplier in object code form (and, at Health Net’s election, Source Code form) in an agreed format, together with available documentation and other related materials. Supplier will comply with the duties, including use and non-disclosure restrictions, imposed on Health Net (or its Affiliate) by the licenses for the Health Net Licensed Software that have been disclosed to Supplier. Supplier will not seek to modify or otherwise revoke such terms.

(d) When Health Net Licensed Software is no longer required for performance of the Services or in any event upon the earlier of (i) the time period set forth in Exhibits J-1-2, J-1-3, and J-1-4 to Schedule J and described in Section 3 of Schedule S, relating to the period that Health Net is obligated to make such Software available to Supplier to provide the Services, (ii) the cessation or termination of the applicable Services, or (iii) the expiration of the Term, Supplier will return such Software to Health Net in an agreed format or, at Health Net’s election, destroy it and certify the destruction of all copies in Supplier’s (or any of its Subcontractor’s) possession or control. After such time that Health Net is obligated to make such Health Net Licensed Software available to Supplier, then Supplier shall be responsible for replacing such asset in accordance with Section 12.3(a), or the Asset will be moved into the Managed in ASC category as set forth in Section 3 of Schedule S.

(e) In addition, if Health Net assigns its license to any Software to Supplier under this Agreement, then if requested by Health Net upon termination or expiration of this Agreement, Supplier shall assign such Software back to Health Net effective as of the date Supplier ceases to provide Services using such license.

11.8 Intentionally Omitted.

11.9 Health Net Facilities

(a) “Health Net Facilities” means facilities that are owned or leased by Health Net (or a Health Net Affiliate) that are to be made available to Supplier for use in providing the Services. Health Net Facilities are listed in Schedule F (Facilities).

(b) Subject to Health Net have obtained any Required Consents pursuant to Section 11.11, Health Net grants to Supplier the right to access the Health Net Facilities, to the extent permitted by applicable lease agreements, solely to perform the Services until the earlier of (i) the cessation or termination of the corresponding Service or (ii) the expiration of the Term. For Health Net Facilities that are leased, Supplier will comply with the duties imposed on Health Net (or its Affiliate) by each such lease.

11.10 Terms Applicable to Health Net Facilities, Generally

(a) Except as otherwise provided in the Agreement, for Health Net Facilities, Health Net retains responsibility for management and maintenance of the building and property electrical systems, water, sewer, lights, heating, ventilation and air

General Terms and Conditions- 36 Health Net / IBM Confidential

Final Execution Version

conditioning (“HVAC”) systems, physical security services and general custodial/landscape services (including monitoring and maintaining the uninterruptible power supply (“UPS”) system, air handlers and water chillers that are primary support for the raised-floor environment in Health Net Facilities).

(b) Supplier is responsible for providing the other facilities and facilities-related support it needs to provide the Services.

(c) Health Net will inform Supplier of any plans or determination to relocate the Health Net Facilities so that Supplier will have a reasonable amount of time to prepare for and implement such relocation as it affects Supplier. Health Net agrees to reimburse Supplier for Supplier’s Out-of-Pocket expenses incurred in such relocation, subject to notice and prior approval by Health Net.

(d) Supplier may use Health Net Facilities for the sole and exclusive purpose of providing the Services, subject to Section 11.10(e). Any other uses are subject to the prior approval of Health Net in its discretion. The use of Health Net Facilities by Supplier does not constitute a leasehold or other property interest in favor of Supplier.

(e) Schedule F (Facilities) identifies the space at certain Health Net Facilities that Supplier may use without charge to provide the Services. If Supplier requires additional space at Health Net Facilities in order to provide the Services, Health Net may require Supplier to reimburse Health Net for the cost of space required for Supplier Personnel at Health Net Facilities.

(f) Supplier will use the Health Net Facilities in an efficient manner and in a manner that is coordinated and does not interfere with Health Net’s business operations. If Supplier uses Health Net Facilities in a manner that unnecessarily increases facility or other costs incurred by Health Net, Health Net shall inform Supplier and Supplier shall use Commercially Reasonable Efforts to immediately cease such uses. Unless otherwise agreed by the Parties, if Supplier continues to use the Health Net Facilities in a manner that unnecessarily increases facility or other costs incurred by Health Net after notification by Health Net, then Health Net reserves the right to deduct such excess costs from the amounts otherwise due Supplier. Supplier is responsible for any damage to Health Net Facilities resulting from the abuse, misuse, neglect or negligence of Supplier (or its Subcontractors or other guests) or other failure to comply with its obligations under this Agreement respecting the Health Net Facilities.

(g) Supplier will keep the Health Net Facilities in good order, not commit or permit waste or damage to them or use them for any unlawful purpose or act. Supplier will comply with Health Net’s standard policies and procedures and with applicable leases made available to Supplier regarding access to and use of the Health Net Facilities, including procedures for the physical security of the Health Net Facilities.

(h) Supplier will permit Health Net and its agents and representatives to enter any portions of the Health Net Facilities occupied by Supplier Personnel at any time.

(i) Supplier may not make improvements or changes involving structural, mechanical or electrical alterations to the Health Net Facilities without Health

General Terms and Conditions- 37 Health Net / IBM Confidential

Final Execution Version

Net’s prior written approval. Any improvements to the Health Net Facilities will become the property of Health Net.

(j) When Health Net Facilities are no longer required for performance of the Services, or in any event upon expiration or termination of this Agreement (or the applicable lease term, if shorter), Supplier will return them to Health Net in substantially the same condition as when Supplier began use of them, subject to reasonable wear and tear.

11.11  Required Consents

Supplier, with the cooperation of Health Net, is responsible for obtaining Required Consents under any of the leases, contracts or licenses referred to in Schedules I, J, and N. Supplier will pay any fees (such as transfer or upgrade fees) required to obtain a Required Consent. Unless and until any Required Consent has been obtained, Supplier will determine and adopt, subject to Health Net’s prior approval, such alternative approaches as are necessary and sufficient for Supplier to provide the Services without the Required Consent.

11.12  Health Net Resources Provided to Supplier Personnel Working On-site

(a) “On-site Health Net Resources” means the reasonable office space, furniture, fixtures, computers, software, telephones, office supplies, and other resources to be provided or made available by Health Net (or its Affiliates) to Supplier Personnel assigned by mutual agreement of the Parties to work on-site at facilities of Health Net (or its Affiliates).

(b) Except as otherwise provided in this Agreement, Health Net will provide to Supplier Personnel located and authorized to work on-site at Health Net Facilities the reasonable use of On-site Health Net Resources substantially equivalent to those made available by Health Net (or its Affiliate) to its own personnel who perform similar functions; provided, however, that (i) Health Net will not be responsible for providing any mobile or portable computing or communications devices to Supplier Personnel except as otherwise provided in item (ii) of this Section 11.12 or elsewhere in this Agreement; and (ii) Health Net shall allow Transferred Employees who continue to work in Health Net Facilities to continue using desktop and laptop computers that they used prior to the Effective Date for the remainder of the useful life of such computers.

(c) Supplier shall comply and cause Supplier Personnel to comply with Health Net’s policies and procedures regarding access to and use of the On-site Health Net Resources that have been disclosed to Supplier, including procedures for the physical and logical security, and shall submit to periodic Health Net compliance inspections and security audits.

(d) Supplier will use the On-site Health Net Resources in an efficient manner and for the sole purpose of providing the Services. Supplier will be responsible for damage to the On-site Health Net Resources caused by Supplier Personnel. When the On-site Health Net Resources are no longer required for performance of the Services, Supplier will return them to Health Net in substantially the same condition as they were in when Supplier began use of them, subject to reasonable wear and tear.

General Terms and Conditions- 38 Health Net / IBM Confidential

Final Execution Version

12. RESOURCE ACQUISITIONS DURING THE TERM

12.1 General Responsibility and Compatibility

(a) Except for any resources for which Health Net has Financial Responsibility pursuant to this Agreement, Supplier is solely responsible (and has Financial Responsibility) for providing all Equipment, Software, facilities, personnel, third party services and other resources required to perform and render the Services in accordance with this Agreement.

(b) Supplier shall provide the Services using tools and processes that are compatible with those used by Health Net and its other service providers to provide other information technology services within the Health Net environment. This includes implementing and maintaining interfaces with Health Net and other service provider problem management, change control, and configuration management systems to the extent required to maintain such compatibility.

12.2 Equipment

(a) For the Equipment owned or leased by Health Net existing as of the Effective Date, the Parties’ respective responsibilities are set forth in Schedules N and S. Supplier shall have Financial Responsibility and Operational Responsibility for (i) additional Equipment that is needed or introduced by Supplier in order to provide the Services, including modifications, upgrades, enhancements, additions and replacements of Equipment, as necessary or appropriate to render the Services in compliance with this Agreement, and (ii) installation, operation, maintenance and refresh of such Equipment, except in those cases in which this Agreement designates Health Net as having Financial Responsibility for such Equipment (in which case the Parties’ respective responsibilities are set forth in Schedules N and S). Supplier will acquire such Equipment in the name of Supplier unless such Equipment is a modification, upgrade, enhancement or replacement of existing Equipment owned by Health Net or leased in Health Net’s (or its Affiliate’s) name, or it is Equipment for which Health Net has Financial Responsibility under this Agreement, and in such cases the Equipment shall be acquired in accordance with Section 12.1(b). Unless approved otherwise by Health Net, the agreements under which the additional Equipment used primarily to provide the Services is acquired by Supplier will permit Supplier to assign the agreements to Health Net if Supplier ceases to provide to Health Net the Services with respect to which Supplier acquires the additional or replacement Equipment

(b) In the case of any Equipment used in the provision of Services for which Health Net has Financial Responsibility, Health Net may either acquire the Equipment itself or have Supplier acquire the Equipment on Health Net’s behalf, acting as Health Net’s purchasing agent. In the latter case, Supplier will acquire the Equipment in the name of Health Net at the lowest price available to Supplier. When acquiring Equipment for Health Net under this paragraph, Supplier will extend to Health Net the benefit of any volume purchase discounts available to Supplier unless Supplier is precluded from doing so by the terms of its arrangement with the applicable supplier. Any Equipment acquired pursuant to this paragraph will be made available to Supplier in the manner described in Section 11.3 (Health Net Owned Equipment) or Section 11.4 (Health Net Leased

General Terms and Conditions- 39 Health Net / IBM Confidential

Final Execution Version

Equipment), as applicable. Other than Equipment purchased by Health Net as part of the Hardware Services Charge pursuant to Section 6 of Schedule C, the cost of Equipment incurred by Supplier when acting as Health Net’s purchasing agent will be treated on an Out of Pocket Expense basis.

12.3 Third Party Services

(a) Supplier is responsible, at its expense, for acquiring additional third party services as necessary or appropriate to render the Services in compliance with this Agreement, except in those cases in which this Agreement designates Health Net as having Financial Responsibility for services under a particular Third Party Service Contract designated as Managed As Pass-Through or Retained. Supplier will contract for such third party services in its own name unless they will be provided under (i) a modification of an existing third party services contract designated as Managed in ASC; or (ii) a Third Party Service Contract designated as a Managed As Pass-Through Expense or Retained item for which Health Net has Financial Responsibility under this Agreement (and in the case of (ii), the services will be acquired in accordance with Section 12.2(b)).

(b) In the case of any third party services used in the provision of Services under a Third Party Services Contract for which Health Net has Financial Responsibility as a Managed As Pass-Through or Retained contract, Health Net may either contract for the services itself or have Supplier contract for the services on Health Net’s behalf, acting as Health Net’s purchasing agent. In the latter case, Supplier will contract for the services in Health Net’s name at the lowest price available to Supplier. When acquiring third party services for Health Net under this paragraph, Supplier will extend to Health Net the benefit of any volume purchase discounts available to Supplier unless Supplier is precluded from doing so by the terms of its arrangement with the applicable supplier. Any third party services acquired pursuant to this paragraph will be made available to Supplier in the manner described in Section 11.5 (Health Net Third Party Service Contracts). The third party service provider’s charges under any third party service contracts acquired by Supplier when acting as Health Net’s purchasing agent will be treated as an Out of Pocket Expense.

12.4 Software

(a) For the Software products owned or licensed by Health Net existing as of the Effective Date, the Parties’ respective responsibilities are set forth in Schedules J and S. Software products existing as of the Effective Date, but not identified on Schedule J shall be added to Schedule J and the Parties’ respective responsibilities shall be determined in accordance with Exhibit C-10.

(b) For Software products acquired after the Effective Date, Supplier shall have Financial Responsibility for additional Systems Software products that Supplier reasonably deems necessary, or that is introduced by Supplier, in order to provide the Services. Health Net shall have Financial Responsibility for additional database management System Software (e.g., Oracle, SQL, Sybase), middleware, Oracle Software, Software for Desktop Workstations or Laptop Workstations, and Applications Software products requested by Health Net.

General Terms and Conditions- 40 Health Net / IBM Confidential

Final Execution Version

(c) Supplier shall have Operational Responsibility for all Software under this Agreement (other than Software categorized as Pure Pass-Through), including the installation, operation, support, and maintenance of such Software Managed As Pass-Through.

(d) Supplier will acquire such Software described in (a) and (b) above in its own name unless (i) such Software is a modification, upgrade, enhancement, or replacement of Software existing as of the Effective Date which was licensed in Health Net’s (or its Affiliate’s) name, or (ii) it is Software for which Health Net has Financial Responsibility under this Agreement as a Managed As Pass-Through or Retained contract (and in the case of either (i) or (ii), such Software shall be acquired in accordance with Section 12.3(b)). Unless approved otherwise by Health Net, the licenses under which the additional Software is acquired by Supplier will permit Supplier to assign the licenses to Health Net if Supplier ceases to provide to Health Net the Services with respect to which Supplier acquires additional or replacement Software.

(e) In the case of any Software used in the provision of Services for which Health Net has Financial Responsibility as a Managed As Pass-Through or Retained item or described in Section 12.4(d)[(a)(i) or (ii)] above, Health Net may either acquire the Software licenses itself or have Supplier acquire the Software licenses on Health Net’s behalf, acting as Health Net’s purchasing agent. In the latter case, Supplier will acquire the Software in Health Net’s name at the lowest price available to Supplier. When acquiring Software for Health Net under this paragraph, Supplier will extend to Health Net the benefit of any volume purchase discounts available to Supplier unless Supplier is precluded from doing so by the terms of its arrangement with the applicable supplier. Any Software acquired pursuant to this paragraph will be made available to Supplier in the manner described in Section 11.7 (Health Net Licensed Software). The cost of the Software incurred by Supplier when acting as Health Net’s purchasing agent will be treated on an Out of Pocket Expenses basis. Additionally, Supplier shall install, operate and support (and otherwise treat in the same manner as Software existing as of the Effective Date) additional third party Applications Software and Systems Software that Health Net may designate from time to time during the Term.

12.5 Network Connectivity

Supplier shall be Financially Responsible for providing network connectivity between facilities necessary to provide the Services, including connectivity from Health Net Facilities or Health Net’s outsourcing vendor facilities to Supplier’s facilities, onshore and offshore. The Parties shall work together to determine the bandwidth, access, security and other requirements for such network connectivity.

12.6 Health Net Approval of Certain Resource Acquisitions

If Health Net is Financially Responsible for any resource acquired by Supplier under this Agreement, or if any resource is to be acquired by Supplier pursuant to a written contract (e.g., an equipment lease, a services agreement or a software license) in the name of Health Net or its Affiliate, Supplier will obtain Health Net’s prior written approval of the terms on which the resource is acquired, including the terms of any associated contract.

General Terms and Conditions- 41 Health Net / IBM Confidential

Final Execution Version

12.7 Health Net Rights to certain Software upon Termination/Expiration

(a) Software for which Health Net has Financial Responsibility. Upon expiration or termination of this Agreement, or any portion thereof, Health Net shall have license rights to Software which Supplier is obligated to obtain in Health Net’s name under Section 12.4(e).

(b) Supplier-owned Software.

(i) Commercially Available Supplier Software.

(A) With respect to Supplier Software used to provide the Services that is Commercially Available, Supplier (on behalf of itself and those Supplier Affiliates that own any such Software) grants to Health Net for use upon termination or expiration of this Agreement, or termination of the Service(s) for which such Software was used, a license for Health Net, its Affiliates, and its designees (solely to provide services to Health Net, its Affiliates and Service Recipients comparable to the Services), to Use such Software, under the then-current license terms made available by Supplier to its own comparable commercial customers, including any restrictions or prohibitions on access to Source Code for such Software, provided however that (1) if such then-current terms do not grant Health Net rights to Use such Software in the same manner and for the same purposes it was used under this Agreement prior to expiration or termination of this Agreement, then such license shall be deemed to include such additional rights of Use without additional charge; (2) if Health Net and Supplier have an existing license agreement applicable to such Software, the terms of such license agreement shall apply; and (3) the foregoing license grant is subject to payment of periodic license charges for Supplier Software that Supplier generally licenses on a periodic license charge basis (rather than a one-time license fee basis), applicable to the period after the end of the Disengagement Assistance Period. The foregoing license shall be provided at no charge to Health Net, except for ongoing monthly, variable or periodic charges which are ordinarily charges to licensees of such Software, for the period after the Disengagement Assistance Period.

(B) Supplier will offer to provide to Health Net, generally available Upgrades, maintenance, support and other services for such Supplier Software on Supplier’s then-current standard terms and conditions for such services, which include pricing not in excess of that customarily charged to Supplier’s other commercial customers. If Health Net elects to receive such services, (1) Health Net shall only be obligated to pay for such services to the extent applicable to the period after the Disengagement Assistance Period; and (2) the charges for such services will reflect that maintenance and support on such Software is current (i.e., no “catch-up” or similar payments shall be required to be made by Health Net because maintenance and support may have

General Terms and Conditions- 42 Health Net / IBM Confidential

Final Execution Version

lapsed – if maintenance and support has lapsed, IBM shall pay charges necessary to bring maintenance and support current).

(ii) Non-Commercially Available Supplier Software.

(A) Supplier shall not use any Non-Commercially Available Supplier Software to provide the Services, without Health Net’s prior written consent, which consent Health Net may withhold in its discretion.

(B) Supplier (on behalf of itself and those Supplier Affiliates that own any Non-Commercially Available Software described in this paragraph) (i.e. used to provide the Services) grants to Health Net and its Affiliates (and designees thereof for the sole purpose of providing Services to Health Net, its Affiliates and Service Recipients), a perpetual (subject to Section (C) below), worldwide, irrevocable, fully paid-up, non-exclusive license to Use Non-Commercially Available Supplier Software used to provide the Services (including programmer interfaces, available documentation, manuals and other materials necessary for the use thereof) at the expiration or termination of this Agreement, or portion thereof, for no charge to Health Net, provided that the foregoing license as it applies to Supplier Proprietary Delivery Tools shall be subject to the next paragraph. The Parties will mutually agree on applicable terms for Supplier’s maintenance and support of such Software after such termination or expiration of the Agreement; provided that (i) Health Net shall only be obligated to pay for such maintenance and support for the period after the Disengagement Assistance Period; and (ii) if Health Net elects, such Software maintenance and support shall be done on a time and materials basis including using the professional service rates for applicable skill sets set forth in Schedule C; and (iii) if the Parties are not able to agree upon commercially reasonable terms for such maintenance and support, then upon Health Net’s request, IBM shall provide Health Net the Source Code for such Non-Commercially Available Supplier Software and the license above shall be deemed to include the right to Use such Source Code.

(C) If Supplier proposes to use a Supplier Proprietary Delivery Tool to provide the Services and (i) Supplier procures Health Net’s prior written consent to use such Supplier Proprietary Delivery Tool to provide the Services; and (ii) Health Net retains a third party outsourcing provider to provide services comparable to the Services after the termination or expiration of this Agreement and the Disengagement Assistance Period; and (iii) Health Net proposes to permit such third party outsourcing provider to use such Supplier Proprietary Delivery Tool, then the license to the Non-Commercially Available Supplier Software that is a Supplier Proprietary Delivery Tool granted pursuant to paragraph (B) above shall be limited in term to one (1) year after the end of the Disengagement Assistance Period. If Supplier

General Terms and Conditions- 43 Health Net / IBM Confidential

Final Execution Version

fails to obtain Health Net’s written consent prior to using such tool to provide Services, or if Health Net does not propose to make such tool available to any other third party, then the license shall not be subject to the one year limitation in term, but shall be perpetual.

(D) “Supplier Proprietary Delivery Tool” shall mean a tool used by Supplier to deliver the Services more efficiently and which is set forth on Exhibit J-2-3 to Schedule J. If after the Effective Date, Supplier proposes to use an additional Supplier Proprietary Delivery Tool that would be subject to the one year limit on Health Net’s license to such tool as described in Section (C) above, Supplier shall give written notice to Health Net identifying the proposed Supplier Proprietary Delivery Tool, including the purpose of such tool, and information about how such tool will be used to provide the Services. Supplier shall also provide such additional information about such proposed Supplier Proprietary Delivery Tool as Health Net may reasonably request. If Health Net consents to the use of such proposed Supplier Proprietary Delivery Tool to provide the Services, (i) Supplier may use such Supplier Proprietary Delivery Tool to provide the Services; and (ii) the Parties shall update the list of Supplier Proprietary Delivery Tools set forth on Exhibit J-2-3 to Schedule J with any such mutually agreed additional Supplier Proprietary Delivery Tool.

(c) Third Party Software.

(i) Commercially Available Third Party Software.

Supplier shall not utilize Commercially Available third party Software to provide the Services without Health Net’s prior written approval, which approval Health Net may withhold in its discretion. Without limiting Health Net’s rights under this Section: (A) as a condition to granting such consent, Health Net may require Supplier to use Commercially Reasonable Efforts to obtain for Health Net, a perpetual, non-exclusive license for Health Net and its Affiliates (and their respective service providers) to Use such Commercially Available Software at the expiration or termination of this Agreement (under the then-current license terms made available by such third party Software vendor to comparable commercial customers) and at no additional charge to Health Net, and (B) the right for Health Net to obtain from such third party vendor a commercially reasonable maintenance and support agreement for such Software, on terms reflecting that maintenance and support on such Software is current (i.e., no “catch-up” or similar payments shall be required to be made by Health Net because maintenance and support may have lapsed – if maintenance and support has lapsed, IBM shall pay charges necessary to bring maintenance and support current) provided Health Net will be responsible for charges under such maintenance and support agreement only with respect to the period after the Disengagement Assistance Period. If Supplier nonetheless uses such Software without obtaining Health Net’s prior written approval, then Supplier shall be obligated to obtain the license and maintenance

General Terms and Conditions- 44 Health Net / IBM Confidential

Final Execution Version

agreement described in the prior sentence at no additional charge to Health Net.

(ii) Non-Commercially Available Third Party Software

Supplier shall not utilize any third party owned Software to provide the Services that is not Commercially Available, without Health Net’s prior written approval, which approval Health Net may withhold in its discretion. Without limiting Health Net’s rights under this Section: (A) as a condition to granting such consent, Health Net may require Supplier to use Commercially Reasonable Efforts to obtain for Health Net, a perpetual, non-exclusive license for Health Net and its Affiliates (and their respective service providers) to Use such Non-Commercially Available third party Software to provide services similar to the Services to Health Net and the Service Recipients, at no additional charge to Health Net, and a commercially reasonable maintenance and support agreement for such Software (and the charges under such maintenance agreement shall reflect the fact that maintenance and support on such Software is current (i.e., no “catch-up” or similar payments shall be required to be made by Health Net because maintenance and support may have lapsed – if maintenance and support has lapsed, IBM shall pay charges necessary to bring maintenance and support current), and (B) if Supplier nonetheless uses such Software without obtaining Health Net’s prior written approval, then Supplier shall be obligated to obtain the license and maintenance agreement described in the prior sentence at no additional charge to Health Net; provided that if Health Net elects to receive such maintenance and support, Health Net will be responsible for charges under such maintenance and support agreement only with respect to the period after the Disengagement Assistance Period. Such license shall be effective upon the expiration or termination of the Agreement, or portion thereof.

(d) AT&T Proprietary and Licensed Software. Notwithstanding anything to the contrary, any Software that is owned or licensed by AT&T is not, and shall not be deemed, licensed, sublicensed, assigned or transferred under any of the terms of this Agreement, except that this Section 12.7 shall apply to Systems Software that performs tasks basic to the functioning of, and that is embedded in, Equipment that is sold or leased to Health Net. Supplier shall procure for Health Net the licenses and rights set forth in this Section 12.7 with respect to the Software described herein.

(e) Tracking Software used to provide the Services. Attached as Exhibits J-2-1, J-2-2, J-2-4 and J-2-5 to Schedule J are lists of Software that Supplier intends as of the Effective Date to use to provide the Services, which cover (A) Supplier Software that is Commercially Available, (B) Supplier Software that is Non-Commercially Available, (C) third party Software that is Commercially Available, and (D) third party Software that is Non-Commercially Available. Within fifteen (15) days after the end of each calendar quarter, Supplier shall provide to Health Net an updated Exhibit showing any additional Software that Supplier has added to provide the Services during such quarter (which shall be identified as additional Supplier owned or third party owned, Commercially Available or Non-Commercially Available Software and whether such Software has one time or periodic license charges), provided that actual use of any such

General Terms and Conditions- 45 Health Net / IBM Confidential

Final Execution Version

Software is subject to Health Net’s approval rights as set forth in Section 12.7 above. Upon approval by Health Net, such updated Exhibits shall be added to the Agreement.

13. TRANSITION AND TRANSFORMATION

13.1 “Transition” Defined

“Transition” means the process (and associated time period, starting on the Effective Date) of transitioning responsibility for the Services from Health Net to Supplier, transferring Transitioned Employees from Health Net to Supplier or AT&T as required by Schedule E, and causing any required knowledge transfer from Health Net personnel to Supplier Personnel.

“Transformation” means the process of migrating performance of the Services from Health Net’s as-is operating environment to Supplier’s initial target environment and making the initial planned improvements to the infrastructure used to perform and deliver the Services.

13.2 Supplier Solution Description and Transition Plan

(a) As part of the process leading up to execution of this Agreement, Health Net has communicated its near-term business requirements to Supplier. In response, Supplier has proposed a high level ‘solution’ that describes how it will provide the Services and meet Health Net’s business requirements. Health Net expects that Supplier will continue to add detail and refine its solution during contract negotiations. A detailed solution approved by the Parties will be attached to the Agreement in Exhibit A-3 (Solution).

(b) The Transition and Transformation shall be conducted in accordance with written plans (the “Transition Plan” and the “Transformation Plan”) which shall each include: (i) a description of the operations being transitioned and transformed; (ii) a general description of the methods and procedures, personnel and organization Supplier will use to perform the Transition and Transformation; (iii) a schedule of Transition and Transformation activities; (iv) a detailed description of the respective roles and responsibilities of Health Net and Supplier; (v) such other information and planning as are necessary to conduct the Transition and Transformation in accordance with the other terms in this Agreement. Drafts of the Transition Plan as of the Effective Date are attached to this Agreement as Exhibit A-2 and Exhibit A-4-1, and drafts of the Transformation Plan as of the Effective Date are attached to this Agreement as Exhibit A-3 and Exhibit A-4-2. References to the Transition Plan and the Transformation Plan shall include their respective project plans. Supplier shall be responsible for revising and finalizing the Transition Plan and Transformation Plan, provided that: (A) Supplier shall cooperate and work closely with Health Net in finalizing the plans (including incorporating Health Net’s reasonable comments); and (B) all changes to the plans shall be subject to approval by Health Net.

(c) As part of the Transition and Transformation, Supplier will also assume responsibility for completing the projects listed or described in Exhibit A-11 (In-Flight Projects), which are in progress as of the Effective Date and being performed by resources that are being transferred or made available to Supplier under this Agreement (the “In-Flight Projects”).

General Terms and Conditions- 46 Health Net / IBM Confidential

Final Execution Version

13.3 Conduct of the Transition and Transformation

Beginning on the Effective Date, Supplier will carry out and complete (1) the Transition in accordance with the Transition Plan within one hundred eighty (180) days after the Effective Date unless the Parties agree otherwise in writing and (2) the Transformation in accordance with the Transformation Plan, including tits time schedules. Except as otherwise expressly provided in the Transition Plan or Transformation Plan, Supplier’s responsibilities with respect to the Transition and Transformation include:

(a) Performing and managing the Transition, Transformation and In-Flight Projects and activities;

(b) Establishing communications lines and network connections, and providing Equipment, Software, tapes, records and supplies, as made necessary by the Transition and Transformation;

(c) Using Commercially Reasonable Efforts to conduct the Transition and Transformation in a manner that minimizes interruption of Health Net’s business operations;

(d) Paying all costs associated with the Transition and Transformation, including communications circuit costs (both installation/de-installation and ongoing) except as otherwise expressly provided in this Agreement; and

(e) Otherwise performing such migration tasks as are necessary to enable Supplier to complete the Transition and Transformation and provide the Services.

13.4 Health Net Cooperation and Support

Health Net will cooperate with Supplier in the conduct of the Transition and Transformation and provide support as described in the Transition Plan and Transformation Plan.

13.5 Completion of Transition and Transformation

(a) Health Net reserves the right to monitor, test and otherwise observe and participate in the Transition and Transformation. Supplier will notify Health Net without delay if any Health Net monitoring, testing or participation has caused (or Supplier expects it to cause) a problem or delay in the Transition or Transformation and work with Health Net to prevent or circumvent the problem or delay.

(b) No functionality of Health Net’s as-is environment will be disabled until Supplier demonstrates to Health Net’s reasonable satisfaction that the affected processes and operations have been successfully migrated to Supplier’s target environment and are functioning properly in that environment. Health Net may require Supplier to stop proceeding with all or any part of the Transition or Transformation if Health Net determines in good faith that such Transition or Transformation, or any part of such Transition or Transformation, poses a risk or hazard to Health Net’s business interests, provided that if Health Net requires Supplier to stop all or any portion of the Transition or Transformation and such requirement is not based on Supplier’s material failure to perform the Services in accordance with this Agreement (including Services relating to the Transition or

General Terms and Conditions- 47 Health Net / IBM Confidential

Final Execution Version

Transformation), then such requirement shall be subject to the Change Control Process, and further provided that the Parties shall negotiate such change in good faith and in an expeditious manner.

(c) If Supplier fails to either:

(i) cease using the Health Net data center located in Rancho Cordova, California (the “Rancho Data Center”) as a location from which Services are provided (the “Rancho Service Cessation Obligation”), on or before September 30, 2009, or

(ii) completely vacate such Rancho Data Center (the “Rancho Vacate Obligation”), on or before October 31, 2009,

then commencing on October 1, 2009 (if the Rancho Service Cessation Obligation is not satisfied on or before September 30, 2009) or if it is satisfied, then commencing November 1, 2009 (if the Rancho Vacate Obligation is not satisfied on or before October 31, 2009), and continuing for each calendar month or portion of a calendar month thereafter that Supplier has not satisfied either the Rancho Service Cessation Obligation or the Rancho Vacate Obligation, then Supplier shall, subject to Section 8.3, grant Health Net a credit in the amount of ***. If Health Net exercises its right to require Supplier to stop the Transition or Transformation pursuant to Section 13.5(a), then the dates for completing the Rancho Service Cessation Obligation and the Rancho Vacate Obligation set forth in the preceding sentence shall be adjusted pursuant to the Change Control Process, and Supplier’s obligations to pay the credit set forth in the preceding sentence shall be based upon such adjusted dates.

14. DATA SECURITY AND PROTECTION

14.1 “Health Net Data” Defined

“Health Net Data” means all data and information in any form (including data stored on tape), whether or not Confidential Information, entered in Software or Equipment, directly or indirectly, by or on behalf of Health Net or another Service Recipient, including Derivative Works of such data and information produced by or on behalf of Supplier.

14.2 Health Net Data, Generally

As between the Parties, Health Net Data will be and remain the property of Health Net. Supplier may not use Health Net Data for any purpose other than to render the Services. No Health Net Data will be sold, assigned, leased or otherwise disposed of to third parties or commercially exploited by or on behalf of Supplier (or any of its Subcontractors). Neither Supplier nor any of its Subcontractors may possess or assert any lien or other right against or to Health Net Data. Without limiting the generality of the foregoing, Supplier may only use personal identifying information as strictly necessary to render the Services and must restrict access to such information to Supplier Personnel on a strict need-to-know basis.

14.3 Data Security

(a) The Parties’ respective responsibilities for data and systems security are as set forth in this Section 14 and in Schedule A (Services).

General Terms and Conditions- 48 Health Net / IBM Confidential

Final Execution Version

(b) When present at Health Net Facilities or accessing Health Net Data or Health Net systems, Supplier will observe and comply with Health Net’s security procedures that have been communicated to Supplier. Prior to performing Services from the initial service location(s) or any new service location, Supplier shall complete Health Net’s due diligence security questionnaire, which Health Net shall provide upon request.

(c) Supplier will implement and maintain the safeguards specified in Schedule A, and otherwise required by Health Net policies and procedures with which Supplier is required to comply under Section 5.4(c), to protect against the destruction, loss or alteration of Health Net Data in the possession or control of Supplier (or any of its Subcontractors). Health Net may keep backup Health Net Data in its possession if it chooses and establish backup security for Health Net Data. Supplier will document such safeguards in the Procedures Manual.

(d) Without limiting the generality of the foregoing:

(i) Supplier will use Commercially Reasonable Efforts, including through systems security measures, to guard against the unauthorized access, alteration or destruction of Software and Health Net Data. Such measures will include the installation of Software that: (A) requires all users to enter a user identification and password prior to gaining access to the information systems; (B) controls and tracks the addition and deletion of users; (C) controls and tracks user access to areas and features of the information systems, and (D) encrypts Health Net Data and Confidential Information that is stored on or sent from Supplier Personnel personal computers.

(ii) Supplier Personnel will not attempt to access, or allow access to, any Health Net Data that they are not permitted to access under this Agreement. If such access is attained, Supplier will immediately report such incident to Health Net, describing in detail the accessed Health Net Data, and take all necessary measures to stop the access, prevent recurrences, and return to Health Net any copied or removed Health Net Data.

14.4 Compliance with Data Privacy and Data Protection Laws, Regulations and Policies

(a) In carrying out its activities under this Agreement, each Party will observe and comply with applicable data privacy and data protection Laws as required by Section 27.5. In addition, when accessing or handling any Health Net Data that contains personal identifying information, Supplier will comply with Health Net’s policies that have been disclosed to Supplier relating to the use and disclosure of such information as required by Section 5.4(c).

(b) The Parties hereby agree to the terms of the Business Associate Addendum attached hereto as Schedule K (Business Associate Addendum), which is hereby incorporated herein by reference. The Parties agree to comply with the terms of such Business Associate Agreement. In the event of any conflict between the terms of Section 21.2 and the terms and conditions of the Business Associate Agreement, the terms and conditions that are more protective of the individually

General Terms and Conditions- 49 Health Net / IBM Confidential

Final Execution Version

identifiable health information (as such term is defined in HIPAA) shall govern to the extent of that conflict.

14.5 Import/Export Controls

(a) The Parties acknowledge that certain software and technical data exchanged pursuant to this Agreement may be subject to import/export controls under the Laws of the United States and other countries. Neither Party will import, export or re-export any such items, any direct product of those items, or any technical data in violation of applicable import/export control Laws.

(b) Each Party will be responsible for compliance with import/export control Laws with respect to any items it is deemed under such Laws to have imported or exported, including responsibility for preparing and filing all required documentation and obtaining all licenses, permits and authorizations required for compliance. Each Party will cooperate with the other Party in that Party’s efforts to comply with applicable import/export control Laws.

(c) Supplier will include with copies of all Software provided to Supplier by Health Net’s U.S.-based personnel that Supplier will use outside of the United States documentation stating that “These commodities, technology or software were exported from the United States in accordance with Export Administration Regulations. Diversion or re-export contrary to U.S. law is prohibited.”

14.6 Compliance with Gramm-Leach-Bliley (“GLB Act”)

(a) “GLB Act” shall mean the Gramm-Leach-Bliley Act, 15 USC §6801 et. seq., and the implementing regulations and regulatory interpretations thereto, as amended from time to time. Supplier acknowledges that Health Net is subject to Title V of the GLB Act, pursuant to which Health Net is required to obtain certain undertakings from Supplier with regard to the privacy, use and protection of nonpublic personal financial information of Health Net’s customers or prospective customers (“Health Net Non-public Data”). Therefore, notwithstanding anything to the contrary contained in this Agreement and in addition to (and not in substitution for) Supplier’s other obligations hereunder, Supplier agrees that:

(i) it will not disclose or use any Health Net Non-public Data except to the extent necessary to carry out its obligations under this Agreement and for no other purpose;

(ii) it will not disclose Health Net Non-public Data to any third party, including, without limitation, its third party service providers without the prior consent of Health Net and an agreement in writing from the third party to use or disclose such Health Net Non-public Data only to the extent necessary to carry out Supplier obligations under this Agreement and for no other purposes; and

(iii) it will maintain, and will require all third parties approved under Section 14.6(b) to maintain security in a manner that is consistent with the requirements of this Agreement.

General Terms and Conditions- 50 Health Net / IBM Confidential

Final Execution Version

(b) The obligations set forth in this Section 14.6 will survive termination or expiration of this Agreement. For purposes of this Agreement, Health Net Non-public Data includes the nonpublic personal information (as defined in 15 USC §6809(4)) received by Supplier in connection with the performance of its obligations hereunder, including (i) an individual’s name, address, e-mail address, IP address, telephone number and/or social security number; (ii) the fact that an individual has a relationship with Health Net; and (iii) an individual’s account information. For the avoidance of doubt, Health Net Non-public Data does not include (A) information collected from Health Net employees (in their capacity as employees, and not as Health Net’s customers) by Supplier for the purpose of administering and providing the Services, and (B) nonpublic information collected from a source other than Health Net that has been obtained on a non-confidential basis and which is not subject to the GLB Act.

15. INTELLECTUAL PROPERTY RIGHTS

This Section 15 sets forth the Parties’ respective rights in Work Product and other materials provided or created pursuant to this Agreement. As between the Parties, the rights apply as set forth in this Section 15 whether the work in question is performed solely by Supplier Personnel or by Supplier Personnel working jointly with others.

15.1 Defined Terms

(a) “Intellectual Property Rights” means all intellectual and industrial property rights recognized in any jurisdiction, including copyrights, mask work rights, moral rights, trade secrets, patent rights, rights in inventions, trademarks, trade names and service marks (including applications for, and registrations, extensions, renewals, and re-issuances of, the foregoing).

(b) “Independent IP” of a party (including a third party) means any Software, documents, materials, processes and other works of authorship that either (i) were created by or for the party prior to the Effective Date, or (ii) are subsequently created by or for the party outside the scope of and independent from this Agreement.

(c) “Work Product” means any Deliverables, Software, documents, materials, processes, business processes, business models, business rules, methods, reports, documents, templates, studies, strategies, operating models, technical architecture, design ware, Software objects, Software programs and programming, program listings, programming tools, interfaces, source code, object code, specifications, design documents and analyses, abstracts and summaries, software configurations, test plans, scenarios, scripts, work and process flows, test results, inventions, and other items produced by Supplier Personnel, whether developed solely or jointly, in the course of performing the Services. A Work Product is either a “New Work” – i.e., one that is not based upon any preexisting works – or a “Derivative Work” – i.e., one that is based upon one or more preexisting works.

15.2 Independent IP

(a) Except as otherwise expressly provided in this Agreement, including in Section 15.2(b):

General Terms and Conditions- 51 Health Net / IBM Confidential

Final Execution Version

(i) as between the Parties, each Party will have and retain all of its right, title and interest, including Intellectual Property Rights, in and to its Independent IP and will be entitled to seek Intellectual Property Rights protection for its Independent IP as it deems appropriate;

(ii) a Party will not submit patent applications or otherwise seek to file for or obtain Intellectual Property Rights protection with respect to or based upon the other Party’s Independent IP without the other Party’s prior written consent, which may be withheld at the other Party’s sole discretion;

(iii) a Party will not be permitted to use the other Party’s Independent IP; and

(iv) ANY RIGHTS OF USE OF A PARTY’S INDEPENDENT IP GRANTED BY THIS AGREEMENT ARE GRANTED ON AN ‘AS-IS, WHERE-IS’ BASIS WITHOUT EXPRESS OR IMPLIED WARRANTIES OF ANY KIND.

(b) Health Net’s ownership of Developed Material that incorporates any Independent IP of Supplier or a third party shall be subject to Supplier’s or such third party’s ownership of such Independent IP. In the case of Supplier Independent IP incorporated into Developed Material, Supplier hereby grants to Health Net and its Affiliates, and in the case of third party Independent IP incorporated into Developed Material, Supplier shall procure for Health Net and its Affiliates: a perpetual, irrevocable, non-exclusive, worldwide, paid-up right and license to Use such Independent IP as part of the Developed Material, and any Derivative Works of the Developed Material, in their businesses and to authorize others to do the same on their behalf, for no additional charge. Any representations, warranties, and covenants of Supplier, and any rights of Health Net under this Agreement, that are applicable to Developed Material or a Deliverable shall apply equally to any Independent IP of Supplier or a third party incorporated into the Deliverable or Work Product. Supplier shall obtain Health Net’s written approval prior to incorporating any Independent IP of Supplier or a third party into Developed Material.

(c) If Health Net provides any of its Independent IP to Supplier for use in rendering the Services, Health Net grants to Supplier a fully paid-up, nonexclusive license during the Term to Use such Independent IP and any Developed Materials solely as necessary to perform the Services, and to sublicense Approved Subcontractors to do the same on Supplier’s behalf. Supplier may not Use Health Net’s Independent IP or Developed Materials for the benefit of any entities other than Health Net (and its Service Recipients under this Agreement) without the prior written consent of Health Net, which may be withheld at Health Net’s discretion.

15.3 Developed Materials

(a) Subject to Section 15.2(b), Health Net will be the sole and exclusive owner of all Intellectual Property Rights in and to any the following (collectively, “Developed Material”):

(i) all Deliverables; and

General Terms and Conditions- 52 Health Net / IBM Confidential

Final Execution Version

(ii) all Derivative Works of Independent IP owned or licensed by Health Net or its Affiliates.

(b) As between the Parties, Health Net will be the sole and exclusive owner of the copyright in each Developed Material from the moment of its creation. Developed Material will be deemed to be a ‘work made for hire’ under the copyright Laws. Supplier hereby irrevocably conveys and assigns to Health Net, without further consideration, all of Supplier’s right, title, and interest in and to the copyright in Developed Material, whether or not the Developed Material constitutes a ‘work made for hire’ under applicable copyright Laws. Health Net and its assigns will have the right to register and hold in their own name the copyright in and to such Developed Material.

(c) Health Net’s rights to Use Software Work Product that is not deemed to be Developed Materials are provided in Section 12.4, Section 12.7, and Section 16.6]. With respect to all other non-Software Work Product that is not deemed to be Developed Material (i.e., all other non-Software Work Product), Supplier hereby grants to Health Net and its Affiliates a perpetual, worldwide, fully paid up, non-exclusive license to Use such Work Product in their businesses and to authorize others to do the same on their behalf, for no additional charge.

15.4 Intellectual Property Rights Agreements with Supplier Personnel

Supplier is responsible for having in place with all Supplier Personnel (either directly or indirectly through their respective employers) such agreements respecting Intellectual Property Rights as are necessary for Supplier to fulfill its obligations under this Section 15 (Intellectual Property Rights).

15.5 Other Obligations and Rights Regarding Work Product

(a) Following the creation of any Work Product with respect to which any Intellectual Property Rights will be owned by Health Net, Supplier will promptly disclose the Work Product and relevant details in writing to Health Net. In addition, Supplier will follow its standard processes and procedures to assess whether any patentable inventions or processes have been created in the course of performing the Services and provide to Health Net any invention disclosure prepared by Supplier in accordance with its standard processes and procedures.

(b) All licenses and rights of Use granted under or pursuant to this Agreement shall be deemed to be, for the purposes of Section 365(n) of the United States Bankruptcy Code (the “Bankruptcy Code”), licenses to rights in “intellectual property” as defined under the Bankruptcy Code. Accordingly, the licensee of such rights shall retain and may fully exercise all of its rights and elections under the Bankruptcy Code. Upon the commencement of bankruptcy proceedings by or against either Party under the Bankruptcy Code, the other Party shall be entitled to retain all of its license rights and Use rights granted under this Agreement.

15.6 Mental Impressions

(a) “Mental Impressions” means ideas, concepts, know-how and techniques relating to data processing and computer programming that are learned and retained in the unaided memory of a Party’s and or any of its Affiliates’ personnel involved in

General Terms and Conditions- 53 Health Net / IBM Confidential

Final Execution Version

performance of this Agreement who have had access to Confidential Information or materials of the other Party and its Affiliates without deliberately memorizing them for purposes of reuse.

(b) Each Party and its Affiliates may use the Mental Impressions of their personnel in their business activities.

16. TERMINATION

16.1 Termination By Health Net

(a) Termination for Cause. If Supplier commits (i) a material breach of this Agreement and fails to cure such breach within thirty (30) days after receiving notice of the breach from Health Net; or (ii) multiple breaches of this Agreement, whether material or non-material, that collectively constitute a material breach of this Agreement, then Health Net may, by giving notice to Supplier, terminate the Agreement, in whole or by Service Tower, without charge, as of a date specified in the notice of termination. Any termination by Health Net shall not constitute an election of remedies and shall be without prejudice as to Health Net’s other rights and remedies.

(b) Termination for Convenience. Anytime after the first (1^st ) anniversary of the Effective Date, Health Net may terminate this Agreement, in whole or by Service Tower, at any time for convenience (i.e., for any reason or no reason) by giving Supplier at least three (3) months prior written notice specifying the terminated Services and designating the termination date and paying to Supplier on the effective date of termination any applicable termination charges set forth in Exhibit C-8 (Termination Charges). If a purported termination for cause by Health Net under Section 16.1(a) is found by a competent authority not to be a proper termination for cause, then such termination will be deemed to be a termination for convenience by Health Net under this paragraph. Health Net may elect to discontinue the performance of the Services, in whole or in part, at a particular Health Net Facility and such discontinuation will not constitute a termination for convenience, provided that Health Net continues to receive the Services at other Health Net Facilities, unless such discontinuation has the effect of discontinuing the Supplier’s performance of the Services as a whole or of a Service Tower, subject to Sections 4.2 and 4.5 of Schedule C.

(c) Termination for Certain Service Level Failures. If Supplier fails to meet the *** Critical Service Level *** Health Net may, by giving notice to Supplier, terminate the Agreement, in whole or in part, without charge, as of a date specified in the notice of termination. The Parties agree that the failures referred to in the preceding sentence must occur while such Service Level is designated as a Critical Service Level (i.e. , has a Weighting Factor assigned to it). The foregoing right to terminate shall not be construed as precluding Health Net from claiming that some other combination of failures to meet Service Levels or Critical Service Levels is a material breach of this Agreement and to exercise any available remedies in connection with such material breach. “Top *** Critical Service Levels” shall mean the *** Critical Service Levels to which Health Net allocates the highest number of percentage points of the Pool Percentage Available for Allocation. ***.

General Terms and Conditions- 54 Health Net / IBM Confidential

Final Execution Version

(d) Termination Following a Change of Control of Health Net. “Change of Control of Health Net” means an announcement by Health Net (i) that any other entity, person or “group” (as such term is used in Section 13(d) of the Securities Exchange Act of 1934, as amended) will acquire (and eventually does acquire) Control, or all or substantially all of the assets, of Health Net (or any parent company of Health Net), whether directly or indirectly, in a single transaction or series of related transactions, or (ii) that Health Net (or any parent company of Health Net) will give up Control (and eventually does give up Control) of Health Net through an act to consolidate with, or be merged with or into, another entity, or will sell, assign, convey, transfer, lease or otherwise dispose of all or substantially all of its assets to another person(s) or entity(ies). In the event of a change of Control event described in (i) or (ii) above, Health Net shall have the right to terminate this Agreement, in whole or by Service Tower, by giving Supplier prior written notice specifying the terminated Services and designating the termination date, provided that such notice shall be given not more than one hundred eighty (180) days after the change of Control event described in (i) or (ii) above, and the applicable termination date shall not be less than ninety (90) days after the date of the notice. Such termination shall be without charge, except that Health Net shall pay (A) any outstanding charges for Services actually completed in accordance with the terms of this Agreement prior to the effective date of termination; (B) any charges payable under this Agreement for Disengagement Assistance requested by Health Net; and (C) any applicable termination charges set forth in Exhibit C-8 (Termination Charges).

(e) Termination Following a Change of Control of Supplier. “Change of Control of Supplier” means an announcement by Supplier (i) that any other entity, person or “group” (as such term is used in Section 13(d) of the Securities Exchange Act of 1934, as amended) will acquire (and eventually does acquire) Control, of all or substantially all of the assets, of Supplier (or any parent company of Supplier), whether directly or indirectly, in a single transaction or series of related transactions, or (ii) that Supplier (or any parent company of Supplier) will give up Control (and eventually does give up Control) of Supplier through an act to consolidate with, or be merged with or into, another entity, or will sell, assign, convey, transfer, lease or otherwise dispose of all or substantially all of its assets to another person(s) or entity(ies). In the event of a change of Control event described in (i) or (ii) above, Health Net shall have the right to terminate this Agreement in whole by giving Supplier prior written notice specifying the terminated Services and designating the termination date, provided that such notice shall be given not more than one hundred eighty (180) days after the change of Control event described in (i) or (ii) above, and the applicable termination date shall not be less than ninety (90) days after the date of the notice. Such termination shall be without charge, except that Health Net shall pay (A) any outstanding charges for Services actually completed in accordance with the terms of this Agreement prior to the effective date of termination; (B) any charges payable under this Agreement for Disengagement Assistance requested by Health Net; and (C) any applicable termination charges set forth in Exhibit C-8 (Termination Charges).

(f) Termination in the Event of a Force Majeure. Health Net’s termination rights for a Force Majeure Event are provided in Section 24.3 (Force Majeure).

General Terms and Conditions- 55 Health Net / IBM Confidential

Final Execution Version

(g) Termination Due to Regulatory Change. Health Net may terminate this Agreement, in whole or in part, by giving Supplier at least ninety (90) days prior written notice specifying the terminated Services and designating the termination date if a Law enacted after the Effective Date (i) precludes or substantially restricts Health Net from using or receiving Services or (ii) substantially increases Health Net’s cost of using or receiving Services which costs would have been avoided if not for this Agreement. Such termination shall be without charge, except that Health Net shall pay: (A) any outstanding charges for Services actually completed in accordance with the terms of this Agreement prior to the effective date of termination; (B) any charges payable under this Agreement for Disengagement Assistance requested by Health Net; and (C) any applicable termination charges set forth in Exhibit C-8 (Termination Charges).

(h) Termination Due to Increase in Taxes. Health Net may terminate this Agreement, in whole or by Service Tower, by giving Supplier at least ninety (90) days prior written notice designating the termination date if (i) the taxes for which Health Net is responsible pursuant to Section 9.3(c) of this Agreement as of the Effective Date for all of the Services increase by more than *** of the Annual Service Charge during the Term (in order to terminate the entire Agreement) or (ii) such taxes relating to any Service Tower increase by more than *** of the Annual Service Charge for such Service Tower (in order to terminate such Service Tower). Such termination shall be without charge, except that Health Net shall pay: (A) any outstanding charges for Services actually completed in accordance with the terms of this Agreement prior to the effective date of termination; (B) any charges payable under this Agreement for Disengagement Assistance requested by Health Net; and (C) any applicable termination charges set forth in Exhibit C-8 (Termination Charges).

16.2 Termination Due To Adverse Changes in Supplier’s Financial Circumstances

If Supplier (a) files a petition in bankruptcy; (b) has an involuntary petition in bankruptcy filed against it which is not challenged within twenty (20) days and dismissed within sixty (60) days; (c) becomes insolvent, (d) makes a general assignment for the benefit of creditors; (e) admits in writing its inability to pay its debts as they mature; or (f) has a receiver appointed for its assets then Health Net may by giving written notice to Supplier, terminate this Agreement without charge as of the date specified in such notice of termination. Supplier shall notify Health Net as soon as possible if one of the circumstances in Section 16.1(a) above occurs or is likely to occur.

16.3 Termination By Supplier

If, but only if, Health Net unintentionally fails to pay Supplier when due (a) undisputed charges totaling at least $100,000 under this Agreement or (b) any disputed charges in excess of the Disputed Charges Cap, and fails to make such payment within thirty (30)days after the date Health Net receives notice of non-payment from Supplier as set forth in (ii) below, Supplier may terminate this Agreement as of a date specified in the written notice of termination; provided IBM provides Health Net with: (i) written notice of such unpaid amounts at least fifteen (15) days prior to issuing such notice of termination; and (ii) a second written notice of such unpaid amounts at least fifteen (15) days prior to issuing such notice of termination, in each case to the Health Net Program Manager, Chief Information Officer, General Counsel, Chief Procurement Officer, and VP of Information Technology. Such second notice must indicate that Supplier may

General Terms and Conditions- 56 Health Net / IBM Confidential

Final Execution Version

exercise its right to terminate this Agreement if such unpaid amounts are not paid within the time period required above.

16.4 Extension of Termination/Expiration Date

Health Net may extend the effective date of termination/expiration one or more times as it elects in its discretion. However, the total of all such extensions may not exceed one hundred eighty (180) days following the effective date of termination/expiration in place immediately prior to the initial extension under this Section 16.4. If any extension notice provided to Supplier within sixty (60) days of the then-scheduled date of termination/expiration would or would likely to cause Supplier to incur significant Out-of-Pocket Expenses, Supplier may so notify Health Net. In that case, the extension of this Agreement’s Term pursuant to the notice will be subject to Health Net agreeing to reimburse Supplier for its additional significant Out-of-Pocket Expenses incurred as a result of the extension notice being provided within sixty (60) days of the then-scheduled date of termination/expiration.

16.5 Partial Termination

If this Agreement is terminated in part pursuant to this Agreement, the portions of this Agreement not terminated will continue in force according to the terms of this Agreement. If this Agreement does not otherwise specify the basis for determining Supplier’s charges for the continuing Services that are not terminated, the charges payable under this Agreement will be equitably adjusted to reflect the Services that have been terminated.

16.6 Disengagement Assistance

(a) Commencing twelve (12) months prior to expiration of this Agreement or on such earlier date as Health Net may request, or commencing upon a notice of termination (including notice based upon default by Health Net) or of non-renewal of this Agreement, and continuing (as requested by Health Net) for up to twelve (12) months following the effective date of expiration or, if applicable, of termination of this Agreement (as such effective date may be extended pursuant to Section 16.4), or a portion thereof, Supplier shall provide Disengagement Assistance to Health Net, or at Health Net’s request to Health Net’s designee. Health Net’s request may be in the context of its reduction or removal of a portion of the Services in accordance this Agreement, although this Agreement is not itself being terminated. Supplier shall also provide Disengagement Assistance in the event of any partial termination of this Agreement, such assistance to commence upon notice of termination. Disengagement Assistance shall include the assistance described in Schedule L and the following:

(i) Health Net or Health Net’s designee shall be permitted to undertake, without interference from Supplier, to hire any Supplier Personnel primarily performing the Services as of the date of notice of termination, or, in the case of expiration, within the six (6) month period prior to expiration. Supplier shall waive, and shall cause its Subcontractors to waive, their rights, if any, under contracts with such personnel restricting the ability of such personnel to be recruited or hired by Health Net or Health Net’s designee, provided if Health Net’s designee is a Supplier Competitor then Health Net will enter into an

General Terms and Conditions- 57 Health Net / IBM Confidential

Final Execution Version

agreement with such designee with non-disclosure obligations substantially similar to those in this Agreement prior to authorizing such recruitment activities. Health Net or its designee shall have reasonable access to such personnel for interviews and recruitment. If Health Net or a Health Net designee makes an offer to hire Supplier Personnel that are required to perform Services during the Term and Supplier believes the loss of such Supplier Personnel will materially impact its ability to meet Service Levels during the Term, then Supplier shall so notify Health Net. If Health Net or Health Net’s designee elects to hire such Supplier Personnel after receiving such notice, then Supplier shall be relieved from paying Service Level Credits for failure to meet the Service Levels referenced in its notice to Health Net to the extent such failure results from loss of such Supplier Personnel.

(ii) If Health Net is entitled pursuant to this Agreement to a sublicense or other right to any Software owned or licensed by Supplier which has not already been granted pursuant to the terms of this Agreement, Supplier shall provide such sublicense or other right.

(iii) Supplier shall (A) with respect to End Of Term Stranded HSC Costs Equipment, sell such Equipment pursuant to Section 10 of Schedule C, (B) (i) obtain any Required Consents from third parties and thereafter assign to Health Net or its designee leases for some or all of the Equipment (as designated by Health Net) that was used as of the date of termination or expiration of this Agreement or portion thereof primarily for providing the Services, and Health Net shall assume the obligations under such leases that relate to periods after such date, and (ii) if Health Net elects, Supplier shall exercise the buy-out clause in the applicable lease for some or all of such leased Equipment (as designated by Health Net) and then sell such Equipment to Health Net or its designee, at such buy-out price; and (C) sell to Health Net or its designee, at Supplier’s then current book value, some or all of the Equipment (as designated by Health Net) owned by Supplier that was used as of the date of termination or expiration of this Agreement or portion thereof primarily for providing the Services. Supplier shall also provide all user and other documentation relevant to such Equipment which is in Supplier’s possession. Health Net will assume responsibility under any maintenance agreements for such Equipment to the extent such responsibilities relate to periods after the date of termination or expiration of this Agreement and any Disengagement Assistance Period or portion thereof, provided that if Supplier has permitted maintenance and support on such Equipment to lapse, Supplier shall be financially responsible for any charges under such agreements to bring maintenance and support current, provided further that the foregoing proviso shall be inapplicable with respect to Equipment that was purchased by Supplier from Health Net pursuant to Section 11.3(b) of this Agreement and at the time of purchase was not current on maintenance and support.

(iv) Supplier shall use Commercially Reasonable Efforts to obtain any necessary Required Consents and thereafter make available to Health Net or its designee, pursuant to reasonable terms and conditions, any

General Terms and Conditions- 58 Health Net / IBM Confidential

Final Execution Version

dedicated third party services then being utilized by Supplier in the performance of the Services. Supplier will be entitled to retain the right to utilize any such third party services in connection with the performance of services for any other Supplier customer. For clarification, nothing set forth in this Section shall relieve Supplier of its obligation to procure maintenance contracts for Software and Equipment as set forth in Section 12.7 and Section 16.6(a)(iii).

(b) Disengagement Assistance shall include (as requested by Health Net) any or all of the Services provided by Supplier prior to the effective date of termination/expiration. Actions by Supplier under this Section 16.6(b) shall be subject to the other provisions of this Agreement.

(c) Charges for Disengagement Assistance shall be as follows:

(i) For Disengagement Assistance for which there is a predetermined charge in Schedule C (e.g., for continuation of the business processing Services after the expiration or termination of this Agreement), such pre-determined charge in Schedule C shall apply. Supplier shall use Commercially Reasonable Efforts to provide Disengagement Assistance utilizing Supplier Personnel then being regularly utilized in performing the Services.

(ii) For Disengagement Assistance for which there is no predetermined charges in Schedule C (i.e., for assistance that is not part of the routine Services), such assistance will be chargeable at the time and material rates set forth in Exhibit C-5 to Schedule C to the extent performed by Supplier Personnel not otherwise performing Services for Health Net prior to the effective date of termination or expiration of this Agreement.

16.7 Survival

Any provision of this Agreement that contemplates or governs performance or observance subsequent to termination or expiration of this Agreement and the Disengagement Assistance Period will survive the expiration or termination of this Agreement for any reason, including the following Sections:

(a) Section 2.1 (Definitions);

(b) Section 12.7 (Health Net Rights to Certain Software Upon Termination/ Expiration);

(c) Section 15 (Intellectual Property Rights);

(d) Section 19.5 (Deliverables);

(e) Section 19.8 (Non-Infringement);

(f) Section 19.10 (Disabling Code);

(g) Section 21 (Confidentiality);

General Terms and Conditions- 59 Health Net / IBM Confidential

Final Execution Version

(h) Section 23 (Indemnification);

(i) Section 24 (Liability); and

(j) Section 25 (Rules of Construction).

16.8 Bid Assistance

(a) In the process of deciding whether to undertake or allow any cessation of Services, or any termination, expiration or renewal of this Agreement, in whole or in part, Health Net may consider or seek offers for performance of services similar to the Services. As and when reasonably requested by Health Net for use in any such process, Supplier will provide to Health Net such information and other cooperation regarding performance of the Services as would be reasonably necessary to enable Health Net to prepare a request for proposal relating to some or all of such services, and for a third party to conduct due diligence and prepare an informed, non-qualified offer for such services.

(b) Without limiting the generality of Section 16.8(a), the types of information and level of cooperation to be provided by Supplier pursuant to this Section 16.8 will be no less than those initially provided by Health Net to Supplier prior to the Effective Date, and shall include the following information which Health Net may distribute to third-party bidders in a request for proposal(s), request for information, specification, or any other solicitation relating to the Services and as necessary to support any related due diligence activities:

(i) The number of *** by Service Tower;

(ii) First-order descriptions of Health Net’s IT environment, including a listing of major infrastructure components and locations;

(iii) Up-to-date Service Level performance histories, asset inventories (including Equipment and Software), estimated amounts payable by Health Net to exercise or fulfill asset buy-out or lease assumption rights or obligations, third-party contract lists, then-current work volumes and information relating to projects underway; and

(iv) Detailed network topographies.

16.9 Termination of the Cross Tower Services or the Network Services Towers

(a) Health Net shall not have the right to terminate the entire Cross Tower Services Tower without terminating the entire Agreement. This Section 16.9 is not intended, however, to limit any other rights Health Net has under this Agreement to withdraw or terminate portions of the Cross Tower Services Tower (e.g., DR, security, asset management). If Health Net withdraws a portion of the Cross Tower Services Tower, or terminates a different Service Tower in accordance with the terms of this Agreement which has the effect of reducing the Services necessary to be provided under the Cross Tower Services Tower, then the Annual Services Charge for the Cross Tower Service Tower shall be subject to Section 3.6(a).

General Terms and Conditions- 60 Health Net / IBM Confidential

Final Execution Version

(b) Health Net shall not have the right to terminate one of the Network Towers (i.e., the Voice Network Services Service Tower or Data Network Services Service Tower) individually under Section 16.1(b), 16.1(d),16.1(g), 16.1(h), or 24.3(c) without terminating the other Network Services Tower.

17. GOVERNANCE AND MANAGEMENT

17.1 Governance Structure and Processes

Supplier acknowledges that it is a key business requirement of Health Net that Supplier provide the Services in a consistent, integrated manner. To meet that requirement, Supplier has organized its Health Net relationship and service delivery team as described below and in Schedule G (Governance).

(a) The Supplier organization responsible for Supplier’s relationship with Health Net and delivery of the Services will be led by a project executive (the “Supplier PE”), whose counterpart will be Health Net’s Program Manager. The Supplier PE will serve as the single point of accountability for Supplier for the Services and have day-to-day authority for undertaking to ensure Health Net satisfaction. The Supplier PE will be located during the Term at Health Net’s Woodland Hills, California headquarters or such other locations as Health Net may designate.

(b) Health Net will provide annual performance appraisals for the Supplier PE. Health Net’s appraisals will be used by Supplier as a significant component of the overall performance appraisals for such individual and as a factor in determining their compensation.

(c) For each major project undertaken under this Agreement, Supplier will also designate a project manager who will be assigned full-time or part-time and who will have responsibility, working under the direction of the Supplier PE, for the successful completion and delivery of the project.

(d) Schedule G (Governance) also contains a description of the committees and governance processes the Parties have formed and will use to govern their relationship and activities under this Agreement.

17.2 Meetings

Within sixty (60) days after the Effective Date, the Parties will determine an appropriate set of meetings to be held between their representatives, which will include at least a quarterly meeting of the Supplier PE with Health Net’s Program Manager. Supplier will prepare and circulate an agenda sufficiently in advance of each meeting to give the participants an opportunity to prepare for the meeting. Supplier will make such changes to the agenda as Health Net may request. Health Net will chair all such meetings. At Health Net’s request, Supplier will prepare and circulate minutes promptly after each meeting. Minutes of the meetings will not be binding on either Party if they are in any way inconsistent with this Agreement. At any time during the Term, Health Net may reasonably request that the type, frequency, purpose or attendance at such designated meetings to be modified, and if it does, Supplier shall reasonably consent to such modifications.

General Terms and Conditions- 61 Health Net / IBM Confidential

Final Execution Version

17.3 Reports

(a) Within sixty (60) days after the Effective Date, the Parties will determine an appropriate set of periodic reports to be issued by Supplier to Health Net. Such reports will be no less comprehensive than the internal reporting of Health Net prior to the Effective Date and be issued at the frequency reasonably requested by Health Net. Initially, Supplier will continue to provide to Health Net the same reports as were generated by the resources that have been transferred or made available to Supplier, or displaced as a result of this Agreement. Such reports are described in Exhibit W (Reports).

(b) As one such report, Supplier will provide a monthly performance report describing Supplier’s performance of the Services in the preceding month and containing the information described in Schedule B (Service Levels) (the “Monthly Performance Report”). The Monthly Performance Report will be delivered to Health Net not later than the fifteenth (15th) day of each month. Each Monthly Performance Report will (i) separately address Supplier’s performance under each Service Level; (ii) assess the degree to which Supplier has attained or failed to attain the pertinent objectives for that month, including measurements with respect to the Service Levels and other metrics specified by Health Net; (iii) describe the status of each project, each ongoing problem resolution effort and any other initiative; (iv) explain deviations from the Service Levels and include for each deviation a plan for corrective action; (v) set forth a record of the Equipment, Services, Software, personnel changes and any other changes made during the reporting period that affect, or could affect, the Services and describe the planned changes during the upcoming month that may affect the Services; (vi) describe any changes in the status of, or changes made to, the Health Net Facilities or the Health Net Resources; (vii) set forth utilization of each Supplier resource (e.g., hour, FTE, etc.) for which a charge is made under this Agreement; and (viii) include documentation and information that Health Net reasonably requests to verify compliance with this Agreement.

17.4 Procedures Manual

(a) The “Procedures Manual” is a document (or set of documents) to be prepared by Supplier describing how Supplier will perform and deliver the Services under this Agreement, the Equipment and Software used, and the documentation (e.g., operations manuals, user guides, specifications) that provide further details of the activities. The Procedures Manual will describe the activities Supplier shall undertake in order to provide the Services, including those direction, supervision, monitoring, staffing, reporting, planning and oversight activities normally undertaken to provide services of the type Supplier is to provide under this Agreement. The Procedures Manual also will include descriptions of the acceptance testing procedures approved by Health Net, Supplier’s problem management and escalation procedures, and the other standards and procedures of Supplier pertinent to Health Net’s interactions with Supplier in obtaining the Services. The Procedures Manual must be suitable for use by Health Net to understand the Services.

(b) Attached as Schedule Q (Draft Procedures Manual Table of Contents) is a draft table of contents for the Procedures Manual. Working in consultation with Health Net, Supplier will deliver to Health Net for review and comment, a draft

General Terms and Conditions- 62 Health Net / IBM Confidential

Final Execution Version

Procedures Manual describing the Services transitioned from Health Net to Supplier during each transition wave within ninety (90) days after the occurrence of each transition wave. The draft Procedures Manual will be organized generally in accordance with Schedule Q (Draft Procedures Manual Table of Contents), but may include additional sections or provisions as appropriate. Supplier will incorporate or address reasonable comments or suggestions of Health Net and will finalize the Procedures Manual with respect to each wave, within one hundred fifty (150) days after the occurrence of such wave. The final Procedures Manual will be subject to the approval of Health Net.

(c) The Procedures Manual will be considered an operational document, which Supplier may revise with the written approval of Health Net’s Program Manager without the need to amend this Agreement. Supplier will periodically update the Procedures Manual to reflect changes in the operations or procedures described in it. Updates of the Procedures Manual will be provided to Health Net for review, comment and approval.

(d) Supplier will perform the Services in accordance with the most recent Health Net-approved version of the Procedures Manual. In the event of a conflict between the provisions of this Agreement and the Procedures Manual, the provisions of this Agreement will control.

(e) Notwithstanding anything to the contrary in Section 15 (Intellectual Property Rights), Health Net and its Affiliates may retain and Use the Procedures Manual in their businesses and for their benefit both during the Term and following the expiration or termination of this Agreement solely in connection with their provision of services for Health Net and its Service Recipients. Health Net and its Affiliates may permit any of their other service providers to use the Procedures Manual during and after the Term, but solely in connection with their provision of services for Health Net and its Service Recipients, provided Health Net enters into a non-disclosure agreement with such other service providers with confidentiality terms substantially similar to those in this Agreement.

17.5 Change Control

(a) “Change” means any material addition to, modification or removal of any material aspect of the Services (including changes to the manner in which the Services are performed). “Change Control Process” means the written procedure set forth in Exhibit A-7 for considering, analyzing, approving and carrying out Changes designed to ensure that only desirable Changes are made and that Changes made by or on behalf of Supplier are carried out in a controlled manner with minimal disruption to the Services and Service Recipients’ business operations.

(b) Any changes to the Change Control Process set forth in Exhibit A-7 which are agreed to by the Parties should be documented in the Procedures Manual.

(c) Except as otherwise expressly provided in this Agreement, Health Net has retained responsibility for establishing its IT architecture, standards (including security standards) and strategic direction of Health Net (and its Affiliates). Supplier will support such architecture, standards, and strategic direction in rendering the Services. Any Equipment and Software provided by or on behalf

General Terms and Conditions- 63 Health Net / IBM Confidential

Final Execution Version

of Supplier that connects to Health Net’s IT Infrastructure will comply with such architecture, standards, and strategic direction and will only be introduced into the IT Infrastructure in accordance with the Change Control Process.

(d) Supplier will not make any Changes, except in accordance with the Change Control Process and with Health Net’s approval, that may reasonably be expected to do or result in any of the following: (i) adversely affect the specifications, functionality, performance or resource efficiency of any Services or Deliverables; (ii) increase Health Net’s internal costs, Supplier’s charges to Health Net under this Agreement or charges by other Health Net suppliers to Health Net; (iii) disrupt or adversely affect any of Health Net’s or its Affiliates’ business operations; or (iv) deployment of technology that is not consistent with Health Net’s IT architecture, standards and strategic direction, as communicated to Supplier.

(e) Health Net will not be obliged to approve any Change proposed by Supplier if implementation of the change would increase Health Net’s internal costs or Supplier’s charges to Health Net under this Agreement or charges by other Health Net suppliers to Health Net, or if it would otherwise adversely affect Health Net’s or its Affiliates’ business or operations. Supplier shall not implement any proposed Change that Health Net disapproves.

(f) If an approved Change would result in New Services or a change in these Terms and Conditions, the Change must be authorized via a contract amendment or modification made pursuant to Section 25.3 (Contract Amendments and Modifications).

17.6 Annual Technology Plan

Consistent with Supplier’s responsibilities set forth in Schedule A (Services), Supplier will prepare an annual technology plan in accordance with the provisions of this Section 17.6 (Annual Technology Plan) (the “Technology Plan”). Each Technology Plan after the first one will include a review and assessment of the immediately preceding Technology Plan. The Technology Plan will consist of a three-year plan and an annual implementation plan as described below.

(a) The Technology Plan will include a comprehensive assessment and strategic analysis of Health Net’s then-current IT Environment for the next three (3) years, including an assessment of the appropriate direction for the systems and services used in or comprising the IT Environment in light of Health Net’s business priorities and strategies and competitive market forces (to the extent such business information is available or provided to Supplier). The Technology Plan will include a specific identification of proposed Software and Equipment strategies and direction, a cost projection, a costs-vs.-benefits analysis of any proposed Changes, a description of the types of personnel skills and abilities needed to respond to any recommended Changes or upgrades in technology, a general plan and a projected time schedule for developing and achieving the recommendations made, and references to appropriate operating platforms that support Service Level requirements, exploit industry trends in production capabilities and provide potential price-performance improvement opportunities.

General Terms and Conditions- 64 Health Net / IBM Confidential

Final Execution Version

(b) As necessary to support the overall objectives and directions of the three (3)-year plan, the annual implementation plan will provide specific guidance as to the information services requirements, projects and plans for the upcoming year, including details on operations, maintenance backlog and development activities. The annual implementation plan will include a summary review of Supplier’s performance of the Services in the year then concluding, and will provide updates and revisions of the long-term plan as appropriate. Supplier will prepare an annual implementation plan for each year of the Term. As part of the process of preparing the annual implementation plan, the Parties will review the overall operation of this Agreement to ensure that the Services continue to be aligned with Health Net’s strategic business and IT requirements.

(c) Supplier will submit for Health Net’s review and approval a draft Technology Plan developed with input from key business users of Health Net. Supplier will submit the final Technology Plan to Health Net within fifteen (15) days after receiving Health Net’s comments on the draft. Supplier will submit the draft of the Technology Plan within nine (9) months after the Effective Date.

(d) The schedule for developing and delivering each Technology Plan will be coordinated to support Health Net’s annual business planning cycle. Supplier will update the Technology Plan during the year as necessary to reflect changes to Health Net’s and its Affiliates’ businesses that materially affect the validity of the then-current Technology Plan. Supplier will recommend modifications to the Technology Plan as it deems appropriate, and will revise the Technology Plan as requested or approved by Health Net.

18. AUDITS AND RECORDS

18.1 Audit Rights

(a) Health Net and its agents, auditors (internal and external), regulators and other representatives as Health Net may designate (collectively, “Auditors”) will have the right to inspect, examine and audit the systems, records, facilities, data, practices and procedures of Supplier and its Subcontractors that are used in rendering the Services or pertain to the Services (collectively, “Audits”) for any of the following purposes:

(i) to verify the accuracy of Supplier’s invoices;

(ii) to verify the integrity of those elements of Health Net’s corporate control processes that are performed by Supplier, in order to permit Health Net’s management and independent auditors to make certifications required by the securities or other Laws of any country;

(iii) to verify the integrity of Health Net Data and Supplier’s compliance with the data privacy, data protection, confidentiality and security requirements of this Agreement;

(iv) to verify Supplier’s compliance with any other provisions of this Agreement; and

(v) to satisfy the requirements of the Health Net audit committee and regulatory requirements.

General Terms and Conditions- 65 Health Net / IBM Confidential

Final Execution Version

(b) Audits will be conducted during business hours and upon reasonable advance notice to Supplier except in the case of Audits by regulators, emergency or security Audits and Audits investigating claims of illegal behavior. Without limiting Health Net’s rights under this Section, Health Net shall reasonably endeavor to avoid unnecessary disruption of Supplier’s operations and customers and unnecessary interference with Supplier’s ability to perform the Services in accordance with the Service Levels. Health Net and its Auditors will comply with Supplier’s reasonable security and confidentiality requirements when accessing facilities or other resources owned or controlled by Supplier. Supplier will cooperate fully with Health Net, its regulators and its and their Auditors in conducting Audits and provide such assistance as they reasonably require to carry out the Audits, including installing and operating audit software. Furthermore, Supplier will comply with Health Net’s internal audit methodology, as it is made know to Supplier by Health Net. Subject to the foregoing, Auditors will be provided access to shared systems or shared Supplier facilities used in the performance of the Services, provided that this Section will not be construed to give any Auditors access to any data of any customer of Supplier other than Health Net. No Auditor shall be retained on a contingency fee, except Auditors engaged to perform Audits related to usage or charges for Network Services.

18.2 Audit Follow-up

(a) Following an audit or examination, Health Net may conduct, or request its external auditors or examiners to conduct, an exit conference with Supplier to discuss issues identified in the review. Supplier shall reasonably cooperate with Health Net and Health Net’s Auditors in order resolve any issues that arise from Audit.

(b) At Health Net’s request, Supplier will meet with Health Net to review each audit report promptly after the issuance thereof and to mutually agree upon the appropriate manner, if any, in which to respond to the changes suggested by the audit report.

18.3 Confidentiality of Audits

Audit results will be treated as Supplier Confidential Information except to the extent they contain Health Net Confidential Information.

18.4 Records Retention

(a) In support of Health Net’s Audit rights, Supplier will keep and maintain (i) financial records relating to this Agreement (excluding records of Supplier’s cost that are not relevant to calculation of charges), (ii) records substantiating Supplier’s invoices, (iii) records pertaining to Supplier’s compliance with the Service Levels, including root cause analyses, and (iv) such other operational records pertaining to performance of the Services as Supplier keeps in the ordinary course of its business.

(b) Supplier will retain such records and provide access to them upon request for Audits until the last to occur of the following: (i) three (3) years after expiration or termination of this Agreement; (ii) any longer period of time to satisfy any legal obligation of Health Net; (iii) all pending matters relating to this Agreement (including disputes) are closed; and (iv) the information is no longer required to

General Terms and Conditions- 66 Health Net / IBM Confidential

Final Execution Version

meet Health Net’s records retention policy as disclosed to Supplier, as such policy may be revised from time to time. Before destroying or otherwise disposing of such records, Supplier will provide Health Net with sixty (60) days prior notice and offer Health Net the opportunity to recover the records or to request Supplier to deliver the records to Health Net, with Health Net paying Supplier’s Out-of-Pocket Expenses. With respect to records that are retained pursuant to item (ii) above, Supplier shall have the option of returning such records to Health Net rather than retaining such documents.

18.5 Supplier Audits

Supplier will conduct its own Audits pertaining to the Services consistent with the audit practices of well-managed companies that perform services similar to the Services, including as provided below and in.

(a) Upon the conclusion of (i) the Transformation (including Transition) and (ii) thereafter Supplier has provided a minimum of six (6) months of Service delivery under the Parties jointly designed applicable controls, then for each year of the Term, Supplier will perform at each Supplier shared data center and Network Services Center, located in the Americas (US, Canada and LA) and India, that is used to provide Services, a Statement on Auditing Standards No. 70 Type II audit (“SAS 70 Audit”) (or in the future if SAS 70 Audits are no longer available in the industry, a comparably detailed audit) on such Supplier shared delivery centers using a nationally recognized firm qualified to perform such audit.

(b) The scope of the SAS 70 Audit shall cover general controls of the Supplier systems used to provide Services, not specific to but including systems used to perform processing Services and maintain Health Net data and general computer controls such as change management and logical access controls.

(c) Subject to Section 18.5(a) above, the SAS 70 Audit shall cover the preceding twelve (12) month period beginning September 1 through August 31 (or portion thereof) during the Term (including any extension periods as applicable). Supplier shall provide a SAS 70 Audit report to Health Net within ten (10) business days of receipt from the external auditor performing the SAS 70 Audit with the exception of Network Services provided by a Supplier Approved Subcontractor which shall be sixty (60) calendar days of receipt from the external auditor performing the Network Services SAS 70 Audit, and in no event any SAS 70 Audit later than November 30 of each calendar year. If any such SAS 70 Audit is qualified by the external auditor, then:

(i) Supplier shall provide Health Net with a letter in mid-January identifying any material changes made to Supplier infrastructure or controls covered by the SAS 70 Audit during the period from September 30 to December 31 of the prior year (or specifying that no such changes have been made) (“Update Letter”).

(ii) Supplier shall be responsible to implement remedial actions as it deems appropriate to correct any deficiencies identified in one or more SAS 70 Audits for Facilities where Supplier delivers Health Net Services; and

General Terms and Conditions- 67 Health Net / IBM Confidential

Final Execution Version

(iii) In the event any SAS 70 report that is required under this Agreement identifies a deficiency or material weakness in controls, IBM agrees to meet with Health Net to respond to Health Net’s reasonable inquiries relating to such deficiency or weakness and the status of any remedial actions being taken by IBM. Also, IBM will respond to such inquiries in writing if requested to do so by Health Net.

(d) If Health Net requires a more comprehensive audit than the SAS 70 Audit set out above, or an audit covering infrastructure, application controls or other controls used specifically for Health Net, then Supplier shall, as requested by Health Net, (i) use Commercially Reasonable Efforts to add such additional requirements to the scope of the SAS 70 Audit (provided Health Net agrees to pay for any reasonable expenses incurred by Supplier in accommodating such additional requirements); or (ii) permit a third party auditor engaged by Health Net to perform such additional audit activities, in each case to the extent permitted by applicable Law.

(e) If Supplier fails to provide a SAS 70 Audit report in accordance with the requirements above, Supplier shall be responsible for any reasonable additional costs or fees incurred by Health Net as a result of the failure.

Without limiting the foregoing, if a Supplier Audit indicates an adverse impact to Health Net Data, or to Health Net or other Service Recipients, or any violation of this Agreement, Supplier will immediately notify Health Net, providing pertinent details so that Health Net can take steps to avoid or minimize the adverse impacts. Supplier will also correct the errors or problems as soon as reasonably possible.

18.6 Financial Reports

Supplier will provide to Health Net, on a bi-monthly and annual basis, as applicable, copies of all publicly-available audited and unaudited financial statements of Supplier and its Controlling Affiliates.

18.7 Overcharges

If as a result of an audit or otherwise it is determined that Supplier has overcharged Health Net, Supplier shall credit Health Net’s account (or, at Health Net’s option, pay Health Net directly) an amount equal to the overcharge plus interest at a rate equal to the lesser of: (i) eighteen percent (18%) per annum; or (ii) the maximum amount permissible by applicable law, calculated from the date the overcharge was paid by Health Net. If an audit discloses that Supplier’s overcharges exceeded *** of the audited charges, Supplier shall also reimburse Health Net for the reasonable cost of the audit, up to a cap of ***.

19. REPRESENTATIONS, WARRANTIES AND COVENANTS OF SUPPLIER

19.1 Work Standards

Supplier represents, warrants and covenants that the Services will be rendered with promptness and diligence and be executed in a professional and workmanlike manner in accordance with the practices and standards observed by the leading companies in Supplier’s industry when performing similar services. Supplier warrants and covenants that it will use adequate numbers of qualified Supplier Personnel with suitable training, education, experience and skill to perform the Services in accordance with timing and

General Terms and Conditions- 68 Health Net / IBM Confidential

Final Execution Version

other requirements of this Agreement.

19.2 Maintenance

Supplier represents, warrants and covenants that it will maintain the Equipment and Software so they operate in accordance with their specifications, including (i) maintaining Equipment in good operating condition, subject to normal wear and tear; (ii) undertaking repairs and preventive maintenance on Equipment in accordance with the applicable Equipment manufacturer’s recommendations; and (iii) performing Software maintenance in accordance with the applicable Software vendor’s documentation and recommendations.

19.3 Efficiency and Cost-Effectiveness

Supplier represents, warrants and covenants that it will use Commercially Reasonable Efforts to use efficiently the resources or services necessary to provide the Services. Supplier warrants and covenants that it will use Commercially Reasonable Efforts to perform the Services in the most cost-effective manner consistent with the required level of quality and performance.

19.4 Technology

Supplier represents, warrants and covenants that it will provide the Services using, consistent with the Change Control Process, proven, current technology that will enable Health Net to take advantage of technological advancements applicable to its and its Affiliates’ businesses and support Health Net’s efforts to maintain competitiveness in the markets in which it competes.

19.5 Deliverables

Supplier represents, warrants and covenants that each Deliverable produced by Supplier under this Agreement will not, from the time of delivery to Health Net through the period ending one hundred eighty (180) days after Health Net’s final acceptance of the Deliverable in accordance with Exhibit A-10-1, deviate in any material respect from the specifications and requirements for such Deliverable set forth or referred to in this Agreement (including its Schedules and Exhibits or a statement of work, work order, project plan or similar document developed pursuant to this Agreement). The Parties may agree to an alternate warranty period in an individual project plan]; absent such agreement the warranty period provided in this Section 19.5 shall govern. If Health Net notifies Supplier of a breach of the foregoing warranty within the period specified above, Supplier will promptly correct and redeliver the affected Deliverables at no additional charge to Health Net without delay.

19.6 Documentation

Supplier represents, warrants and covenants that any Software Documentation developed for Health Net by or on behalf of Supplier will (a) accurately and with reasonable comprehensiveness describe the operation, functionality and use of the Software or system, and (b) accurately describe in terms understandable to a typical End User the functions and features of the Software or system and the procedures for exercising such functions and features.

General Terms and Conditions- 69 Health Net / IBM Confidential

Final Execution Version

19.7 Compatibility

Supplier represents, warrants and covenants that any Deliverables and other components of the Services that would reasonably be anticipated given the purpose of the Deliverable or other component of the Services to interact or otherwise work together as part of a functioning system will be compatible and will properly inter-operate and work together as components of an integrated system.

19.8 Non-Infringement

(a) Subject to Section 19.8(b), Supplier represents, warrants and covenants as follows:

(i) that Supplier and Supplier Personnel will perform their responsibilities under this Agreement in a manner that does not infringe or constitute an infringement or misappropriation of any Intellectual Property Rights of any third party;

(ii) that Supplier has all rights and licenses necessary to convey to Health Net (and to its Affiliates, where applicable) the ownership of (or grant the license rights with respect to, as applicable), all Software, Work Products, Independent IP, Deliverables and other items provided by or on behalf of Supplier, as such ownership and license rights are set forth in this Agreement;

(iii) that no Software, Work Product, Independent IP, Deliverable or other item provided by or on behalf of Supplier, nor their use by Health Net or other Service Recipients, will infringe or constitute an infringement or misappropriation of any Intellectual Property Right of any third party; and

(iv) that Supplier shall not incorporate any Open Source Code into any Deliverable or Work Product unless approved in writing by Health Net in advance. “Open Source Code” means any Software that requires as a condition of its use, modification or distribution that it be disclosed or distributed in source code form or made available at no charge. Open Source Code includes software licensed under the GNU General Public License (GPL) or the GNU Lesser/Library GPL.

(b) Supplier will not be considered in breach of the representation, warranty and covenant set forth in Section 19.8(a)to the extent (but only to the extent) any claimed infringement or misappropriation is attributable to any of the following:

(i) Health Net’s modification of an item provided by or on behalf of Supplier unless the modification was authorized, approved or made by Supplier; or

(ii) Health Net’s combination, operation or use of an item provided by or on behalf of Supplier with other specific items not furnished by, through or at the specification of Supplier or its Subcontractors; provided, however, that this exception will not be deemed to apply to the combination, operation or use of an item with other commercially available products that could reasonably have been anticipated to be

General Terms and Conditions- 70 Health Net / IBM Confidential

Final Execution Version

used in combination with the item provided by or on behalf of Supplier (e.g., the combination, operation or use of Application Software provided by Supplier with a commercially available computer and System Software not provided by Supplier).

19.9 Viruses

“Virus” means (i) program code or programming instruction(s) or set(s) of instructions intentionally designed to disrupt, disable, harm, interfere with or otherwise adversely affect computer programs, data files or operations; or (ii) other code typically described as a virus, Trojan horse, worm, back door or other type of harmful code. Supplier represents, warrants and covenants that Supplier Personnel will not knowingly introduce a Virus into Health Net’s or any other Service Recipient’s system or any system used to provide the Services. In addition, Supplier will use Commercially Reasonable Efforts to prevent Supplier Personnel from unknowingly introducing a Virus or allowing a Virus to be introduced into Health Net’s or any other Service Recipient’s system or any system used to provide the Services. If a Virus is found to have been introduced into Health Net’s or other Service Recipients’ systems or the systems used to provide the Services as a result of a breach of the foregoing representation, warranty and covenant, Supplier will use Commercially Reasonable Efforts at no additional charge to assist Health Net in eradicating the Virus and reversing its effects and, if the Virus causes a loss of data or operational efficiency, to assist Health Net in mitigating and reversing such losses.

19.10  Disabling Code

Supplier represents, warrants and covenants that in the course of providing the Services it will not insert into Software or any systems used to provide the Services any code that would have the effect of disabling or otherwise shutting down all or any portion of the Services. With respect to any disabling code that was already part of Software or systems used to provide the Services, Supplier represents, warrants and covenants that it will not invoke such disabling code or knowingly permit it to be invoked at any time without Health Net’s prior written consent. For purposes of this warranty and covenant, programming errors will not be deemed disabling code to the extent Supplier can demonstrate that such errors were not made with the intention of disabling or otherwise shutting down all or any portion of Health Net’s or any other Service Recipient’s systems or any system used to provide the Services.

19.11  Compliance with Health Net Policies and Procedures

Supplier represents, warrants and covenants to Health Net that Supplier will perform its obligations in accordance with Section 5.4(c).

19.12  Compliance with Laws; Export Control

(a) Supplier represents, warrants and covenants to Health Net that Supplier will perform its obligations in a manner that complies with Section 27.5, including Laws of any country or jurisdiction from which Supplier provides the Services; including identifying and procuring any required permits, certificates, approvals and inspections.

19.13  Corporate Social Responsibility

Supplier represents, warrants and covenants to Health Net that Supplier and Supplier

General Terms and Conditions- 71 Health Net / IBM Confidential

Final Execution Version

Facilities comply, and during the Term will comply, with the following:

(a) Supplier will not use forced or compulsory labor in any form, including prison, indentured, political, bonded or otherwise.

(b) Supplier will not follow policies promoting or resulting in unacceptable worker treatment such as the exploitation of children, physical punishment, female abuse, involuntary servitude, or other forms of abuse.

(c) Supplier will not discriminate based on race, creed, gender, marital or maternity status, class or caste status, religious or political beliefs, age or sexual orientation. Supplier’s decisions related to hiring, salary, benefits, advancement, termination or retirement will be based solely on lawful practices and consistent with its then-current human resources practices.

(d) Supplier’s management practices will recognize the dignity of the individual employee and the right to a work place free of harassment, abuse or corporal punishment, and will respect Supplier’s employees’ voluntary freedom of association.

(e) Supplier will comply with all applicable Laws concerning the conditions of employment of its employees, including those relating to pay, benefits, and working conditions.

(f) Supplier will maintain on file all documentation needed to demonstrate compliance with these standards and shall make these documents available for Health Net and its auditors upon reasonable prior notice to the extent such records relate to the performance of the Services. Supplier will publicize to its employees and enforce a non-retaliation policy that permits Supplier’s employees to speak with Health Net and Health Net’s auditors without fear of retaliation by Supplier or Supplier’s management. For clarity, nothing in this Section shall be deemed to waive Supplier’s rights in Confidential Information of Supplier.

19.14  Subcontractor Confidentiality and Assignment

Supplier represents, warrants and covenants to Health Net that each of Supplier’s subcontractors performing the Services will, prior to performing any Services, have executed an agreement satisfying the confidentiality and data protection obligations provided in this Agreement.

19.15  No Improper Inducements

Supplier represents, warrants and covenants to Health Net that it has not violated any applicable Laws or any Health Net policies of which Supplier has been given notice regarding the offering of unlawful or improper inducements in connection with this Agreement.

20. MUTUAL REPRESENTATIONS AND WARRANTIES; DISCLAIMER

20.1 Mutual Representations and Warranties

Each Party represents, warrants and covenants to the other that:

General Terms and Conditions- 72 Health Net / IBM Confidential

Final Execution Version

(a) It has the requisite corporate power and authority to enter into this Agreement and to carry out the transactions and activities contemplated by this Agreement;

(b) The execution, delivery and performance of this Agreement and the con-summation of the transactions contemplated by this Agreement have been duly authorized by the requisite corporate action on the part of such Party, are a valid and binding obligation of such Party, and do not constitute a violation of any existing judgment, order or decree;

(c) The execution, delivery and performance of this Agreement and the con-summation of the transactions contemplated by this Agreement do not constitute a material default under any existing material contract by which it or any of its material assets is bound, or an event that would, with notice or lapse of time or both, constitute such a default; and

(d) There is no proceeding pending or, to the knowledge of the Party, threatened that challenges or could reasonably be expected to have a material adverse affect on this Agreement or the ability of the Party to perform and fulfill its obligations under this Agreement.

(e) OTHER THAN AS EXPRESSLY PROVIDED IN THE AGREEMENT, THERE ARE NO EXPRESS WARRANTIES AND THERE ARE NO IMPLIED WARRANTIES, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

21. CONFIDENTIALITY

21.1 “Confidential Information” Defined

(a) “Confidential Information” of a Party means any non-public, commercially sensitive information (or materials) belonging to, concerning or in the possession or control of the Party or any of its Affiliates (the “Furnishing Party”) that is furnished, disclosed or otherwise made available (directly or indirectly) to the other Party (the “Receiving Party”) (or entities or persons acting on the other Party’s behalf) in connection with this Agreement and which is either marked or identified in writing as confidential, proprietary, secret or with another designation sufficient to give notice of its sensitive nature, or is of a type that a reasonable person would recognize it to be confidential. In the case of Health Net, “Confidential Information” includes any information to which Supplier has access in Health Net Facilities or Health Net systems meeting the above standard, all Work Product owned by Health Net under this Agreement and information pertaining to it, Health Net Data, Health Net Software, systems access codes and information concerning Health Net’s and/or its Affiliates’ products, marketing strategies, financial affairs, employees, customers (including protected health information) or suppliers, regardless of whether or how it is marked. Any notes, memoranda, compilations, derivative works, data files or other materials prepared by or on behalf of the Receiving Party that contain or otherwise reflect or refer to Confidential Information of the Furnishing Party will continue to be Confidential Information of the Furnishing Party even though incorporated into a separate document.

(b) “Confidential Information” does not include any particular information (other than protected health information) that the Receiving Party can demonstrate:

General Terms and Conditions- 73 Health Net / IBM Confidential

Final Execution Version

(i) was rightfully in the possession of, or was rightfully known by, the Receiving Party without an obligation to maintain its confidentiality prior to receipt from the Furnishing Party; (ii) was or has become generally known to the public other than as a result of disclosure by the Receiving Party or any of its agents; (iii) after disclosure to the Receiving Party, was received from a third party who, to the Receiving Party’s knowledge, had a lawful right to disclose such information to the Receiving Party without any obligation to restrict its further use or disclosure; or (iv) was independently developed by the Receiving Party without use of or reference to any Confidential Information of the Furnishing Party.

21.2 Obligations of Confidentiality

(a) Each Party acknowledges that it may be furnished, receive or otherwise have access to Confidential Information of the other Party in connection with this Agreement.

(b) The Receiving Party will not reproduce Confidential Information of the Furnishing Party except as reasonably required to accomplish the purposes and objectives of this Agreement. The Receiving Party will not disclose the Confidential Information of the Furnishing Party to any person or appropriate it for the Receiving Party’s own use, or for any other person’s use or benefit, except as specifically permitted by this Agreement or approved in writing by the Furnishing Party.

(c) The Receiving Party will keep the Confidential Information of the Furnishing Party confidential and secure and will protect it from unauthorized use or disclosure by using at least the same degree of care as the Receiving Party employs to avoid unauthorized use or disclosure of its own Confidential Information, but in no event less than reasonable care.

(d) As necessary to accomplish the purposes of this Agreement, the Receiving Party may disclose Confidential Information of the Furnishing Party to any employee, officer, director, contractor, Service Recipient, agent or representative of the Receiving Party who has a legitimate “need to know” the information in question and who is bound to the Receiving Party to protect the confidentiality of the information in a manner substantially equivalent to that required of the Receiving Party under this Agreement. The Receiving Party may also disclose Confidential Information of the Furnishing Party to the Receiving Party’s regulatory agencies and Auditors provided they are made aware of the Receiving Party’s obligations of confidentiality with respect to the Furnishing Party’s Confidential Information. Notwithstanding the forgoing, Health Net and its Affiliates shall be permitted to disclose Supplier Confidential Information, including this Agreement and the transactions contemplated by this Agreement to the extent required by law, in any periodic reports filed or required to be filed with the Securities and Exchange Commission (“SEC”), as well as the New York Stock Exchange, without making such entities aware of Receiving Party’s obligations of confidentiality. Health Net agrees that with respect to any filing of the Agreement required by law, that it will work in good faith with Supplier in connection with the preparation and filing of a confidentiality treatment request relating to the Agreement. In the event that a disclosure of this Agreement is to be made to a regulatory agency that is not required by law, Receiving Party shall use reasonable efforts to seek appropriate confidentiality protection of such information from such agencies.

General Terms and Conditions- 74 Health Net / IBM Confidential

Final Execution Version

(e) If any unauthorized disclosure, loss of, or inability to account for any Confidential Information of the Furnishing Party occurs, the Receiving Party will promptly so notify the Furnishing Party and will cooperate with the Furnishing Party and take such actions as may be necessary or reasonably requested by the Furnishing Party to minimize the violation and any damage resulting from it.

21.3 No Implied Rights

Each Party’s Confidential Information will remain the property of that Party. Nothing contained in this Section 21 (Confidentiality) will be construed as obligating a Party to disclose its Confidential Information to the other Party, or as granting to or conferring on a Party, expressly or by implication, any rights or license to the Confidential Information of the other Party. Any such obligation or grant will only be as provided by other provisions of this Agreement.

21.4 Compelled Disclosure

If the Receiving Party becomes legally compelled to disclose any Confidential Information of the Furnishing Party in a manner not otherwise permitted by this Agreement, the Receiving Party will provide the Furnishing Party with prompt notice of the request so that the Furnishing Party may seek a protective order or other appropriate remedy. If a protective order or similar order is not obtained by the date by which the Receiving Party must comply with the request, the Receiving Party may furnish that portion of the Confidential Information that it determines it is legally required to furnish. The Receiving Party will exercise reasonable efforts to obtain assurances that confidential treatment will be accorded to the Confidential Information so disclosed.

21.5 Confidential Treatment of this Agreement

Each Party may disclose the existence and general nature of this Agreement as permitted by Section 27.7 (Public Disclosures), but otherwise the terms and conditions of this Agreement will be considered the Confidential Information of each Party; provided however, that the terms and conditions may be disclosed by either Party in connection with an actual or good-faith proposed merger, acquisition, or similar transaction, so long as such receiving entity first agrees in writing to obligations substantially similar to those described in this Section 21.

21.6 Disclosure of Information Concerning Tax Treatment

Notwithstanding anything to the contrary in this Section 21 (Confidentiality), each Party (and its Affiliates), and any person acting on their behalf, may disclose to any person or entity the “tax structure” and “tax treatment” (as such terms are defined in the U.S. Internal Revenue Code and regulations under it) of the transactions effected by this Agreement and any materials provided to that Party (or its Affiliates) describing or relating to such tax structure and tax treatment; provided, however, that this disclosure authorization will not be interpreted to permit disclosure of (i) any materials or portions of materials that are not related to the transaction’s tax structure or tax treatment, or (ii) any materials or information that the Party (or its Affiliate(s)) must refrain from disclosing to comply with applicable securities Laws.

21.7 Return or Destruction

As requested by the Furnishing Party during the Term, the Receiving Party will return or

General Terms and Conditions- 75 Health Net / IBM Confidential

Final Execution Version

provide the Furnishing Party a copy of any designated Confidential Information of the Furnishing Party. When Confidential Information of the Furnishing Party is no longer required for the Receiving Party’s performance under this Agreement, or in any event upon expiration or termination of this Agreement, the Receiving Party will return all materials in any medium that contain, or refer to, Confidential Information of the Furnishing Party or, at the Furnishing Party’s election, destroy them. The Receiving Party may, however, keep (a) any Confidential Information of the Furnishing Party that the Receiving Party has a license to continue using, (b) in the files of its legal department or outside counsel, for record purposes only, one copy of any material requested to be returned or destroyed, and (c) archival copies as may be necessary to comply with document retention laws and regulations applicable to such Party’s business operations. Additionally, a Party shall have no obligation to destroy any Confidential Information that is subject to a claim, dispute, lawsuit, or subpoena or in any other circumstances in which such Party reasonably believes that destruction of such Confidential Information would be unethical or unlawful. At the Furnishing Party’s request, the Receiving Party will certify in writing that it has returned or destroyed all copies of the Furnishing Party’s Confidential Information in the possession or control of the Receiving Party’s or any of its Affiliates or contractors.

21.8 Duration of Confidentiality Obligations

The Receiving Party’s obligations under this Section 21 (Confidentiality) apply to Confidential Information of the Furnishing Party disclosed to the Receiving Party before or after the Effective Date and will continue during the Term and survive the expiration or termination of this Agreement as follows:

(a) The Receiving Party’s obligations under Section 21.7 (Return or Destruction) will continue in effect until fully performed;

(b) As to any portion of the Furnishing Party’s Confidential Information that constitutes a trade secret under applicable Law, the obligations will continue for as long as the information continues to constitute a trade secret;

(c) As to all other Confidential Information of the Furnishing Party, the obligations will survive for two (2) years after the Receiving Party’s fulfillment of its obligations under Section 21.7 (Return or Destruction) with respect to the Confidential Information in question; and

(d) With respect to protected health information, the obligations shall survive indefinitely.

22. INSURANCE

Supplier represents that it has, as of the Effective Date, and agrees to maintain in force throughout the Term at least the types and amounts of insurance coverage specified in Schedule H (Supplier Insurance Coverage).

23. INDEMNIFICATION

23.1 “Claim” and “Losses” Defined

“Claim” means any demand, or any civil, criminal, administrative, or investigative claim, action, or proceeding (including arbitration) commenced or threatened against an entity

General Terms and Conditions- 76 Health Net / IBM Confidential

Final Execution Version

or person. “Losses” means all losses, liabilities, damages, liens, and claims, and all related costs, expenses, and other charges suffered or incurred as a result of or in connection with a Claim in each case to the extent paid to a third party in settlement or judgment, including reasonable attorneys’ fees and disbursements, costs of investigation, litigation, settlement, and judgment, and any taxes, interest, penalties, and fines with respect to any of the foregoing.

23.2 Indemnification By Supplier

Supplier will at its expense indemnify, defend and hold harmless Health Net and its Affiliates, and their respective officers, directors, customers, employees, agents, representatives, successors and assigns (collectively, “Health Net Indemnitees”) from and against any and all Losses suffered or incurred by any of them arising from, in connection with, or based on any of the following, whenever made:

(a) Any Claim by, on behalf of or relating to any of the Affected Employees relating to Supplier’s employee selection, communications, recruitment, or hiring process, except to the extent caused by misrepresentations or wrongful actions by Health Net;

(b) Any Claim relating to Supplier’s alleged failure to observe or perform any duties or obligations to be observed or performed by Supplier on or after the Effective Date under any of the Health Net contracts referenced or identified in Section 11 (Transfer or Use of Resources) that are assigned to Supplier or for which Supplier has assumed financial, administrative and/or operational responsibility;

(c) Any Claim by a Subcontractor or by other Supplier Personnel, including claims by such personnel that Health Net is liable to such personnel for employee benefits or as the employer or joint employer of such personnel, except to the extent, if any, that Health Net is required to indemnify Supplier in respect of the Claim. In the case of a Claim by employees of Supplier, Supplier’s indemnification of Health Net Indemnitees will be to the same extent as if the Claim were made by a person who is not an employee of Supplier;

(d) Any Claim relating to an alleged breach of Supplier’s obligations under Section 21 (Confidentiality);

(e) Any Claim relating to an alleged breach of Section 19.8 (Non-Infringement);

(f) Any Claim relating to an alleged breach of Supplier’s obligations under Section 27.5 (Legal Compliance);

(g) Any Claim for death or bodily injury, or the damage, loss or destruction of real or tangible personal property of any third party (including employees of Health Net or Supplier or their respective subcontractors) brought against a Health Net Indemnitee alleged to have been caused by the tortious acts or omissions of Supplier, Supplier Personnel or anyone else for whose acts Supplier is responsible. However, Supplier will have a right of contribution from Health Net with respect to the Claim to the extent Health Net’s comparative negligence is responsible for causing the alleged injury or damage, loss or destruction;

(h) Any Claim with respect to Supplier’s use of any third party software made available by Health Net to Supplier or Supplier’s Subcontractors to the extent the

General Terms and Conditions- 77 Health Net / IBM Confidential

Final Execution Version

loss results from a breach by Supplier or Supplier Subcontractors’ of the applicable third party license agreement to the extent Supplier is made aware of the requirements.

(i) Any amounts including taxes, interest, and penalties assessed against Health Net which arise as a result of Supplier’s failure to comply with and perform its obligations under Section 9.3;

(j) any breach of any of Supplier’s representations or warranties set forth in Section 19.9 (Viruses)(second sentence only), Section 19.10 (Disabling Code), and Section 20 (Mutual Representations and Warranties).

(k) any Claim arising out of or related to occurrences Supplier is required to insure against under this Agreement but only to the extent resulting from a failure by Supplier to procure the required insurance.

23.3 Infringement Claims

If any item used by Supplier to provide the Services becomes, or in Supplier’s reasonable opinion is likely to become, the subject of an infringement or misappropriation Claim, Supplier will, in addition to indemnifying Health Net Indemnitees as provided in this Section 23 (Indemnification) and to the other rights Health Net may have under this Agreement, at its expense: (i) promptly at Supplier’s expense secure the right to continue using the item, or (ii) if this cannot be accomplished with Commercially Reasonable Efforts, then at Supplier’s expense, replace or modify the item to make it non-infringing or without misappropriation, while not degrading performance, functionality, or quality, increasing Health Net costs, or disrupting Health Net’s business operations, or (iii) if neither of the foregoing can be accomplished by Supplier with Commercially Reasonable Efforts, and only in such event, then upon at least one hundred eighty (180) days’ prior written notice to Health Net, Supplier may remove the item from the Services, in which case Supplier’s charges will be equitably adjusted to reflect such removal. If removal of the item from Services causes the loss or degradation of the Services or any portion of the Services, and that loss or degradation would otherwise constitute a material breach of this Agreement, then Health Net may terminate this Agreement without payment of a fee or other liability by providing written notice to Supplier designating the effective date of termination.

23.4 Indemnification By Health Net

Health Net will at its expense indemnify, defend and hold harmless Supplier, and its officers, directors, employees, agents, representatives, successors and assigns (collectively, “Supplier Indemnitees”) from and against any and all Losses suffered or incurred by any of them arising from, in connection with or based on any of the following, whenever made:

(a) Any Claim by, on behalf of or relating to any of the Affected Employees with respect to matters occurring prior to the Effective Date, excluding Claims for which Supplier is required to indemnify under Section 23.2(a);

(b) Any Claim relating to Health Net’s failure to observe or perform any duties or obligations to be observed or performed prior to the Effective Date by Health Net under any of the Health Net contracts referenced or identified in Section 11

General Terms and Conditions- 78 Health Net / IBM Confidential

Final Execution Version

(Transfer or Use of Resources) that are assigned to Supplier or for which Supplier has assumed financial, administrative or operational responsibility;

(c) Any Claim relating to an alleged breach of Health Net’s obligations under Section 21 (Confidentiality) or the Business Associate Agreement;

(d) Any Claim relating to an alleged breach of Health Net’s obligations under Section 27.5 (Legal Compliance);

(e) Any Claim of infringement or misappropriation of any patent, trade secret, copyright or other proprietary rights, alleged to have occurred because of systems or other items provided to Supplier by Health Net;

(f) Any Claim for death or bodily injury, or the damage, loss or destruction of real or tangible personal property of any third party (including employees of Health Net or Supplier or their respective subcontractors) brought against a Supplier Indemnitee alleged to have been caused by the tortious acts or omissions of Health Net, Health Net personnel or anyone else for whose acts Health Net is responsible. However, Health Net will have a right of contribution from Supplier with respect to the Claim to the extent Supplier’s comparative negligence is responsible for causing the alleged injury or damage, loss or destruction; and

(g) Any Claim by a Service Recipient asserting rights under this Agreement against Supplier (other than rights of indemnification under this Section 23).

23.5 Indemnification Procedures

The following procedures will apply to Claims for which a Party seeks to be indemnified pursuant this Agreement:

(a) Notice. Promptly after an indemnitee receives notice of any Claim for which it will seek indemnification pursuant to this Agreement, the indemnitee will promptly notify the indemnitor of the Claim in writing. No failure to so notify the indemnitor will abrogate or diminish the indemnitor’s obligations under this Section 23 (Indemnification) if the indemnitor has or receives knowledge of the Claim by other means or if the failure to notify does not materially prejudice its ability to defend the Claim. Within fifteen (15) days after receiving an indemnitee’s notice of a Claim, but no later than ten (10) days before the date on which any formal response to the Claim is due, the indemnitor will notify the indemnitee in writing as to whether the indemnitor acknowledges its indemnification obligation and elects to assume control of the defense and settlement of the Claim (a “Notice of Election”).

(b) Procedure Following Notice of Election. If the indemnitor timely delivers a Notice of Election to the address set forth in Section 27.3 acknowledging its indemnification obligation and electing to assume control of the defense and settlement of the Claim, it will be entitled to have sole control over the defense and settlement of the Claim. After delivering a timely Notice of Election acknowledging its indemnification obligation and electing to assume control of the defense and settlement of the Claim, the indemnitor will not be liable to the indemnitee for any legal expenses subsequently incurred by the indemnitee in defending or settling the Claim. In addition, the indemnitor will not be required to reimburse the indemnitee for any amount paid or payable by the indemnitee in

General Terms and Conditions- 79 Health Net / IBM Confidential

Final Execution Version

settlement of the Claim if the settlement was agreed to without the written consent of the indemnitor.

(c) Procedure Where No Notice of Election Is Delivered. If the indemnitor does not deliver a timely Notice of Election for a Claim acknowledging its indemnification obligation and electing to assume control of the defense and settlement of the Claim, the indemnitee may defend and/or settle the Claim in such manner as it may deem appropriate, at the cost and expense of the indemnitor, including payment of any settlement, judgment or award and the costs of defending or settling the Claim. The indemnitor will promptly reimburse the indemnitee upon demand for all Losses suffered or incurred by the indemnitee as a result of or in connection the Claim.

23.6 Subrogation

Upon fulfilling all of its obligations under this Section 23 (Indemnification) with respect to a Claim, including making payment in full of all amounts due pursuant to its indemnification obligations, the indemnitor will be subrogated to the rights of the indemnitee(s) with respect to that Claim.

24. LIABILITY

24.1 General Intent

Subject to the specific provisions of this Section 25 (Liability), it is the intent of the Parties that if a Party fails to perform its obligations in the manner required by this Agreement, that Party will be liable to the other Party for any actual damages suffered or incurred by the other Party as a result.

24.2 Limitations of Liability

(a) Except as provided in Section 24.2(c), Section 24.2(e), and Section 24.2(f), in no event, whether in contract or in tort (including breach of warranty, negligence and strict liability in tort), will a Party be liable for indirect or consequential, exemplary, punitive or special damages (collectively “Consequential Damages”) even if such Party has been advised in advance of the possibility of such damages.

(b) Except as provided in Section 24.2(c), Section 24.2(e), and Section 24.2(f), each Party’s total liability to the other, whether in contract or in tort (including breach of warranty, negligence and strict liability in tort) will be limited to an amount equal to the total charges paid or payable to Supplier pursuant to this Agreement for proper performance of the Services for the twelve (12) months prior to the month in which the most recent event giving rise to liability occurred. If the most recent event giving rise to liability occurs during the first twelve (12) months after the Effective Date, liability will be limited to an amount equal to twelve (12) times the result obtained by dividing the total charges paid or payable under this Agreement from the Effective Date through the date on which such event occurred by the number of months from the Effective Date through such date. An additional *** charges shall be added to the foregoing*** for either of the following:

General Terms and Conditions- 80 Health Net / IBM Confidential

Final Execution Version

(i) Damages attributable to the tortious willful misconduct of a Party ***, or

(ii) Damages arising out of a failure by Supplier to commence the provision of Disengagement Assistance (or the cessation of such assistance after commencement), which:

(A) occurs after Health Net (1) has satisfied all pre-conditions necessary for Supplier to provide such Disengagement Assistance pursuant to Section 16.6; and (2) after Health Net has provided not less than two (2) written notices to Supplier requesting Disengagement Assistance, and (3) after such time that Health Net has cured any Health Net breach of its payment obligations under Section 10.2 (subject to Health Net’s right to dispute charges pursuant to Section 10.7; and

(B) prevents the transition of core elements (i.e., the elements that enable Health Net to conduct a core business function) of a Service Tower from Supplier to Health Net or Health Net’s designee;

and *** shall be recoverable in an amount of up to *** months of such *** of charges.

Service Level Credits do not count against and do not reduce the amounts available under the foregoing limitations.

(c) The limitations and exclusions of liability set forth in Section 24.2(a) and Section 24.2(b) (Limitations of Liability) will not apply to any of the following: ***.

(d) “Service Recipient Damages” shall mean damages suffered by a Service Recipient, but only to the extent that Health Net would be entitled to recover such damages under the terms and conditions of this Agreement if Health Net had incurred such damages instead of such Services Recipients. Notwithstanding any other provision of this Agreement, IBM and Health Net agree that Health Net shall be entitled to recover Service Recipient Damages from IBM. For clarification, Service Recipient Damages shall be aggregated with Health Net’s damages in determining IBM’s total liability to Health Net for purposes of Section 24.2(b) above.

(e) Without limiting (i) each Party’s responsibility for direct damages under the Agreement, and (ii) each Party’s right to claim other direct damages, the following shall be considered direct damages and shall not be considered consequential damages to the extent they result form a Party’s failure to fulfill its obligations in accordance with this Agreement:

(i) ***;

(ii) ***;

(iii) ***;

General Terms and Conditions- 81 Health Net / IBM Confidential

Final Execution Version

(iv) ***; and

(v) ***.

(f) Notwithstanding Section 24.2(a) - Section 24.2(d) above regarding limitations and exclusions of liability, Supplier shall be liable for, and Health Net shall have the right to recover from Supplier, the following: ***. Supplier’s total liability under this Section 24.2(f) shall be limited to (i) for the period from the Effective Date until the earlier to occur of (A) the date that is eighteen (18) months after the Effective Date, and (B) the date that the primary servers supporting the iSeries, zSeries and VMS platforms are running in production from Supplier’s data center in Boulder, Colorado (such earlier date being the “Data Center Transformation Date”), an amount equal to***, and (ii) after the Data Center Transformation Date, an amount equal to***, unless the fines, penalties, sanctions, prompt pay interest or similar amount relates to Health Net Data that is encrypted or that Supplier was obligated to encrypt under this Agreement, in which event the amount shall be equal to the total charges paid or payable to Supplier pursuant to this Agreement for proper performance of the Services for the *** prior to the month in which the most recent event giving rise to liability occurred. Nothing set forth in this Section 24.2(f) shall be construed to limit Supplier’s obligations or liability with respect to Supplier’s indemnification obligations set forth in Section 23.2.

(g) Each Party has a duty to use Commercially Reasonable Efforts to mitigate the damages suffered by it for which the other Party is or may be liable.

24.3 Force Majeure

(a) No Party will be liable for any default or delay in the performance of its obligations under this Agreement (i) if and to the extent such default or delay is caused, directly or indirectly, by fire, flood, pestilence, earthquake, elements of nature or acts of God, riots, or civil disorders, (ii) provided the non-performing Party is without fault in causing such default or delay, and such default or delay could not have been prevented by reasonable precautions and could not reasonably be circumvented by the non-performing Party through the use of alternate sources, workaround plans or other means (including with respect to Supplier by Supplier meeting its obligations for performing disaster recovery and business continuity services as described in this Agreement) (each such event a “Force Majeure Event”).

(b) In such event the non-performing Party will be excused from further performance or observance of the obligations so affected for as long as such circumstances prevail and such Party continues to use Commercially Reasonable Efforts to recommence performance or observance without delay. Any Party so delayed in its performance will immediately notify the Party to whom performance is due by telephone (to be confirmed in writing within twenty-four (24) hours of the inception of such delay) and describe at a reasonable level of detail the circumstances causing such delay. To the extent the provision of the Services or any part thereof is prevented or materially affected by a Force Majeure Event, Health Net’s obligation to pay charges hereunder shall accordingly be reduced by an equitable amount (which in the case of total suspension of the Services would

General Terms and Conditions- 82 Health Net / IBM Confidential

Final Execution Version

be an amount equal to the total charges hereunder for the period of suspension), subject to any Health Net payment obligations under Section 24.3(c).

(c) If any event under Section 24.3(a) substantially prevents, hinders or delays performance of the Services, then upon Health Net’s request, Supplier shall use Commercially Reasonable Efforts to obtain such Services from an alternate source, the implementation of which shall be subject to Health Net’s prior approval. If such event substantially prevents, hinders, or delays performance of Services necessary for the performance of functions reasonably identified by Health Net as critical for more than *** consecutive days, then at Health Net’s option: (i) Health Net may procure such Services from an alternate source, and Supplier will be liable for payment for such Services from the alternate source for so long as the delay in performance will continue but not to exceed *** and provided Health Net continues to pay Supplier for the Services subject to the Force Majeure Event; (ii) Health Net may terminate any portion of this Agreement so affected by such Force Majeure Event and the charges payable under this Agreement will be equitably adjusted to reflect those terminated Services; or (iii) Health Net may terminate this Agreement without liability to Health Net or Supplier as of a date specified by Health Net in a written notice of termination to Supplier. Supplier will not have the right to any additional payments from Health Net for costs or expenses incurred by Supplier as a result of any Force Majeure Event, except for (i) Wind Down Costs relating to Service Towers that were unaffected by the Force Majeure Event but nonetheless terminated by Health Net pursuant to this Section 24.3(c); and (ii) charges payable under this Agreement for Disengagement Assistance required by Health Net.

(d) A Force Majeure Event will not relieve Supplier of its obligations to implement successfully all of the Services relating to disaster recovery services that are included in this Agreement within the time period described in this Agreement unless the resources specifically identified in Supplier’s disaster recovery plan for Health Net have also been rendered unavailable as a result of a Force Majeure Event to those resources.

25. RULES OF CONSTRUCTION

25.1 Entire Agreement

This Agreement – consisting of the signature page, these Terms and Conditions and the attached Schedules and Exhibits – constitutes the entire agreement between the Parties with respect to its subject matter and merges, integrates and supersedes all prior and contemporaneous agreements and under-standings between the Parties, whether written or oral, concerning its subject matter.

25.2 Contracting Parties; No Third Party Beneficiaries

This Agreement is entered into solely between, and may be enforced only by, Health Net and Supplier. This Agreement does not create any legally enforceable rights in third parties, including suppliers, subcontractors and customers of a Party, except as provided in this paragraph and Section 23 (Indemnification).

General Terms and Conditions- 83 Health Net / IBM Confidential

Final Execution Version

25.3 Contract Amendments and Modifications

Any terms and conditions varying from this Agreement on any order or written notification from either Party will not be effective or binding on the other Party. This Agreement may be amended or modified solely in a writing signed by an authorized representative of each Party, in accordance with Health Net policy set forth in Schedule O (Policies and Procedures).

25.4 Governing Law

This Agreement and performance under it shall be governed by and construed in accordance with the laws of the state of New York without regard to its choice of law principles.

25.5 Relationship of the Parties

Supplier, in furnishing the Services, is acting as an independent contractor. Supplier has the sole right and obligation to supervise, manage, contract, direct, procure, perform or cause to be performed, all work to be performed by Supplier under this Agreement. Supplier is not an agent or partner of Health Net and has no authority to represent or bind Health Net as to any matters, except as expressly authorized in this Agreement. This Agreement establishes a nonexclusive relationship between the Parties.

25.6 Consents and Approvals

Where approval, acceptance, consent or similar action by either Party is required under this Agreement, such action will not be unreasonably delayed, conditioned or withheld unless this Agreement expressly provides that it is in the discretion of the Party. No approval or consent given by a Party under this Agreement will relieve the other Party from responsibility for complying with the requirements of this Agreement, nor will it be construed as a waiver of any rights under this Agreement (except to the extent, if any, expressly provided in such approval or consent). Each Party will, at the request of the other Party, perform those actions, including executing additional documents and instruments, reasonably necessary to give full effect to this Agreement.

25.7 Waiver

No failure or delay by a Party in exercising any right, power or remedy will operate as a waiver of that right, power or remedy, and no waiver will be effective unless it is in writing and signed by an authorized representative of the waiving Party. If a Party waives any right, power or remedy, the waiver will not waive any successive or other right, power or remedy that Party may have.

25.8 Remedies Cumulative

Except as otherwise expressly provided in this Agreement, all remedies provided in this Agreement are cumulative and in addition to and not in lieu of any other remedies available to a Party under this Agreement, at law, or in equity.

General Terms and Conditions- 84 Health Net / IBM Confidential

Final Execution Version

25.9 References

(a) The section headings and the table of contents used in this Agreement are for convenience of reference only and will not enter into the interpretation of this Agreement.

(b) Unless otherwise indicated, section references are to sections of the document in which the reference is contained. For example, section references in these Terms and Conditions are to sections of the Terms and Conditions and, likewise, section references in a Schedule to this Agreement are to sections of that Schedule.

(c) References to numbered (or lettered) sections of this Agreement also refer to and include all subsections of the referenced section.

(d) Unless otherwise indicated, references to Schedules to this Agreement also refer to and include all Exhibits to the referenced Schedule.

25.10  Rules of Interpretation

(a) Unless the context requires otherwise, (i) “including” (and any of its derivative forms) means including but not limited to, (ii) “may” means has the right, but not the obligation to do something and “may not” means does not have the right to do something, (iii) “will” and “shall” are expressions of command, not merely expressions of future intent or expectation, (iv) “written” or “in writing” is used for emphasis in certain circumstances, but that will not derogate from the general application of the notice requirements set forth in Section 27.3 (Notices) in those and other circumstances, (v) use of the singular imports the plural and vice versa, and (vi) use of a specific gender imports the other gender(s).

(b) References in the Agreement to “days” and “years” that do not specifically refer to Business Days or Contract Years are references to calendar days and calendar years, unless otherwise provided.

25.11  Order of Precedence

If there is any conflict between this Agreement and any document incorporated by reference into this Agreement, the Parties shall attempt to read any such conflicting provisions consistently, however, in the event such a consistent reading cannot be accomplished, the order of precedence will be as follows: (a) the General Terms and Conditions and any amendments thereto, (b) the Schedules, Exhibits and other attachments to this Agreement, and (c) other documents incorporated by reference.

25.12  Severability

If any provision of this Agreement conflicts with the Law under which this Agreement is to be construed or if any provision of this Agreement is held invalid, illegal, or otherwise unenforceable by a competent authority, such provision will, if possible, be deemed to be restated to reflect as nearly as possible the original intentions of the Parties in accordance with applicable Law. In any event, the remainder of this Agreement will remain in full force and effect.

General Terms and Conditions- 85 Health Net / IBM Confidential

Final Execution Version

25.13  Counterparts

This Agreement may be executed in several counterparts and by facsimile signature, all of which taken together constitute a single agreement between the Parties. Each signed counter-part, including a signed counterpart reproduced by reliable means (including facsimile), will be considered as legally effective as an original signature.

25.14  Reading Down

If a provision of this Agreement is reasonably capable of an interpretation which would make that provision valid, lawful and enforceable and an alternative interpretation that would make it unenforceable, illegal, invalid or void then, so far as is possible, that provision will be interpreted or construed to be limited and read down to the extent necessary to make it valid and enforceable.

26. DISPUTE RESOLUTION

Any dispute between the Parties arising out of or relating to this Agreement, including with respect to the interpretation of any provision of this Agreement or with respect to performance by Supplier or Health Net, will be resolved as provided in this Section 26 (Dispute Resolution).

26.1 Informal Dispute Resolution

(a) Subject to Section 26.1(b), the Parties initially will attempt to resolve any dispute arising out of or relating to this Agreement informally in accordance with the following:

(i) Within ten (10) days after a Party receives notice of a dispute from the other Party (“Dispute Date”), it will designate a senior representative (i.e., a person whose rank within the company is superior to, in the case of Supplier, the Supplier PE, and in the case of Health Net, the Health Net Program Manager) who does not devote substantially all of his time to performance under this Agreement, who will offer to meet with the designated senior representative of the other Party for the purpose of attempting to resolve the dispute amicably.

(ii) The appointed representatives will meet promptly to discuss the dispute and attempt to resolve it without the necessity of any formal proceeding. They will meet as often as the Parties deem necessary in order that each Party may be fully advised of the other’s position. During the course of discussion, all reasonable requests made by one Party to the other for non-privileged information reasonably related to the matters in dispute will be honored promptly.

(iii) The specific format for the discussions will be left to the discretion of the appointed representatives.

(b) Formal dispute resolution may be commenced by a Party upon the first to occur of any of the following:

(i) the appointed representatives conclude in good faith that amicable resolution of the dispute through continued negotiation does not appear likely;

General Terms and Conditions- 86 Health Net / IBM Confidential

Final Execution Version

(ii) thirty-five (35) days have passed from the Dispute Date (this period will be deemed to run notwithstanding any claim that the process described in this Section 26.1 (Informal Dispute Resolution) was not followed or completed); or

(iii) commencement of formal dispute resolution is deemed appropriate by a Party to avoid the expiration of an applicable limitations period or to preserve a superior position with respect to other creditors, or a Party makes a good faith determination, including as provided in Section 26.4 (Equitable Remedies), that a breach of this Agreement by the other Party is such that a temporary restraining order or other injunctive or conservatory relief is necessary.

26.2 Litigation

For all litigation which may arise with respect this Agreement, the Parties irrevocably and unconditionally submit (a) to the exclusive jurisdiction and venue (and waive any claim of forum non conveniens and any objections as to laying of venue) of the United States District Court for the Central District of California, or (b) if such court does not have subject matter jurisdiction, to the Superior Court of the State of California, Los Angeles County in connection with any action, suit or proceeding arising out of or relating to this Agreement. The Parties further consent to the jurisdiction of any state court located within a district that encompasses assets of a Party against which a judgment has been rendered for the enforcement of such judgment or award against the assets of such Party.

26.3 Continued Performance

Each Party agrees (a) to continue performing its obligations under this Agreement while a dispute is being resolved except (and then only) to the extent performance is prevented by the other Party or the issue in dispute precludes performance, and (b) not to take any action that intentionally obstructs, delays, or reduces in any way the performance of such obligations. For the avoidance of doubt, a good faith dispute regarding invoiced charges and Health Net’s withholding payment of disputed charges as permitted under this Agreement will not be considered to prevent Supplier from performing the Services or preclude performance by Supplier, nor will this Section 26.3 be interpreted to limit either Party’s right to terminate this Agreement as provided in Section 16 (Termination).

26.4 Equitable Remedies

Each Party acknowledges that a breach of any of its obligations under the Sections of this Agreement listed below, or its infringement or misappropriation of any Intellectual Property Rights of the other Party, may irreparably harm the other Party in a way that could not be adequately compensated by money damages. In such a circumstance, the aggrieved Party may (in addition to all other remedies and rights) proceed directly to court notwithstanding the other provisions of this Section 26 (Dispute Resolution). The following Sections are subject to this paragraph:

Section 14 (Data Security and Protection), Section 15 (Intellectual Property Rights), Section 16 (Termination), Section 21 (Confidentiality) and Section 24 (Indemnification);

26.5 Waiver of Jury Trial

THE PARTIES HEREBY UNCONDITIONALLY WAIVE THEIR RESPECTIVE

General Terms and Conditions- 87 Health Net / IBM Confidential

Final Execution Version

RIGHTS TO A JURY TRIAL OF ANY CLAIM OR CAUSE OF ACTION ARISING DIRECTLY OR INDIRECTLY OUT OF, RELATED TO, OR IN ANY WAY CONNECTED WITH, THE PERFORMANCE OR BREACH OF THIS AGREEMENT, OR THE RELATIONSHIP THAT IS BEING ESTABLISHED BETWEEN THEM. The scope of this waiver is intended to be all encompassing of any and all disputes that may be filed in any court or other tribunal (including, without limitation, contract claims, tort claims, breach of duty claims, and all other common law and statutory claims). THIS WAIVER IS IRREVOCABLE, MEANING THAT IT MAY NOT BE MODIFIED EITHER ORALLY OR IN WRITING, AND THE WAIVER SHALL APPLY TO ANY SUBSEQUENT AMENDMENTS, RENEWALS, SUPPLEMENTS OR MODIFICATIONS TO THIS AGREEMENT, AND RELATED DOCUMENTS, OR TO ANY OTHER DOCUMENTS OR AGREEMENTS RELATING TO THIS TRANSACTION OR ANY RELATED TRANSACTION. In the event of litigation, this Agreement may be filed as a consent to a trial by the court.

26.6 Disclaimer of Uniform Computer Information Transactions Act

TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, THE PARTIES DISCLAIM AND NONE OF THIS AGREEMENT SHALL BE SUBJECT TO THE UNIFORM COMPUTER INFORMATION TRANSACTIONS ACT (“UCITA”) (PREPARED BY THE NATIONAL CONFERENCE OF COMMISSIONERS ON UNIFORM STATE LAWS) AS CURRENTLY ENACTED OR AS MAY BE ENACTED, CODIFIED OR AMENDED FROM TIME TO TIME BY ANY JURISDICTION. TO THE EXTANT THAT ANY ASPECT OF THIS AGREEMENT OR ANY LICENSE GRANTED UNDER THIS AGREEMENT IS UNCLEAR OR DISPUTED BY THE PARTIES AND UCITA, IF APPLIED, WOULD CLARIFY SUCH LICENSE OR RESOLVE SUCH DISPUTE, THE PARTIES AGREE TO CLARIFY SUCH LICENSE OR RESOLVE SUCH DISPUTE INDEPENDENTLY OF UCITA BY APPLYING THE INTENT OF THE PARTIES AT THE TIME THAT THEY ENTERED THIS AGREEMENT.

27. GENERAL

27.1 Binding Nature and Assignment

This Agreement is binding on the Parties and their respective successors and permitted assigns. Neither Party may assign this Agreement or delegate its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other Party, provided (1) Health Net may assign this Agreement or delegate its rights or obligations under this Agreement without the prior written consent of Supplier to (i) a Health Net majority owned Affiliate or (ii) an entity that acquires Control of Health Net or acquires all or substantially all of Health Net’s business or assets, and (2) (i) either Party may assign its rights and obligations under this Agreement to the successor in a merger or acquisition and (ii) Supplier may assign all or part of its rights to receive payments from Health Net under this Agreement; provided that in no event shall any such assignment relieve either Party of their respective obligations under this Agreement. Any attempted assignment in violation of this Section 27.1 will be void and will constitute a material breach of this Agreement by the Party attempting the assignment. A Party assigning this Agreement or delegating its rights or obligations under this Agreement must provide prompt notice of the assignment or delegation to the other Party after its effective date.

General Terms and Conditions- 88 Health Net / IBM Confidential

Final Execution Version

27.2 Nondiscrimination

Neither Party shall discriminate against any Beneficiary in the provision of Services hereunder, whether on the basis of the Beneficiary’s coverage under a Benefit Program, age, sex, marital status, sexual orientation, race, color, religion, ancestry, national origin, disability, handicap, health status, source of payment, utilization of medical or mental health services or supplies, or other unlawful basis including, without limitation, the filing by such Beneficiary of any complaint, grievance or legal action against Supplier, Health Net, or a Health Net Affiliate. The Parties agree to make reasonable accommodations for Beneficiaries with disabilities or handicaps as required by law as applicable to each Party.

27.3 Notices

All notices, requests, demands and determinations under this Agreement (other than routine operational communications), shall be in writing and shall be deemed duly given (i) when delivered by hand, (ii) on the designated day of delivery after being timely given to an express overnight courier with a reliable system for tracking delivery, (iii) six (6) days after the day of mailing, when mailed by United States mail, registered or certified mail, return receipt requested and postage prepaid, and addressed as follows:

In the case of Health Net:

Health Net, Inc.

21650 Oxnard Street

Woodland Hills, CA 91367

Attn: Chief Procurement Officer

With Copy To:

Health Net, Inc.

21650 Oxnard Street

Woodland Hills, CA 91367

Attn: General Counsel

In the case of Supplier:

Fernando Morgan

IBM Project Executive, Health Net

12033 Foundation Place

Rancho Cordova CA 95670

With a copy to:

General Counsel,

IBM Global Technology Services

Route 100

Somers, New York 10589

Telephone: 914-766-4165

Facsimile: 914-766-8444

A Party may from time to time change its address or designee for notification purposes

General Terms and Conditions- 89 Health Net / IBM Confidential

Final Execution Version

by giving the other prior written notice of the new address or designee and the date upon which it will become effective.

27.4 Non-solicitation of Employees

Subject to the provisions of Schedule E, from the Effective Date until twelve (12) months after completion of its obligations under this Agreement, Supplier will not solicit or seek to procure the employment of any of Health Net personnel, either directly or indirectly (other than by general advertising), without the prior written consent of Health Net. Subject to the provisions of this Agreement (including Section 16.6(a), Health Net will not solicit or seek to procure the employment of any of Supplier personnel, either directly or indirectly (other than by general advertising), until twelve (12) months after the date that any such Supplier Personnel has ceased performing Services under this Agreement, without the prior written consent of Supplier.

27.5 Legal Compliance

(a) Each Party agrees at its cost and expense to obtain all necessary regulatory approvals applicable to its business, to obtain any necessary licenses or permits for its business and to comply with all Laws applicable to it in the operation of their respective businesses, including the portions of laws applicable to it where the law imposes different obligations on the Parties. (e.g. HIPAA)If a Party is charged with a failure to comply with any such Laws, and such failure relates to or impacts the Services, it shall promptly notify the other Party of the charges in writing.

(b) Each Party will bear the risk of and have Financial Responsibility for any change in Laws applicable to it or its Affiliates, or their respective businesses. If a change to any Law applicable to Health Net results in the need for a change to a Service or charges hereunder (the foregoing, a “Regulatory Change”), Supplier shall make that Regulatory Change as soon as reasonably possible. The Parties shall seek to agree to the details and cost of the Regulatory Change in accordance with the Change Control Process. If there is any disagreement between the Parties regarding any Regulatory Change or potential Regulatory Change, then: (i) Health Net shall have the right to determine: (A) whether a Regulatory Change is required; and (B) how Supplier should implement that Regulatory Change; and (ii) as and if approved by Health Net, Health Net shall pay Supplier’s reasonably incurred and properly evidenced labor and materials costs of implementing the Regulatory Change and any adjusted charges for post-Change on-going Services; provided that if the Regulatory Change is carried out for other customers of Supplier, Health Net shall only bear an equitable proportion of Supplier’s reasonably incurred and properly evidenced labor and materials costs.

27.6 Covenant of Good Faith

Each Party, in its respective dealings with the other Party under or in connection with this Agreement, will act reasonably and in good faith.

27.7 Public Disclosures

All media releases, public announcements and public disclosures by either Party relating to this Agreement or the subject matter of this Agreement, including pro-motional or

General Terms and Conditions- 90 Health Net / IBM Confidential

Final Execution Version

marketing material, but not including announcements intended solely for internal distribution or disclosures to the extent required to meet legal or regulatory requirements (including as described in Section 21.2(d)) beyond the reasonable control of the disclosing Party, will be coordinated with and approved by the other Party prior to release.

27.8 Service Marks

Without the other Party’s prior consent (which may be withheld in such Party’s discretion and if granted revoked), neither Party shall use the name, service marks, or trademarks of the other Party.

General Terms and Conditions- 91 Health Net / IBM Confidential

Final Execution Version

27.9 Mutually Negotiated

No rule of construction will apply in the interpretation of this Agreement to the disadvantage of one Party on the basis that such Party put forward or drafted this Agreement or any provision of this Agreement.

IN WITNESS WHEREOF, Health Net and Supplier have each caused this Agreement to be signed and delivered by its duly authorized officer, all as of the date first set forth above.

Health Net, Inc.		International Business Machines Corporation
By:	/s/ James E. Woys	By:	/s/ Chris Nicoletti
Print Name: James E. Woys		Print Name: Chris Nicoletti
Title: Chief Operating Officer		Title: Vice President, Global Technologies
Date: August 19, 2008		Date: August 19, 2008

General Terms and Conditions- 92 Health Net / IBM Confidential

Final Execution Version

SCHEDULE A

SERVICES

Schedule A A - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE A

SERVICES

Table of Contents

1.	INTRODUCTION	5
1.1	General	5
1.2	Service Hours	5
1.3	Definitions	5
1.4	Solution Description	6
1.5	Projects	6
1.6	Third Party Managed Contracts	6
2.	CROSS-FUNCTIONAL SERVICES	8
2.1	Overall Responsibilities	8
2.2	Planning and Analysis	9
2.3	Project Management	10
2.4	Requirements Definition	12
2.5	Design Specifications	13
2.6	Asset Acquisition and Management	13
2.8	Integration and Acceptance Testing	17
2.7	Capacity Management	18
2.8	Implementation and Migration	19
2.9	Incident and Problem Management	20
2.10	Operations	22
2.11	Maintenance	24
2.12	Technical Support & Administration	25
2.13	Technical Environment Monitoring and Reporting	26
2.14	Service Level Monitoring and Reporting	26
2.15	Account Management	27
2.16	Configuration Management	28
2.17	Change and Release Management	29
2.18	Software Distribution Management	31
2.19	Training Services	33
2.20	Documentation	36
2.21	Technology Refresh and Replenishment	36
2.22	Storage Management, Data Retention	39
2.23	IT Continuity & Disaster Recovery Services	42
2.24	Environment & Facilities Support	52
2.25	Procurement Services	52
2.26	De-Installation, Disposal, and Repurposement Services	55
3.	DATA CENTER SERVICES	59
3.1	Overall Responsibilities	59
3.2	Planning & Analysis	61
3.3	Engineering/Development	61
3.4	Integration and Testing	61
3.5	Implementation and Migration	61
3.6	Operations and Administration	62
3.7	Technical Support and Administration	65
3.8	Collaborative Computing and Support System Management Services	66

Schedule A A - 2 Health Net / IBM Confidential

Final Execution Version

3.9	Remote Access Facilities	68
3.10	Database Administration	69
3.11	Middleware Administration	72
3.12	Messaging Services	74
4.	DATA NETWORK SERVICES	75
4.1	Planning and Analysis	76
4.2	Asset Acquisition and Management	76
4.3	Engineering/Development	76
4.4	Integration and Testing	77
4.5	Implementation and Migration	77
4.6	Circuit Support Services	77
4.7	Operations and Administration	78
4.8	Network Performance Management	80
4.9	Local Area Network (LAN) Services	80
4.10	Wide Area Network (WAN) Services	81
4.11	Metropolitan Area Network (MAN) Services	81
4.12	Virtual Private Network (VPN) Services	81
5.	VOICE NETWORK SERVICES	82
5.1	General Obligations	82
5.2	Planning and Analysis	86
5.3	Asset Acquisition and Management	86
5.4	Implementation and Migration	86
5.5	Operations and Administration	87
5.6	Desk Phone Service	90
5.7	Long Distance Service	93
5.8	Voice Mail Service	95
5.9	Online Directory Service	97
5.10	Teleconferencing Service	98
5.11	Inbound Toll Free / Call Center Service	99
5.12	Automated Call Distribution (ACD) Service	101
5.13	Integrated Voice Response (IVR) Service	103
5.14	Video Conference Service	104
5.15	Web Conference Services	105
6.	END USER SERVICES	105
6.2	General Obligations	106
6.3	Printer Support Services	108
6.4	PDA Support Services	108
6.5	Software Deployment and Management Services	109
6.6	Implementation and Migration	110
6.7	Operations and Administration	111
6.8	Configuration Management/Change Control	112
6.9	Repair Services	113
6.10	Custom Services	113
7.	HELP DESK SERVICES	114
7.2	General Obligations	114
7.3	Planning & Analysis	115
7.4	Operations & Administration	116
7.5	Service Request and Trouble Ticket Management	117
7.6	Remote Desktop Management	119
7.7	User Administration	120
7.8	Installs, Moves, Adds, Changes (IMACs)	121
7.9	Self Help	121
7.10	Meetings and Conferences	121
7.11	Monitoring and Reporting Services	122

Schedule A A - 3 Health Net / IBM Confidential

Final Execution Version

7.12	Exception Requests	122
8.	ENTERPRISE SECURITY MANAGEMENT SERVICES	122
8.1	Introduction	123
8.2	Security Compliance and Regulatory	123
8.3	Infrastructure Protection	127
8.4	System Currency	135
8.5	Identity and Access	139
8.6	Security Firewall Management Services	142
8.7	Security Engineering Services	143
8.8	Additional Security Terms	146

LIST OF EXHIBITS

Refresh Schedule	Exhibit A-1
Transition Plan	Exhibit A-2
Transformation Plan	Exhibit A-3
Solution Description	Exhibit A-4
Disaster Recovery Contracts	Exhibit A-5
Health Net Federal Services Requirements	Exhibit A-6
Change Control Process	Exhibit A-7
Citrix Enabled Applications	Exhibit A-8
Asset Tracking System	Exhibit A-9
Project Framework	Exhibit A-10
In-Flight Projects	Exhibit A-11
Sample System Decommissioning Checklist	Exhibit A-12
Facilities Services Responsibility Matrix	Exhibit A-13

Schedule A A - 4 Health Net / IBM Confidential

Final Execution Version

1. INTRODUCTION

1.1 General.

(a) This Schedule A (Services) describes, among other things, the information technology Services to be performed and delivered by Supplier under this Agreement; the service delivery environments from which Supplier will perform and delivery of the Services; and the solution that Supplier will implement or use in performing the Services.

(b) The Services are required for Health Net’s business operations in the United States, including its territories.

(c) References to specific resources (e.g., tools, systems) in this Schedule A that are used by Supplier in performing the Services, and where Supplier implements any such successor or replacement resources, such references shall be deemed to include such successor or replacement resources.

(d) Supplier shall manage and perform the Services in a tightly integrated manner (with appropriate consideration given at all times to the impact of change to all Services) without regard to technology platform.

(e) All Equipment, Software and Services shall meet the configuration, performance, information system security, and standardization requirements as defined by the Health Net IT architectural standards.

(f) Supplier shall provide such information as may be reasonably requested by Health Net from time to time to support Health Net’s investigation into potential violations of Health Net’s policies and procedures.

1.2 Service Hours.

Service	Hours of Operation
1. DATA CENTER SERVICES**	24 hours per day, seven days per week
2. DATA NETWORK SERVICES**	24 hours per day, seven days per week
3. VOICE NETWORK SERVICES**	24 hours per day, seven days per week
4. END USER SERVICES	06:00–18:00 local time, Monday–Friday, with 24 hours per day, seven days per week oncall support for PDA Support Services and VIP Support Services
5. HELP DESK SERVICES	Twenty-four hours per day, seven days per week
6. ENTERPRISE SECURITY MANAGEMENT SERVICES	Twenty-four hours per day, seven days per week

1.3 Definitions.

Schedule A A - 5 Health Net / IBM Confidential

Final Execution Version

(a) Capitalized terms not defined in this Schedule A shall have the meaning given them in Schedule U (Glossary) or elsewhere in the Agreement.

1.4 Solution Description.

(a) Attached hereto as Exhibit A-3 is a draft, high level technical solution for Health Net, as of the Effective Date, describing how Supplier will implement the Services, meet Health Net’s business requirements as described in the Agreement (including this Schedule and the Exhibits attached hereto), and otherwise provide the Services (“Solution Description”). Within sixty (60) days following the Effective Date, Supplier shall be responsible for revising, elaborating on and fully describing, and finalizing the Solution Description. The detailed Solution Description may not modify or change the scope of Services to be provided under, or any other terms or conditions of, the Agreement, and shall be provided to Health Net for review, comment and approval. Such detailed Solution Description, including reasonable comments or suggestions of Health Net, shall be incorporated into the Technology Plan described in Section 17.6 of the Agreement. Supplier shall perform the Services in accordance with the Solution Description portion of the Technology Plan.

(b) All Services being provided from a non-Health Net Facility must be provided on dedicated Equipment and Software that is physically separate from (e.g., rack-level separation) Equipment and Software that is not being used to provide the Services and is not used to provide services to other customers of Supplier; provided however that Equipment and Software that’s sole use is for the management of the Services (e.g., GSMRT (Supplier global reporting system)) may be provided from shared infrastructure.

1.5 Projects.

As part of the Services, Supplier shall complete and manage Health Net Projects in accordance with Exhibit A-10 (Project Framework). The In-Flight Projects include those identified in Exhibit A-11 (In Flight Projects).

1.6 Third Party Managed Contracts.

Supplier shall be responsible for managing Managed Third Parties in accordance with the requirements of this Agreement. Based upon guidance and direction from Health Net, Supplier shall act in accordance with Health Net’s direction and guidance at all times with regard to this responsibility. Without limiting the generality of the foregoing, Supplier’s responsibility regarding Managed Third Parties shall include:

(a) Services Solution. Supplier shall provide solution management services for the overall solution comprising the Services and related services provided to Health Net by Supplier and the Managed Third Parties (the “Services Solution”).

(b) Contract Management. Supplier shall be responsible for managing, facilitating, and directing communications between and among Health Net, Supplier, the Managed Third Parties, and other third parties. This

Schedule A A - 6 Health Net / IBM Confidential

Final Execution Version

responsibility shall include, if requested by Health Net, being Health Net’s single point of contact for all issues and communications with any Managed Third Party, including issues regarding regulatory requirements and changes, problem management and resolution, payment and any contractual matters.

(c) Technology Management. Supplier shall maintain an up-to-date view of the services provided by Managed Third Parties that are reasonably related to the Services in order to stay informed of current technology and costs for such technology and trends.

(d) Performance Management. Supplier shall manage the performance of Managed Third Parties, including: (A) monitoring, overseeing and verifying that the Managed Third Parties are performing all of their contracted services and complying with all of their obligations to Health Net that are being managed by Supplier, in the required manner and within required time frames; (B) receiving, and verifying the accuracy of, all invoices to be paid by Health Net to Managed Third Parties relating to such managed services; and (C) oversight of any changes to services provided by Managed Third Parties, including verifying that such modifications are performed within required time frames and in accordance with the Managed Third Party’s obligations, and providing progress reports to Health Net at regular intervals.

(e) Reporting Services. Supplier shall report to Health Net, on no less than a quarterly basis, the status on the activities described in this Section 1.6, including: (i) recommending to Health Net alternative courses of action with regard to (A) particular Managed Third Parties, (B) any modification to the overall combination of services comprising the Services Solution, and (C) any additional services from Supplier or third parties from which the Services Solution could benefit; and (ii) assisting Health Net with a plan to exploit market changes for the benefit of the Health Net group.

(f) Contract Negotiation.

(i) Except as provided in Section 1.6(f)(ii) below, Health Net shall have the sole right to negotiate contracts (or amendments to contracts) with existing or potential Managed Third Parties; provided however, that at Health Net’s request, Supplier shall negotiate such contracts or amendments on Health Net’s behalf, or otherwise assist Health Net in such negotiations. If Supplier is negotiating on Health Net’s behalf, (A) Health Net may direct and participate in the negotiations as desired by Health Net, (B) Supplier shall not enter into any contractual relationship with a third party on behalf of any member of Health Net without Health Net’s consent (which shall be at Health Net’s sole discretion), and, (C) if the third party will be providing a service that will impact any Service Levels, any commitment to provide services from such third party shall be at a performance level consistent with any such Service Levels. In such negotiations Health Net shall be represented solely by counsel (whether internal or external) selected and retained by Health Net, and

Schedule A A - 7 Health Net / IBM Confidential

Final Execution Version

Supplier shall not have the authority to, and shall not, retain counsel or other professional advisers for Health Net.

(ii) With respect to contracts with Managed Third Parties that are assigned to the Managed in ASC Asset Category (as identified in Schedules I, J and N based on the type of contract, or in Exhibit C-10 for contracts not yet identified in Schedules I, J or N), Supplier shall have the right to participate in negotiations of those portions of the contracts that relate directly to the charges to be paid under those contracts. For example, Supplier has the right to participate in the negotiations of the actual maintenance fees under a maintenance contract. However, Supplier shall not have the right to participate in the negotiations of the limitations of liability provisions, service levels, or other similar provisions that may directly or indirectly affect the risk profile under the agreement. If Supplier elects to exercise its rights under this Section, Supplier must (A) allow Health Net to participate in the negotiations as desired by Health Net, and (B) use Commercially Reasonable Efforts to reach an agreement on these provisions that would be satisfactory to Health Net if Health Net was the Party with Financial Responsibility for paying the amounts under the contract (including by avoiding any unreasonable increase in payments at the end of the Term that would need to be paid by Health Net if the contract were to be extended beyond the Term).

(g) Partial Responsibility. For any particular (i) Managed Third Party or (ii) service provided by a Managed Third Party, Health Net may require that Supplier perform only a subset of the responsibilities required under this Section 1.6, as opposed to all of the responsibilities required hereunder.

(h) Health Net Obligations. Supplier shall know, and use Commercially Reasonable Efforts to inform Health Net of the performance obligations of a member of Health Net under Managed Third Party contracts.

2. CROSS-FUNCTIONAL SERVICES

Supplier shall provide the following cross-functional Services (the “Operations and Maintenance Services” or “O&M Services”) as such Services relate to the Data Center Services, the Data Network Services, the Voice Network Services, the End User Services, the Help Desk Services, the Enterprise Security Management Services and any other Services the Parties may add to the scope of the Agreement. In the event that Health Net terminates the provision of any of the Service Towers pursuant to the Agreement, Supplier shall continue to provide the Services set forth in this Section 2 as such Services relate to the remaining Services.

2.1 Overall Responsibilities.

The following are general responsibilities that Supplier will be responsible for providing, in accordance with Health Net guidelines

Schedule A A - 8 Health Net / IBM Confidential

Final Execution Version

(a) Performing all tasks and responsibilities for management documentation and management reporting in a form and format reasonably requested by Health Net; and

(b) Performing the configuration, parameter changes, related testing, and implementation of Software tools used to provide the Services.

2.2 Planning and Analysis.

Planning and analysis Services are the Functions associated with the research of new technical trends, products and services, such as Equipment, Software, and transmission facilities that offer opportunities to improve the efficiency and effectiveness of the Services, as well as for competitive business advantage. Supplier shall perform the planning and analysis Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 1. Planning and Analysis Roles and Responsibilities

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
1.      Define Health Net business, functional, availability and service requirements at the enterprise level.		X
2.      Propose planning and analysis activities to improve the Services, including improvements for operational efficiencies and risk mitigation strategies.	X
3.      Review and approve services and standards for planning and analysis activities.		X
4.      Recommend policies and procedures to perform planning and analysis activities.	X
5.      Review, authorize, and approve policies and procedures for the performance of planning and analysis activities.		X
6.      Continuously monitor technical trends through independent research; document and report on products and services with potential use for Health Net.	X
7.      In addition to, and without limiting the generality of, Supplier’s obligations with respect to the development of the Annual Technology Plan (as set forth in Section 17.6 of the General Terms and Conditions, perform up to fifty (50) hours per quarter of feasibility studies for the implementation of new technologies (including security-related technologies) that best meet Health Net business needs and cost, performance and quality objectives; present the findings of such feasibility studies to Health Net on a quarterly basis.	X
8.      Conduct annual technical and business planning sessions to establish standards, architecture and project initiatives.		X
9.      Participate in annual technical and business planning sessions to establish standards, architecture and project initiatives.	X
10.    Conduct planning for technology Refresh and upgrades.	X
11.    Participate in planning for technology Refresh and upgrades.		X
12.    Conduct semiannual technical reviews.	X
13.    Conduct semiannual workshops on industry trends and best practices.	X

Schedule A A - 9 Health Net / IBM Confidential

Final Execution Version

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
14.    Develop and execute content and procedures for conducting user satisfaction surveys.	X
15.    Review and approve content and procedures for conducting user satisfaction surveys.		X
16.    Participate by collaborating with Health Net and other third parties as required, in application security planning.	X
17.    Perform and document planning and analysis for infrastructure support as reasonably required by application plans.	X
18.    Develop configuration settings within infrastructure, for prototype application, to demonstrate support of application requirements	X
19.    Provide infrastructure cost to Health Net and schedule estimates during application planning phases.	X
20.    Review and approve infrastructure planning and analysis, as documented in support of application plans.		X

2.3 Project Management.

Exhibit A-10 (Project Framework) sets forth the process to be followed by the Parties (a) in establishing the cost and time frames of Projects, and (b) in managing Projects throughout their life-cycle. Supplier shall implement and utilize industry standard project management methodologies and processes for all projects (chargeable and non-chargeable) commensurate with the duration, scope and criticality of the project to successfully complete the project including by developing and adhering to processes and documentation requiring or addressing the following:

(a) Planning projects, including:

(i) Forming project teams;

(ii) Defining the specific activities that must be performed to produce the various project deliverables;

(iii) Sequencing the activities and documenting dependencies;

(iv) Estimating the time needed to complete individual activities;

(v) Analyzing the activity sequences, activity durations, and resource requirements;

(vi) Performing risk management planning;

(vii) Determining which resources (e.g., people, hardware, and materials) and which quantities of each should be used to perform project activities;

(viii) Assigning the human resources needed to work on the project;

(ix) Developing an estimate of the resource costs required to complete the project;

Schedule A A - 10 Health Net / IBM Confidential

Final Execution Version

(x) Identifying which quality standards are relevant to the project and how they can be satisfied;

(xi) Identifying, documenting, and assigning project roles, responsibilities, and reporting relationships;

(xii) Determining the information and communications needs of the stakeholders;

(xiii) Identifying quantitative and qualitative risks and documenting the characteristics of each;

(xiv) Developing procedures and techniques to enhance opportunities and to reduce threats to the project;

(xv) Determining what to procure, how much to procure, and when to procure;

(xvi) Developing project plans by taking the results of the above and incorporating them into consistent, coherent documents that can be used to guide both project execution and project control. The project plans include planning inputs, historical information, organizational policies, constraints, and assumptions;

(xvii) Submitting draft project plans to Health Net for approval; and

(xviii) Revising draft project plans as directed by Health Net.

(b) Monitoring and controlling projects, including:

(i) Managing personnel assigned to projects;

(ii) Implementing appropriate project management methodology including the use of approved project management tools;

(iii) Preparing performance, financial, utilization and status reports;

(iv) Providing appropriate access to information and project management templates;

(v) Coordinating changes across/within projects;

(vi) Controlling changes to project scope;

(vii) Controlling changes to project schedules;

(viii) Controlling changes to project budgets;

(ix) Determining if projects comply with relevant quality standards and identifying ways to eliminate unsatisfactory performance; and

Schedule A A - 11 Health Net / IBM Confidential

Final Execution Version

(x) Tracking identified risks, monitoring residual risks, identifying new risks and executing risk plans and evaluating their effectiveness in reducing risk;

(c) Executing projects, including:

(i) Executing project plans by performing the activities therein;

(ii) Delivering projects;

(iii) Evaluating overall project performance on a regular basis to confirm projects will satisfy the relevant quality standards;

(iv) Developing individual and group skills/competencies to enhance project performance;

(v) Conducting acceptance activities (e.g., testing and quality assurance activities);

(vi) Closing out projects and resolving any open items; and

(vii) Providing administrative closure by generating, gathering, and disseminating information and formalizing phase or project completion, including evaluating projects and compiling lessons learned for use in planning future projects or phases.

Utilization of project managers and project management processes required as part of a chargeable Project shall be chargeable in connection with such Project in accordance with Section 5 of Schedule C (Charges). Utilization of project managers and project management processes required by the Project governance process shall be non-chargeable when related to non-chargeable project work. If Health Net requests a level of project management for a non-chargeable project in excess of that required by the Project governance process, then the additional project management hours required to meet Health Net’s request would be separately chargeable in accordance with Section 5 of Schedule C (Charges).

2.4 Requirements Definition.

Requirements definition Services are the Functions associated with the assessment and definition of user functional, performance, availability, maintainability and disaster recovery needs and the required security requirements to meet user, regulatory, client and company policy requirements. Supplier shall perform the requirements definition Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 2. Requirements Definition Roles and Responsibilities

Schedule A A - 12 Health Net / IBM Confidential

Final Execution Version

Requirements Definition Roles and Responsibilities	Supplier	Health Net
1.      Propose functional, performance, availability, maintainability and DR requirements and establish standards (for example, support processes and procedures).	X
2.      Review and approve Supplier proposed requirements and standards.		X
3.      Conduct interviews, group workshops, and surveys to determine user functional, performance, availability, maintainability and disaster recovery (e.g., RTO and RPO) requirements.		X
4.      Participate in requirements gathering groups and panels as requested by Health Net.	X
5.      Document all requirements and standards in agreed to formats (e.g., system specifications, data models, network design schematics).	X
6.      Approve all requirements and standards documents.		X

2.5 Design Specifications.

Design specification Services are the Functions and deliverables that translate requirements (functional, performance, availability, disaster recovery and security) into detailed technical system specifications. Supplier shall perform the design specification Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 3. Design Specifications Roles and Responsibilities

Design Specification Roles and Responsibilities	Supplier	Health Net
1.      Develop and document technical design plans and environment configuration based on Health Net standards, technical architecture and functional, performance, availability, maintainability, security and disaster recovery requirements.	X
2.      Propose system upgrade, replacement and conversion requirements, including for all Equipment, Software and other IT Infrastructure.	X
3.      Review and approve design plans, technical architecture changes/enhancements and system upgrade, replacement and conversion requirements.		X
4.      Participate in site surveys for design efforts as reasonably requested by Health Net.	X
5.      Provide design documentation for all proposed technical architecture and environment configuration.	X
6.      Approve design documentation.		X

2.6 Asset Acquisition and Management.

(a) Acquisition and management Services are the Functions associated with the pricing, evaluation (technical and costing), selection, acquisition, and ongoing management of Equipment and Software, including inventory management and inventory tracking (e.g., via barcode), support for centralized warranty and license management, configuration control of

Schedule A A - 13 Health Net / IBM Confidential

Final Execution Version

desktops, workstations and network Software to include automatic electronic distribution of changes, modifications and version updates of supported Software (i.e., Software distribution), and Equipment and Software redeployment and decommissioning. Supplier shall perform the asset acquisition and management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 4. Asset Acquisition and Management Roles and Responsibilities

Asset Acquisition and Management Roles and Responsibilities	Supplier	Health Net
8.      Develop acquisition policies and procedures.	X
9.      Review and approve acquisition policies and procedures.		X
10.    Identify pre-approved vendors.		X
11.    Maintain list of pre-approved vendors.	X
12.    Approve selected, strategic vendors.		X
13.    Develop and issue asset acquisition bid requests as required and approved by Health Net.	X
14.    Demonstrate that best efforts are being pursued to obtain best pricing (e.g., use of pooled government procurement mechanisms).	X
15.    Evaluate proposals against clearly defined objective criteria.	X
16.    Negotiate purchase or lease contracts for Equipment, Software and Services for which Supplier has Financial Responsibility, including for network Services-related contracts.	X
17.    When requested by Health Net, negotiate purchase or lease contracts for Equipment, Software and Services for which Health Net has Financial Responsibility, including for network Services-related contracts.	X
18.    Review and confirm that all new asset requests comply with established Health Net IT standards and architectures.	X
19.    Manage the asset ordering, procurement and delivery processes in compliance with Health Net procurement and acceptance processes.	X
20.    Manage/track purchase and service orders.	X
21.    Coordinate delivery and installation of new products and services, as required.	X
22.    Review and approve selection of Equipment and Software.		X
23.    Update and maintain an asset inventory database. Exhibit A-9 (Asset Tracking System) describes what information Health Net currently tracks in the asset management tool as of the Effective Date. Supplier shall continue to track at least this information	X
24.    Propose an asset inventory tracking methodology.	X
25.    Review and approve asset inventory tracking methodology.		X
26.    Track all Equipment and Software (location, asset ID, serial number, financial disposition like owner, lease, capital, expense).	X
27.    Track and advise Health Net in a timely manner of expiration and renewal requirements for Health Net Equipment and Software licenses, leases, and service contracts.	X
28.    Provide asset inventory reports to Health Net as requested.	X

Schedule A A - 14 Health Net / IBM Confidential

Final Execution Version

Asset Acquisition and Management Roles and Responsibilities	Supplier	Health Net
29.    Provide Health Net End Users read-only access to the asset management database and the ability to generate reports from the asset inventory database.	X
30.    Conduct periodic quality reviews of asset inventory database and tracking methodology procedures.	X
31.    Terminate, dispose of, and/or relocate assets as needed; provide disposition reports to Health Net.	X

(b) Supplier should also comply with the following processes when decommissioning systems:

(i) For all system decommissions, Supplier (a) shall respond to questions from Health Net related to the decommissioning, including those listed in Exhibit A-12 (Sample System Decommissioning Questionnaire), (b) shall prepare a decommissioning plan and such plan must be approved by Health Net prior to commencing any decommissioning activities, (c) shall not turn off a system until Supplier receives Health Net’s written approval of the system decommissioning, and (d) Supplier shall follow the approved decommissioning plan at all times when decommissioning a system.

(ii) With respect to Data Network, Voice Network and End User Services systems, Supplier shall perform the following:

(A) Check Equipment with asset tags for original entity ownership in the asset tracking database;

(B) Perform disk scrubs in accordance with Department of Defense procedures and requirements and using a scrubbing tool that is compliant with such Department of Defense procedures and requirements for all drives (related to both End User Resources and data center Equipment) and revert salvaged network and telecom Equipment to manufacturer’s default settings;

(C) Store disk scrub certifications for reference by Health Net, as required. In the event the scrub utility can not be run on a particular machine, the physical disk drive must be removed from the system and destroyed;

(D) Equipment information should be recorded for reference and reporting to Health Net;

(E) Equipment transfer must be recorded and stored for reference and reporting to Health Net; and

(F) Once a product has been salvaged, Health Net should be notified via a report per the current salvage agreement.

Schedule A A - 15 Health Net / IBM Confidential

Final Execution Version

(iii) With respect to data center systems, Supplier shall perform the following:

(A) Preparation steps for servers:

(i) A request will be sent from Health Net that the system is no longer needed, or the Supplier may recognize that the system is no longer needed and will initiate contact with the teams using the system. Approval from Health Net is required before any system decommissioning.

(ii) After approval is given to decommission the system, a formal change management request should be submitted following the change management process described in Section 2.17(b) to be followed by the Supplier. The Supplier needs to maintain an audit trail of official support/approval from Health Net to decommission the system.

(iii) As it will be necessary to perform “decommission” backups on the system, a final backup of the system should be scheduled and conducted, and it needs to be verified that the backup is working prior to the decommission day.

(iv) No system can be shut down without proper notification to all users of the system in accordance with Health Net’s notification requirements, as will be identified in the decommissioning plan.

(B) Decommission – Initial Shutdown

Supplier should perform two full decommission backups per Health Net’s backup policy. The two backups need to be on different tapes. The backups should be verified as completed without any errors before continuing.

(C) Decommission – Final Steps

(v) No less than thirty-five (35) days but not more than forty-five (45) days after the system is shutdown (and no users requested that the system be restarted), any and all DNS entries related to the system need to be removed. Supplier shall perform disk scrubs in accordance with Department of Defense procedures and requirements and using a scrubbing tool that is compliant with such Department of Defense procedures and requirements for all drives (related to both End User Resources and data center Equipment) and revert salvaged data center Equipment to manufacturer’s default settings;

(vi) In the event the users request the system be restarted the Supplier shall cease the relevant decommissioning and notify the initiator of the applicable Change Notice to determine next steps.

(vii) Asset should be marked as decommissioned in the asset management system for reference by and reporting to Health Net.

Schedule A A - 16 Health Net / IBM Confidential

Final Execution Version

(iv) For the avoidance of doubt, Supplier shall be responsible for decommissioning systems as requested by Health Net, including system decommissioning required upon the expiration of an Equipment lease (including all ongoing lease-related decommissioning activities being performed as of the Effective Date).

2.8 Integration and Acceptance Testing.

Integration and testing Services are the Functions necessary to validate that the individual Health Net Equipment and Software configured with or added to the infrastructure work together cohesively and perform Functions as intended and in accordance with the design and test plans. Supplier shall perform the engineering and development Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 5. Integration and Testing Roles and Responsibilities

Integration and Testing Roles and Responsibilities	Supplier	Health Net
1.      Develop infrastructure integration and testing policies and procedures.	X
2.      Contribute to application related integration and testing policies and procedures as reasonably requested by Health Net	X
3.      Review and approve integration and testing policies and procedures and Deliverables.		X
4.      Conduct testing for all new and modified Equipment, Software and Services, including system, performance and integration testing and other testing activities as specified in the Procedures Manual and/or specific test plans.	X
5.      Evaluate all new and modified Equipment, Software and Services for compliance with Health Net security policies, regulations and procedures.	X
6.      Develop system acceptance criteria.	X
7.      Review and approve system acceptance criteria.		X
8.      Perform all user acceptance testing for new and modified Equipment, Software or Services.		X
9.      Stage new and modified Equipment, Software and Services to smoothly transition into existing environment.	X
10.    Subject to the Change Control Process, perform modifications and performance-enhancement adjustments to the IT Infrastructure, Systems Software and utilities as a result of Changes to Health Net architectural standards.	X
11.    Evaluate all new and modified Equipment, Software and Services for compliance with Health Net Service Levels.	X
12.    Support, manage and maintain integration test and user acceptance test environments, including support of the code/configuration/migration management tools (installing the tool, applying the patches).	X
13.    Provide input to application test plans (e.g integration, stress, regression, system tests if applicable).	X

Schedule A A - 17 Health Net / IBM Confidential

Final Execution Version

Integration and Testing Roles and Responsibilities	Supplier	Health Net
14.    Conduct infrastructure defect triage meetings to identify the root cause of any issues related to integration and acceptance testing.	X
15.    Participate in application defect triage meetings.		X
16.    Resolve/correct infrastructure defects found as a result of any testing efforts that include the infrastructure.	X
17.    Install new/upgraded software or execute new services to smoothly transition from Health Net Systems Integration Test environment to User Acceptance Test environment.	X
18.    As reasonably required by Health Net, make available data provided by Health Net onto appropriate systems to support application test scenarios.	X
19.    Execute on Health Net’s application test-to-production turnover requirements.	X
20.    Develop test-to-production infrastructure turnover requirements.	X
21.    Review and approve test-to-production turnover requirements.		X

2.7 Capacity Management.

Capacity management Services are those Functions related to ensuring that the capacity of the IT Infrastructure matches the evolving demands of the business in the most cost-effective and timely manner. Capacity management Services include the monitoring of performance and throughput of IT services and supporting IT components, undertaking tuning activities, understanding current demands and forecasting for future requirements, influencing the demand for resources and developing a capacity plan which will meet demand and Service Levels. Supplier shall perform the capacity management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 6. Capacity Management Roles and Responsibilities

Capacity Management Roles and Responsibilities	Supplier	Health Net
1.      Identify future business requirements that will affect capacity requirements.		X
2.      Establish and maintain comprehensive capacity management planning process at the enterprise, system and IT component level taking into account current and new requirements, including those from new or modified Software.	X
3.      Review and approve capacity management planning process.		X
4.      Develop and implement tools that allow for the effective monitoring/trending of IT Infrastructure, Software and IT components performance and resource utilization.	X
5.      Continually monitor IT resource usage and promptly identify capacity issues; provide to Health Net capacity trending information to allow for forecasting future capacity requirements.	X
6.      Assess Incidents/Problems and make appropriate capacity IT changes to improve Services performance.	X

Schedule A A - 18 Health Net / IBM Confidential

Final Execution Version

Capacity Management Roles and Responsibilities	Supplier	Health Net
7.      Perform tuning activities that enable optimized use of existing IT resources and minimize Health Net costs to deliver Services at the agreed Service Levels.	X
8.      Provide adequate capacity within the IT environment to meet Service Levels and other performance requirements, taking into account daily, weekly and seasonal variations in capacity demands.	X
9.      Proactively provide to Health Net predictive capacity forecasts through the use of modeling, trending, baselining and other techniques.	X
10.    Develop and propose scenarios for addressing capacity constraints and define associated costs, risks and benefits of each.	X
11.    Review scenarios for addressing capacity constraints and approve scenario(s) that best addresses Health Net needs.		X

2.8 Implementation and Migration.

Implementation and migration Services are the Functions associated with the installation of new and upgraded Equipment and Software components (including for both commercial and custom developed Software), including the coordination and implementation of routine installation moves, adds and changes. Supplier shall perform the implementation and migration Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 7. Implementation and Migration Roles and Responsibilities

Implementation and Migration Roles and Responsibilities	Supplier	Health Net
1.      Recommend migration and conversion plans and redeployment policies and procedures, including for Equipment, Software, and data.	X
2.      Review and approve all migrations, conversions and redeployment policies and procedures, including for Equipment, Software, and data.		X
3.      Perform Equipment migration and redeployment plans in accordance with the Change and Release Management Services described in Section 2.16(b).	X
4.      Conduct pre-installation site surveys, as required.	X
5.      Install new or enhanced functions or features, Equipment, Software, peripherals and configurations (including network identification cards).	X
6.      Coordinate implementation and migration support activities with Health Net and the other Service Towers.	X
7.      Receive and track requests for IMACs.	X
8.      Confirm the requirements and scope of the IMAC request. Contact the user and schedule an agreed time for the work to take place, coordinate through change management.	X
9.      Perform appropriate pre-installation surveys and post-implementation testing for all installs, moves, adds and changes.	X
10.    Perform IMACs.	X
11.    Verify completion of IMACs by contacting the user to confirm satisfaction, update appropriate configuration/other databases to reflect IMAC information.	X

Schedule A A - 19 Health Net / IBM Confidential

Final Execution Version

Implementation and Migration Roles and Responsibilities	Supplier	Health Net
12.    Perform data migrations and execute conversion (including by running scripts and monitoring the conversion activities to confirm proper execution).	X
13.    Monitoring, documenting, and reporting on physical (e.g., Equipment) and logical (e.g., Internet Protocol [IP] address) IMACs and re-installations, regardless of the number of users, instances or systems.	X

2.9 Incident and Problem Management.

(a) Incident and Problem management Services include the Functions associated with restoring normal service operation in a manner that minimizes adverse impact on business operations as a result of Incidents and Problems (including Incidents and Problems caused by errors in the IT Infrastructure). Incident and Problem management Services also include Functions associated with preventing the recurrence of Incidents, including by performing root cause analysis of Incidents and initiating actions to improve or correct the situation.

(b) Supplier will develop, implement, and maintain a root cause analysis (“RCA”) process and perform the activities required to diagnose, analyze, recommend, and take corrective measures to prevent recurring Incidents, Problems and/or trends. Root cause analysis process exists to understand or prevent recurring Problems and/or trends which could result in Problems.

(i) Supplier will perform the following:

(A) identify, record, track and manage the Incident and/or Problem through service restoration, including by: (1) determining the Priority classification of the Incident and executing the Problem management process accordingly, and (2) determining the scope of the Incident and/or Problem;

(B) Identify the root cause of such Problems or failures, where possible;

(C) Identify and remedy the failure, and track and report on any consequences of the failure;

(D) Provide Health Net with a written report detailing the cause of and procedure for correcting such failure; provide updates on a monthly basis until closure; and

(E) Substantiate to Health Net that all reasonable actions have been taken to prevent recurrence of such failure and notify Health Net that the service has been restored.

(c) The following table identifies the underlying roles and responsibilities associated with root cause analysis activities:

Schedule A A - 20 Health Net / IBM Confidential

Final Execution Version

Table 8. Root Cause Analysis Roles and Responsibilities

Root cause Analysis Roles and Responsibilities	Supplier	Health Net
1.      Flag all Priority 1 Incidents and Problems and those Priority 2 Incidents and Problems identified by Health Net as requiring root cause analysis.	X
2.      Perform root cause analysis for all Priority 1 Incidents and Problems, and those Priority 2 Incidents and Problems identified by Health Net; recommend appropriate resolution action, where/whenever possible.	X
3.      Track and report on progress of all root cause analysis efforts to confirm that root cause analysis is performed and reported on (Incident reports / trouble tickets to remain open until root cause analysis report is completed and submitted) and report that all reasonable actions have been taken to prevent future reoccurrence.	X
4.      Provide Health Net with a written report detailing the cause of and procedure for correcting such failure; provide updates on a monthly basis until closure.	X
5.      Document to Health Net that all reasonable actions have been taken to prevent recurrence of such failure.	X
6.      Review and approve actions for resolution of Problems as reported in root cause analysis recommendations.		X

(d) Supplier shall also perform all other Incident and Problem management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 9. Incident and Problem Management Roles and Responsibilities

Incident and Problem Management Roles and Responsibilities	Supplier	Health Net
1.      Recommend Incident and Problem management policies and procedures.	X
2.      Approve Incident and Problem management policies, procedures and operational turnover requirements.		X
3.      Establish operations and service management quality assurance and control programs.	X
4.      Approve operations and service management quality assurance and control programs.		X
5.      Perform quality assurance and control programs.	X
6.      Develop policies for the use of remote control tools for help desk use in maintenance and troubleshooting.	X
7.      Review and approve policies for the use of remote control tools for help desk use in maintenance and troubleshooting.		X
8.      Develop plans and procedures for the use of remote control tools in accordance with defined policies.	X

Schedule A A - 21 Health Net / IBM Confidential

Final Execution Version

Incident and Problem Management Roles and Responsibilities	Supplier	Health Net
9.      Coordinate user support activities with the other Service Towers.	X
10.    Classify Incidents and Problems by Priority (as defined in Schedule B (Service Levels)). Establish Incident/Problem workflow, escalation, communication and reporting processes, including for all levels of support.	X
11.    Review and approve Incident and Problem classification (and re-classify Incident and Problem Priority Levels in Health Net’s discretion), and workflow, communication, escalation and reporting processes.		X
12.    Utilize, configure, operate and maintain an Incident and Problem management system; create a ticket for all Incidents and Problems in the Incident and Problem management system.	X
13.    Provide Health Net End Users and Health Net third party contractors with access to the Incident and Problem management tool.	X
14.    Respond to requests from the help desk and provide updates to the help desk on Incident and Problem resolution status.	X
15.    Manage entire Incident and Problem lifecycle including detection, diagnosis, scoping, repair, and recovery. Confirm user requirements were met and End User satisfaction prior to closing an Incident or Problem. Provide Incident and Problem “situation” management, including on a 24 hours per day, 7 days per week, 52 weeks per year, basis as necessary to meet the Service Levels and other performance standards set forth in the Agreement.	X
16.    Manage efficient workflow of Incidents and Problems, including the involvement of third party providers.	X
17.    Periodically review the state of open Incidents and Problems and the progress being made in addressing such Incidents and Problems.		X
18.    Participate in Incident and Problem review sessions and provide listing and status of Incidents and Problems categorized by Priority classification or other categorization as may be requested by Health Net (e.g., by Service Tower).	X
19.    Respond to system status notifications as required in escalation and workflow processes.	X
20.    Issue reports on IT service area performance and Incident and Problem statuses and trends.	X
21.    Identify possible product enhancement opportunities for improved operational performance and potential cost savings.	X
22.    Approve Projects to implement operational improvements.		X

2.10 Operations.

Operations Services are the Functions associated with providing a stable IT Infrastructure and to effectively and efficiently perform operation procedures so that the Services meet or exceed Service Levels and other performance standards required by the Agreement. Supplier shall perform the operations Services, including those Functions listed in the

Schedule A A - 22 Health Net / IBM Confidential

Final Execution Version

roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 10. Operations Roles and Responsibilities

Operations Roles and Responsibilities	Supplier	Health Net
1.      Recommend operations policies and procedures, operational Documentation requirements.	X
2.      Provide and implement enterprise system management tools to monitor the IT Infrastructure, diagnose events and assist in resolution of Problems.	X
3.      Install and configure enterprise system management tools.	X
4.      Perform event management monitoring of the Services to detect abnormal conditions or alarms, log abnormal conditions, analyze the condition and take corrective action.	X
5.      Manage Equipment, Software, and Services to meet the Service Levels and other performance requirements, and to minimize Health Net resource requirements.	X
6.      Provide and implement scheduling tools for managing/automating job execution, job workflow processes, file exchange functions and print management.	X
7.      Monitor progress of scheduled jobs and identify and resolve issues in scheduling process and track issues in the Problem management tool	X
8.      Recommend operational Documentation requirements (Run Books, Contact Lists, Operations scripts etc.).	X
9.      Review and approve operations policies and procedures and operational Documentation requirements.		X
10.    Execute production activities in accordance with the Procedures Manual	X
11.    Develop operational Documentation in compliance with operational Documentation requirements approved by Health Net.	X
12.    Maintain inventories of desktop and laptop Equipment (e.g., spares parts, replacement Equipment.) to support Incident and Problem resolution.	X
13.    Perform routine verification tasks to confirm processes and procedures are being adhered to in supporting operations.	X
14.    Develop templates for operational reports (Daily, Weekly, Monthly) that provides status of operational activities, production issues, and key operational metrics.	X
15.    Review and approve templates for operational reports.		X

Schedule A A - 23 Health Net / IBM Confidential

Final Execution Version

Operations Roles and Responsibilities	Supplier	Health Net
16.    Perform those Functions necessary to promote code from non-production environments to production environments and, as requested by Health Net on an ad hoc basis, to other non-production environments, including by coordinating with Health Nets application maintenance and development teams as necessary.	X
17.    Perform data migration(load) from existing systems to new systems, by electronic methods	X
18.    Provide support of the code/configuration management tools (installing the tool, applying the patches)	X
19.    Perform backup and associated rotation of media.	X
20.    Archive data media at a secure offsite location.	X
21.    Provide capability to recover (and recover as requested by Health Net) the following archived data from media: (1) archived data created during the Term, (2) archived data that was created prior to the Term but that (a) is stored on media that is readable using the then current Equipment, (b) is stored on media that is not readable using the then-current Equipment, but was created no more than thirty six (36) months before replacement of Equipment that renders such archived data unreadable by the then current Equipment, or (c) otherwise required pursuant to Section 24.2(d)(ii) of the General Terms and Conditions.	X
22.    Perform quality checks to (a) confirm that backup data is properly being generated and, at Health Net’s request, provide reporting verifying backup data integrity and (b) verify that appropriate backup data is being moved offsite within the agreed upon timeframes.	X
23.    Recover files, file system or other data required from backup media as required or requested by Health Net.	X
24.    Support application issues, with analyses of the operating systems across relevant platforms, hardware, Middleware with log reviews, traces, reconstructing execution path of transactions, analyzing historical system logs and resultant configuration changes to operating systems, hardware, Middleware etc. as needed	X

2.11 Maintenance.

(a) Maintenance Services are those Functions associated with the maintenance and repair of Equipment and Software, including performing “break-and-fix” activities, implementing commercial product patches, “bug fix,” service pack, and performing system/Software upgrades. Supplier shall perform all scheduled maintenance in accordance with the Change and Release Management Services described in Section 2.16(b). All unscheduled maintenance will be tracked using the approved best practices based Problem Management process. Supplier shall perform the maintenance Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Schedule A A - 24 Health Net / IBM Confidential

Final Execution Version

Table 11. Maintenance Roles and Responsibilities

Maintenance Roles and Responsibilities	Supplier	Health Net
1.      Recommend maintenance and repair policies and procedures.	X
2.      Review and approve maintenance and repair policies and procedures.		X
3.      Provide maintenance coverage for all Equipment and Software, at least at the level provided by Health Net immediately prior to the Effective Date.	X
4.      Provide maintenance and/or break/fix support for the Equipment and Software.	X
5.      Dispatch repair technicians to the point-of-service location if necessary.	X
6.      Perform diagnostics on Equipment, and Software.	X
7.      Install manufacturer field change orders, service packs, firmware, Software maintenance releases, and Software upgrades; provided however, that open source Software can only be installed and used in the Health Net environment with prior Health Net approval.	X
8.      Perform Software distribution and version control, both electronic and manual.	X
9.      Replace defective Equipment and Software and perform preventive maintenance.	X
10.    Conduct maintenance and parts management and monitoring during warranty and off-warranty periods.	X
11.    Perform routine system management, including system tuning.	X
12.    Manage availability and performance of all Equipment and Systems Software.	X
13.    On a timely basis, proactively notify Health Net of changes and upgrades, and major patch installs to Systems Software	X
14.    Perform maintenance for the System Software, including application of preventative maintenance and program temporary fixes provided to Supplier by the Systems Software providers, to correct defects in accordance with the change management and release managed procedures.	X

2.12 Technical Support & Administration.

Technical support and administration Services are those Functions associated with providing technical resources required for the tuning of Systems Software and utilities for optimal performance, including technical resources with expertise to provide Level 2 and Level 3 technical assistance, and to support Health Net Service Recipients. Supplier shall perform the technical support and administration Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Schedule A A - 25 Health Net / IBM Confidential

Final Execution Version

Table 12. Technical Support Roles and Responsibilities

Technical Support Roles and Responsibilities	Supplier	Health Net
1.      Recommend technical support policies and procedures.	X
2.      Participate in defining and approve technical support policies and procedures.		X
3.      Test, install, and tune technical environment Equipment, Software, peripherals and Services.	X
4.      Provide technical assistance for Level 2 and Level 3 End User and production support as requested Health Net and/or Supplier-provided help desk.	X

2.13 Technical Environment Monitoring and Reporting.

Monitoring and reporting Services are those Functions associated with monitoring and reporting on the Services. Supplier shall perform the monitoring and reporting Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 13. Monitoring and Reporting Roles and Responsibilities

Network Monitoring and Reporting Roles and Responsibilities	Supplier	Health Net
1.      Develop and document requirements and policies for monitoring and reporting.	X
2.      Develop and document monitoring and reporting requirements and procedures, including availability thresholds, report formats, notification processes.	X
3.      Approve network monitoring and reporting requirements, policies and procedures.		X
4.      Provide and implement tools for monitoring Equipment and Software.	X
5.      Implement measures for proactive monitoring and self-healing capabilities to limit outages.	X
6.      To the extent that the following can be accomplished utilizing automated monitoring tools or processes, monitor availability of Equipment and Software on a twenty-four hours per day, seven days per week basis and track and report status of availability (including network activities and Problems).	X
7.      Dispatch on-site staff to Health Net Facilities to perform break/fix, maintenance and Problem resolution activities.	X
8.      Provide technical assistance (e.g., respond to inquiries) as needed to the help desk, End Users and external entities using Health Net network.	X
9.      Coordinate and communicate planned and unplanned outages with Health Net business partners and third party vendors.	X
10.    Log all Incidents and Problems with the help desk and Incident and Problem management teams.	X

2.14 Service Level Monitoring and Reporting.

Service Level monitoring and reporting Services are those Functions associated with monitoring of IT delivery and support services to assess how Services are being delivered

Schedule A A - 26 Health Net / IBM Confidential

Final Execution Version

with respect to Service Levels. Supplier shall report system management information (e.g., performance metrics, and system accounting information) to the designated Health Net representative in a format agreed to by Health Net. Supplier shall perform the Service Level monitoring and reporting Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 14. Service-Level Monitoring and Reporting Responsibilities

Service Level Monitoring Roles and Responsibilities	Supplier	Health Net
1.      Measure, analyze, and provide management reports on performance relative to Service Level requirements.	X
2.      Develop Service Level improvement plans.	X
3.      Review and approve improvement plans.		X
4.      Implement improvement plans.	X
5.      Report on Services performance improvement results.	X
6.      Coordinate Service Level monitoring and reporting for Managed Third Party contracts.	X
7.      Review and approve Service Level metrics and performance reports.		X

2.15 Account Management.

Account management Services are those Functions associated with the ongoing management of the Services environment. Supplier shall perform the account management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 15. Account Management Roles and Responsibilities

Account Management Roles and Responsibilities	Supplier	Health Net
1.      Develop and document account management reporting procedures.	X
2.      Approve account management reporting procedures.		X
3.      Develop a “user” guide that defines Supplier’s Services (and how the Service Recipients can use the Services) in a format that is easily understood by the Service Recipients.	X
4.      Develop a service ordering process that clearly defines to the End User how to order, change or delete services.	X
5.      Develop and document criteria and formats for administrative, service activity and Service Level reporting.	X
6.      Approve a “user” guide, service ordering process and all reporting criteria and formats.		X
7.      Develop and implement Customer Satisfaction program for tracking the quality of Service delivery to End Users across the Services.	X
8.      Approve Customer Satisfaction program and monitor results.		X

Schedule A A - 27 Health Net / IBM Confidential

Final Execution Version

Account Management Roles and Responsibilities	Supplier	Health Net
9.      Measure, analyze and report system and service performance relative to requirements.	X
10.    Prepare performance and other Service Level reports and provide as scheduled.	X
11.    Prepare and provide activities reports.	X
12.    Prepare reports on statistics and trends.	X
13.    Perform operations inspections and other Service-related inspections to verify quality and accuracy of the Services.	X

2.16 Configuration Management.

(a) With respect to data center and Data Network Equipment and Software, configuration management Services are those Functions associated with providing a logical model of the infrastructure or a service by identifying, controlling, maintaining and verifying versions of configuration items in existence. Such model should account for all IT assets and configurations, provide accurate information on configurations, provide a demonstrated methodology for Incident, Problem, change and release management and to verify configuration records against the IT Infrastructure and correct any exceptions. Supplier shall perform the configuration management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 16. Configuration Management Roles and Responsibilities

Configuration Management Roles and Responsibilities	Supplier	Health Net
1.      Recommend configuration management policies, and procedures.	X
2.      Utilize and maintain configuration management data structure(s) and system configuration charts for managing configuration items, including for Equipment, Software, associated Documentation, including version control notes, operation Documentation.	X
3.      Utilize and maintain configuration management tools.	X
4.      Manually enter or upload configuration data into configuration database(s).	X
5.      Establish process for tracking configuration changes by date, time, individual(s) performing change, purpose of change, and description of change. Tracking must also include the state of configuration items (e.g., development, test, production, retired).	X
6.      Modify configuration databases to reflect any modifications to configuration items and confirm that appropriate change management processes are followed	X
7.      Establish process interfaces to Incident and Problem management, change management, technical support, maintenance and financial accounting processes.	X
8.      Establish appropriate authorization controls for modifying configuration items. Verify compliance with Software licensing.	X

Schedule A A - 28 Health Net / IBM Confidential

Final Execution Version

Configuration Management Roles and Responsibilities	Supplier	Health Net
9.      Establish guidelines for physical and logical separation between development, test and production and the process for deploying and back out of configuration items.	X
10.    Establish configuration baselines as reference points for rebuilds, and providing ability to revert to stable configuration states.	X
11.    Establish a process for verifying the accuracy of configuration items, adherence to configuration management process and identifying process deficiencies.	X
12.    Perform configuration planning, including (i) develop a strategy and configuration for CPU, DASD, and tape; (ii) develop a plan for systems availability, flexibility and performance; (iii) evaluate alternative configurations and recommending solutions on an annual basis and otherwise as appropriate; and (iv) recommend standard configurations for Equipment and Systems Software.	X
13.    Provide Health Net with configuration management reports as requested by Health Net, and in a format and containing the content reasonably requested by Health Net.	X
14.    Review and approve configuration management policies and procedures and provide recommended changes to meet Health Net requirements (including business needs, other internal requirements and regulatory requirement.		X
15.    Manage configuration management process and confirm accuracy of configuration data	X

(b) Supplier shall track and maintain configuration information (for both Equipment and Software configuration information) for End User Resources in Altiris (or a substantiality similar tool approved by Health Net) by utilizing agents that sit on the network connected devices to automatically populate the configuration information. With respect to Equipment, information to be tracked includes that information identified in Exhibit A-9 (Asset Tracking System) that relates to configuration information of End User Resources (all other information in Exhibit A-9 will be tracked as part of Supplier’s asset management responsibilities).

2.17 Change and Release Management.

(a) Change and release management Services include both change management Services and release management Services, which are inter-related and complementary.

(b) Change management Services (“CM”) are those Functions associated with utilizing standardized methods and procedures for efficient and prompt handling of all changes, in order to minimize the impact of change upon service quality and consequently to improve the day-to-day operations of the organization. CM covers all aspects of managing the introduction and implementation of changes, including their impacts on IT system(s), and the management processes, tools, and methodologies designed and utilized to support the IT systems. CM includes the following process steps:

(i) Request process

Schedule A A - 29 Health Net / IBM Confidential

Final Execution Version

(ii) Recording/Tracking process

(iii) Prioritization process

(iv) Responsibility assignment process

(v) Impact assessment process

(vi) Review / Approval process

(vii) Implementation process

(viii) Verification (test) process

(ix) Release process

(x) Closure process

(c) Release management Services (“RM”) are those Functions associated with taking a holistic view of a change to an IT service and considering all aspects of a release, both technical and non-technical together. RM includes the planning for and oversight of the successful rollout of Software and Equipment, and designing and implementation of efficient procedures for distribution and installation of changes. As part of performing the release management Services, Supplier should perform those Functions necessary so that (i) changes are traceable, secure and that only authorized and tested versions are installed, (ii) changes are implemented in a controlled manner in accordance with the Procedures Manual, (iii) exact execution and back-out plans are understood and executed as needed, and (iv) that master copies of new versions are secured in the definitive Software library and configuration databases are updated (such Software library and configuration databases is to be provided, supported and maintained by Supplier).

(d) Supplier shall perform the change and release management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 17. Change and Release Management Roles and Responsibilities

Change and Release Management Roles and Responsibilities	Supplier	Health Net
1.      Recommend change and release management policies, and procedures including operational turnover procedures, back out plans, training requirements etc.	X
2.      Establish change classifications (impact, priority, risk) and change authorization process.		X
3.      Approve change and release management procedures and policies		X
4.      Document and classify proposed changes to the environment, analyze cost, risk impact of those changes and establish release management plans for major changes and submit such Documentation to Health Net for approval.	X

Schedule A A - 30 Health Net / IBM Confidential

Final Execution Version

Change and Release Management Roles and Responsibilities	Supplier	Health Net
5.      Develop and maintain a schedule of approved changes and provide a plan to track success, impact of change and provide to Health Net for review	X
6.      Schedule and conduct change management meetings to include a review of proposed changes, plan to track success, and the impact of implemented change; provide agenda to Health Net prior to the meeting outlining which specific changes should be discussed	X
7.      Authorize and approve changes and the change schedule		X
8.      Review release management details and alter as appropriate to meet the needs of Health Net (back out plan, go/no go decision)		X
9.      Notify affected End Users of the timing and impact and impact of changes		X
10.    Implement changes and adhere to detailed release plans	X
11.    Modify configuration items, asset management items to reflect changes	X
12.    Execute operational turn-over procedures	X
13.    Verify that the implemented changes meet objectives and do not have negative impacts on the service delivery environment or on Health Net’s business	X
14.    Monitor changes and report results of changes to Health Net.	X
15.    Conduct user acceptance tests as required		X
16.    Perform quality control processes	X

2.18 Software Distribution Management.

(a) Without limiting Supplier’s obligations set forth in Section 2.17, Supplier shall also perform the software distribution management Services described in this section (as such Services apply to software distribution across all Service Towers, including Data Center Services).

(b) Supplier will distribute software products, which can include application releases, system/operating system updates, software patches or other software (self-developed, purchased or licensed applications, or utility software), to target systems for all Health net application environments including ABS, MC400; and if necessary to End Users at different locations. Health Net’s software release types may include:

(i) Full Release (All software components from the release are built, tested, and implemented together.)

(ii) Delta Release (includes only those software components within the Release unit that have actually changed or are new since the last full or delta release.)

(iii) Package Release (individual releases, which may be full units, delta releases, or both, are grouped together to form Package Releases.) Supplier will execute each component in the release as required per instructions provided by Health Net.

(iv) Permanent Temporary Fix (emergency fix)

Schedule A A - 31 Health Net / IBM Confidential

Final Execution Version

(c) Supplier will use a software library as the source for distribution (i.e., distribute each software item from the software library). With respect to the software library, Supplier will:

(A) Support the availability, uptime and administration of such software library.

(B) Maintain in such software library a trackable version control of all software to be deployed.

(C) Store software for as long as it is required by Health Net, as submitted and registered by Health Net teams.

(D) Control each software item (release, version, and package guidelines) per Health Net and other related third parties’ recommendations

(d) Supplier will perform all software control and distribution activities, in accordance with the change and release management obligations described in this section, including:

(i) using software distribution packages such as MKS, SCLM, HN-Move (or similar functionality). Supplier will also support, if necessary, distribution of packaged releases using interpreters such as the Java Virtual Machine, Perl, or with a particular version of an operating system distribution.

(ii) supporting both manual installs and managed installs, as required by Health Net, or third parties, including:

(A) Installing software products to target systems and desktops, reliably and efficiently;

(B) Deploying any kind of software including applications written in Java, C++ etc and other technologies used by Health Net applications development teams;

(C) Installing, removing or configuring software products on remote computers (servers) or desktops within a LAN via a deployment tool such as MacroVision or ZenWorks or SCCM

(D) Installing and configuring operating systems for servers, desktops and laptops; and

(E) Providing scheduling, installing (without rebooting, where possible) and provide support for non Windows Installer setups, when such install is practicable;

Provided however, that Supplier shall only be responsible for performing a reasonable number of manual installs on End User workstations.

Schedule A A - 32 Health Net / IBM Confidential

Final Execution Version

(e) As needed, promptly initiating required remediation strategies post deployment of a software product and notifying Health Net and any involved third parties of such remediation efforts. Supplier should complete the software distribution remediation strategy, seeking coordination as required from Health Net and any involved third parties and report successful completion accordingly to them.

SDM Roles and Responsibilities

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
•        Review and approve Supplier recommended procedures for distribution and installation of software products and related changes to IT systems		X
•        Communicate and manage expectations to the customer during planning and rollout of releases.		X
•        Contribute input (as related to the Services) to software release content and rollout plan for the release, as requested by Health Net or other involved third parties.	X
•        Implement successful rollout of software releases per Health Net’s controls from Change Management and production control policies and procedures	X
•        Ensure that all master copies of all software are secured in the Application Software Library and that the CMDB is updated	X
•        Coordinate with relevant Health Net groups and other third parties as needed, for a successful distribution of software, including interaction with Health net’s Release management group, Interaction with Production Support Infrastructure team	X
•        Stage new and upgraded software or services to smoothly transition from Health Net System testing to SIT	X
•        Execute new and upgraded, software or services to smoothly transition from Health Net System testing to SIT	X
•        Executing Code promotions	X
•        Package Code for move to next staging environment	X
•        Implementation plan for move from SIT to UAT environment	X	X
•        Stage new and upgraded, software or services to smoothly transition from Health Net SIT to UAT	X
•        Execute new and upgraded, software or services to smoothly transition from Health Net SIT to UAT	X
•        Code build for move to next staging environment from UAT	X
•        Implementation plan for move from UAT to Production environment	X	X

2.19 Training Services.

Training Services are the Functions associated with the improvement of knowledge of the receipt of the Services for Health Net and the Service Recipients and the delivery of Services for Supplier Personnel. Supplier shall provide the training Services, including the following activities:

(a) Ongoing Supplier Personnel Training

Schedule A A - 33 Health Net / IBM Confidential

Final Execution Version

Ongoing Supplier Personnel training Services are the Functions associated with the improvement of Supplier personal skills through education and instruction for Supplier’s staff, including the Transitioned Employees. Supplier shall perform the ongoing Supplier Personnel training Services, including:

(i) developing and implementing knowledge transfer procedures that allows for more than one Supplier Personnel to understand key components of the business and technical environment;

(ii) developing, implementing and documenting training requirements that support the ongoing provision of Services, including providing refresher courses as needed and ongoing instruction on new functionality;

(iii) providing training classes to remain current with systems, Software, features and functions in order to improve Service performance skills (e.g. respond to help desk inquiries);

(iv) performing disaster recover education, awareness and staff training;

(v) performing analysis of the Health Net environment to identify the appropriate sets of skills, training, and experience needed by Supplier Personnel, including the help desk staff , and

(vi) implementing such training to address those needs identified in the Health Net environment.

(b) Ongoing Health Net Service Recipient Training

Ongoing Health Net Service Recipient training Services are the Functions associated with the improvement of Health Net Service Recipients receipt of the Services through education and instruction the Health Net Service Recipients. Supplier shall perform the ongoing Health Net Service Recipient training Services, including:

(i) instructing Service Recipients on the provision of Supplier Services (e.g., “rules of engagement”, requesting Services, etc.);

(ii) developing, implementing and maintaining a knowledge database;

(iii) providing training to Service Recipients (upon request by Health Net) for technological changes related to the Services that impact such Service Recipients (e.g., new systems or functionality, etc.), including to facilitate Health Net’s full exploitation of all relevant functional features;

(iv) providing training and support to Health Net technical and business unit employees for toll-free routing changes that are available during emergencies and other events that require call routing changes;

Schedule A A - 34 Health Net / IBM Confidential

Final Execution Version

(v) providing ad hoc training for users unfamiliar with the video conferencing system;

(vi) proposing training for Health Net personnel, including classroom style and computer-based training, to improve “how-to-use” skills related to IT service area systems and Software, including standard COTS Software;

(vii) upon reasonable prior written notice, performing technical support for Health Net training rooms located at Campus or Metro Health Net Facilities (as designated in Schedule F) , including by confirming network connectivity, verifying that the specified Equipment and Software are installed and available to support the training (and resolve issues, if any, with such Equipment and Software and network connectivity);

(viii) performing disaster recover education and awareness training related to the TBCP;

(ix) maintaining Health Net Intranet-based training course catalog and training schedules;

(x) maintaining Health Net Intranet-based online class registration

(xi) maintaining copies of training materials and Software manuals on Health Net Intranet; update such training materials as necessary to keep them current based on Changes in the technology and environments; and

(xii) providing online guides for reference on self-help (technical support, FAQs) and training.

(c) Health Net Required Training

Supplier Personnel are required to take the following Health Net-provided training (administered online via Health Net’s HR link):

(i) HIPAA: An Overview;

(ii) Business Code of Conduct at Health Net (Ethics);

(iii) The Painful Price of Healthcare Fraud;

(iv) Getting the Records Straight;

(v) Health Net General Compliance;

(vi) Medicare Part D: Fraud, Waste and Abuse (for all associates whose job functions cover or may cover Medicare Part D); and

(vii) Other training courses that Health Net requires its employees or contractors to take, as reasonably requested by Health Net.

Schedule A A - 35 Health Net / IBM Confidential

Final Execution Version

Each Supplier Personnel shall complete the above training within sixty (60) days after being assigned to the Health Net account, and annually thereafter.

2.20 Documentation.

(a) “Documentation Services” means those Functions associated with developing, revising, maintaining, reproducing, and distributing Documentation in hard copy and/or electronic form. Supplier shall perform the Documentation Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

(b) Types of Documents covered by the Documentation Services include:

(i) Document system specifications and configurations, data center interconnection topology and network diagrams;

(ii) Standard operating procedures (boot, failover, spool management, batch processing, backup, etc.);

(iii) Policies, procedures, production & maintenance schedules and job schedules;

(iv) System specifications and Documentation;

(v) End User Documentation;

(vi) Self-help resources; and

(vii) Network system specifications and topologies (for example, router configurations, firewall policies, routing diagrams/IP addressing tables, hardware/Software listings, etc.).

Table 18. Documentation Roles and Responsibilities

Documentation Roles and Responsibilities	Supplier	Health Net
1.      Recommend Documentation requirements and formats	X
2.      Conduct, at its option, regular reviews of the Documentation		X
3.      Review and approve Documentation requirements and formats as appropriate		X
4.      Develop and maintain Documentation in agreed format for support of activities throughout the life cycle of Services as appropriate (including for each of the document types listed above)	X
5.      Subject to the confidentiality requirements set forth in Section 21 of the General Terms and Conditions, provide such additional information as reasonably requested to support Health Net documentation requirements (e.g. DIACAP documentation) and Health Net proposal efforts.	X

2.21 Technology Refresh and Replenishment.

Schedule A A - 36 Health Net / IBM Confidential

Final Execution Version

(a) General.

(i) Supplier shall keep the Equipment, Software and other technologies used by Supplier in performing the Services current and updated for the proper performance and delivery of the Services in accordance with the Service Levels.

(ii) Without limiting the generality of Section 2.21(a)(i), unless otherwise requested by Health Net and subject to Health Net’s approval where changes in related systems are involved, Supplier shall Refresh (as defined below) Equipment in accordance with Exhibit A-1 and the refresh matrix contained therein (collectively, the “Equipment Refresh Schedule”). “Refresh” means replacing existing Equipment, or upgrading existing Software, as applicable, with new assets that reflect then-current technology or versions, including any new features or functionality contained in such technology.

(iii) Within ninety (90) days after the Effective Date, Health Net will will (1) list all Software products in Health Net’s environment, (2) identify the versions of such Software currently operating in Health Net’s environment (“Existing Versions”), and (3) complete the “Currency Requirement” column in Schedule J with the ongoing currency requirements for such Software (“Currency Requirement”).

(A) Without limiting the generality of Section 2.21(a)(i) and subject to Section 2.21(a)(iii)(B) and Health Net’s Financial Responsibility obligations set forth in Schedule S, Supplier shall maintain all Software, including maintaining Software patch levels, in accordance with the Currency Requirements for each Software item, unless otherwise specified by Health Net. For example, if Schedule J identifies for a particular piece of Software, that the currency requirement is N-1, Supplier shall maintain such Software to within one (1) major version of the most current version of such Software, unless otherwise specified by Health Net. In this regard, and subject to Health Net’s Financial Responsibility obligations set forth in Schedule S, Supplier will install and implement new versions of Software (including new features and functionality contained in the new versions) for no additional charge.

(B) In the event that for a particular piece of Software, the Existing Version is older than the version that would be required by the Currency Requirement for such Software, then Health Net, at its option, may (1) authorize a Project to bring such Software to a specified currency level, or (2) lower the Currency Requirement of such Software until such time as Health Net elects to authorize a Project to bring such Software to a higher currency level.

Schedule A A - 37 Health Net / IBM Confidential

Final Execution Version

(iv) Supplier will support multiple releases of Software; provided, however, that in the event any third-party licensor no longer supports a release, then at Health Net’s option, Supplier shall either (a) upgrade such Software to a release level such third-party licensor supports; or (b) if Health Net directs Supplier to continue using the unsupported release, use Commercially Reasonable Efforts to continue to support such release. If Health Net elects to continue using an unsupported release, provided Supplier complies with its obligations under this paragraph, Supplier shall be excused from any failure to perform in accordance with the Service Levels to the extent caused by the lack of such third-party licensor support for such Software.

(b) Refresh Responsibilities.

Supplier’s responsibilities with respect to technology Refresh shall include the following:

(i) Performing the Functions and processes required to support the Refresh of Equipment and Software in accordance with Exhibit A-1 (Technology Refresh), the Software Currency Requirements specified above in Section 2.21(a)(iii), and the applicable Annual Refresh Plan defined below, including:

(A) performing planning and associated change event management, and Problem management as necessary;

(B) assigning qualified, dedicated project managers to manage Refresh activities;

(C) deinstalling, installing, reinstalling, configuring staging, and testing, as applicable Equipment and Software as necessary to complete Refresh; and

(D) restoring, as required, any data backed up during the deinstall process.

(ii) Identifying opportunities to deploy new technology for Health Net and proactively bringing proposals to Health Net for review;

(iii) Deploying new Equipment technology and Services to meet Health Net’s business requirements;

(iv) Specifying in each annual implementation plan for the Technology Plan, a detailed schedule identifying the specific items of Equipment and Software to be Refreshed, proposed configurations and versions for the replacement Equipment and Software, and the month in which they will be Refreshed (“Annual Refresh Plan”). Supplier shall incorporate reasonable comments from Health Net and provide a final Annual Refresh Plan within ten (10) Business Days of receiving Health Net’s

Schedule A A - 38 Health Net / IBM Confidential

Final Execution Version

comments. Supplier shall also coordinate the production, approval by Health Net, Documentation and distribution of the Annual Refresh Plan;

(v) Providing accurate and reliable inventory records for Equipment and Software installed during the Refresh process, and updating the applicable asset management systems with those records; and

(vi) Minimizing End User downtime during the Refresh process by implementing a set of industry standard “best practices” processes available and effective tools.

2.22 Storage Management, Data Retention.

(a) Backup and Restore. Supplier shall be responsible for:

(i) Maintaining, updating, and implementing backup and restore processes and procedures so as to recover Software (and the resources used to store data created by such Software), Health Net Data, and other data from an outage or corruption in a timely manner. Such procedures and processes shall provide for the following: (A) incremental daily backup of data and Software (i.e., backup of Software only to the extent modified since the most recent backup), as well as full weekly and monthly backup of data and Software on production systems and on non-production systems (e.g., development systems) as provided in Section 2.22(d)(iii), below; (B) other backups as described in Section 3.1(a)(vi) or elsewhere in this Schedule A, (C) off-site storage of Software and data for recovery purposes, which data shall be retained in accordance with Health Net’s data retention policies and Section 2.22(d)below; (D) regular tests of backup and restore processes as appropriate; and (E) maintenance of reserve capacity to provide for emergency situations (e.g., to restore damaged DASD Equipment) and normal operation. In addition, appropriate backups will be taken prior to and after major Software upgrades or changes, systems conversions and after significant processing periods.

(ii) Maintaining a backup media library onsite at the data center for efficient and effective recovery of certain backup data required for operations, as set forth in the Procedures Manual. Supplier will perform tape inventory and distribution activities and system recovery activities as needed to support operations and in accordance with the Service Levels and in a manner designed to minimize disruption to the End Users. Supplier shall transport media stored onsite to the applicable production areas and shall request tapes from offsite locations and transport such tapes to applicable production areas.

(iii) Performing regularly scheduled system backups within pre-defined backup windows and as otherwise approved by Health

Schedule A A - 39 Health Net / IBM Confidential

Final Execution Version

Net. Supplier shall conduct backup processes and procedures so as not to adversely impact scheduled operations.

(iv) Providing recommendations to Health Net regarding performance usage, backup and recovery considerations, such as improved levels of protection and efficiencies.

(v) With prior notification from Health Net, retrieving, and re-installing off-site stored data in accordance with the Service Levels or, if no Service Levels exist, as otherwise mutually agreed by the Parties. Supplier shall coordinate for return of stored data with Health Net’s offsite storage vendor.

(vi) Pursuing improvements in backup capabilities, procedures and tools, including implementing redundancy measures where required.

(vii) With respect to backups that need to be retained indefinitely pursuant to Tables 19 and 20, below, such backups shall be made on new media (i.e., media that has not been used before, whether for Health Net or otherwise).

(b) Onsite Media Storage.

(i) Retain backup media that is stored on-site in a securely stored area that is physically and environmentally controlled.

(ii) Make available, or request delivery from the offsite storage vendor for, the most recent backup media in the event of a production issue that requires the restoration of data.

(iii) Granting access to the onsite storage media to authorized individuals only.

(iv) Labeling, logging and making available (including to Health Net authorized personnel and third parties) all relevant backup media stored onsite.

(v) Logging and monitoring backup media sent offsite.

(c) Off-Site Media Storage.

(i) Store external storage media, business continuity-related Documentation, Health Net Data, and other information as required by Health Net policies and procedures at a Health Net-designated storage location.

(ii) Execute off-site storage procedures, including logging, shipping to (while maintaining integrity of data), receiving media from the off-site facility, managing an inventory of off-site tapes, reporting

Schedule A A - 40 Health Net / IBM Confidential

Final Execution Version

on off-site removable data storage media activity on a periodic basis.

(iii) Maintain a list (in accordance with a procedure that has been approved by Health Net) of persons who are authorized to recall offsite storage.

(iv) Comply and review compliance with Health Net’s physical specifications and security requirements.

(v) Following, maintaining, and updating procedures governing cycling/rotation of media and media retention periods (including for auditing purposes), including as set forth in Section 2.22(d) and Tables 20 and 21 below. For media identified by Health Net as being required to be retained on a long-term basis, Supplier will maintain such media in accordance with Health Net’s requirements.

(d) Archiving/Data Retention. Supplier shall at all times comply with Health Net’s data retention and archiving policies, unless otherwise approved in writing by Health Net, including with respect to the following:

(i) Supplier shall not alter, conceal, destroy or permit the destruction of any Health Net Data or any other data, as described below, that is in its actual or constructive care, custody, or control:

(A) Health Net Data or other data that has been backed up and retained by Health Net;

(B) Health Net Data or other data that is backed up in accordance with Section 2.22(d)(iii) below, during the retention period stated in Section 2.22(d)(iii) below; and

(C) Health Net Data or other data related to the Services that is stored on a Supplier Personnel’s computer work station that is not backed up on Supplier’s computer backup media (as referred to in Section 2.22(d)(i)(B)).

(ii) Without limiting the foregoing, Supplier must manage the live systems and backups in such a way that electronically stored information is not inadvertently deleted such that it would violate Health Net’s record retention policy, including by:

(A) Preserving all email data indefinitely in the email archive system.

(B) Not activating or utilizing auto-delete functions in any systems used to provide the Services.

(iii) Tables 19 and 20 below set forth Supplier’s responsibilities with respect to certain backups of the data center systems and network

Schedule A A - 41 Health Net / IBM Confidential

Final Execution Version

systems (both Data Network and Voice Network), respectively. In addition, Supplier shall (A) perform desktop, workstation, and laptop backups for employees who leave the employment of Health Net (which backups shall be retained indefinitely) and (B) perform the following back-ups of the Voice Network systems:

(A) For Voice Network systems with integrated tape drives, perform nightly backups and change tapes the earlier of (a) a vendor service call, or (b) quarterly basis; and

(B) for Voice Network systems without integrated tape drives, perform quarterly backups.

Table 19. Data Center Services—Backup Schedule

Data Center Services—Backup Schedule

Type of Backup	Backup Frequency	Storage Site	Retention Period
Incremental	Daily	Off-site	14 days
Full (Backup)	Weekly	Off-site	2 months
Full (Backup)	Monthly	Off-site	Indefinite

Table 20. Network Services—Backup Schedule

Network Services—Backup Schedule

General

Incremental	Daily	Off-site	35 days
Full (Backup)	Weekly	Off-site	Indefinite
Full (Archive)	Monthly	Off-site	Indefinite

(e) Litigation Requests. Supplier shall provide data and reporting (in the manner, form and format as may be requested by Health Net) to meet Health Net’s legal requirements, including with respect to litigation requests, investigations by Health Net’s Organization Effectiveness business unit or Health Net’s Special Investigations Unit, other Health Net-initiated investigations, and managers’ requests. Such data that Supplier may be asked to provide include email data, home drive data, common drive data, or archived data stored offsite. Supplier may, in some instances, be required to set-up a new or use an existing non-production environment to retrieve archived data. Supplier shall also provide Health Net with access to Health Net’s email system and email archive system so that Health Net may download data from such systems, and Supplier shall maintain and support an access method for allowing such downloads, as determined by Health Net (e.g., FTP connections).

2.23 IT Continuity & Disaster Recovery Services.

(a) IT continuity and disaster recovery Services are the Functions associated with implementation, maintenance and testing of a mutually agreed-upon technology business continuity plan and solution for the Services, including

Schedule A A - 42 Health Net / IBM Confidential

Final Execution Version

for backup and recovery for databases, Software and networks. (the “TBCP”). The TBCP shall be a component of Health Net’s overall business continuity plan.

(b) Supplier shall follow the existing TBCP in effect immediately prior to the Effective Date. Supplier shall update the TBCP pursuant to Section 2.23(c), and otherwise as necessary and appropriate to remain current with the environments covered by the plan.

(c) Supplier will comply with Health Net’s disaster recovery policies and business requirements (and changes thereto), including any applicable regulatory requirements, to the extent such plans, policies, requirements and regulations (and changes thereto) apply to the Services and have been disclosed in writing or otherwise made available to Supplier.

(d) Supplier shall review and revise, as necessary, the TBCP in the following manner:

(i) Within the first ninety (90) days after the Effective Date, Supplier and Health Net shall review Health Net’s existing TBCP. Based upon this joint review, Supplier will propose updates and revisions to the existing TBCP, for Health Net’s review and approval, to reflect the Services provided and to respond appropriately to new Health Net requirements.

(ii) Within thirty (30) days after receiving Health Net’s comments, provide Health Net for Health Net’s review, comment and approval, a revised draft of the TBCP, based on Health Net’s review and Supplier’s proposed changes approved by Health Net. Supplier shall incorporate any comments or suggestions by Health Net into the revised draft TBCP, expressly identifying where any of Health Net’s comments or suggestions are likely to impact Supplier’s ability to meet the required Business Continuity Restoration Time and Recovery Point Objective.

(iii) Within thirty (30) days after receiving Health Net’s comments on the revised draft provided by Supplier pursuant to Section 2.23(d)(ii) above, provide Health Net for Health Net’s approval the final revised TBCP. The final revised TBCP shall not be implemented until it has been approved by Health Net.

(iv) With cooperation and approval from Health Net, review and update, if necessary, the TBCP on an annual basis or as otherwise warranted by business or technical changes (or both) to verify compatibility with Health Net’s overall business continuity plan. Supplier will receive business direction and requirements from Health Net and must receive authorization from Health Net to make significant changes to the strategic and/or tactical direction of the TBCP.

Schedule A A - 43 Health Net / IBM Confidential

Final Execution Version

(e) The TBCP shall be maintained to enhance the effectiveness of Health Net’s existing technology business continuity/disaster recovery capabilities, including being used for business contingency protection in order for Health Net to continue to meet promised and contractually required Service Levels in the event of the full or partial loss of Health Net’s primary computing location. Among other things, the TBCP shall:

(i) Identify a disaster recovery solution and procedures that are in accordance with standards and procedures agreed upon by Supplier and Health Net, which standards and procedures will provide fully integrated cross-functional recovery, as specified in the Procedures Manual and which will be no less stringent than the standards and procedures used at well-managed operations providing functions similar to the Services.

(ii) List the agreed-upon time criteria for restoring Health Net’s operating environment and recovering those resources necessary to permit Health Net to recover Applications Software within the timeframes designated by Health Net. As of the Effective Date, Supplier shall meet the following Business Continuity Restoration Times and Business Recovery Point Objective:

(A) “Business Continuity Restoration Time” or “RTO” means (1) seventy-two (72) hours for that Software identified in the TBCP as “Critical Software” and using Commercially Reasonable Efforts, one hundred and sixty eight (168) hours for all other Software. Business Continuity Restoration Time shall be measured as the elapsed time between (i) the moment Supplier is aware or reasonably should have been aware of the initiation of a contingency or recovery test of any of the Services or of the declaration of an actual disaster with respect to any of the Equipment, Software, Services or data related to the Services, and (ii) the moment that the affected Equipment, Software, Services and data related to the Services are restored to normal operations in their business continuity recovery environments, and are available for use in accordance with the applicable business continuity plan(s) and specifications, with the corresponding Business Continuity Recovery Point Objective not exceeded; provided, however, that with respect to an actual declared disaster, if the affected Equipment, Software, Services or data related to the Services are so restored and Available for Use, but a stable recovery has not been achieved by Supplier for reasons outside of Supplier’s control and such Equipment, Software, Services or data thereafter subsequently fails to be Available for Use in accordance with the TBCP and specifications as a result of Supplier’s failure to achieve a stable recovery state, then the calculation of the Business Continuity Restoration Time will also include, in addition to the foregoing, the time between the onset of such subsequent failure and the moment that the affected Equipment, Software, Services and data related to the Service(s) are again restored to

Schedule A A - 44 Health Net / IBM Confidential

Final Execution Version

normal operations, and are Available for Use in accordance with the applicable business continuity recovery plan(s) and specifications with the corresponding Business Continuity Recovery Point Objective not exceeded.

(B) “Business Continuity Recovery Point Objective” or “RPO” means the elapsed time, for each particular data, between (a) the initiation of a contingency or recovery test of any of the Services or of the declaration of an actual disaster with respect to any of the Services, and (b) the moment that such data was or should have been backed-up, provided that any such delay in backup was not caused by Health Net, during a regularly scheduled backup of such data (e.g., if a scheduled backup was supposed to occur 18 hours prior to the occurrence of a disaster, then the RPO for the applicable data would be 18 hours) provided that such backup has been sent, or should have been sent in accordance with Health Net’s requirements, to the Health Net designated offsite storage facility.

(iii) List the agreed-upon time criteria for transporting storage media from off-site storage facilities to the applicable disaster recovery facilities.

(iv) Provide for the recovery of information technology processing capabilities within the time frames designated by Health Net.

(v) Contain a brief description of processes and procedures used to recover the Services, and associated time frames for the recovery of such Services, including a prioritized listing of Applications, subject to Health Net’s review and approval;

(vi) Identify a listing of the Equipment operated by Supplier and Software comprising the Configuration by the recovery timeframes designated by Health Net;

(vii) Describe Supplier’s and Health Net respective recovery responsibilities;

(viii) Set forth contact listings of Health Net and Key Supplier Personnel;

(ix) Identify recovery teams for each Party;

(x) Describe recovery scenarios;

(xi) Contain criteria for disaster declaration, recovery and testing and maintain a list of Health Net personnel who are authorized by Health Net to declare a disaster;

(xii) Describe backup process and components;

Schedule A A - 45 Health Net / IBM Confidential

Final Execution Version

(xiii) Identify the hot sites designated by Supplier for business continuity functions and the location for off-site storage of the tape backups;

(xiv) Contain notification procedures;

(xv) Address recovery information, procedures and schedules;

(xvi) Address periodic reporting, which shall at a minimum include testing results. Supplier shall provide access to an on-line system that lists the Applications and the corresponding recovery timeframes designated by Health Net;

(xvii) Contain a plan for the transition back from the disaster recovery site to Supplier Facilities of the affected services and restoration of Services at the affected site upon cessation of the disaster;

(xviii) Address testing results and any required corrective action plans; and

(xix) Contain procedures for maintaining the TBCP. Health Net will, from time to time, review and modify the policies and business requirements and such modifications will be implemented by Supplier in accordance with the Change Control Process. Health Net may from time to time request, and Supplier shall provide to Health Net upon such request, copies of Supplier’s then-current disaster recovery and business continuity plans, procedures and capabilities and the results of any tests thereof.

(f) In the event of a disaster, Supplier shall provide technology business continuity Functions in accordance with the TBCP. Supplier’s Functions shall include the following:

(i) Declaring a disaster upon request from Health Net, or upon approval by Health Net. If it is not feasible for Supplier to obtain Health Net’s approval prior to declaring a disaster, and Supplier reasonably and in good-faith believes that a disaster has occurred, Supplier shall promptly notify Health Net of a declared disaster.

(ii) Providing a single point-of-contact for technology business continuity related communications and activities.

(iii) Maintaining communications with Health Net as to the status of the disaster and the progress of the restoration process.

(iv) Assuming responsibility for the data processing operating environments and data network facilities at the disaster recovery facilities, including the following:

(A) Taking immediate action to prepare the recovery center for use and providing the resources (including processing and network

Schedule A A - 46 Health Net / IBM Confidential

Final Execution Version

resources) necessary to support Applications. In the event that a disaster renders Supplier incapable of providing the Services, Supplier will move its operations to the designated Recovery Center and provide the Services to Health Net within the time frames assigned by Health Net for each Application and documented in the TBCP.

(B) Delivering the data, Systems Software and Application Software archived in off-site storage to the Recovery Center designated in the TBCP.

(C) Rerouting the affected data communications circuits to the Recovery Center.

(D) In the event of a declared disaster with respect to a data center, Supplier will recover the operating environment platform in the Recovery Center in accordance with the Business Restoration Time Objective and the Recovery Time Objective and other information provided in the TBCP. As of the Effective Date (and unless otherwise agreed upon by the Parties pursuant to the revised TBCP), in the event that a disaster occurs in any data center, all workloads for customers affected or not affected by the disaster will be acquiesced as necessary and in accordance with the TBCP, and other disrupted workloads would be restored.

(E) Recovering the environments and resources necessary for Health Net to recover Applications in accordance with the TBCP and within the time frame designated by Health Net for such Applications.

(F) Operating the Applications on the Configuration at the Recovery Center.

(G) Furnishing all supplies and storage media (excluding supplies for which Health Net is responsible under the Agreement (e.g., special forms)).

(H) Paying all costs associated with off-site data storage, including transportation to and from the storage facility and the Recovery Center.

(I) Providing all required Data Network connectivity to the Recovery Center.

(J) Paying all travel and living expenses incurred by Supplier Personnel in the performance of Supplier’s responsibilities described in this Section 2.23.

(K) Upon cessation of the disaster, promptly implement the plan to restore the affected Services at the affected sites.

Schedule A A - 47 Health Net / IBM Confidential

Final Execution Version

(g) Supplier shall perform IT continuity, availability and disaster recovery Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 21. IT Continuity, Availability and Disaster Recovery Roles and Responsibilities

Disaster Recovery Roles and Responsibilities	Supplier	Health Net
1.      Define Health Net disaster recovery Strategy, requirements, scenarios and establish RTO, RPOs and resiliency/redundancy requirements for IT Infrastructure and systems		X
2.      Assist in the planning and analysis of data and voice business continuity	X
3.      As requested by Health Net, assist Health Net in other business continuity and emergency management activities.	X
4.      Perform disaster recovery planning, and documentation required by Health Net’s customers.	X
5.      Coordinate disaster recovery testing (or, in the event of a disaster, disaster recovery execution) for Health Net customers and business partners, including by coordinating with third parties as necessary.	X
6.      Develop detailed disaster recovery plan to achieve DR requirements	X
7.      Update DR plans as needed to reflect changes in Health Net environment	X
8.      Review & Approve disaster recovery plan		X
9.      Establish DR test requirements		X
10.    Interface Supplier’s disaster recovery and business continuity plans, procedures and capabilities with, and provide support and assistance to Health Net in connection with Health Net’s testing of, Health Net’s disaster recovery plans, processes and procedures.	X

Schedule A A - 48 Health Net / IBM Confidential

Final Execution Version

Disaster Recovery Roles and Responsibilities	Supplier	Health Net
11.    Perform scheduled DR tests in accordance with the following: •        Performing testing (including interim and full tests) in accordance with the TBCP (including using “real data files” during such tests) and as otherwise requested by Health Net. •        Performing testing with respect to each Supplier Facility and other facilities related to or affecting the Services •        Scheduling testing at dates and times initially agreed upon by the Parties as part of the testing process. •        Performing the test at the business Recovery Center. •        Permitting Health Net to observe all such tests or parts of such tests •        Providing Health Net with a written report of the test results and providing Health Net with proposed TBCP modifications •        Performing Problem resolution and retesting of unsuccessful Services test components in a timely manner •        Coordinating involvement of users as needed for DR testing •        Assisting Health Net in performing disaster recovery testing one time per year that will enable Health Net to test compatibility of their applications with the Recovery Center environment. •        Provide Online Status Communication Tool during Test •        Provide Toll Free Status Line	X
12.    Review & approve disaster recovery testing results		X
13.    Adjust the disaster recovery solution as necessary to accommodate growth in Health Net’s business volumes (including per Health Net’s projected yearly growth), changes in Health Net’s operating environments, Application Software enhancements, changed processing locations, or new functions requested.	X
14.    Perform annual re-engineering of backups to include critical Software to be tested	X
15.    Plan for disaster recovery backup requirements in planned Equipment purchases.	X
16.    Identify opportunities (if any) for improvement and efficiencies in disaster recovery functions.	X
17.    Review and approve opportunities for improvement and efficiencies in disaster recovery functions.		X
18.    Support testing requirements Health Net Federal Services as set forth in Exhibit A-6.	X
19.    Identify the software that is critical Software, as such critical Software may change from time to time over the Term.		X
20.    Recommend disaster recovery goals and initiatives for following year.	X
21.    Review and approve disaster recovery goals and initiatives		X
22.    Provide a Supplier Personnel to lead year round initiative discussions, decisions, and status calls related to disaster recovery.	X

(h) Without limiting the generality of Supplier’s obligations stated elsewhere in this Section 2.23, Supplier shall perform the disaster recovery test planning Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below:

Schedule A A - 49 Health Net / IBM Confidential

Final Execution Version

Disaster Recovery Roles and Responsibilities	Supplier	Health Net
23.    Determine the scope of the test and the applications to be restored.		X
24.    Identify primary and secondary goals of the test and define the criteria for a successful test.		X
25.    Conduct plan reviews with recovery teams and updating or identify additional plan materials needed to complete their plans.	X
26.    Update disaster recovery plans to include new requirements and materials.	X
27.    Review and approve DR plans.		X
28.    Develop application / End User master plan and assign responsibilities. (Includes acquiring and scheduling the users who will be doing the test)	X
29.    Conduct Joint Steering Committee and test team meetings.	X
30.    Participate in Joint Steering Committee and test team meetings.		X
31.    Verify that each application has developed appropriate testing scripts.		X
32.    Communicate to Health Net executive management status of test preparation activities.	X

(i) In addition to, and without limiting in any way, Supplier’s obligations set forth in this Section 2.23, Supplier shall also provide the following as part of the IT continuity and disaster recovery Services:

(i) A resilience program assessment including:

(A) A review of current and expected future recovery time and recovery point requirements;

(B) Review planned changes to the Health Net production environment as a result of outsourcing to Supplier’s Boulder facility;

(C) RTO/RPO optimization workshops to define opportunities for short term and long term opportunities to improve RTO / RPO capabilities;

(D) Observation and review of results of the next scheduled DR test; and

(E) Analysis and documentation of findings and recommendations.

(ii) Validate that all backups required to support “essential systems / applications” (as identified by Health Net) and “supporting systems / application” are being backed up and moved offsite under the same requirements as those systems / applications that have been determined as being “critical”. For any “essential systems / applications and supporting systems / application whose backups do not meet this standard, Supplier will develop and implement a solution to comply with such standard within sixty

Schedule A A - 50 Health Net / IBM Confidential

Final Execution Version

(60) days. Supplier will also verify that all interfaces required for both “critical” and “essential” systems / applications have been accounted for and recovered as necessary.

(iii) Without limiting Supplier’s obligation to provide certain operating system restore services under one or more of the Existing DR Contracts,

(A) perform a comprehensive review and assessment Health Net’s operating system environment to determine:

• which platforms would benefit from storing their operating system images at the recovery site,

• the number of operating system images that should be stored at the recovery site,

• the frequency with which images are modified,

• the size of the operating system images, in order to determine the appropriate capacity at the recovery site to store them,

• the amount and type of bandwidth required to transfer the images to the recovery site.

(B) Design a solution for Health Net designed to:

• transfer Health Net’s operating system images to the recovery site,

• store Health Net’s operating system images on disk at the recovery site,

• allow Supplier to perform the restore of the OS images from disk onto the contracted equipment following configuration at time of recovery, and

• reduce RTO for the operating system images by the time needed to receive and unload OS images on tape.

(C) At Health Net’s request, and subject to the Change Control Process, Supplier shall implement and maintain such operating system restore solution. To the extent such implementation can be performed within the bandwidth of the Supplier Personnel then existing on Health Net’s account, there shall be no additional charges for such implementation.

(j) In addition to, and without limiting in any way, Supplier’s obligations set forth in this Section 2.23, Supplier shall continue to provide to Health Net those disaster recovery services that Supplier currently provides as of the

Schedule A A - 51 Health Net / IBM Confidential

Final Execution Version

Effective Date under existing disaster recovery contracts, which are identified on Exhibit A-5 (Disaster Recovery Contracts) (the “Existing DR Contracts”). Supplier shall obtain Health Net’s approval prior to modifying any of the contracts identified in Exhibit A-5

2.24 Environment & Facilities Support.

(a) Environment and facilities support Services means those Functions associated with maintaining environmental requirements at the operations locations. Supplier shall perform the environment and facilities support Services, including those Functions listed in the roles and responsibilities table attached as Exhibit A-13, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table attached as Exhibit A-13.

(b) In addition, Supplier shall:

(i) Provide Health Net environment and facilities support by identifying network equipment location requirements.

(ii) For the networking environment (e.g., Network Equipment locations)

(A) Approve environment and facilities Support requirements and procedures;

(B) Develop and document procedures for environment and facilities support;

(C) Approve improvement plans for Health Net facilities; and

(D) Implement or coordinate the implementation of all approved upgrades and installations.

2.25 Procurement Services.

(a) General. If requested by Health Net (via automated requests (e.g., submitted using Lotus Notes-based OrderNow Request systems)), Supplier shall act as a buying agent for Health Net in the purchase of Equipment and Software or other items available for purchase by Health Net End Users via the Health Net product catalogues (collectively, the “Purchasable Items”). In performing such Services, Supplier shall:

(i) Provide order placement, order tracking, goods receipt and distribution Services for the Purchasable Items, in accordance with the Procedures Manual, the Service Levels and as otherwise required under this Schedule A.

(ii) Implement all required order tracking processes and procedures within the time frames set out in the Transition Plan to enable the Services to be delivered.

Schedule A A - 52 Health Net / IBM Confidential

Final Execution Version

(iii) Provide updates to the order request and procurement tracking systems with all order-related activity.

(iv) Provide reporting on procurement Services, including proactive status reporting for each order as it goes through the process, and periodic summary metric reporting on the procurement Services (e.g., quantities of particular Purchasable Items purchased per month).

(v) Receive order requests from Health Net End Users; verify the End Users have the appropriate authorizations (as determined by Health Net and provided to Supplier) to purchase the items in their order requests prior to placing an order; place the order with the appropriate vendor; and answer order-related questions received by Health Net End Users.

(vi) Provide Health Net End Users with access to the order placement and tracking systems for the purpose of checking the status of orders.

(vii) Comply with all Health Net order placement requirements, including using Health Net purchasing agreements if use of such purchasing agreements would result in a cheaper purchase price for a particular Purchasable Item.

(viii) Interface with Health Net’s strategic sourcing group for vendor pricing issues and other related matters as necessary.

(ix) Follow through on delivery of all orders, including confirming delivery of orders or, when delivery is not made as agreed, resolve any problems preventing timely delivery of such orders.

(x) Populate and update as necessary the purchasing system and asset management system with Health Net-designated purchasing information.

(xi) Recommend to Health Net Purchasable Items that could be added to the Health Net product catalogues (including internal Health Net product catalogues and third party product catalogues, as applicable); update such product catalogues as requested by Health Net; notify Health Net (including Health Net Federal Services) of updates to the product catalogues.

(b) Order Changes. If Health Net withdraws, cancels, or modifies a purchase order for a Purchasable Item, Supplier shall facilitate any required product returns and pass through to Health Net any associated third party termination, cancellation or return charges. If Supplier should receive a refund, credit or other rebate, Supplier shall promptly notify Health Net of such refund, credit or rebate and shall promptly pay the full amount of such refund, credit or rebate, as the case may be, to Health Net.

Schedule A A - 53 Health Net / IBM Confidential

Final Execution Version

(c) Receiving Purchasable Items.

(i) Supplier shall coordinate and manage the receipt of Purchasable Items at Health Net Facilities and at Supplier’s warehouse facilities, including Purchasable Items from Health Net vendors and third party providers.

(ii) Supplier shall be responsible for all delivery confirmation and document receipt and verification activities at a Health Net Facility or at Supplier’s warehouse facility, including validation of proper type and quantity of Equipment received.

(iii) Supplier shall be equipped to handle both large and single unit deliveries.

(iv) Supplier shall be responsible for providing to Health Net order tracking status information.

(v) Supplier must comply with Health Net on-site delivery schedules and processes as directed and approved by Health Net.

(vi) Upon delivery of Purchasable Items at a Health Net Facility or Supplier’s warehouse facility, Supplier shall be responsible for:

(A) verifying delivery contents, recording all incoming boxes, and reporting any discrepancies to Health Net;

(B) visually checking the condition of incoming boxes for damage and reporting all discrepancies to Health Net;

(C) de-bundling Purchasable Items when multiple orders are received as part of a single shipment;

(D) handling all incident resolution with the carrier of the Equipment to resolve discrepancies in delivery. If a problem is not resolved within a reasonably quick timeframe, Supplier shall notify Health Net of such problem;

(E) managing the return of damaged Purchasable Items to the supplier;

(F) removing all skids and packaging from the loading area and placing Purchasable Items in a designated area;

(G) obtaining signoff of the waybill from the authorized Health Net personnel or such personnel’s designee;

(H) upon request, providing Health Net with status information on all goods received;

Schedule A A - 54 Health Net / IBM Confidential

Final Execution Version

(I) tagging all received Purchasable Items in accordance with Health Net’s tagging requirements; and

(J) updating the asset management system in accordance with this Schedule A.

(d) Distribution of Purchasable Items.

(i) Supplier will bundle Purchasable Items by order prior to distribution to the Health Net End User (e.g., in the event a vendor ships a laptop separate from its peripherals, Supplier shall bundle them all together prior to distribution to the Health Net End User).

(ii) Supplier will coordinate the transportation and distribution of Purchasable Items to the appropriate Health Net Facility or other location as needed by End Users.

(iii) Supplier’s desktop technician will (i) for Campus and Metro Health Net Facilities (as designated in Schedule F), receive product, complete delivery, and complete installation for the End User, and (ii) for Remote Health Net Facilities (as designated in Schedule F), coordinate the delivery of the Purchasable Item directly to the End User and assist the End User remotely, as needed, to complete the installation.

2.26 De-Installation, Disposal, and Repurposement Services.

(a) De-installation of Equipment.

(i) Supplier shall provide de-installation Services for the Equipment in accordance with the Service Levels and as otherwise required under this Schedule A.

(ii) Supplier shall be responsible for the de-installation and removal of all Equipment that Health Net no longer requires to a designated secure location at the Health Net Facility, a Supplier warehouse facility, a third party vendor, or to the leasing company (as may be applicable or requested by Health Net).

(iii) Supplier shall dispose of Equipment in the manner requested by Health Net, which may include disposal, in accordance with Section 2.6(b) of this Schedule A or equipment “re-purposing”. Supplier shall perform all Equipment re-purposing in accordance with Section 2.26(d)of this Schedule A.

(iv) Supplier shall remove non-working and obsolete Equipment in compliance with the Agreement.

(v) Supplier shall be responsible for all processes and procedures for the removal of Equipment.

Schedule A A - 55 Health Net / IBM Confidential

Final Execution Version

(vi) Supplier shall provide for a complete inventory of all de-installed Equipment by ensuring that an asset inventory scan or manual inventory update is executed before disconnecting the applicable unit to update the asset management system with all applicable Equipment and Software information.

(vii) Upon removal of the Equipment, Supplier shall update the asset management system to maintain up-to-date asset management information and documentation.

(viii) Supplier shall provide an asset management report to Health Net as described in Schedule W (Reports) identifying the Equipment that has been removed and its configuration.

(ix) Supplier shall be responsible for compiling a complete inventory of Software installed on the Equipment and confirming the removal of that Software.

(x) Supplier shall be responsible for performing all removal activities as follows:

(A) disconnection and removal of the Equipment;

(B) removal of any and all Health Net identifying tags labels or other identifying information including logos from the equipment; and

(C) individually boxing and labeling Equipment, as required.

(xi) Supplier shall track all Equipment that has been removed by serial number, tag number and cost center and update such information in the asset management system.

(xii) Supplier shall provide reports on the disposition of all de-installed Equipment through the asset management system, which shall contain all of the required Equipment information including manufacturer, model, serial, description and demographic data.

(xiii) Upon removal of Equipment, Supplier shall notify Health Net and applicable third parties, using a mutually agreed to process, to disable any ports so that network port inventory and chargeback can be adjusted accordingly.

(xiv) Supplier shall identify to Health Net, and obtain Health Net’s approval of, the processes Supplier will use to de-install and remove the Equipment.

(xv) Within three (3) Business Days of completing the Equipment de-installation process, Supplier shall update all required fields in the asset management system, including:

(A) manufacturer;

Schedule A A - 56 Health Net / IBM Confidential

Final Execution Version

(B) device;

(C) model;

(D) serial number;

(E) type of equipment;

(F) location; and

(G) method and means of disposal.

(b) Means of Disposal.

(i) For Health Net Owned Equipment, upon Health Net’s request, Supplier shall perform and coordinate Equipment resale and disposal activities for Equipment. Supplier shall perform such Services in accordance with Health Net’s corporate technology policy and procedures for de-installation and recycling services, including working with the End User to complete the necessary data submission required by the process. In coordinating such activities, Supplier shall comply with the following:

(A) Supplier shall evaluate each item of de-installed Equipment to determine whether the hard drive of such equipment is damaged.

(B) If the hard drive of an item of Equipment is damaged, within ten (10) Business Days of receipt at Supplier’s warehouse staging facilities, Supplier shall drive a nail through the hard drive.

(C) After driving a nail through the hard drive, Supplier shall as directed by Health Net:

• recycle the Equipment;

• install a new hard drive and resell the Equipment; or

• resell or recycle the remaining components of the Equipment.

(D) Supplier shall provide Health Net with inventory lists and records indicating the means of disposition of the Equipment after the evaluation process. In no event shall Supplier deliver for donation or resell Equipment with a defective hard drive or media and storage devices.

(E) Supplier shall not destroy, recycle, resell, or otherwise dispose of Equipment until it has performed the data scrubbing Services required under Section 2.6(b) on such Equipment.

Schedule A A - 57 Health Net / IBM Confidential

Final Execution Version

(F) Supplier shall not remove, delete or erase any Equipment manufacturer labels, logos or serial numbers.

(G) Supplier shall return Health Net Leased Equipment to the lessor in accordance with the applicable lease agreement.

(c) Health Net Assets.

(i) With respect to Health Net assets coming off of a lease for which Health Net bears financial responsibility (if any), Supplier shall take such steps as are necessary to return such leased Health Net assets to lessors in accordance with commercially reasonable lessor guidelines. Such steps shall include establishing, operating and maintaining a “return room” which will perform bench testing, deletion and obliteration of information contained on fixed storage media in accordance with the process described in Section 2.6(b) , inventory of returned machines to confirm that no components are missing (and adding in any components that are missing), packaging and shipping.

(ii) With respect to Health Net assets owned by Health Net that are decommissioned or removed and not re-used, Supplier shall relocate such assets to a secure area as designated by Health Net and thereafter store, ship or dispose of such assets as designated by Health Net.

(d) Repurposement.

(i) General.

(A) At Health Net’s request, Supplier shall be responsible for the re-purposing of Equipment for use by Health Net or for use by Supplier in providing the Services to Health Net, in either case in accordance with this Section 2.26(d).

(B) Supplier shall be responsible for all processes associated with re-purposing of Equipment in accordance with the Procedures Manual.

(C) For purposes of re-purposing Equipment, Supplier shall follow the established system preparation, configuration and installation processes as outlined in this Schedule A and in the Procedures Manual.

(D) Supplier shall provide an update to the asset management system will changes or modifications to Equipment, if any, as a result of re-purposing activities.

(ii) Re-purpose Requirements.

Schedule A A - 58 Health Net / IBM Confidential

Final Execution Version

(A) Supplier’s Equipment re-purposing process shall be in place at the conclusion of the Transition period.

(B) Supplier shall track Equipment in accordance with the asset management provisions in Section 4.2 of this Schedule A (Services), provide the reports listed in Schedule W, and schedule the replacement of Equipment in accordance with the Section 2.21 of this Schedule A, or as otherwise agreed by the Parties.

(C) Supplier shall follow the established system preparation, configuration and installation processes as outlined in this Schedule A and in the Procedures Manual for the replacement of Equipment.

3. DATA CENTER SERVICES

(a) “Data Center Services” means all life cycle Functions associated with the provision of centralized computing Services to Health Net. Data Center Services include (i) those Functions described in this Section 3, and (ii) the O&M Services and the Enterprise Security Management Services, each as they apply to the Functions, Equipment, Software, process, or other activities described in this Section 3.

(b) Supplier shall provide Data Center Services for all of Health Net’s current and future IT platforms and systems unless directed otherwise by Health Net, including mainframe systems ,zSeries, multiple Unix, Wintel and Linux systems supporting Health Net’s applications and databases, centralized database services, Internet services, vertical business Applications, ERP processing and data warehouse Applications; and additional Application and database mainframe systems and servers, such as AS400- zSeries and iSeries, pSeries, DB2, VMS, Unix, Windows 2000 and Windows 2003 Server.

3.1 Overall Responsibilities.

(a) Supplier shall be responsible for performing the following general Data Center Services:

(i) Manage and support proprietary systems that may be deployed to support the core business systems and provide Internet/extranet/intranet services, as well as the various Health Net infrastructure technical support Software tools.

(ii) Implement and maintain event and workload management processes across all new and legacy platforms, including though not limited to, Supplier mainframe; Supplier midrange AS/400s iSeries, zSeries,; HP and Sun Unix servers; and Intel-based servers.

Schedule A A - 59 Health Net / IBM Confidential

Final Execution Version

(iii) Provide support for all System Software computer-processing Services (including Middleware, messaging, collaborative computing platforms, Internet and Intranet).

(iv) Provide data center network operations support (including systems monitoring; Problem diagnostics, troubleshooting, resolution and escalation; security management; and capacity planning/analysis).

(v) Provide Application computer processing services, including new enterprise Applications currently being deployed.

(vi) Perform data backup and restoration services, including Remote sites with servers/systems requiring data backup, restoration, and disaster recovery services in accordance with Health Net established policies. Routine system-wide backup procedures are an integral part of the restoration process. Supplier shall implement and maintain a backup/restoration capability based on Health Net requirements in accordance with Section 2.22, including:

(A) Daily Incremental file and print system backups,

(B) Daily iSeries Incremental Data Backups,

(C) Daily UNIX System and Data Backups,

(D) Full File and Print System Backups,

(E) Full iSeries System and Data backups,

(F) Full UNIX System and Data Backups

(vii) Monitor the availability and performance of the Equipment and Software (including Health Net’s internet-based Applications), and automatically generate trouble tickets.

(viii) Provide reasonable support for Application initiatives, including, but not limited to the In-Flight Projects

(ix) Provide logical access to Health Net-authorized third party vendors to production systems as needed by such Health Net-authorized third party vendors and in accordance with the Procedures Manual; provided that if a Health Net-authorized third party vendor requires root authority level access, Supplier may either grant such Health Net-authorized third party vendor the necessary root authority level access or Supplier shall perform the activities that would otherwise be performed by the Health Net authorized third party vendor if Supplier had granted such Health Net authorized third party vendor the necessary root authority

Schedule A A - 60 Health Net / IBM Confidential

Final Execution Version

level access. Supplier shall maintain an audit trail of access to the production system.

3.2 Planning & Analysis.

Supplier is responsible for performing those planning and analysis Services described below that are identified as Supplier responsibilities:

Table 22. Planning and Analysis Roles and Responsibilities

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
1.      Conduct infrastructure planning and analysis for new Equipment and Software	X
2.      Perform technical planning for capacity and performance.	X
3.      Provide management reports for utilization trend analysis.	X
4.      Define Health Net Data backup and retention policies and requirements.		X
5.      Implement and maintain approved backup and retention policies.	X

3.3 Engineering/Development.

Supplier will recommend partitioned resources or server domains for Software performance and processing.

3.4 Integration and Testing.

(a) Supplier will perform integration and testing Services to verify all individual data center infrastructure components that are configured with or added to the computing environment work together properly as a single system performing all of the intended Functions, including by:

(i) Managing the data center integration test environment; and

(ii) Assessing and communicating the overall impact and potential risk to existing Software prior to implementing changes.

(b) Supplier will maintain Software release matrix across development, QA, and production systems for operating system, database, and Software releases and patches.

3.5 Implementation and Migration.

Supplier will perform implementation and migration Services associated with the installation and migration of new and upgraded Equipment and Software, including:

(a) Performing upgrades as a result of new and enhanced Software and architectures;

Schedule A A - 61 Health Net / IBM Confidential

Final Execution Version

(b) Installing and upgrading server Software;

(c) Installing and upgrading Middleware and server utilities;

(d) Performing data migration from existing systems to new systems, by either electronic or manual methods;

(e) Installing and upgrading Systems Software; and

(f) Install infrastructure as required (e.g., servers and storage devices).

3.6 Operations and Administration.

(a) Supplier will perform the following operations and administration Services:

(i) Data center operations activities, including:

(A) Operating consoles for centralized and remote computer processing unit (CPU) processing centers;

(B) Monitoring, troubleshooting, repairing and escalating Incidents and Problems for consoles within the Health Net communications network;

(C) Implementing preventative measures for proactive monitoring and self-healing capabilities to limit outages that impact service delivery;

(D) Monitoring CPU processing for batch and online computing;

(E) Administering data storage (e.g., RAID array, SAN, NAS, tape, optical, etc.);

(F) Performing database monitoring and administration;

(G) Performing data backup and recovery;

(H) Planning for and managing disaster recovery;

(I) Managing logical print output;

(J) Creating volume and individual CD ROM/DVD;

(K) Sending out media to offsite storage locations as required and using trackable methods (e.g., UPS);

(L) Processing inputs for activities such as loading third-party tape and receipt and/or transmission of batch electronic files;

Schedule A A - 62 Health Net / IBM Confidential

Final Execution Version

(M) Managing intra company file transfers and/or other data movement;

(N) Managing Internet/intranet/extranet Web hosting for Internet Applications and electronic commerce, as well as Health Net partner connectivity;

(O) Managing quality control for reprocessing activities, such as batch reruns; and

(P) Performing job scheduling, job execution, reporting and resolution.

(ii) Data center administration activities, including:

(A) Managing user accounts, disk space quotas and access control (OS, mail, database, Middleware, LDAP, file systems, disk space, etc.)

(B) Administering security, spyware prevention and Virus prevention;

(C) Asset/configuration management including Software licenses; and

(D) Managing physical and logical installs, moves, adds and changes regardless of number of users, instances and systems.

(b) Supplier is also responsible for performing those Functions described below that are identified as Supplier responsibility:

Table 23. Operations and Administration Roles and Responsibilities

Operations and Administration Roles and Responsibilities	Supplier	Health Net
1.      Identify, track, and resolve Incidents and Problems including: Incidents and Problems related to Equipment, Software, data center Facilities, Network operations, and nightly batch processes.	X
2.      Support the resolution of Software-related Incidents and Problems	X
3.      Escalate unresolved Incidents and Problems identified by Supplier to appropriate Health Net personnel in accordance with established procedures.	X
4.      Coordinate the resolution of Software-related Incidents and Problems with external vendors.	X
5.      Maintain a tape library, and tape management system.	X
6.      Implement a solution to perform encryption for all tapes created in the TSM Environment in accordance with the Transformation Plan, and perform encryptions in accordance with such solution. The “TSM Environment” means the environment comprising the following platforms: UNIX, VMS, Wintel, iSeries, and zSeries.	X

Schedule A A - 63 Health Net / IBM Confidential

Final Execution Version

Operations and Administration Roles and Responsibilities	Supplier	Health Net
7.      Monitor the printing performance and take remedial action where required to meet printing performance objectives, including management and control of print queues, queue capacity and print request prioritization;	X
8.      Document all change management tasks in sufficient detail to verify whether the change management processes were followed, and make such Documentation available to Health Net.	X
9.      Recommend batch scheduling requirements.	X
10.    Prepare batch jobs for execution.	X
11.    Execute batch jobs on appropriate servers	X
12.    Implement changes to production batch job scheduling per Health Net’s approved schedule for temporary changes to a production scheduler job, including temporary schedule modification; setup or modification of a job scheduler definition and dependencies or one time schedule change for existing scheduled jobs.	X
13.    Schedule and execute ad hoc Health Net batch requests as necessary.	X
14.    Define job scheduling requirements, interdependencies, Health Net contacts, and rerun requirements for all production jobs.		X
15.    Maintain database of job scheduling, contact, rerun and interdependencies.	X
16.    Prepare job run parameters.	X
17.    Execute production batch jobs on appropriate servers as defined by Health Net schedules.	X
18.    Validate job completion per agreed to processes.	X
19.    Notify the Health Net of job completion results.	X
20.    Resolve ABENDS or interruptions, including those caused by conditions external to production programs, such as disk or tape Problems. Execute re-runs according to existing and/or Supplier –developed (and Health Net approve) operational procedures and restart jobs according to existing and/or Supplier -developed (and Health Net approved) operational procedures (e.g., procedures for successful back-outs, etc.). Create Problem reports for job abnormalities.	X
21.    Manage backup media inventory (e.g., tape, disk, optical and other media type) including the ordering and distribution of media	X
22.    Responsibility for routine regular role swaps for all systems, including iSeries High Availability Systems	X
23.    Perform periodic, incremental and full tape back-ups.	X
24.    Providing input/output processing support for activities such as loading media, sending and receiving batch and electronic file transmissions (e.g. FTPs, printing, etc.).	X

(c) Without limiting the generality of the foregoing, Supplier shall perform the following PDA server administration Functions:

Schedule A A - 64 Health Net / IBM Confidential

Final Execution Version

(i) Applying standard security patches as necessary;

(ii) Applying standard windows patches as necessary;

(iii) Applying standard PDA patches as necessary; and

(iv) Performing weekly server maintenance and database cleanup.

3.7 Technical Support and Administration.

(a) Supplier shall perform the following technical support and administration activities:

(i) Provide regular monitoring and reporting of system performance, utilization and efficiency;

(ii) Provide technical advice and support to the Application maintenance and development staffs as reasonably required;

(iii) Provide Health Net with reasonable access to any Documentation (including updates thereto) for any new, enhanced or modified Systems Software installed by Supplier;

(iv) Provide information to Health Net about the functionality, architecture, data and other aspects of the Systems Software, as reasonably requested by Health Net;

(v) Review all Systems Software conversion plans with Health Net;

(vi) Make available to Health Net published benchmarks and resource utilization statistics related to Systems Software release level upgrades.

(vii) Perform systems tuning; provide reasonable support and advice to the Applications development and maintenance staff on Applications Software tuning; provide monthly performance reporting; and providing systems performance reviews and advice.

(viii) Manage DASD, including by monitoring and controlling storage performance; assigning and initializing DASD volumes; determining data set and volume placement; setting and maintaining DASD resource efficiency; maintaining DASD standards as defined in the Procedures Manual; maintaining space requirements according to Health Net forecasts; defining off-site storage requirements; and managing catalogues and data migration documentation;

(ix) Perform analysis to optimize use of batch production resources, execute mass JCL changes for programmers and End Users, and

Schedule A A - 65 Health Net / IBM Confidential

Final Execution Version

enforce JCL standards, as such standards are defined in the Procedures Manual;

(x) Respond to reasonable requests for development/test/QA platform availability as required by Health Net, and make such capacity available as requested by Health Net-authorized End Users.

(xi) Create, maintain and Refresh development/test/QA databases as a replica of production databases; sanitize data in the development, test and QA environments as required by Health Net’s standards and policies and as otherwise requested by Health Net;

(xii) Maintain the records necessary to track, manage and support warranty service of such Equipment (e.g., serial number, program number, install date, location);

(xiii) Administer the day to day interfacing with third party maintenance providers; and

(xiv) Perform all Equipment recall remediation activities.

3.8 Collaborative Computing and Support System Management Services.

Collaborative computing and support system management Services are those Functions associated with the support of existing and future collaborative computing tools (e.g. Domino, Tumbleweed, Axs-One, RightFax, BlackBerry, Percussion, ServerAdmin Plus) and the following support system management tools (e.g., Remedy/BMC, Evidant, and RespondNow), including the acquisition, installation, upgrade, maintenance, support and tuning of System Software for optimal performance. Without limiting Supplier’s obligations set forth elsewhere in this Schedule A or the Agreement related to Equipment and Software, Supplier shall also perform the collaborative computing and support system management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 24. Collaborative Computing and Support Systems Services Roles and Responsibilities

Collaborative Computing Services Roles and Responsibilities	Supplier	Health Net
1.      Recommend collaborative computing and support system policies and procedures.	X
2.      Participate in defining and accept collaborative computing and support system policies and procedures, including with respect to mail, calendaring and mail messaging delivery components and support system management components.		X
3.      Install, test, provide technical support, database admin., and security administration, for collaborative computing systems and support systems.	X

Schedule A A - 66 Health Net / IBM Confidential

Final Execution Version

Collaborative Computing Services Roles and Responsibilities	Supplier	Health Net
4.      Provide technical assistance and subject matter expertise as required by Health Net and other third parties for collaborative computing and support system products and solutions.	X
5.      Provide administration, Equipment and Software installation, configuration, and ongoing maintenance for production, development, and test systems for the collaborative computing systems and the support systems.	X
6.      Perform configuration changes necessary while following change management practices, to support collaborative computing and support system Services.	X
7.      Propose creation, upgrade and Refresh requirements.	X
8.      Approve creation, upgrade and Refresh requirements.		X
9.      Execute collaborative computing and support system creation, upgrade and Refresh.	X
10.    Execute all collaborative computing system and support system system-level changes (initialization parameters).	X
11.    Maintain Documentation for all collaborative computing and support system parameters and system settings.	X
12.    Maintain consistency of collaborative computing and support system parameters and system settings across all environments; consistency must be maintained according to established development to QA to production life cycle.	X
13.    Define and execute collaborative computing and support system performance tuning and maintain optimal performance.	X
14.    Implement and administer appropriate collaborative computing and support system management tools across all collaborative computing and support system instances. Performance metrics and historical data must be available for trending and reporting.	X
15.    Provide technical assistance and subject matter expertise to Applications developers and third parties.	X
16.    Maintain all appropriate collaborative computing and support system configuration files and installation materials and provide upon request.	X
17.    Open, track, and manage to resolution all collaborative computing and support system Problems with the appropriate collaborative computing OEM support organization.	X
18.    Patch collaborative computing and support Systems Software as needed according to established development to QA to production life cycle.	X
19.    Define collaborative computing and support system backup schedules, retention periods levels (i.e. full, incremental, or differential), records retention, and Legal Preservation Compliance requirements.		X
20.    Execute Health Net’s collaborative computing and support system backup and recovery policies.	X

Schedule A A - 67 Health Net / IBM Confidential

Final Execution Version

Collaborative Computing Services Roles and Responsibilities	Supplier	Health Net
21.    Perform regular administration functions for Remedy, including: weekly updates of CTIDs (Category, Type, Item, Details) and user profiles, password resets as necessary, report and macro creation, permissions evaluation, e.g. user license management, and annual maintenance.	X
22.    Manage the Remedy Knowledge Base including regularly updating it with common solutions, known errors, and workarounds to expedite Incident resolution.	X
23.    Support administration of Rightfax servers and availability of connections to applications requiring high volume faxes through the Rightfax servers.	X
24.    Support existing Evidant probes as well as implement new probes on Equipment and/or Software, as applicable. Troubleshoot existing probes as required by Health Net.	X
25.    Create SAP OS-level accounts as requested.	X
26.    Setup requisite TSM management class (SAP Basis).	X
27.    Build UNIX print queues.	X
28.    Create/modify/remove interface directories as requested.	X
29.    Restore or modify interface files as requested.	X
30.    Terminate a print job as requested (UNIX-portion).	X

3.9 Remote Access Facilities.

(a) Remote access facility Services are those Functions associated with the installation, management, operations, administration and support of those systems that support remote access to computing facilities and services, detailed herein (e.g. VPN, Citrix, Web-based mail, store and forward mail, PPP dial up, etc.). Supplier shall perform the remote access facility Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 25. Remote Access Facilities Roles and Responsibilities

Remote Access Facilities Roles and Responsibilities	Supplier	Health Net
1.      Propose remote access services, standards, policies and procedures.	X
2.      Review and approve remote access services, standards, policies and procedures; approve remote access policies and procedures.		X
3.      Install, test, provide technical support, admin., and security administration for remote access Equipment and Software.	X
4.      Install, test, maintain and support all Software and tools that enable remote access facilities; support Health Net or its third party contractors as necessary to troubleshoot issues with other software made available to Health Net Service Recipients via the remote access facilities.	X

Schedule A A - 68 Health Net / IBM Confidential

Final Execution Version

Remote Access Facilities Roles and Responsibilities	Supplier	Health Net
5.      Provide technical assistance and subject matter expertise as required by Health Net and third parties for remote access products and solutions provided as part of the Services	X
6.      Perform system or component configuration changes necessary to support remote access services.	X

(b) As part of the remote access facilities support Services, Supplier shall also provide the following services:

(i) Support, manage and maintain the access to the Citrix-enabled Applications for remote users via VPN or Citrix. As of the Effective Date, the list of Citrix-enabled Applications is set forth in Exhibit A-8 (Citrix Enabled Applications).

(ii) Manage supply of VPN or Citrix accounts based on demand from Service Recipients who are working remotely; and

(iii) In the event of a termination or resignation of a Health Net employee, Health Net shall coordinate the return of such employee’s Equipment to Supplier Personnel located at a Health Net Facility that is a Campus or a Metro Health Net Facility. To facilitate this process, Supplier shall maintain and provide to Health Net a list of such employee’s Equipment.

3.10 Database Administration.

(a) Database administration support Services are those Functions associated with the maintenance and support of existing and future databases (e.g. MS SQL server, Oracle, DB2, etc.). Supplier’s responsibilities in this regard include:

(i) Managing data, data set placement, database performance, and data recovery and integrity at a physical level;

(ii) Performing database restores from export/DB dumps or backups;

(iii) Implementing new database configuration;

(iv) Performing database tuning,

(v) Seting up test & development database environments;

(vi) Supporting application upgrades including those for enterprise applications (e.g. PeopleSoft);

(vii) Scheduling and monitoring nightly database back-ups;

(viii) Performing database Init Parameter modifications;

(ix) Managing and cleaning the database audit trail and archive logs;

(x) Supporting database distributed option;

Schedule A A - 69 Health Net / IBM Confidential

Final Execution Version

(xi) Performing database upgrades and patches;

(xii) Performing database monitoring including automatic trouble ticket generation for Problems;

(xiii) Performing security administration including managing role and user database permissions in accordance with Health Net policies;

(xiv) Performing security administration including managing role and user database permissions in accordance with Health Net policies;

(xv) Ensuring data integrity and implementing corrections;

(xvi) Performing database support activities, including:

(A) Managing database availability and resources;

(B) Managing database space (allocated and used);

(C) Performing day-to-day operational database capacity planning and performance tuning;

(D) Performing physical database maintenance (including running of appropriate utilities, jobs, and working problems/updates to existing jobs as required);

(E) Support data loads and unloads as required;

(F) Monitoring the size of the physical database objects; and

(G) Performing database reorganization, including to improve performance and reclaim space.

(xvii) Providing physical DBMS support for production application databases;

(xviii) Executing and completing imports for data restores;

(xix) Creating new databases and objects;

(xx) Performing schema changes (e.g. creation, alteration, and deletion of tables and indices, compilation and dropping of stored procedures and triggers);

(xxi) Establishing and maintaining database configuration and system parameters in a consistent manner across like database environments;

(xxii) Executing processes for the proper maintenance and functioning of databases, e.g. updating table/index statistics, dropping and rebuilding tables/indices, etc.;

Schedule A A - 70 Health Net / IBM Confidential

Final Execution Version

(xxiii) Determining file reorganization requirements, schedule and run reorganizations;

(xxiv) Managing database changes in accordance with Section 2.17 and with the Health Net’s change management policies and procedures; and

(xxv) Maintaining operational database documentation and the physical DBA support process and desk-side procedure documentation.

(b) Supplier shall perform the database administration Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 26. Database Administration Roles and Responsibilities

Database Administration Roles and Responsibilities	Supplier	Health Net
1.      Define authorization requirements for users, roles, schemas, etc. and approve change requests.		X
2.      Execute authorization change requests.	X
3.      Define database creation, upgrade and Refresh requirements.		X
4.      Execute database creation, upgrade and Refresh.	X
5.      Execute all database system level changes (initialization parameters).	X
6.      Execute all schema changes for all instances.	X
7.      Define database data definition requirements for Software (MAC for tables, triggers, attributes, etc.).		X
8.      Execute database data definition requirements for Software (MAC for tables, triggers, attributes, etc.).	X
9.      Maintain documentation for all database instance parameters and system settings.	X
10.    Maintain consistency of non-sizing and non-platform specific database parameters and system settings across all like instances; consistency must be maintained according to established development to QA to production life cycle.	X
11.    Define database definition and manipulation requirements for Software and developer schemas.		X
12.    Execute database data definitions for non-managed Software and developer schemas.	X
13.    Recommend and execute database performance and tuning scripts and keep database running at optimal performance for Health Net’s workload.	X
14.    Implement and administer appropriate database management tools across all database instances. Performance metrics and historical data must be available for trending and reporting over a minimum of six (6) months.	X

Schedule A A - 71 Health Net / IBM Confidential

Final Execution Version

Database Administration Roles and Responsibilities	Supplier	Health Net
15.    Identify and resolve locking conflicts, latch contention, rollback requirements, etc. for all database instances.	X
16.    Provide technical assistance and subject matter expertise to Health Net Applications developers and third-party Software vendors.	X
17.    Provide data dictionary expertise, Data Warehouse metadata definition, data mapping functions and creation of data cubes.		X
18.    Maintain DBMS software release matrix across non-production and production environments for all operating system, database, and application releases and patches.	X
19.    Maintain all appropriate database configuration files and provide needed install materials to the managed help desk. Provide second-level help desk support for Health Net access Problems.	X
20.    Open, track, and manage to resolution all database Problems with the appropriate database support organization.	X
21.    Apply patches as required and follow Health Net’s development to QA to production life cycle. Correlate internal change requests to vendor tracking codes.	X
22.    Configure, install and maintain database communication Software.	X
23.    Manage Health Net’s database storage requirements.	X
24.    Develop database maintenance procedures.	X
25.    Review and approve security standards and maintenance procedures.		X
26.    Define database backup schedules, retention periods, levels (i.e. full, incremental, or differential).		X
27.    Execute Health Net’s database backup and recovery policies.	X
28.    Recommend partitioned resources and/or server domains for application performance/processing.	X
29.    Implement and maintain partitioned resources and/or server domains.	X
30.    Installing and upgrading server DBMS, operating systems.	X

(c) Service Provider shall provide database administration Services for all Health Net Data sets and Applications existing as of the Effective Date or subsequently added during the Term.

3.11 Middleware Administration.

(a) Middleware administration support Services are those Functions associated with the maintenance and support of existing and future Middleware (e.g. BEA Weblogic, AquaLogic Service Bus, Tibco Rendezvous, HP WSIT, Apache, Argus). “Middleware” means Systems Software that provides (i) the runtime hosting environment (a container) for Application program logic using embedded or external communication Middleware to help programs interact with other programs; (ii) resource management Services for hosting Application program logic at runtime; and (iii) interfaces to one or several forms of communication Middleware (oneway messaging and request/reply).

Schedule A A - 72 Health Net / IBM Confidential

Final Execution Version

The full collection of all interfaces provided by a Middleware product represents a programming model. Supplier shall perform the Middleware administration support Services, including:

(i) Creating and Refreshing development/test/QA instances;

(ii) Configuring new Middleware;

(iii) Managing and cleaning audit trails and logs;

(iv) Performing upgrades and patches;

(v) Manage automatic trouble ticket generation for Problems;

(vi) Performing security administration activities, including managing role and user permissions in accordance with Health Net policies;

(vii) Verifying data integrity and implementing corrections;

(viii) Perform performance monitoring, analysis, and tuning;

(ix) Performing object changes (e.g. creation, alteration, and deletion of objects);

(x) Establishing and maintaining configuration and system parameters in a consistent manner across like server environments; and

(xi) Maintaining operational administration of Middleware, including by performing load balancing, tuning, configuration management, etc.

(b) Supplier shall perform the Middleware administration Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 27. Middleware Administration Roles and Responsibilities

Middleware Administration Roles and Responsibilities	Supplier	Health Net
1.      Define authorization requirements for users, roles, objects, etc. and approve change requests.		X
2.      Execute authorization change requests.	X
3.      Define Middleware creation, upgrade and Refresh requirements.		X
4.      Execute Middleware creation, upgrade and Refresh.	X
5.      Execute all Middleware system level changes (initialization parameters)	X
6.      Execute all object changes for all instances.	X

Schedule A A - 73 Health Net / IBM Confidential

Final Execution Version

Middleware Administration Roles and Responsibilities	Supplier	Health Net
7.      Maintain Documentation for all Middleware instance parameters and system settings.	X
8.      Maintain consistency of non-sizing and non-platform specific Middleware parameters and system settings across all like instances; consistency must be maintained according to established development to QA to production life cycle.	X
9.      Define and execute Middleware performance tuning and keep Middleware running at optimal performance for Health Net’s workload.	X
10.    Implement and administer appropriate Middleware management tools across all Middleware instances. Performance metrics and historical data must be available for trending and reporting over a minimum of 6 months.	X
11.    Identify and resolve conflicts, contention, rollback requirements, etc. for all Middleware instances.	X
12.    Provide technical assistance and subject matter expertise to Health Net and third parties.	X
13.    Maintain all Middleware configuration files and provide needed install materials to the managed help desk.	X
14.    Open, track, and manage to resolution Middleware Problems with the appropriate help desk / support organization.	X
15.    Apply patches as required and following Health Net’s development to QA to production life cycle. Correlate internal change request to vendor tracking codes.	X
16.    Configure, install and maintain Middleware communication Software.	X
17.    Define Middleware backup schedules, retention periods, levels (i.e. full, incremental, or differential)		X
18.    Execute Health Net’s Middleware backup and recovery policies.	X
19.    Supporting Application development and production Incidents and Problems, including by working with Health Net or other third parties.	X

3.12 Messaging Services.

In addition to the Services applicable to all Servers, Supplier shall provide the required Supplier Personnel resources for the administration and support of Health Net’s messaging environment, including the administration of Servers, support of the messaging architecture, collecting and reporting messaging specific data, and technical support, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 28. Messaging Roles and Responsibilities

Schedule A A - 74 Health Net / IBM Confidential

Final Execution Version

Messaging Roles and Responsibilities	Supplier	Health Net
1.      Provide administration of the messaging domains and servers, including e-mail, internet mail, public folders, gateways and other any agreed to Health Net approved messaging components.	X
2.      Proactively monitor and support the status and operation of Health Net’s messaging architecture.	X
3.      Proactively monitor the status of all messaging Servers and messaging Software.	X
4.      Execute the appropriate alerts for messaging Servers and messaging Software and take the appropriate steps to return the messaging Software to service.	X
5.      Provide and maintain referral contacts for messaging Software.		X
6.      Provide information about the points of activity to monitor within each messaging Software.		X
7.      Provide design and configuration changes to Health Net distributed systems environment for Software.	X
8.      Provide technical support for the development and staging of the messaging environment.	X
9.      Provide Systems Software support for the messaging development environments.	X
10.    Educate, train and inform help desk staff on messaging Software changes, enhancements and modifications.	X
11.    Provide backup and recovery services for individual mailboxes.	X
12.    Maintain Health Net managed distribution lists.	X
13.    Provide names of Health Net managed messaging distribution lists and policies identifying distribution list membership policies, and identify existing tools and procedures to streamline distribution list maintenance.		X

4. DATA NETWORK SERVICES

(a) “Data Network Services” means those Functions necessary to analyze, plan, design, implement, operate, maintain, monitor, and manage the Data Network. Data Network Services include (i) those Functions described in this Section 4, and (ii) the O&M Services and the Enterprise Security Management Services, each as they apply to the Functions, Equipment, Software, process, or other activities described in this Section 4.

(b) “Data Network” shall mean the Health Net enterprise data transport network that interconnects the Health Net corporate headquarters in Woodland Hills, CA with its data centers, business units, End User locations, business partners, and customers. The enterprise Data Network consists of Local Area Networks (LANs) (including any wireless networks) at the Health Net data centers and at the Health Net Facilities listed on Schedule F, the Metropolitan Area Network (MAN) SONET rings at the Woodland Hills, CA location and the Rancho Cordova Data Center; a Wide Area Network (WAN) that interconnects all the Health Net locations; and Remote Access Services (RAS) network components.

Schedule A A - 75 Health Net / IBM Confidential

Final Execution Version

4.1 Planning and Analysis.

Supplier shall perform the planning and analysis Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 29. Planning and Analysis Roles and Responsibilities

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
1.      Recommend design enhancements and standards for the Health Net Data Network, including wireless network services.	X
2.      Review and approve design enhancements and standards for the Health Net Data Network, including wireless network services.		X
3.      Perform business liaison function to Health Net business and operational units		X
4.      Perform the Data Network Services-related business liaison function to Health Net network services vendors and suppliers for capacity planning and analysis.	X
5.      Perform technical planning assistance with Health Net IT technical staff for capacity and performance for the Health Net Data Network	X

4.2 Asset Acquisition and Management.

Supplier shall perform the asset acquisition and management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 30. Asset Acquisition and Management Roles and Responsibilities

Asset Acquisition and Management Roles and Responsibilities	Supplier	Health Net
1.
2.      Provide Health Net Data Network Services, including network devices, connectivity, circuits and services as defined by Health Net	X
3.      Configure network Equipment and Software prior to installation, as appropriate.	X
4.      Manage and maintain router/switch configuration files.	X

4.3 Engineering/Development.

Supplier shall perform the following engineering and development Services:

(a) Plan, analyze, develop, design, and engineer the Data Network Services;

(b) Provide, operate, maintain, and manage the network monitoring and management tools;

(c) Provide design and development engineering services for all Data Network devices, such as hubs, switches, routers, network appliances, VPN concentrators, firewall devices, and wiring and cabling services; and

Schedule A A - 76 Health Net / IBM Confidential

Final Execution Version

(d) Select, configure, and implement data network Equipment and Software.

4.4 Integration and Testing.

Supplier shall perform the following integration and testing Services:

(a) Verify that all individual networking communications components configured with or added to the infrastructure work together properly as a cohesive networking environment, performing all of the intended functions; and

(b) Make adjustments to Health Net’s network infrastructure as a result of changes to architectural standards or discovered security vulnerabilities.

4.5 Implementation and Migration.

Supplier shall perform the following implementation and migration Services:

(a) Install new and upgraded Equipment, Software, including premise wiring and cabling, network configurations (e.g., switches, routers, VPN appliances, Wireless LANs, Firewalls, and transmission facilities defined in WAN services configuration), and system management tools;

(b) Perform network upgrades as a result of those new and enhanced applications and architectures that are implemented in accordance with the change and release management processes described in Section 2.17; and

(c) Perform migration of data, either electronic or manual, for network system management repositories, address tables, Management Information Bases (MIBs), and other network management elements.

4.6 Circuit Support Services.

Circuit support Services are those voice and data Functions associated with planning, designing and operating the various voice and data network technologies and services. The supplier shall perform capacity planning, design, configuration and ongoing monitoring of services required to support projects and operational initiatives as defined in the table below, except those functions that are expressly identified and retained Health Net responsibilities in the roles and responsibilities table below.

Table 31. Circuit Support Services Roles and Responsibilities

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
1.      Provide capacity monitoring and planning on all Voice Network and Data Network circuits and other network Equipment and inform Health Net when capacity issues arise that require an increase in circuit bandwidth or network capacity.	X
2.      Establish technology standards for the WAN and LAN technologies, services and capacity.		X

Schedule A A - 77 Health Net / IBM Confidential

Final Execution Version

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
3.      Provide WAN, LAN design services, including any complex design solutions proposed, that are in compliance with Health Net technology and service standards in support of operational, project or engineering requests.	X
4.      Review and approve all WAN, LAN designs, including any complex design solutions proposed.		X
5.      Establish standards for Equipment configuration, documentation and addressing.		X
6.      Manage Equipment configuration and implementation activities per Health Net defined standards required to support ongoing circuit operational and implementation activities.	X
7.      Manage Equipment configuration and documentation files and back-ups so that service restoral times are minimized for Health Net customer, business partners and associates.	X
8.      Provide active monitoring of all Health Net circuit facilities so that all errors, alarms and alerts are resolved in a manner providing the minimum impact or disruption to Health Net operations.	X
9.      Manage vendors and vendor contracts required to support Health Net voice, data and converged network services to minimize service disruption and maximize performance and through put of the networks.	X

4.7 Operations and Administration.

Supplier shall perform the following operations and administration Services:

(a) Operations activities, including:

(i) Network systems management and troubleshooting (for example, performance, Problem, change and capacity monitoring);

(ii) Bandwidth management;

(iii) Monitoring protocol usage statistics (for example, identify top talkers by protocol);

(iv) Working with public carriers and other circuit providers to implement new or upgraded Data Network Equipment and Software; and

(v) Working with public carriers and other circuit providers to perform the operations and administration Services;

(vi) Respond, repair and restore the Services, Equipment and Software to their prior working state and configuration after a response to Network and Equipment errors, alarms, and alerts; and

(vii) Provide comprehensive monitoring services on a continuous basis for all network circuits, Equipment and Services. The Supplier

Schedule A A - 78 Health Net / IBM Confidential

Final Execution Version

will promptly respond to all monitored events to minimize the impact to Health Net Service Recipients.

(b) Administration services, including:

(i) Managing router/switch configurations, firewalls, Internet Protocol (IP) addresses, providing Internet access, and administration of Domain Name Service (DNS) and DHCP, and administration of the Health Net-approved Internet URL Filtering;

(ii) Providing volume/metric data (or web portal access to data) for services, reporting services as agreed with Health Net;

(iii) Performing physical and logical administration of network Equipment and Software, including performing IMACs in accordance with Section 2.8;

(iv) Managing and maintaining all Data Network devices, including the Equipment and Software, that are required to provide the Services; and.

(v) Performing the services decsribed in Section 5.5(b)(iii) for the Data Network Services, including with respect to data transport services.

(c) Supplier shall perform the operations and administration Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 32. Operations and Administration Roles and Responsibilities

Operations and Administration Roles and Responsibilities	Supplier	Health Net
1.      Provide LAN (virtual LAN [VLAN], wireless) communications, including all network traffic originating from desktop devices, file and print servers, Application servers, database servers, peripherals, firewall/routers, network printers and other network devices. This service ends at the interface to the edge device at the WAN.	X
2.      Perform quality control reviews of the Data Network Services and administration polices to verify in compliance with the Agreement and Health Net policies and procedures	X
3.      Define categories of content & users for internet content filtering and monitoring.		X
4.      Monitor internet content filtering configuration, administration & reporting.	X
5.      Perform day-to-day operations and administration activities as defined above.	X
6.      Perform system backups and handle per established procedures.	X
7.      Respond quickly and efficiently to all installation and maintenance initiatives.	X

Schedule A A - 79 Health Net / IBM Confidential

Final Execution Version

Operations and Administration Roles and Responsibilities	Supplier	Health Net
8.      Managing network Quality of Service (QoS) parameters to maintain bandwidth allocation and prioritization of Software within Health Net’s network.	X
9.      Provide Data Network engineering activities in support of the Health Net business continuity contract for the Health Net call centers mobile call center trailers during disaster recovery Testing and disaster recovery events.

4.8 Network Performance Management.

Network performance management Services are those Functions associated with managing, monitoring and tuning the various networks. Supplier shall perform the Network performance management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 33. Network Performance Management Roles and Responsibilities

Network Performance Management Roles and Responsibilities	Supplier	Health Net
1.      Develop and document network performance requirements and projections.	X
2.      Develop and document performance management procedures that meet requirements and adhere to defined policies.	X
3.      Approve performance management procedures.		X
4.      Perform tuning to maintain optimum performance across the network.	X
5.      Manage network resources, devices and traffic to meet defined availability and performance Service Levels and other performance requirements.	X
6.      Provide technical advice and support to the Application maintenance and development staffs as required.	X
7.      Evaluate, identify and recommend configurations or changes to configurations which will enhance network performance.	X
8.      Develop improvement plans as appropriate.	X
9.      Authorize improvement plans.		X
10.    Implement improvement plans. Coordinate with Service Recipients and other third-parties as necessary.	X

4.9 Local Area Network (LAN) Services.

(a) LAN Services mean those activities associated with (a) providing of LAN (wired and wireless) communications, including Dynamic Host Control Protocol (DHCP)/Domain Name Server (DNS) administration, and (b) supporting all network traffic originating from desktop devices, file and print servers, Application servers, database servers, peripherals, firewalls/routers and, other LAN-attached network devices. LAN Services provide the interconnection for Health Net user groups to the WAN. Supplier shall be responsible for performing all LAN Services, including the supporting of all wireless access points (WAPs), which must be located behind Health Net firewalls. Supplier shall authenticate all connections to these wireless access points.

Schedule A A - 80 Health Net / IBM Confidential

Final Execution Version

(b) The following are the relevant demarcation points within, between and among the LAN:

(i) The demarcation point between the LAN and the WAN is the LAN port on the WAN router.; and

(ii) The demarcation point between the LAN and a network end point device (e.g., computer workstation, IP phone, server) is the proximal ethernet LAN port to that device inclusive of an ethernet cable not longer than twenty (20) feet.

(c) For the avoidance of doubt, LAN Services does not include in-wall wiring and in-wall cabling.

4.10 Wide Area Network (WAN) Services.

WAN Services mean those Functions associated with the provision of WAN communications, commencing at the LAN port on the WAN router, including all transport services and all network traffic between the WAN and the LAN. The WAN service transports customer information between major locations and branch offices in the enterprise. The WAN also allows interface to external wide-area services delivered by other providers. Supplier shall be responsible for performing all WAN Services.

4.11 Metropolitan Area Network (MAN) Services.

The MAN Services means those Functions associated with the provision of the SONET-based access, connectivity, and transport MAN at the Woodland Hills, CA corporate headquarters and the locations and services attached to the SONET ring at that location and the Rancho Cordova Data Center and locations and services attached to the SONET ring at that location.

4.12 Virtual Private Network (VPN) Services.

(a) VPN Services are those Functions associated with operating and maintaining Health Net’s Virtual Private Network, including:

(i) Providing dedicated site-to-site VPN, as well as Remote Access Services VPN connectivity on a shared public IP network using industry/Internet-based standards for security to create and preserve privacy, data integrity, and authenticity;

(ii) Making available remote access to the Health Net network for Health-Net approved Service Recipients;

(iii) Implementing, managing and maintaining remote access gateways at all Health Net Facilities;

(iv) Providing remote access services (RAS) client Software and connectivity for IP VPN access;

Schedule A A - 81 Health Net / IBM Confidential

Final Execution Version

(v) Developing technical documentation and drawings that are necessary to maintain services; and

(vi) Providing network monitoring and testing capability.

(b) Supplier shall perform the VPN Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 34. VPN Services Roles and Responsibilities

VPN Services Roles and Responsibilities	Supplier	Health Net
1.      Provide support for dedicated site to site VPN and Remote Access Services VPN connectivity on a shared public IP network.	X
2.      Provide technical drawings and documentation of the VPN network.	X
3.      Review and approve VPN network design documents.		X
4.      Provide monitoring, management, and testing of the VPN network.	X
5.      Provide access approvals for Health Net Service Recipients.		X
6.      Implement rule changes for the VPN network and maintain approved access lists for Health Net Service Recipients.	X
7.      Review and approve VPN baseline alerts and thresholds.		X
8.      Provide general management reporting on VPN services.	X
9.      Provide periodic VPN audits.	X
10.    Review and approve periodic audit plans and audit reports/results.		X

5. VOICE NETWORK SERVICES

(a) “Voice Network Services” means those Functions necessary to analyze, plan, design, implement, operate, maintain, monitor, and manage the Voice Network. Voice Network Services include (i) those Functions described in this Section 5, and (ii) the O&M Services and the Enterprise Security Management Services, each as they apply to the Functions, Equipment, Software, process, or other activities described in this Section 5.

(b) “Voice Network” means the HealthNet enterprise voice transport network (including all Equipment and Software) that interconnects the Health Net corporate headquarters in Woodland Hills, CA with its data centers, business units, End User locations, business partners, and customers. The Voice Network includes user access devices (such as analog and IP telephones, Software-based soft phones, mobile telephones, etc), access circuits, transport circuits, and voice switches (PBX, Key System, Call Managers, Voice Gateways, ACD).

5.1 General Obligations.

(a) The Voice Network Services will be available to Health Net Service Recipients, as approved by Health Net.

Schedule A A - 82 Health Net / IBM Confidential

Final Execution Version

(b) Supplier will manage and maintain all Equipment, lines and circuits related to the Voice Network and shall assume responsibility for the operation of the Voice Network and services, including Voice Network management, common carrier and local access management, Equipment design, circuit ordering, maintenance coordination, and Problem prevention, identification, and resolution.

(c) Without limiting Supplier’s responsibilities as set forth elsewhere in this Section 5 or with respect to the O&M Services, Supplier’s overall Voice Network responsibilities include the following Functions:

(i) Manage and monitor connectivity between all Voice Network locations.

(ii) Maintain the Voice Network lines and circuits, including as needed to meet the Service Levels and other performance metrics.

(iii) Upon Health Net’s request, reallocate the bandwidth assignment of the Voice Network circuits.

(iv) Perform changes to the Voice Network based on receipt of a Service Request in accordance with Section 7.5 or otherwise as needed to perform the Services.

(v) Manage Voice Network Equipment, Software and Services for all maintenance and upgrade activities.

(vi) Coordinate and scheduling planned Voice Network outages related to installation and maintenance during off-peak hours and only after Health Net approval.

(vii) For any non-scheduled outages, provide Health Net with a detailed explanation that identifies the regional impact, how the outage occurred, and what preventative measures are being taken to prevent such an outage in the future.

(viii) Serve as a single-point-of-contact for all Voice Network requirements.

(ix) Coordinate with inter-exchange carriers and other applicable third party vendors to provide connectivity.

(x) Identify and resolve Incidents and Problems on the Voice Network.

(xi) Identify possible product and enhancement opportunities for improved performance and potential cost savings.

(xii) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), provide call accounting support to manage and monitor per-call activity. These services include on-going daily checks, and input of MACs, circuits, 800 numbers, long-distance authorization codes.

Schedule A A - 83 Health Net / IBM Confidential

Final Execution Version

(xiii) Perform Problem reporting and reconciliation of invoices with call accounting data, including call detail reporting.

(xiv) Maintain long distance authorization code database; perform updates (adds, deletes, changes) to such database based on approved changes submitted by Health Net; coordinate updates with adds, deletes, and changes (location and names).

(xv) Perform administration of Direct Inward Dial (DID) number.

(xvi) Perform administration of Dial modems including configuring, maintaining and testing of remote voice systems monitoring.

(xvii) Perform administration and support of ACD (manage, monitor, configure, etc.).

(xviii) Perform voicemail monitoring including administration.

(xix) Perform IVR support, including supporting the ACD trunking (talk-path and signaling channel) infrastructure that serve both Health Net and business partner IVRs . Health Net’s network IVR contains interfaces and integration points to existing host platforms/Software (for example, a Middleware interface to Symphony, the Nortel ACD environment, and call flow). Supplier shall support and provide general administration Services for such interfaces, integration points, platforms, systems and their interfaces (ex: Middleware, Nortel ACD, call routing.)

(xx) Supplier should provide support for the In-Scope CTI Interfaces, including by performing the following:

(A) Provide CTI engineering services

(B) Consult with other IT teams or external partners to develop and implement standard architecture for CTI instances.

(C) Produce logical network data flow diagrams for each CTI instance.

(D) Involvement with security engineering team to verify CTI instances meet all existing Health Net security practices and requirements and implement corrective measures in the event of any deficiencies.

(E) Attend project-related meetings as necessary, including but not limited to project status meetings, requirements gathering, design reviews, and implementation planning.

(F) Perform 2nd and 3rd level CTI technology support to detect and isolate Problems with CTI instances. Provide root cause analysis support and participation for Problems or issues that may occur in the Health Net environment or that of a partner CTI instance.

Schedule A A - 84 Health Net / IBM Confidential

Final Execution Version

(G) Support of internal, external, or customer-based audits and assessments of CTI instances as required.

(H) Interface with Service Recipients or other third party vendors as needed by the business units in support of specific requests / Problems.

(I) Troubleshoot issues and evaluating new connectivity/products/etc.

(J) Participate with team members and technical groups in process improvements, projects/initiative task handoffs between the various teams or project prioritization / coordination.

(d) “In-Scope CTI Interfaces” means the following CTI interfaces: (i) the CTI instance between the Health Net Aspect Spectrum ACD and a business partner’s Genesys T-Server environment via the custom connector (Health Net owned) for CallPath; (ii) the CTI instance between the Health Net Aspect Spectrum ACD and the Health Net Etalk quality monitoring environment; (iii) the CTI instance between the Health Net Aspect Spectrum ACD and the Health Net EWFM agent scheduling environment; and (iv) the CTI instance between the Health Net Aspect Spectrum ACD and the Health NetCentergistics and Alpha American Reader Board environment.

(e) Supplier shall perform the following Voice Network control Functions, including by performing level 3 / OEM support and contacting and coordinating with third parties, as necessary:

(i) Monitor and control systems; allocate resources (using standard configurations) and necessary and in a timely and accurate manner.

(ii) Define and document system configurations and operating instructions; monitor Voice Network operations and log & report all Software, hardware and network failures.

(iii) Respond to Voice Network trouble tickets and answer and respond to requests, based on Priority and refer complex issues or Problems to the appropriate support organization.

(iv) Manage and respond to Voice Network trouble tickets and perform Incident and Problem determination and resolution; escalate Incidents and Problems in accordance with Health Net’s policies and procedures; and

(v) Manage Service Levels and coordinate daily operation with third party voice service providers (including LECs, Carriers, and Equipment and Software maintenance providers).

(f) For Voice Equipment, Supplier’s solution will support:

Schedule A A - 85 Health Net / IBM Confidential

Final Execution Version

(i) Planning, implementation, and administration of premise voice Equipment at all Health Net locations, including but not limited to analog, digital, private branch exchange (PBX), ACD Systems, voice mail, voice over IP (VoIP), other proprietary systems, Integrated Services Digital Network (ISDN), telephone sets, electronic key systems, and systems providing compatible functionality; and

(ii) Installation, configuration, and maintenance of voice telecommunications dial-up Equipment and Software, such as modem pools.

5.2 Planning and Analysis.

Supplier shall perform the planning and analysis Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 35. Planning and Analysis Roles and Responsibilities

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
1.      Perform business and technical liaison function to Health Net network vendors suppliers and carriers for capacity planning and analysis.	X
2.      Develop a capacity and performance plan.	X
3.      Review and approve the capacity and performance plan.		X

5.3 Asset Acquisition and Management.

Supplier shall perform the asset acquisition and management Services, including:

(a) Order and expedite circuits and other network Equipment and Services as defined by Health Net;

(b) Configure Voice Network components (e.g., Equipment, Software and Software Circuits) prior to installation, as appropriate; and

(c) Manage voice system/switch configuration files.

5.4 Implementation and Migration.

Supplier shall perform, upon the receipt of a Service Request or otherwise as needed to perform the Services, the following implementation and migration Services:

(a) Installing new and upgraded Equipment and Software, including reasonable cabling for existing Health Net Facilities (including cabling within the Health Net data centers), Ethernet power modules, Systems Software components and transmission facilities;

Schedule A A - 86 Health Net / IBM Confidential

Final Execution Version

(b) Performing data migration from existing systems to any new systems, by either electronic or manual methods; and

(c) Coordinating with other Health Net business areas or external third parties as may be required to perform the Services.

5.5 Operations and Administration.

Supplier shall perform the following operations and administration Services:

(a) Operations Services, including:

(i) System monitoring of log files, table sizes, etc.

(ii) Data backup and recovery; and

(iii) Voice system security monitoring activities in accordance with Health Net security policies to the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades).

(b) Administration services, including:

(i) Provide account administration for telecom Services, including for third party hosted, web, audio only conferencing and calling cards via the Health Net request management tool (Health Net’s IS Request system, as of the Effective Date), including creating new accounts, account activations and modifying, deleting existing accounts. Overall administration Services will include:

(A) Support of a database of calling cards;

(B) Creatiion of new accounts, perform account activations, and modify and/or delete existing accounts;

(C) Manage End User initiated and approved requests, and related workflow;

(D) Fulfill End User requests;

(E) Track daily orders to completion/cancellation, with target response times to complete as required by Health Net, and as defined in the Procedures Manual;

(F) Monitor daily Health Net employee termination reports to suspend terminated Health Net employees’ accounts for these services; and

(G) Review monthly invoices and report to Health Net on any observed trends, including usage abuse.

Schedule A A - 87 Health Net / IBM Confidential

Final Execution Version

(ii) Perform physical and logical installations, moves, adds and changes (IMACs), including:

(A) Manage IMAC Service Requests via the Health Net IS Request Telecom sub-system (or other similar workflow based repository, as approved by Health Net), including by:

• Owning the intake queue, assessing and acting on each request.

• Performing IMAC activities related to telephones, telephone lines, modems, fax lines or call center phone activities, remotely or by assigning a technician to complete the MAC in-person on-site, as required by Health Net. For requests exceeding ten (10) or more MACs, seek Health Net approval for project requirements.

• Alert Health Net for non-standard Services requests and requests that are potential security violations, as defined in the Procedures Manual, and seek approval for all such requests before provisioning. Examples of such requests include: off net call forward and trunk-to-trunk transfers, requests for a modem.

• Daily, track requests to completion/cancellation with target response times to complete (including forwarded requests), as required.

(B) Manage both on-site and remote-site MAC activity. The Move, Add, Change (MAC) projects should be tracked and documented per Health Net requirements. All billable repair work should be tracked through Remedy tickets and documented per Health Net requirements. The process followed by Supplier should provide the necessary documentation trail for invoices to IS Requests, MAC activity, and break/fix activity. Specifically Supplier should provide:

• For Voice MACs: (i) maintenance on Nortel, Cisco/IPTel, Aspect technology voice platforms (or other technology platforms as used by Health Net) and (ii) response to requests including phone moves, change designations on instruments etc.; and

• For Voice/data circuits: Provision paper-based, manual or automated requests for circuits to support changes to Health Net’s business locations.

(iii) Supplier will manage the inventory of telecom services (where such services may be for voice and data networks), by performing the following:

Schedule A A - 88 Health Net / IBM Confidential

Final Execution Version

(A) Administer the Rivermine Telecom Expense Management (TEM) application. Rivermine is used for the processing, coding, and paying of all telecom invoices received by Health Net. Rivermine also provides the circuit inventory and management function, and the vendor order process.

(B) Maintain a detailed inventory of telecom services provided to Health Net and conduct periodic audits to the system including port level billed versus in-use services and remove unused or obsolete services.

(C) Manage incoming vendor invoice charges for voice and data network services from both local and IXC carrier/providers, via both manual & EDI interfaces and support timely and accurate payment of all Health Net telecom billing. Provide relevant information on telecom charges to designated Health Net representatives to enable the administration of associated cost center and Health Net internal charge-backs. Supplier will also:

• Validate that order and disconnect requests for all voice and data circuits are reflected correctly on bills; report to Health Net any anomalies or issues and per Health Net’s approval resolve them with the carrier.

• Validate billing against contract and tariff rates plus recent payment history and report to Health Net on any observed trends.

• Support Health Net by providing requesting information as needed, if they choose to audit telecom activity and billing validation efforts.

• Conduct monthly analysis and reporting of billing issues or trends (including analysis of bursting fees versus port speed adjustments) impacting budget and budget forecast and report Health Net on any observed trends.

• Perform timely performance of analysis to ensure no late fees are assessed and no service disconnects occur due to late or missed payments.

• Maintain cost center allocation of all telecom charges to each line of business, including investigation and resolution of invoiced telecom services not previously allocated to a business cost center.

• Provide telecom circuit ordering and associated test and billing activity per Health Net required turn-up dates.

(c) Supplier shall also perform those Functions listed in the roles and responsibilities table below.

Schedule A A - 89 Health Net / IBM Confidential

Final Execution Version

Table 36. Operations and Administration Roles and Responsibilities

Operations and Administration Roles and Responsibilities	Supplier	Health Net
1.      Provide network operations center (NOC) functions (including all Equipment, Software, and resources) necessary to continuously monitor service delivery	X
2.      Perform quality reviews of operations and administration polices for compliance with Health Net security policies.	X
3.      Perform day-to-day operations and administration activities as defined above	X
4.      Perform interface liaison with public carriers and voice services suppliers.	X
5.      Perform interface liaison with other third-party service providers as necessary to support the Voice Network.	X
6.      Provide installation and maintenance Services for the Voice Network.	X
7.      Provide Voice Network engineering services in support of the Health Net business continuity contract for the Health Net call centers mobile call center trailers during disaster recovery testing and disaster recovery events.	X

5.6 Desk Phone Service.

(a) Supplier shall perform the Functions necessary to provide, implement, support, monitor, and maintain the Equipment and dial tone necessary to get traditional telephone service to Health Net, including planning and assessment, implementation, training as described in Section 2.18 of this Schedule A (Services) and ongoing management of the telephone service, PBX Equipment, telephone Equipment, and auxiliary Equipment, so that End Users can (as permitted by Health Net policies and procedures) receive incoming calls and make intra-campus, inter-campus, outside local, outside long distance, and international calls (the “Desk Phone Services”). Desk Phone Services includes all of the services described in this Section 5.6 as well as support for soft phones running directly on desktops/workstations without the use of additional voice instrument.

(b) Supplier shall, as part of the Desk Phone Services, support all telephone and auxiliary Equipment, including feature rich single-line telephones, multi-line telephones, consoles, and auxiliary Equipment such as headsets, speakerphones, and add-on modules.

(c) Supplier shall also, as part of the Desk Phone Services, make available the following telephone features at the Health Net Facilities:

(i) Connectivity at Health Net Facilities to the handset and headset with local and long distance voice services;

(ii) Number portability (campus portability);

(iii) Conference room speaker phones;

(iv) Lobby and other common area telephones;

Schedule A A - 90 Health Net / IBM Confidential

Final Execution Version

(v) Intra-premise circuits;

(vi) Alternate paths (as necessary) required to meet Service Levels;

(vii) Local Service connectivity: including:

(A) Local connectivity with access to (i) other telephone numbers in the same system (e.g., an internal call), (ii) the local dial area, (iii) long distance, (iv) station Equipment (e.g., telephone sets and other Equipment), and (v) inbound toll-free services;

(B) A proposed migration plan from analog to digital or other emerging/converging technologies;

(C) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), Supplier is accountable to configure the Equipment and Services to prevent fraudulent billing to Health Net lines (e.g., third-party billed, 900/976 and collect calls); and

(D) Telephone sets as approved by Health Net for authorized users.

(viii) Wireless Headset and Handsets;

(A) On system and/or on premises (within building) wireless service;

(B) Minimum and maximum ranges for single system antennas/handsets;

(C) Engineering services for initial deployment and subsequent annual engineering premise check and adjustment of antenna/base Equipment to encompass a facility;

(D) Support for related Equipment, including wireless phones and associated Equipment (e.g., antennas, coax, duplexers, combiners, power supplies, etc.); peripherals (batteries, chargers, microphones, etc.); antennas; alarm reporting; radio frequency (RF) Equipment; multiplex Equipment; interfaces;

(E) Provide reasonable support for premises wireless phones that Health Net deploys as a future capability;

(ix) Responsibility for the deployment and on-going support of soft phones that emulate a desk phone on a desktop/workstation;

(x) Dialing plans:

(A) Support Health Net’s desire to keep its numbering scheme and the ability to accommodate expected growth; and

(B) Support and operate internal dialing plans.

Schedule A A - 91 Health Net / IBM Confidential

Final Execution Version

(xi) Toll fraud:

(A) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), disallow third-party billing and collect calls to Health Net lines in order to prevent toll fraud;

(B) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), disallow remote access to second (PBX) dial tone;

(C) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), disallow out-dialing to PSTN from Voice Mail ports;

(D) Toll fraud management services and report abuses to Health Net contacts; and

(E) Work with third party toll fraud service providers.

(xii) Telephone calling cards for travelers and on-call personnel:

(A) Issued as requested by Health Net designated users without any additional cost to Health Net;

(B) Cards are tied to the authorized user’s assigned name, employee number, & cost center code; and

(C) Unmarked “generic” cards for use by undercover personnel.

(xiii) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), Music on hold (MOH) capabilities:

(A) Daily verification that MOH is operational on both systems and to verify the volume is acceptable;

(B) Replace UTC PBX port/card as required;

(C) Adjust volumes as required;

(D) Seasonal channel selections;

(E) Integrated recording services solutions; and

(F) Multiple on-hold, on-queue wait time sources per site for recording services (e.g., music on hold, announcements on hold, music and custom announcements during wait times in queues, etc.).

Schedule A A - 92 Health Net / IBM Confidential

Final Execution Version

(xiv) Call recording to the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades):

(A) Integrated recording services solutions;

(B) Multiple on-hold, on-queue wait time sources per site for recording services (e.g., music on hold, announcements on hold, music and custom announcements during wait times in queues, etc.);

(C) The capability for searching for the unique call identifier (or Authorized User ID) to locate and review the actual recorded voice call;

(D) Adaptive voice telecommunications services and Equipment as required by laws affecting the support of the disabled; and

(E) Voice recognition auto attendant – Simple “yes”, “no” type of services.

5.7 Long Distance Service.

(a) Supplier shall perform the Functions necessary to provide authorized Health Net Service Recipients with intrastate, interstate, and international calling from Health Net’s business locations (the “Long Distance Services”). Long Distance Services include the planning and assessment, implementation, and ongoing management necessary to deploy Long Distance Services enterprise wide. Long distance calls are those that terminate at locations outside the caller’s local calling area to locations in the United States (domestic) and to foreign countries (international).

(b) Functional Requirements. As part of the Long Distance Services, Supplier shall provide and make available to Health the following functionality:

(i) Unlimited domestic long distance;

(ii) Ability for Health Net-approved Service Recipients to access the Long Distance Services

(iii) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), the capability to restrict access to selected NPAs and NPA-NXXs if so directed by Health Net designated users, through the carrier and secondarily through the PBX.

(iv) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), the ability to block access to “call completion” services offered in conjunction with directory assistance calls.

Schedule A A - 93 Health Net / IBM Confidential

Final Execution Version

(v) Access to long distance directory assistance services (i.e., “555-1212”) 24x7.

(vi) In accordance with LEC/Carrier contract specifications, provide LEC/Carrier operator assistance services 24x7.

(vii) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), the quality of all calls will be “toll” quality, as is currently received by Health Net.

(viii) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), provide least cost routing services; and

(ix) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades) provide alternate routing for each incoming and outgoing service.

(c) Operational Requirements. As part of the Long Distance Services, Supplier shall perform the following operational Long Distance Services to the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades):

(i) Establish a process to prevent inappropriate toll charges are billed to Health Net;

(ii) Within the capability of the Voice Network and systems, provide fraud prevention service at the desk phone, PBX level, and LD carrier level;

(iii) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), provide a mechanism for Health Net and business units to, at their option, utilize an authorization and account code system to manage telephone calls and costs, and calling card information, including the following:

(A) Assign and manage authorization codes as requested by Health Net and business units and allow a system that will allow Health Net to administer the system including making changes to the assignment, authorization codes, etc.;

(B) Administrate authorization and account codes according to Health Net information security policies, and as the policies change over time;

Schedule A A - 94 Health Net / IBM Confidential

Final Execution Version

(C) Within the security policies of Health Net, use industry-standard and Health Net approved security processes to allow designated users to:

• Inquire about forgotten authorization codes and/or account numbers;

• Reset a passwords; and

• Obtain forgotten account codes.

(D) Coordinate with the third party support centers for PBX Site Problem Detection & Monitoring.

5.8 Voice Mail Service.

(a) Supplier shall provide the Equipment and administration necessary to allow the efficient exchange of messages between two or more people by voice mailboxes enterprise wide (the “Voice Mail Services”). The Voice Mail Services consists of voice mail Equipment and features that are scalable for any size of business.

(b) Functional Requirements. As part of the Voice Mail Services, Supplier shall provide and make available to Health Net the following functionality:

(i) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), the following provides a partial list of the voice mail features that are available at existing and emerging integrated voice messaging solutions:

(A) Message notification;

(B) Automated attendant;

(C) Voice forms;

(D) Bulletin boards;

(E) Broadcast message(s);

(F) Time-of-day controls;

(G) Individual boxes per user;

(H) Remote accessibility; and

(I) Pager notification.

Schedule A A - 95 Health Net / IBM Confidential

Final Execution Version

(ii) Systems to allow voice messaging interchange between all Health Net systems; and

(iii) Voice messaging services that can be remotely accessed.

(c) Operational Requirements. As part of the Voice Mail Services, Supplier shall perform the following operational Voice Mail Services:

(i) Mailbox moves, adds and changes;

(ii) Program all mailboxes for internal and external employees;

(iii) Maintain current node addresses;

(iv) Manually perform time change;

(v) Switch power supply during time change process;

(vi) Provide daily preventative maintenance;

(vii) Provide Software support;

(viii) Program distribution lists;

(ix) Record and distribute broadcast messaging;

(x) Record and distribute bulletin messaging;

(xi) Provide current roster of users monthly to telecom personnel for a quick reference listing of programmed voice mailboxes and the users/Applications assigned to them;

(xii) Monitor and manage disk space availability;

(xiii) System error detection and resolution – levels 1, 2, & 3

(xiv) Monitor and manage availability of all voice mail agents;

(xv) Coordinate with PBX or key systems or third party vendors to verify system back-ups are accurate and complete;

(xvi) Monitor port availability and disk space;

(xvii)  Maintain disaster recovery announcement for employee and customer mailboxes;

(xviii)  Provide new hire training material;

(xix)  Update and maintain auto attendant and attendance schedule;

(xx)  Manage timely deletion of terminated employees (i.e. lockout of mailbox);

Schedule A A - 96 Health Net / IBM Confidential

Final Execution Version

(xxi)  Manage Interface with Remote sites to establish current node addresses;

(xxii)  Manage Software/hardware upgrade(s);

(xxiii)  Manage various classes of service (management class of service) by business unit and location;

(xxiv)  Ticket and vendor management;

(xxv)  Activate and confirm continued activation of authorized mailboxes;

(xxvi)  Create and design topologies to implement special Software (auto attendant, transfer mailboxes, caller’s menu, listen only); and

(xxvii)  Manage ability to change/restore password.

5.9 Online Directory Service.

(a) Supplier shall provide those Services necessary to support the retrieval, access and data compilation of user directory information in support of Health Net telephone users communication information and tools (the “Online Directory Services”).

(b) Functional Requirements. As part of the Online Directory Services, Supplier shall provide those services necessary to support the retrieval, access and data compilation of user directory information supporting the Health Net online directory service that is designed to provide real or near real time updates of Health Net personnel, FAX numbers and other information in accordance with the following:

(i) To the extent the data is available in the data repository Supplier will facilitate the compilation of such online directory including a listing of all Health Net personnel, searchable by employee names, contractor names, and on-site vendor names and their email addresses, Health Net and its Affiliates office addresses and telephone numbers, department FAX numbers, conference room telephone numbers, video rooms, and major department listing, accessible on a secure, network-accessible channel (intranet) for querying and reporting; and

(ii) Supplier shall provide compilation between the Health Net Intranet online telephone directory and the Health Net telecom system to increase efficiency of call accounting.

(c) Operational Requirements. As part of the Online Directory Services, Supplier shall perform the following operational services:

(i) Supplier shall maintain secure access to the online directory to all Health Net employees from the Health Net Intranet using standard browsers and support Software and process automation needs.

Schedule A A - 97 Health Net / IBM Confidential

Final Execution Version

(ii) Supplier shall, update the directory to reflect adds/ moves/ changes/ deletions by utilizing the LDAP connector to PeopleSoft or other connecting services as approved by Health Net; and

(iii) Perform monthly checks of the online directory for employee, contractor and vendors to confirm data integrity.

5.10 Teleconferencing Service.

(a) To the extent the collaboration tool allows, Supplier shall provide (and to the extent the collaboration tool is not capable of providing, Supplier shall coordinate with external vendors to provide) Health Net phone users with conference participation capabilities in which individuals in remote locations communicate simultaneously using telephone lines (the “Teleconferencing Service”).

(i) Teleconferencing Services shall be provided both with respect to the internal Cisco MeetingPlace platform and the external suppliers.

(ii) Teleconferencing Services also include the planning and assessment, implementation, training as described in Section 2.18 of this Schedule A (Services), and ongoing management necessary to implement an audio conferencing service. An array of features will be supported on a call-by-call basis with the delivered services. Coordination with existing vendors will be required.

(b) The Teleconferencing Service shall be available twenty four hours per day, seven days per week.

(c) Functional Requirements. Supplier provide the following Teleconferencing Services functionality:

(i) Local, intrastate, national and international voice teleconferencing;

(ii) Features that include polling and voting, faxing, recording replaying, broadcast, and attendant type services and transcription on a menu basis;

(iii) All types of audio conferencing, such as meet-me, operator-assisted, and operator-dialed;

(iv) On-demand and prescheduled teleconferences;

(v) Additional enhanced services, including:

(A) Conference operator callback; and

(B) Monitoring/recording.

(vi) Confirmation of teleconference prior to the call;

(vii) Corporate service offer call options include:

Schedule A A - 98 Health Net / IBM Confidential

Final Execution Version

(A) Reserved caller paid dial in;

(B) Reservation less caller paid dial in;

(C) Reserved 800 dial in;

(D) Reservation less 800 dial In;

(E) Reserved mixed mode or combination of caller paid dial in and 800 dial in; and

(F) Reservation less mixed mode or combination of caller paid dial in and 800 dial in.

(viii) On-demand and prescheduled teleconferences with automatic port expansion;

(ix) Reserved calls function;

(x) Reservationless calls function;

(xi) Executive/Premier services for additional charges, including:

(A) Enhanced services and features;

(B) Monitoring/recording;

(C) Transcription; and

(D) All executive calls are hosted on external conferencing provider.

(d) Operational Requirements. As part of the Teleconferencing Services, Supplier shall perform the following operational services:

(i) Manage vendor provided service; and

(ii) Assign and maintain Reservation less accounts.

5.11 Inbound Toll Free / Call Center Service.

(a) To the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), Supplier shall provide Health Net-approved Service Recipients with toll-free services that allows intrastate, interstate, and access to Health Net’s business locations (the “Inbound Toll Free / Call Center Service”). Inbound Toll-Free / Call Center Services consist of planning and assessment, implementation, and ongoing management necessary to deploy toll-free service enterprise wide.

(b) Functional Requirements.

Schedule A A - 99 Health Net / IBM Confidential

Final Execution Version

(i) Supplier shall provide technical support for dedicated digital and PRI (T-1 & T-3) and/or switched access (800 inbound, POTS, Combo, DID, DOD, etc) circuits / trunks. Supplier shall keep records on connections to all PBXs such as which trunk groups and Software support each internal customer/department.

(ii) Supplier shall create and maintain documentation to track vendor circuits, trunk groups, protocols, DNIS assignments and terminations and all other related information.

(iii) Supplier shall provide training as described in Section 2.18 of this Schedule A (Services) and other support to Health Net technical and business unit employees for toll-free routing changes that are available during emergencies and other events that require call routing changes. Toll-free routing changes can include area code based routing, intrastate, interstate, and international routings. Supplier shall track the various Software activities and provide reports.

(iv) Supplier shall also provide the following functionality requirements to the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades):

(A) Support for dedicated digital and/or traditional voice-grade communication systems.

(B) Blocking calls from selected numbering plan areas (NPAs) and NPA/NXX combinations as requested within required timeframe.

(C) Offering multiple levels of originating locations, including selected NPA-NXX combinations, only intra-state calling, and calling from all domestic locations.

(D) Advanced features for routing.

(E) Real time call reporting and historical reporting.

(F) Coordinate selective routing which can include area code based routing, intrastate, interstate, and international routing restrictions. and

(G) Work with Health Net business units to develop and implement toll-free service as required.

(c) Operational Requirements.

(i) Supplier shall coordinate with End Users to fulfill requests concerning toll-free services including new orders, cancellations, moves, adds and changes (MAC’s). Supplier shall be responsible for providing and

Schedule A A - 100 Health Net / IBM Confidential

Final Execution Version

managing toll-free numbers to be used by Health Net, which may include advanced features.

(ii) Supplier shall utilize industry standard tools, to create the call routing plans required by Health Net. The plans shall include input menus, call prompters, announcements, alternate routing paths, and load-balance routing between sites and special day (holiday) routings. Elements of these plans may be defined entirely within the carrier network, entirely within the ACD, or as a hybrid, with portions of the overall plan defined in both the carrier network and the ACD and working seamlessly together. Supplier shall submit a written service request to the carrier for all termination requirements, recorded phrases, call-origination restrictions, and other services related to routing plans.

(iii) Supplier shall create, schedule, establish and maintain carrier historical reporting for End Users departments.

(iv) Supplier shall also perform the following additional operational services:

(A) Coordinate and implement service request for inbound service with carrier;

(B) Monitor and manage toll-free numbers and related service, which may include advanced routing features;

(C) Document and make available termination points(s) within each affected Health Net site, which can include T1, inbound trunk, contact-center Equipment, voicemail, IVR, and station Equipment;

(D) Create and maintain the call routing plans required by Health Net. The plans may include input menus, call prompters, announcements, alternate routing paths, and load-balance routing between sites;

(E) Provide soft copy of all routing plans to Health Net quarterly. Major modifications shall be provided upon project implementation;

(F) Request and maintain all termination requirements, recorded phrases, call-origination restrictions, and other pertinent information necessary to create the routing plans or to modify them; and

(G) Establish and maintain real time call information and historical reporting for End Users.

5.12 Automated Call Distribution (ACD) Service.

(a) Supplier shall plan for, assess, implement, and manage voice features on telephone switches for handling large volumes of incoming calls for

Schedule A A - 101 Health Net / IBM Confidential

Final Execution Version

numerous call center and help desk requirements (the “Automated Call Distribution (ACD) Services”). Health Net answering ACD agents can use the functions of ACD with the multi line telephone sets identified in the attachments.

(b) Functional Requirements. As part of the ACD Services and to the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades), Supplier shall provide the following Automated Call Distribution Services functionality:

(i) Multiple queue assignment;

(ii) Virtual log-on;

(iii) Skill based routing;

(iv) Walk away;

(v) Performance reporting;

(vi) Configuration control;

(vii) Agent monitoring/recording;

(viii) Whisper;

(ix) Recorded announcement(s);

(x) Queue overflow;

(xi) Music on hold;

(xii) Support wired and wireless headsets, including registering IP phones with network, configuring workstations to phones; ad-hoc wireless & wired headsets;

(xiii) Ability to print to files for the reports;

(xiv) Support for the interface between the ACD and the reader-boards;

(xv) Quality monitoring functionality that provides the ability for a Supplier manager or Health Net to listen to calls (in real time or recorded), including as a means of validating the call center agents are following procedures; and

(xvi) Workforce scheduling functionality that provides the capability for call center management and control functions to better schedule the appropriate number of agents in order to meet the projected call volumes.

Schedule A A - 102 Health Net / IBM Confidential

Final Execution Version

(c) Operational Requirements. As part of the ACD Services, Supplier shall provide the following operational services:

(i) Provide ACD report interpretation and assist with report setup and generation;

(ii) Install ACD related client Software on supervisor PC;

(iii) Design queues and implement customized call flow;

(iv) Manage and maintain agent/queues, including by making changes to such queues. Supplier shall recommend to Health Net agent/queues moves, adds and changes. Supplier shall implement any such moves, adds or changes approved by Health Net.

(v) Supplier shall provide capacity management and monitoring services related to desktop access to the ACD (e.g., balancing loads across the ACD Ethernet ports);

(vi) Design all queues based on customer requirements that provide agent mobility;

(vii) Provide call flow and queue design documentation to each business unit;

(viii) Provide system administration and level-one troubleshooting;

(ix) Perform daily preventative maintenance;

(x) Deploy and manage Equipment and Software upgrades and/or feature enhancements;

(xi) Provide consultation to contact center owners in developing new or modifying existing ACD Software; and

(xii) Work in conjunction with support vendor, when necessary, to design and implement ACD Software.

5.13 Integrated Voice Response (IVR) Service.

(a) Supplier shall provide ACD trunking (talk-path and signaling channel) Services to Health Net and Health Net’s business partners.

(b) Operational Requirements. As part of the IVR Services, Supplier shall perform the following operational Services, to the extent the Voice Network is capable (either in its existing form or via configuration changes or other similar modifications other than Equipment and Software upgrades):

(i) Perform daily monitoring and maintenance function;

(ii) Monitor call volume;

Schedule A A - 103 Health Net / IBM Confidential

Final Execution Version

(iii) Monitor ACD agent ports for enabled status; and

(iv) Coordinate IVR transfer with ACD port availability.

(c) Management & Reporting Requirements. As part of the IVR Services, Supplier will collaborate all monitoring, planning, operations and support as required by Health Net with the IVR vendor, including by reviewing operational reports to confirm Service Levels are being met.

5.14 Video Conference Service.

(a) Supplier shall provide Health Net approved Service Recipients with a reservations-based service that allows multiple sites to join the same prescheduled video conference call (“Video Conference Services”). Video Conference Services shall allow people at two or more locations to see and hear each other at the same time. Calls may be scheduled up to one year in advance and video conferences may occur anytime — 24 hours a day, 7 days a week. Video Conference Services will include monitoring of all video network traffic originating from Health Net. Transmission facilities include private circuits, virtual lines, and dial-up. Supplier shall provide moves, adds, changes, installation, de-installation, and upgrades of the Equipment, (e.g., circuits, cabling) and Software. Supplier will also provide user support to interface with users making or changing video reservations, as well as providing ad-hoc training for users unfamiliar with the video conferencing system as described in Section 2.18 of this Schedule A (Services).

(b) Functional Requirements. As part of the Video Conference Services, Supplier shall provide the following functionality:

(i) Point to point and multi-point calls;

(ii) Features such as PowerPoint and laptop presentations, electronic whiteboard integration, document camera, and VCR presentations;

(iii) Teleconferencing integration;

(iv) Vendor support for bridging multi-point calls;

(v) Remote ISDN connections; and

(vi) Enterprise planning.

(c) Operational Requirements. As part of the Video Conference Services, Supplier shall perform the following operational services:

(i) Connect and maintain all point to point and multi-point video conference calls;

(ii) Provide support for laptop and VCR presentations, electronic whiteboard and document camera integration into video conference (see site inventory);

Schedule A A - 104 Health Net / IBM Confidential

Final Execution Version

(iii) Integrate teleconference requests into video conference meetings;

(iv) Monitor calls, support calls while in progress;

(v) Provide coordination of vendor bridging for all multi-point calls;

(vi) Perform all Equipment and Software upgrades;

(vii) Schedule hardware and Software upgrades;

(viii) Maintain video conference calendar and scheduling;

(ix) Video room calendar maintenance and scheduling; and

(x) Video room clock coordination.

5.15 Web Conference Services.

Web conferencing Services are those Functions associated with the provision, support and maintenance of both internal (e.g., netmeeting/live meeting service) and external web-hosted services that allow authorized users to share Applications, presentations, documents, web browsers and desktops in real-time by accessing a web browser, this allowing online meetings to held from any computer with a network connection. Supplier shall provide the web conferencing Services, which shall include the following functionality:

(a) Ability to start a meeting, invite participants, demonstrate products, and annotate documents.

(b) Ability to demonstrate presentation material, highlight and review documentation;

(c) Ability to view, annotate or edit documents in real-time and conduct spontaneous question and answer sessions. This allows real-time collaboration on presentation material and communication via the internet.

6. END USER SERVICES

(a) “End User Services” means those Functions related to the support of End User Resources. End User Services includes (i) those services, Functions and responsibilities described in this Section 6, and (ii) the O&M Services and the Enterprise Security Management Services, each as they apply to the Functions, Equipment, Software, process, or other activities described in this Section 6.

(b) “End User Resources” means End User Equipment and Software, including:

(i) Desktop Equipment, including both networked and non-networked (e.g., standalone networked machines) Equipment;

Schedule A A - 105 Health Net / IBM Confidential

Final Execution Version

(ii) PC or Macintosh systems (e.g., desktop, tower, workstation, laptop, and mobile computing devices);

(iii) Workstation monitors;

(iv) Telephones, including IP phones, wireless and wired headsets and handsets;

(v) Peripheral devices (e.g., printers scanners, media libraries);

(vi) Portable computing devices such as laptop computers, Blackberries, and Personal Digital Assistants (PDAs);

(vii) Desktop Software, including operating systems, office automation Applications, Software suites, and utilities that provide functionality to the above mentioned hardware resources; and

(viii) Network interface cards (NIC) and adapters.

(c) Notwithstanding anything to the contrary in this Section 6, with respect to Macintosh systems, Supplier shall perform the Services described in this section using reasonably best efforts.

6.2 General Obligations.

(a) Supplier is responsible for performing the general End User Services described below that are identified as Supplier’s responsibility:

Schedule A A - 106 Health Net / IBM Confidential

Final Execution Version

Table 37. End User Services Capabilities Roles and Responsibilities

End User Services Capabilities Roles and Responsibilities	Supplier	Health Net
1.      Define desktop/End User capability requirements outlined in this section.		X
2.      Define services and standards for supporting the desktop/End User capabilities.	X
3.      Participate in defining and approve services and standards for supporting the desktop/End User capabilities.		X
4.      Provide support for desktop standard configurations.	X
5.      Provide installations/removals and break-fix for all End User Resources.	X
6.      Provide personal productivity services (e.g. PDA support) and office automation services, including setup, proper use, troubleshooting & RMAs for devices.	X
7.      Provide support services for standard desktop Applications, including assisting in installation per standard configuration as well as troubleshooting.	X
8.      Where there is a network wall jack installed in reasonably close proximity, connect workstations to such network wall jack and troubleshoot any issues related to connectivity (including by identifying for Health Net any in-wall cabling issues and at Health Net’s request, coordinating the resolution of such in-wall cabling issues).	X

(b) In addition, Supplier shall perform the following activities:

(i) Desktops

(A) Image, configure and set up workstations;

(B) Remotely diagnose Equipment and Software Incidents and Problems and resolve such Incidents and Problems in accordance with Section 2.9 (Incident and Problem Management);

(C) Resolve issues connecting/printing or mapping to networked printers on PCs;

(D) Adjust and resolve issues with display properties, including screen resolution, color depth and Refresh rates; and

(E) Perform hardware upgrades.

(ii) Laptops

(A) Image, configure and set up Laptops;

(B) Assist with remote access issues related to broadband or dial-up;

(C) Assist remote access users with accessing a variety of applications at various locations in different environments;

Schedule A A - 107 Health Net / IBM Confidential

Final Execution Version

(D) Support/troubleshoot issues with locally installed applications (standard and non standard);

(E) Verify that all Equipment is functional and resolve issues in accordance with Section 2.9(Incident and Problem Management) (including issues related to modems, port replicators, PC cards etc.);

(F) Confirm enterprise-wide updates/patches are installed on laptops; and

(G) Perform hardware upgrades.

6.3 Printer Support Services.

With respect to printers, Supplier is responsible for performing the activities described below that are identified as Supplier responsibility:

	Printer Support Requirements	Supplier	Health Net
1	Printer queue creation.	X
2	Printer queue maintenance.	X
3	Install/de-install single user printer.	X
4	Install/deinstall small department printer.	X
5	Install/de-install single user multi-function device.	X
6	Install/de-install small department multi-function device.	X
7	Perform remote trouble-shooting of printer-related Incidents and Problems where possible; otherwise coordinate the dispatch of a printer maintenance technician to resolve the issue.	X
8	Printer Equipment repair.		X
9	Configure End User workstation to utilize printer.	X
10	Provide support for the installation of print drivers for End User.	X
11	Map printers for End Users.	X
13	Coordinate the installation of large, networked, multi-function device, including by notifying Health Net of installation schedules and making sure the location has proper network connectivity access.	X
14	Validate network connection available and in working order for printer installations.	X

6.4 PDA Support Services.

Schedule A A - 108 Health Net / IBM Confidential

Final Execution Version

PDA Services means those Functions associated with the installation and support of PDA devices for Service Recipients. Supplier will provide PDA Services including,

(a) Setting up a new PDA for a Service Recipient.

(b) Installing and supporting “Standard” Features (including links and applications). “Standard” features mean those features that Health Net provides as a standard package to its employees, which Health net may change from time to time.

(c) Support roll-out of Health Net developed or acquired creating custom objects, applications or links.

(d) Responding to queries on how to use the features on the device.

(e) Password resets.

(f) Set-up of a new PDA, e.g. activations.

(g) Troubleshooting of performance issues.

(h) Responding to area coverage concerns of End Users (e.g., by recommending PDA vendors based on locale of the End User).

(i) Coordinating porting or transferring of phone numbers from one device to another.

(j) Coordinating the issuance and upgrade of devices.

(k) Voice support.

(l) Training and/or use of the device.

(m) Install PDA to desktop and/or laptops; and

(n) Resolve all issues related to synchronizing PDA software.

6.5 Software Deployment and Management Services.

(a) Software deployment and management Services are those Functions associated with the provision and/or development of technical infrastructure tools and utilities that enhance Software solutions (including custom and third party solutions) operating in the End User Services environment, including:

(i) Creating and maintaining standard images for Health Net End User desktop/workstation configurations;

(ii) Creating and maintaining builds for standard Health Net distributed Applications;

(iii) Providing and administering a Software distribution facility;

Schedule A A - 109 Health Net / IBM Confidential

Final Execution Version

(iv) Recreating End User desktop/workstation environment to the applicable standard image (exclusive of End User data), including base build plus all End User specific features, functions and Applications;

(v) Creating and maintaining the presentation of desktop Application shortcuts based on a defined user group security;

(vi) Developing, implementing, and maintaining scripts to automate standard Health Net End User device processes; and

(vii) Developing, implementing, and maintaining macro programs for Health Net standard End User Applications and processes.

(b) Supplier shall perform the Software deployment and management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 38. Software Deployment/Management Roles and Responsibilities

Software Deployment/Management Roles and Responsibilities	Supplier	Health Net
1.      Develop Software deployment/management policies and procedures.	X
2.      Participate in development Software deployment/management policies and procedures.		X
3.      Review and approve Software deployment/ management policies and procedures and standard desktop images and configurations.		X
4.      Maintain and confirm compliance with agreed-upon Software deployment/management policies and procedures.	X
5.      Manage deployment efforts using formal project management tools and methodologies.	X
6.      Conduct development reviews and provide results to Health Net.	X
7.      Create standard Health Net infrastructure images specific to IT service area (e.g., desktop images for End Users).	X
8.      Provide and administer a Software distribution facility.	X
9.      Develop scripts and macro programs to automate standard Health Net processes as appropriate (e.g., upgrading desktop images).	X

6.6 Implementation and Migration.

Supplier shall perform the following implementation and migration Services:

(a) Performing installations, changes and other related activities associated with the installation of new Software components, including commercial and custom developed Applications, Software suites and utilities that impact an End User’s Equipment, peripherals or desktop Software or configurations;

(b) Performing End User Software upgrades, including as a result of new and enhanced Applications and architectures; and

Schedule A A - 110 Health Net / IBM Confidential

Final Execution Version

(c) Installing new or enhanced End User Resources attached to the LAN, including installing Software on LAN-connected PCs or Macintosh workstations; and

(d) Installing wiring and patch cords from distributed devices to a Network wall jack using patch cords per Health Net’s standards that do not cause the degradation of network performance.

6.7 Operations and Administration.

(a) Supplier shall perform the following implementation and migration Services:

(i) Operations for centralized and remote desktops/workstations, laptop computers and servers, including:

(A) Providing data storage, as well as access to data residing in a centralized repository (e.g., data located on file servers);

(B) Providing data backup and recovery capability for personal and organizational data stores located on Health Net file servers;

(C) Providing controls, access, and management services for End User Resources;

(D) Providing technical support for Service Recipients performing activities associated with the development and control of local databases used for Applications, (e.g., database development, storage and access support);

(E) Providing the common suite of centralized Health Net- desktop/workstation tools (as identified in the Procedures Manual) that will allow users to produce, communicate and function within Health Net’s systems environment. These common tools include, as of the Effective Date, a standard office automation suite, e-mail, calendaring, news service access and display, Web browser, and collaboration and document sharing, wireless access to local wireless network;

(F) Providing feedback to Health Net as to whether Health Net’s current standards, policies and procedures are effective in achieving the desired results, and proposing recommendations to enhance those standards, policies and procedures;

(G) Performing and supporting hardware and Software IMACs, re-installations, updates and downloads;

(H) Performing data or Software migration necessary due to any Equipment or Software IMACs and re-installations; and

(I) Provide tools and services to monitor and prevent receipt of e-mail spam.

Schedule A A - 111 Health Net / IBM Confidential

Final Execution Version

(ii) Administration activities, including managing user accounts, disk space quotas and access control (OS, database, Middleware, file systems, disk space, etc.).

(b) Supplier will also perform the following operations and administration Functions, other than those expressly identified as retained Health Net responsibilities:

Table 39. Operations and Administration Roles and Responsibilities

Operations and Administration Roles and Responsibilities	Supplier	Health Net
1.      Provide input processing support for activities such as loading media, receiving batch electronic file transmissions, etc.	X
2.      Provide support for local databases used for local Applications.	X
3.      Provide centralized, yet separate Internet, intranet, and extranet Web access, hosting, and server services for Web pages, Applications and electronic commerce.	X
4.      Perform LAN/wireless LAN/Domain/OS administration support activities for all listed managed servers, which includes, but is not limited to, IP addressing, file and print sharing, logon user-id and password maintenance, etc.	X
5.      Provide and utilize the tools listed in Schedule J (Software), as such tools may change and evolve in accordance with the Agreement, to monitor and prevent receipt of e-mail spam.	X
6.      Mount and remove tape volumes as needed.	X
7.      Maintain a tape library, tape management system and transport tapes to production area as needed.	X
8.      Define End User Equipment, Software and data backup/recovery requirements.		X
9.      Define End User file/database ownership and retention requirements.		X
10.    Install paper/forms for printers.		X
11.    Remove desktop/End User device print jobs and place in output bins, courier and/or mail as instructed.		X
12.    Distribute desktop/End User device print jobs to user locations.		X
13.    Define requirements for automated output distribution to End Users.		X
14.    Maintain automated output distribution tables.	X
15.    Provide desktop End User network Support for designated third parties.	X
16.    Provide desktop email support services, including creating and modifying email access.	X

6.8 Configuration Management/Change Control.

Supplier shall perform the following configuration management and change control Services:

Schedule A A - 112 Health Net / IBM Confidential

Final Execution Version

(a) Establish Change requirements, including for PC/Macintosh, workstation, operating system, Applications, user access; and

(b) Work with Health Net to establish desktop/workstation requirements and impact of Changes.

6.9 Repair Services.

Supplier is responsible for performing break/fix, repair, and/or maintenance services for Equipment and Software; provided however that (i) Health Net shall be Financially Responsible for maintaining warranty and/or maintenance coverage (e.g., through a third party maintenance contract) for Equipment for which Health Net retains Financial Responsibility; and (ii) for such Equipment, Supplier shall coordinate and manage through resolution all break/fix, repair, and/or maintenance services through the applicable Health Net warranty and/or maintenance provider. Such coordination Services include diagnosing the issue, notifying the applicable warranty or maintenance provider that repair work is required, placing and tracking orders for necessary repairs, coordinating the delivery of the broken parts to such providers (as necessary) and, receiving and installing replacement Equipment (provided however, that with respect to the repair of End User Resources at Remote Health Net Facilities, if the applicable warranty or maintenance contract does not provide for on site repair, Supplier shall be responsible for coordinating the receipt of replacement Equipment by the appropriate End User (and assist such End User remotely, if necessary, during the installation of the such replacement Equipment)), and providing updates on the status of the repairs in the Incident management system and to the applicable End Users, as necessary.

6.10 Custom Services.

Supplier will provide additional ad hoc services as necessary to support VIPs, walk-in Service Recipients and Periodic Events. Such ad hoc services can include installation/deployment, maintenance, support, break/fix, Software and other technical training as described in Section 2.18 of this Schedule A (Services), upgrades, etc.

(a) “VIP” means an End User designated as a VIP by Health Net.

(i) In addition to the standard End User Services, VIP support Services may require Supplier to dispatch technicians to the VIP’s home or other remote locations (e.g., hotel, conference center);

(ii) Supplier shall perform VIP support Services for all VIPs, regardless of their location. At the following Health Net Facilities, Supplier shall have at least one (1) deskside support Supplier Personnel who is specifically trained to and has the particular skills necessary to effectively and efficiently support VIPs and who will have primary responsibility for performing the VIP support Services for VIPs located at such Health Net Facilities: (1) Health Net Headquarters at Woodland Hills, CA, (2) Health Net’s Shelton Facility, and (3) Health Net’s Rancho Cordova Facility.

Schedule A A - 113 Health Net / IBM Confidential

Final Execution Version

(iii) VIP support shall be performed using expedited escalation procedures and Problems and Incidents involving a VIP will be treated as a Priority 1 Problem or Incident as set forth in Exhibit B-3.

(b) “Periodic Events” means a Health Net event that requires teleconferencing support, network or internet only access or other support related to the Services. Such Periodic Events may occur on average twice per month over a rolling twelve month period. Examples of Periodic Events include town hall meetings, board meetings, annual/quarterly VIP events, visits from non-Health Net Auditors.

(i) With respect to visits from non-Health Net auditors, Supplier will be responsible for provisioning internet only for such auditors. Such requests occur once or twice a month, and such visits may last several months in duration.

(ii) With respect to other general meetings and events, Supplier shall perform the following:

(A) Verify that meeting/event locations are properly equipped based on the requirements for each meeting event;

(B) Test and verify functionality of Equipment and “Internet-only” network connectivity sufficiently in advance of the meeting/event to allow a reasonable amount of time for rescheduling such meeting/event; and

(C) Provide instruction to Health Net on the use of such Equipment sufficiently in advance of the meeting/event.

7. HELP DESK SERVICES

(a) “Help Desk Services” means those Functions related to the receipt, tracking, response and resolution of Service Requests, Incidents, Problems or other inquiries submitted to the help desk, including (i) Service Requests, Incidents, Problems or other inquiries made by Service Recipients or other third party vendors providing services for Health Net, and (ii) Service Requests, Incidents, Problems or other inquiries about any aspect of Health Net’s IT Infrastructure (e.g., operating systems, packaged Software or other Software, network connectivity (voice and data), PC/Macintosh supplier, data center operations, and End User Resources, or any other services described in this Schedule A (Services). Help Desk Services includes (i) those Functions described in this Section 7, and (ii) the O&M Services and the Enterprise Security Management Services, as each may apply to the Functions, Equipment, Software, process, or other activities described in this Section 7.

7.2 General Obligations.

(a) Supplier will provide the following general Help Desk Services:

Schedule A A - 114 Health Net / IBM Confidential

Final Execution Version

(i) Provisioning a Single-Point-of-Contact (“SPOC”) for the logging, tracking, reporting and resolution of IT Problems for Health Net End Users and end-to-end ownership of all requests for service, including those that may need to be referred/escalated to more specialized entities for resolution (whether that entity is Health Net, a vendor or a designated third party). Supplier shall comply with Health Net’s “Point of Contact Information Guide” as referenced in Schedule O (Health Net Policies and Procedures), which reflects a process in support of maintaining open lines of communication between Supplier and Health Net business departments until an outage is resolved.

(ii) Managing and supporting the root cause analysis process described in Section 2.9, above; and

(iii) Supplier shall provide the Help Desk Services in English.

(b) Supplier shall make the ticketing system available to Health Net and other Health Net service providers for Health Net tickets for Problem resolution purposes.

7.3 Planning & Analysis.

Supplier will perform the following planning and analysis Functions, other than those expressly identified as retained Health Net responsibilities:

Table 40. Planning and Analysis Roles and Responsibilities

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
1.       Perform operational planning for help desk capacity and performance purposes and provide to Health Net for review.	X
2.       Identify and recommend help desk solution that best meets Health Net business needs and expense/service–level expectations.	X
3.       Develop Problem escalation and Health Net reporting standards and policies based on industry best practices.	X
4.       Review and approve Problem escalation and Health Net reporting standards and policies.		X
5.       Recommend standards and designs.	X
6.       Approve standards and designs.		X
7.       Provide procedures and templates for new systems implementations.	X
8.       Complete procedures for new systems implementations.	X
9.       Provide timings and requirements for new system implementations.	X
10.     Review and approve timings and requirements for new system implementations.		X
11.     Implement new systems.	X
12.     Perform help desk capacity monitoring and planning.	X

Schedule A A - 115 Health Net / IBM Confidential

Final Execution Version

Planning and Analysis Roles and Responsibilities	Supplier	Health Net
13.    Design help desk layout.	X
14.    Install/test/maintain help desk facilities.	X

7.4 Operations & Administration.

(a) Supplier shall provide a SPOC for all Service Requests pertaining to, but not necessarily limited to, the following:

(i) Problem tracking and first-level resolution for all trouble calls, including those related to desktop, Local-Area Network (LAN), data center, Wide-Area Network (WAN), Software and phone switch availability requests.

(ii) Facilities-related issues.

(iii) IMACs, including all IMACs for distributed computing, network LAN and WAN, voice and data center environments.

(iv) “How-to” and Level 2 assistance for Health Net-defined commercial and proprietary Software included in Health Net’s standard distributed computing platform images (intermediate to expert user population).

(v) Features, Functions and usage of shrink-wrapped Software. Examples of shrink-wrapped Software include office suites, Web browsers, and anti-Virus Software.

(vi) Employee user account administration, activation, changes and terminations in accordance with Health Net’s security policy, including:

(A) Password/account setup and reset (various Health Net system platforms);

(B) Remote access connectivity (for example, Virtual Private Network [VPN]);

(C) E-mail accounts;

(D) User IDs;

(E) Password resets;

(F) Voicemail administration;

(G) Telephone lines;

(H) PC/Macintosh; and

(I) Desktop/workstations.

Schedule A A - 116 Health Net / IBM Confidential

Final Execution Version

(vii) User account administration, including password resets.

(b) Supplier shall provide two 800 Numbers, one for the Health Net Federal Services and the other for rest of Health Net. Such 800 Numbers cannot change during the Term.

HNFS Associates: 800.788.9593

All other Associates use 877.589.4357 (HELP). Supplier shall also:

(i) Provide end to end ownership for:

(A) Problem identification, escalation, resolution and closure; and

(B) User change activity, including coordination with facilities, security and telecommunications units.

(ii) Record a random sampling of at least ten percent (10%) of all telephone calls to the help desk.

(iii) Execute all duties in accordance with Health Net’s security policies.

(c) Supplier will also perform those Functions identified in the table below as Supplier responsibility.

Table 41. Help Desk Administration Roles and Responsibilities

Help Desk Administration Roles and Responsibilities	Supplier	Health Net
1.       Staff and maintain a SPOC help desk for all Health Net End User requests for assistance for all in-scope areas.	X
2.       Provide SPOC call-in access via a toll-free number for all in-scope locations and business regions.	X
3.       Receive, track and answer Health Net employees and Health Nets calls.	X
4.       Provide help desk coverage 7 days/week, 24 hours/day, 365 days/year.	X
5.       Provide additional resources as needed during planned critical events.	X
6.       Track/manage/report help desk utilization.	X
7.       Track and report the number of abandoned calls and implement process to minimize call abandonment.	X
8.       Provide escalation contact list(s).		X
9.       Maintain escalation contact list(s).	X
10.     Select and implement Software (e.g., Problem management tool) and Equipment (e.g. IVR) needed to collect, track and manage requests, inquiries, Incidents and Problems for service received by the help desk.	X
11.     Maintain a continuous improvement program that improves help desk services.	X

7.5 Service Request and Trouble Ticket Management.

Schedule A A - 117 Health Net / IBM Confidential

Final Execution Version

(a) Service request and trouble ticket management are those Functions associated with tracking and managing to resolution all inquires, requests, Incidents and Problems, including escalation to second-level specialists (e.g., Supplier resources, Health Net resources, or other third parties) through a well-defined process; and

(b) Supplier will also perform the following service request and trouble ticket management Functions, other than those expressly identified as retained Health Net responsibilities:

Table 42. Service Request and Trouble Ticket Management Roles and Responsibilities

Service Request and Trouble Ticket Management Roles and Responsibilities	Supplier	Health Net
1.       Identify and describe priorities, response and resolution targets for service calls and requests of differing impacts.		X
2.       Develop procedures to receive and respond to Health Net calls for service according to defined prioritization and resolution targets. Respond to requests based on priority and impact (and not based on the method used to notify the help desk of such request (e.g., telephone, email, direct input to service request system by End Users, etc.)).	X
3.       Enter all inquires, requests, Incidents and Problems into trouble ticketing system and categorize, and capture all relevant information in a consistent format.	X
4.       Review and approve procedures to receive and respond to Health Net calls.		X
5.       Develop procedures for the escalation of Problems which cannot be resolved without service dispatch.	X
6.       Review and approve procedures for the escalation of Problems.		X
7.       Restore and/or resolve inquiry/Problem within prescribed time limits, if possible, otherwise escalate to appropriate Level 2 or Level 3 resource.	X
8.       Identify Problem characteristics and, where possible, root cause.	X
9.       Monitor and respond to service request submitted via person-to-person, e-mail, voice mail or Web access.	X
10.     Provide first point of contact for all service requests and Problem notifications.	X
11.     Categorize, prioritize and log all IT inquiries/Problems/requests entry into trouble ticket system.	X
12.     Determine Problem resolution requirements.	X
13.     Provide resolution within prescribed time limits for inquiries/Problems which do not require service dispatch.	X
14.     Escalate Problem for field service dispatch or assign to other technical support personnel as needed.	X
15.     Notify Health Net and vendor management as required.	X
16.     Issue broadcast messages regarding system status.	X

Schedule A A - 118 Health Net / IBM Confidential

Final Execution Version

Service Request and Trouble Ticket Management Roles and Responsibilities	Supplier	Health Net
17.     Approve methodology for issuing broadcast messages regarding system status.		X
18.     Design and implement self-help features that enable End Users to perform preliminary Problem diagnosis and troubleshooting.	X
19.     Review and approve self-help process.		X
20.     Monitor Problems until Problem resolution.	X
21.     Monitor and track in the ticket management system all trouble tickets to closure, including by routing trouble tickets as necessary to appropriate resolver groups; notify End Users of the status of all trouble tickets.	X
22.     Review recurring Incidents and Problems which meet defined criteria using root cause analysis processes described in Section 2.9.	X
23.     Review knowledge base for ticket resolution system on a periodic basis.		X
24.     Work internally and with other Supplier’s operational and technical staffs, and Health Net, to identify solutions that minimize the need to call the help desk.	X
25.     Approve solutions that minimize the need to call the help desk.		X

7.6 Remote Desktop Management.

(a) Remote desktop management Services are those Functions associated with the management of desktop devices and Software over the network, including maintaining and troubleshooting the desktop, workstation and laptop operating system and supported desktop/workstation/laptop Software from remote location or mobile users to minimize the need to dispatch technical personnel. Examples of Problems that are expected to be resolved using remote desktop management Services include performing logical configurations changes, and updating files such as drivers with more recent releases. Supplier shall also assist in enabling the enforcement of compliance to standards and the appropriate optimization at the desktop. This must be performed in accordance with Health Net’s security policies.

(b) Supplier shall perform the remote desktop management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 43. Remote Desktop Management Roles and Responsibilities

Remote Desktop Management Roles and Responsibilities	Supplier	Health Net
1.       Recommend and develop policies for the use of remote control tools for maintenance and troubleshooting for network, data, voice/telecom issues.	X
2.       Review and approve policies for the use of remote control tools for maintenance and troubleshooting.		X

Schedule A A - 119 Health Net / IBM Confidential

Final Execution Version

Remote Desktop Management Roles and Responsibilities	Supplier	Health Net
3.       Recommend and develop plans and procedures for the use of remote control tools in accordance with defined policies.	X
4.       Review and approve plans and procedures for the use of remote control tools in accordance with defined policies.		X
5.       Utilize remote controls in accordance with Health Net’s security policies to diagnose and troubleshoot desktop device Problems from remote locations.	X
6.       Utilize remote controls in accordance with Health Net’s security policies to manage and update desktop Systems Software, and to maintain inventory information.	X
7.       Utilize remote control tools in accordance with Health Net’s security policies to manage and enforce compliance with standards.	X
8.       Diagnose the Problem and when possible implement corrective actions to resolve the Problem. If resolution is not possible dispatch to the correct support organization.	X
9.       Manage Incidents and Problems through to resolution.	X
10.     Document desktop system configuration, network configuration, and inventory of Software to be supported.	X

7.7 User Administration.

User administration Services are those Functions related to managing and maintaining user accounts. Supplier shall perform the user administration Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 44. User Administration Services Roles and Responsibilities

User Administration Services Roles and Responsibilities	Supplier	Health Net
1.       Receive and track requests for user account activation, changes and terminations.	X
2.       Create, change and delete user accounts in accordance with Health Net’s security policies.	X
3.       Conduct account auditing, periodic review of access privileges in accordance with Health Net policy.	X
4.       Reset passwords as required in accordance with Health Net’s security policies.	X
5.       Review and approve all self-help and other capabilities with security implications.		X

Schedule A A - 120 Health Net / IBM Confidential

Final Execution Version

7.8 Installs, Moves, Adds, Changes (IMACs).

Manage all the requests for modification to the Health Net environment. Install, Move, add, and change (IMAC) requests to be routed to the help desk where the support team gathers the business requirements, provides authorization, logs the request, and facilitates fulfillment. All authorized IMAC requests are passed automatically to the support team depending upon the location and the product or service being requested.

7.9 Self Help.

Self help Services means those Functions associated with the implementation, maintenance, modification, and support of self service and other tools that enable End Users to perform preliminary Problem diagnosis and troubleshooting, submit various service requests (e.g., password resets) and minimize the need to call the help desk (collectively, “Self Help Tools”). Self help Services include the provision of out-of-prime time voice messaging with guaranteed callback response, ability to enter trouble ticket, online guide for reference on self-help (technical support, FAQs) & training as described in Section 2.18 of this Schedule A (Services), and online support for PDAs (e.g., service offerings, how to use). Supplier shall perform the self help Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 45. Self Help Services Roles and Responsibilities

Self Help Roles and Responsibilities	Supplier	Health Net
1.       Implement and maintain the Self Help Tools listed designated as such in Schedule J, as such tools may change and evolve over the Term in accordance with the Agreement. Recommend to Health Net additional Self Help Tools that may promote greater use of self help resources.	X
2.       Measure usefulness of the Self Help Tools and continually improve Self Help Tools to maximize tool value.	X
3.       Review and approve improvements to the Self Help Tools.		X
4.       Conduct Periodic reviews of the effectiveness of Self Help Tools’ capabilities and usage.		X

7.10 Meetings and Conferences.

Supplier shall perform the following services with respect to the support of Health Net meetings and video and audio conferences (either video or telephone):

(a) Setting up conference calls to go with the VTC meeting;

(b) Reviewing the conference room schedules daily to find scheduled video conference room meetings and then linking meetings as appropriate;

(c) Assisting customers with scheduling videoconference rooms;

(d) Assisting customers with using the Equipment and with Problems during the videoconference meeting; and

Schedule A A - 121 Health Net / IBM Confidential

Final Execution Version

(e) Prearranging for desktop support to either check out the Equipment or to attend the meetings.

7.11 Monitoring and Reporting Services.

Supplier shall perform the following monitoring and reporting Functions:

(a) Notify Health Net and vendor management; and

(b) Issue broadcast messages regarding system status as needed.

7.12 Exception Requests.

(a) The exception request process is used by employees to fulfill requests for products or services that are outside of standard Health Net policies, such as more memory for their PC/Macintosh or international calling access on their phone line.

(b) Supplier will develop, implement, and maintain an exception process and perform the Functions required to collect the request, analyze, recommend, and process the request to fulfillment or denial and advise the originator of the status. Upon approval, Supplier will take the necessary action to implement the request.

(c) Supplier shall also perform those exception request processing Functions that are identified as Supplier responsibilities in the roles and responsibilities table below.

Table 46. Exceptions Requests

Exceptions Requests Roles and Responsibilities	Supplier	Health Net
1.       Develop and document exception request procedures in accordance with Health Net’s current process.	X
2.       Review and approve Supplier’s exception process.		X
3.       Document exception requests in trouble ticket system.	X
4.       Provide status to requestor at approval step.	X
5.       Follow procedures defined in IMAC process to implement request.	X
6.       Provide weekly status of exception requests to Health Net.	X

8. ENTERPRISE SECURITY MANAGEMENT SERVICES

“Enterprise Security Management Services” means all life cycle Functions associated with the provision of security Services to Health Net, including those Functions described in this Section 8, as such security Services relate to the O&M Services, the Data Center Services, the Data Network Services, the Voice Network Services, the End User Services, the Help Desk Services, and any other Services the Parties may add to the scope of the Agreement.

Schedule A A - 122 Health Net / IBM Confidential

Final Execution Version

8.1 Introduction.

(a) Within the first ninety (90) days after the Effective Date, Supplier and Health Net shall review Health Net’s existing security controls and based upon this joint review, Supplier will develop a detailed draft of the security controls document (the “Information Security Controls (ISeC) Document”) that at a minimum reflects Health Net’s existing security controls, incorporates the requirements identified in this Section 8, and meets Health Net’s security policies and procedures (as referenced in Schedule O, as such policies and procedures may be modified from time to time in accordance with Section 5.4(c)of the General Terms and Conditions. Supplier shall provide Health Net for Health Net’s review, comment and approval, the ISeC Document. Supplier shall work with Health Net to incorporate any comments or suggestions by Health Net into the ISeC Document. Unless the Parties agree otherwise, in the event of a conflict between the ISeC Document and this Section 8, this Section 8 should apply and nothing in the ISeC Document should be interpreted to modify Supplier’s obligations for security Services as described in this Section 8.

(b) During Transition, Supplier shall implement the security solution, controls and processes described in the final ISeC Document approved by Health Net or as otherwise needed to meet the requirements set forth in this Section 8.

8.2 Security Compliance and Regulatory.

(a) Security Policy Management.

(i) Supplier will:

(A) With Health Net’s assistance, gather information to document the security controls Health Net has in place as of the Effective Date to establish Health Net’s IT security baseline and to define the technical specifications for the systems managed by Supplier;

(B) Perform a gap analysis between the security controls Health Net has in place as of the Effective Date and the (ISeC);

(C) Provide an initial threat identification summary based on the gap analysis and update the threat identification summary on an annual basis thereafter. Such summary will contain:

• identified threats organized by the ISO 27002 clauses, and

• suggested remediation actions for each identified threat;

(D) Define and document the privileged User IDs in the platform specific technical specifications set forth in the Information Security Controls Document; and

Schedule A A - 123 Health Net / IBM Confidential

Final Execution Version

(E) On a periodic basis (at least annually), review the Information Security Controls Document with Health Net and update, as appropriate.

(ii) Health Net will:

(A) Assist Supplier in documenting the security controls Health Net has in place as of the Effective Date;

(B) Provide contact information and security policies, and any updates thereto;

(C) Assist Supplier in developing the Information Security Controls Document, as described in Section 8.2(a)(i)(A) - Section 8.2(d)(i)(C), above;

(D) Review the threat identification summary; and

(E) On a periodic basis (at least annually), review the Information Security Controls Document with Supplier and provide recommended updates, as appropriate.

(iii) Supplier shall also perform those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Security Roles and Responsibilities	Supplier	Health Net
1.      Define security requirements and policies.		X
2.      Propose security standards, and procedures based on industry security best practices and that comply with Health Net policies and procedures.	X
3.      Review and approve security standards and procedures.		X
4.      Implement security plans consistent with Health Net security policies.	X
5.      Review and approve security plans.		X
6.      Comply with Health Net processes and procedures for adding, changing, enabling/disabling and deleting Log-on/security-level access of Health Net employees, agents and Subcontractors.	X
7.      Perform log-on/security-level access changes as detailed in processes and procedures.	X
8.      Maintain logical security of all Equipment and Software.	X
9.      Establish firewall/Intrusion Detection requirements.		X
10.    Install, configure, operate and maintain the security-related Equipment and Software used as part of the Security Solution or otherwise used by Supplier to comply with Health Net’s security requirements, including all firewall/intrusion detection Equipment.	X

Schedule A A - 124 Health Net / IBM Confidential

Final Execution Version

Security Roles and Responsibilities	Supplier	Health Net
11.    Address security violations that originate outside of the hosted network(s) (including by establishing workarounds to avoid the impacts of the security violation). Specific examples include DOS attacks, spoofing, Web exploits.	X
12.    Demonstrate to Health Net the ability to remain up to date with current security trends, threats, and common exploits, by actively participating in industry standard security forums and users groups.	X

(iv) Supplier shall comply with (i) the security requirements set forth in Exhibit A-6, as such requirements relate to the provision of the Services for the Health Net Federal Services business unit and; (ii) all Health Net policies and procedures related to security that are disclosed to Supplier, including those set forth in Schedule O.

(b) Security Compliance Support. Supplier will:

(i) Perform periodic security reviews to validate compliance (for example, validating access authorization per Health Net’s instruction, the correct use of logical control features); and

(ii) Identify and manage security risks and exposures within Supplier’s control as part of the Services.

(c) Security Audit Management.

(i) Supplier will:

(A) Without limiting Supplier’s obligations set forth in Section 18 of the General Terms and Conditions, provide a security audit subject matter expert (in addition to the Supplier Personnel performing the day-to-day Services) to assist Supplier Personnel in performing Supplier’s security audit obligations, up to 1620 hours;

(B) Facilitate security audits and reviews;

(C) Perform non-compliance support audit activities for Supplier internal audits, external client reviews and third party reviews; and

(D) Coordinate issues resolution identified during the security audit process and provide recommendations for resolution.

(ii) Health Net will:

(A) Provide a Health Net point of contact for escalation of issues related to security audits;

(B) During the Transition Period, perform a review of each Transitioned Employee’s system access authorizations to confirm the need for the same access requirements following the Effective Date and advise Supplier of any required changes; and

Schedule A A - 125 Health Net / IBM Confidential

Final Execution Version

(C) Subject to the confidentiality obligations that Health Net may have with its auditors, provide Supplier with Health Net’s security audit history.

(iii) Supplier shall also perform those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Security Audit Services Roles and Responsibilities	Supplier	Health Net
1.      Establish security audit policies.		X
2.      Provide technical expertise for security audits.	X
3.      Perform periodic security audits in accordance with Health Net policies and Service Levels.	X
4.      Provide periodic reports listing audit results and recommend corrective action for failed audit components.	X
5.      Review periodic audit reports and approve corrective action.		X

(d) Regulatory Program Management.

(i) Supplier will:

(A) Assist Health Net in the development of testing criteria for Health Net-identified regulatory controls and Health Net-identified industry standard controls (e.g., PCI) and implement, as appropriate;

(B) Utilize Supplier processes, tools, and infrastructure, as appropriate, and maintain supporting Documentation in support of Health Net-identified regulatory controls and Health Net-identified industry standard controls (e.g., PCI); and

(C) In accordance with the Health Net-identified regulatory controls, manage regulatory training for Supplier and maintain supporting Documentation.

(ii) Health Net will:

(A) Provide Health Net-identified regulatory controls and industry standard controls (e.g., PCI); and

(B) Develop, with Supplier’s assistance, testing criteria for Health Net-identified regulatory controls and Health Net-identified industry standard controls (e.g., PCI).

(e) Security Management.

(i) Supplier will:

(A) Provide a single Supplier point of contact with responsibility for day-to-day security management;

Schedule A A - 126 Health Net / IBM Confidential

Final Execution Version

(B) Perform risk and issue management, including:

• establishing procedures for logging, alarming and reporting of security violations and issues;

• managing to resolution security risks identified as a result of reviews and audits, changes in Supplier or Health Net environment, changes in operating practices, processes or technology; and

• notifying relevant parties of the risks, their potential impact and actions to mitigate the impact.

(C) Provide monthly security report.

(ii) Health Net will:

(A) Provide a Health Net point of contact for escalation of issues related to the security Services;

(B) Communicate the security procedures to End Users (for example, login procedures, password requirements, use of anti virus programs, data and equipment security procedures); and

(C) Notify Supplier of changes Health Net plans to make to its security policies and standards before implementation.

8.3 Infrastructure Protection.

(a) Emergency Response Services.

(i) Security emergency response Services are those Functions associated with the tracking and review of security Incidents and Problems, including notifying Health Net of such Incidents and Problems, and to manage containment, eradication and recovery of all security Incidents and Problems. Security Incidents and Problems include any real or suspected adverse event in relation to the security of Health Net systems or computer networks, network or host activity that is reasonably suspected as threatening the security of Health Net systems, a violation of a Health Net security policy, attempts (either failed or successful) to gain unauthorized access to a system or its data, malicious connectivity disruption or denial of service, unauthorized use of a system for the processing or storage of data, or changes to system hardware, firmware, or Software characteristics without the owner’s knowledge, instruction, or consent. Supplier’s responsibilities in this regard include:

(A) Review all security alerts to determine whether the alert represents a “false positive” or indicates a possible Incident or Problem to be investigated and resolved.

Schedule A A - 127 Health Net / IBM Confidential

Final Execution Version

(B) Establish a single collection point (i.e. web portal) that allows Health Net to review (i) all automated alerts received from a security services device (e.g., from: NIDS, HIDS, penetration testing) and (ii) Supplier’s investigation results and Supplier’s determination of whether the alert represents a “false positive” or possible Incident or Problem to be investigated and resolved.

(C) Identification and removal of Viruses/worms, malicious code and spyware from infected Health Net systems as required by Section 19.9 of the Agreement.

(D) Categorization of all suspected security Incidents or Problems based on their Priority (as defined in Exhibit B-3). Supplier shall notify Health Net of all Priority 1 and Priority 2 security Incidents and all other security Incidents that have the potential to materially impact Health Net in accordance with the Service Levels. On a monthly basis, Supplier will provide Health Net with a report of all confirmed security Incidents, including those categorized as Low –Priority 3.

(E) Utilization of emergency response plans to help minimize the effect of future attacks; and

(F) Provision of advice and guidance on such topics as Internet security incident assessment, preparedness, management, and response.

(ii) Health Net will:

(A) Formally declare a security incident;

(B) Determine if a security incident is a commercial privacy breach and implement emergency response plan, as appropriate; and

(C) Escalate declared security incident within the Health Net organization, as appropriate.

(iii) Supplier shall also perform those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Incident Management Services Roles and Responsibilities	Supplier	Health Net
11.    Identify and provide countermeasures for Virus / worm malicious code and spyware attacks.	X
12.    Establish security Incident response policies.		X
13.    Provide Incident response services for security Incidents in accordance with Health Net’s policies and the Service Levels.	X
14.    Define security Incident reporting requirements.		X
15.    Provide security Incident reporting.	X

Schedule A A - 128 Health Net / IBM Confidential

Final Execution Version

Incident Management Services Roles and Responsibilities	Supplier	Health Net
16.    Provide all communications to Health Net business units, business partners, vendors, law enforcement, media or other external parties.		X
17.    Report security violations to Health Net. Supplier has the responsibility for isolating violations to a specific Software or access point. Supplier is also responsible for tracking violations to a specific MAC address, port address, and UserID where possible.	X
18.    Resolve security violations.	X
19.    Define and implement corrective safeguards to eliminate or prevent future security Incidents.	X
20.    Review, approve and monitor corrective safeguard implementations.		X

(iv) Without limiting Supplier’s obligations set forth elsewhere in this Schedule A or in Schedule B (Service Levels), Supplier shall first prioritize containment of the Incident or Problem (including by taking steps necessary to minimize the security threat (e.g., immediately disconnecting the resources from the network, resolving user access, implementing software, defining access controls lists, or other appropriate means)) and then work to eradicate and/or resolve the Incident or Problem.

(b) X-Force Threat Analysis Services.

(i) Supplier will:

(A) Manage daily security threats through comprehensive evaluation of global online threat conditions and detailed analyses tailored for Health Net;

(B) Provide daily summaries of current and forecast assessments for active vulnerabilities, Viruses, worms and threats, including links to recommended fixes and security advice;

(C) Provide customized and configurable notifications and current alert status; and

(D) Provide alert trending and attack metrics.

(ii) Health Net will:

(A) Provide a list of End User e-mail addresses to be monitored and any updates as they occur; and

(B) Maintain a list of End User notification preferences.

(c) Managed Intrusion Detection and Prevention Services.

(i) Security intrusion detection and prevention Services are the Functions associated with the provision, support, modification and maintenance of tools that provide the ability to capture and analyze all network traffic (including LAN, wireless networks)

Schedule A A - 129 Health Net / IBM Confidential

Final Execution Version

that passes its sensors looking for current attack signatures (e.g., NIDS (Network-based Intrusion Detection Service)) and identify changes to selected files (e.g., HIDS (Host-based Intrusion Detection Service)), including all Functions related to level-one level-two and level-three support for NIDS and HIDS.

(ii) As of the Effective Date, NIDS is deployed in the production environment. Supplier shall expand this service to include monitoring of all Intranet networks. Supplier shall also implement HIDS to cover one hundred thirteen (113) servers designated by Health Net. As of the Effective Date, the servers designated by Health Net are as follows:

(A) Ten (10) UNIX web servers;

(B) Fifteen (15) UNIX database servers;

(C) Nineteen (19) Windows web servers;

(D) Thirty (30) Windows database servers;

(E) Thirty-four (34) Windows domain controller servers; and

(F) Five (5) Windows application servers.

(iii) Security intrusion detection Services include:

(A) Supplier shall provide 24x7 monitoring, enabling review of alerts in real-time. The reviews will be performed in accordance with the specified Service Levels depending upon the Priority. Health Net’s information security and/or the business unit involved must be notified.

(B) Supplier shall implement a process to notify Health Net’s information security in accordance with the Service Levels regardless of the day-of-week or time-of-day for the most serious alerts [NIDS and HIDS]. Examples include, but are not limited to [NIDS] “successful user privilege gain”, [NIDS] “successful administrator privilege gain”, and [HIDS] key binary file changes.

(iv) Supplier will:

(A) Monitor, manage, configure and support network intrusion detection and intrusion prevention sensors;

(B) Actively or passively monitor network traffic and block known malicious activity in accordance with the security policy configuration;

Schedule A A - 130 Health Net / IBM Confidential

Final Execution Version

(C) Escalate security events and incidents via e-mail or the web portal, as appropriate;

(D) Report findings following each escalation;

(E) Provide high level and in-depth reporting via the web portal on the security of Health Net’s networks;

(F) Perform security policy configuration changes needed to resolve network connectivity issues and critical attacks; and.

(G) Be responsible for resolving and remediating security events.

(v) Supplier shall also perform those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Security Intrusion Detection Services Roles and Responsibilities	Supplier	Health Net
1.      Develop policies and standards for intrusion detection for all Health Net Data Networks; provided that as of the Effective Date Health Net does not require wireless network intrusion detection, but does require Supplier to perform wireless network detection activities (including periodic network sniffer tests) to identify, investigate and resolve unauthorized wireless networks, including LAN, wireless networks.	X
2.      Implement intrusion detection agents and capabilities.	X
3.      Develop and define management reporting on intrusion detection Incidents.	X
4.      Review and approve policies and management reporting for intrusion detection.		X

(d) Managed Protection Services.

(i) Network. Supplier will:

(A) Monitor and support the networks using specific Supplier Internet Security Systems (ISS) products (i.e., firewall, VPN, intrusion protection sensors, content filtering, anti-spam, anti-virus) to assist in protecting from Internet threats;

(B) Monitor, manage and configure network intrusion prevention sensors;

(C) Escalate security events via e-mail or the web portal, as appropriate;

(D) Implement virtual patches which provides active blocking capabilities so Health Net is secure until patching of network devices;

(E) Provide incident report following each escalation; and

Schedule A A - 131 Health Net / IBM Confidential

Final Execution Version

(F) Provide high level and in-depth reporting via the web portal on the security of Health Net’s networks.

(ii) Server. Supplier will:

(A) Monitor, manage and configure Supplier ISS protection agents;

(B) Provide server based protection securing the underlying operating system by preventing attackers from exploiting the operating system and application level vulnerabilities;

(C) Monitor all traffic to and from the servers:

• to detect and prevent inbound and outbound attacks; and

• block new and unknown attacks such as Trojans, brute force attacks, unauthorized access and worms.

(D) Escalate security events via e-mail or the web portal, as appropriate;

(E) Implement virtual patches which provides active blocking capabilities so Health Net is secure until patching of servers;

(F) Be responsible for resolving and remediating security events;

(G) Be responsible for managing and supporting monitored servers;

(H) Provide incident report following each escalation; and

(I) Provide high level and in-depth reporting via the web portal on the security of Health Net’s servers.

(e) Security Event and Log Management Services.

(i) Supplier will:

(A) Collect security or log data in a text based format;

(B) Archive, analyze, correlate and trend events and logs, while managing response and remediation workflow;

(C) Provide security events and log data online for one year; and

(D) Analyze security events from select intrusion detection and intrusion prevention devices and provide alerts via the web portal.

(ii) Supplier shall also perform those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Schedule A A - 132 Health Net / IBM Confidential

Final Execution Version

Security Event & Logging Services Roles and Responsibilities	Supplier	Health Net
1.      Maintain and secure the Health Net central repository for Application specific, network specific, and system specific log files.	X
2.      Establish security logging policies.		X
3.      Maintain logs files in accordance with Health Net policies and Service Levels.	X
4.      Provide routine log analysis in accordance with Health Net policies and Service Levels.	X
5.      Escalate suspicious log records for investigation as a security Incident.	X

(f) URL Filtering.

(i) Supplier will:

(A) With Health Net’s assistance, develop, implement and maintain the URL filtering policy, including violation reporting procedures;

(B) Install, test, configure and maintain URL filtering environment;

(C) In accordance with the URL filtering policy, control End User access to web sites (i.e., allow or block access based on person(s), groups, time of day, IP addresses, bandwidth or time allotment);

(D) Notify Health Net, in accordance with the established procedures, of URL filtering violations; and

(E) Provide monthly URL monitoring reports and, upon request by Health Net, individual usage reports.

(ii) Health Net will:

(A) Provide Health Net’s business guidelines for End User Internet access and any updates as they occur; and

(B) Assist Supplier in developing and implementing the URL filtering policy, including violation reporting procedures.

(g) E-mail Security.

(i) Supplier will:

(A) For anti-spam:

• with Health Net’s assistance, develop, implement and maintain the e-mail security policy, including violation reporting procedures;

• scan Health Net’s inbound e-mail for spam & quarantine;

Schedule A A - 133 Health Net / IBM Confidential

Final Execution Version

• provide the capability to create filters to prevent spam and allow e-mail (i.e., black list, white list);

• Make recommendations to Health Net for anti-spam black list and white list; and

• using Health Net approved black list and white list, identify spam and take action in accordance with the e-mail security policy (i.e., tag, redirect, delete).

(B) For porn filtering:

• with Health Net’s assistance, develop, implement and maintain the e-mail security policy, including violation reporting procedures;

• scan Health Net’s inbound and outbound e-mail to detect potentially suspected pornographic images;

• implement sensitivity settings and routing options in accordance with the e-mail security policy (for example, e-mail containing suspect images can be logged only, tagged, sent or copied to a designated system administrator or deleted).

(C) for e-mail antivirus:

• with Health Net’s assistance, develop, implement and maintain the e-mail security policy, including violation reporting procedures;

• scan Health Net’s Internet level e-mail to detect viruses (i.e., known and unknown);

• notify appropriate contact (for example, e-mail sender, intended recipient, e-mail administrator), in accordance with the established procedures, if an e-mail or attachment contains a virus;

• handle infected e-mail in accordance with the established procedures; and

• notify Health Net of any virus infected e-mail that Supplier was unable to intercept.

(ii) Health Net will:

(A) Approve anti-spam black list and white list;

(B) Provide Health Net’s business guidelines for End User e-mail security and any updates as they occur; and

Schedule A A - 134 Health Net / IBM Confidential

Final Execution Version

(C) Assist Supplier in developing and implementing the e-mail security policy, including violation reporting procedures.

8.4 System Currency.

(a) System Security Checking. Supplier will:

(i) Install, test and maintain security policy verification Software;

(ii) Perform system security checks of managed mainframes, mid-range servers, network devices, and system tools to validate compliance with the technical specifications documented in the Information Security Controls Document every six (6) months. System security checks will be performed on a random sample of systems, with a minimum of 10% of systems sampled. Checks will verify that:

(A) Anti-Virus Software is functional and operating on supported servers;

(B) Technical controls to enforce operating system password policy are in place; and

(C) Logs of privileged access and log-on/log-off activities are being captured as defined in the Information Security Controls document technical specifications.

(iii) Document identified issues and take corrective action on the findings, as appropriate.

(b) Security Advisory and Integrity.

(i) Supplier will for operating systems, Software tools, and network infrastructure systems and devices managed by Supplier:

(A) Monitor security patches;

(B) Notify Health Net within three (3) Business Days of implementation of Supplier-rated high severity security patches;

(C) Install Health Net-approved Supplier rated high security patches within the following security change window parameters:

• minimum of eight (8) hours for each scheduled security change window;

• Twenty-four (24) security change windows are required per one thousand (1000) servers and an additional security change window for each range of one (1) to forty-two (42) servers thereafter.

Schedule A A - 135 Health Net / IBM Confidential

Final Execution Version

• Implement patches in accordance with Health Net’s change management policies and procedures and in a manner as may be requested by Health Net, including to minimize disruption to the business or prioritize the implementation of patches on high-risk Servers, as defined by Health Net.

(ii) Health Net will approve security patches for installation at least one (1) Business Day before scheduled implementation date.

(c) Malware Defense Management.

(i) Supplier will:

(A) Install, test and maintain anti-malware software on supported servers and supported desktops;

(B) Push anti-malware definitions, vendor product updates, and policy and configuration updates to supported servers and supported desktops, as appropriate;

(C) If malware is detected, take corrective action in accordance with the Information Security Controls Document (i.e., prevent, detect and remove malware infections and respond to malware security incidents);

(D) Notify Health Net, in accordance with the established procedures, if malware is detected on a supported server or supported desktop;

(E) Perform Virus definition, pattern file updates and policy configuration; and

(F) Provide monthly malware defense management reports.

(ii) Health Net will provide Health Net’s security policy and any updates as they occur.

(d) Vulnerability Management Services.

(i) Supplier will:

(A) Maintain a list of Health Net IP addresses to scan;

(B) Identify vulnerabilities within the network perimeter using Supplier policies;

(C) Perform historical trending of vulnerability data;

(D) Be responsible for resolving application related issues discovered during a vulnerability scan;

Schedule A A - 136 Health Net / IBM Confidential

Final Execution Version

(E) Provide vulnerability scanning reports which include:

• scan results reflecting identified vulnerabilities for corrective action to be taken, as appropriate; and

• summary reports and trend analysis provided via the web portal.

(ii) Health Net will approve Supplier recommendations for the scanning profile containing the following:

(A) System and network devices to be scanned;

(B) Frequency of scanning;

(C) Type of scan;

(D) Vulnerabilities that are not security policy violations; and

(E) Time frames when scans will be executed.

(iii) Supplier shall also perform those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Security Vulnerability Services Roles and Responsibilities	Supplier	Health Net
1.      Establish Health Net security risk policies.		X
2.      Conduct scheduled vulnerability scans of Health Net IT environment.	X
3.      Support Health Net in Health Net scheduled vulnerability scans for specific systems subject to government and federal requirements.	X
4.      Determine the security risk of new projects.	X
5.      Provide reporting on security vulnerability services.	X
6.      Review and approve security reporting.		X

(e) Supplier Penetration Testing.

(i) Supplier will:

(A) Develop, maintain and implement the applicable processes and procedures for penetration testing;

(B) Perform penetration testing to determine the current level of vulnerabilities within Health Net’s network environment;

(C) Evaluate Health Net’s existing network security architecture, policies and procedures;

(D) Provide Health Net a penetration testing report detailing identified exposures, system rating, risk assessment, and remediation plan;

Schedule A A - 137 Health Net / IBM Confidential

Final Execution Version

(E) Review findings with Health Net to mitigate identified risks and to improve overall security posture; and

(F) Implement risk mitigation solutions (i) as necessary in order to remain in compliance with Health Net security requirements and policies and (ii) otherwise as requested by Health Net in accordance with the Change Control Process.

(ii) Health Net will:

(A) Identify the system and network devices to be assessed; and

(B) Attend review meeting with Supplier to develop a detailed strategic plan to mitigate identified risks and to improve overall security posture.

(iii) Supplier shall also perform those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Security Penetration Services Roles and Responsibilities	Supplier	Health Net
1.      Propose policies for security penetration testing.	X
2.      Review and approve policies for security penetration testing.		X
3.      Conduct security penetration testing on Health Net systems.	X
4.      Provide reporting on security penetration testing results.	X
5.      Develop recommendations for improved security.	X
6.      Review and approve recommendations for improved security.		X
7.      Provide penetration security reporting.	X

(f) Health Net Penetration Testing.

(i) Health Net may, from time to time and with thirty (30) days prior written notice to Supplier (or such other notice period as may be mutually agreed by the Parties), perform penetration tests on (1) systems hosting Health Net owned URLs and IP addresses or (2) systems dedicated to providing the Services, provided that Health Net will:

(A) Consult with Supplier to develop a testing plan,

(B) Provide Supplier with a copy of the penetration testing report detailing identified exposures, system rating, risk assessment, and remediation plan; provided however, that Health Net may choose not to disclose information related to equipment or software not in scope under this Agreement (e.g., deficiencies in applications software for which Supplier does not have responsibility under this Agreement), and

Schedule A A - 138 Health Net / IBM Confidential

Final Execution Version

(C) Review findings with Supplier to mitigate identified risks and to improve overall security posture.

(ii) Supplier will

(A) Upon request by Health Net, assist in the performance of the penetration testing;

(B) Attend review meeting with Health Net to develop a detailed strategic plan to mitigate identified risks and to improve overall security posture, and

(C) Implement risk mitigation solutions (i) as necessary in order to remain in compliance with Health Net security requirements and policies and (ii) otherwise as requested by Health Net in accordance with the Change Control Process.

(iii) Supplier shall be relieved from paying Service Level Credits for Critical Service Level Failures that occur solely as a result of Health Net exercising its right to perform penetration testing pursuant to this Section 8.4(f) (i.e., but for Health Net exercising its right under this Section such Critical Service Level Failure would not have occurred); provided that Supplier has fulfilled the obligations set forth in Section 8.3 of the General Terms and Conditions.

8.5 Identity and Access.

(a) Management of Privileged User IDs and Supplier User IDs.

(i) For the operating systems, software tools and network infrastructure systems and devices under Supplier management, Supplier will:

(A) With Health Net’s assistance, perform a baseline inventory of access IDs;

(B) perform the following provisioning and compliance activities:

• provision and manage user IDs for Supplier personnel;

• perform quarterly employment verification for Supplier personnel and remove Supplier user IDs, as appropriate;

• administer passwords for Supplier user IDs and privileged user IDs;

• provision and manage the Supplier and Health Net privileged user IDs as defined in the platform specific technical specifications set forth in the Information Security Controls Document;

Schedule A A - 139 Health Net / IBM Confidential

Final Execution Version

• revalidate Suppliers privileged authorizations and continued business need annually and remove user IDs, as appropriate; and

• provide Health Net a list of Health Net privileged user IDs for revalidation and remove privileged user IDs, as directed by Health Net.

(C) Maintain audit records for privileged user ID approvals, verifications and revalidations and retain such records for two (2) years;

(D) Provide for Health Net’s review and approval, as appropriate, non-expiring passwords and policy exception requests; and

(E) Capture system security logs of privileged access and log-on/log-off activities as defined in the Information Security Controls Document and retain log records for one (1) year.

(ii) Health Net will:

(A) During Transition, provide Supplier with access to the necessary files and systems in order for Supplier to perform a baseline inventory of access IDs for the systems for which Supplier has security responsibility;

(B) Authorize User IDs and passwords for Health Net personnel for the operating systems, software tools and network infrastructure systems and devices under Supplier management;

(C) Revalidate Health Net privileged user IDs; and

(D) Approve non-expiring passwords and policy exception requests, as appropriate.

(b) Password Management for Health Net User IDs.

(i) Supplier will:

(A) Perform password resets for user IDs using Health Net provided and maintained employee authentication data; and

(B) Investigate Health Net user ID password issues, as identified by Health Net.

(ii) Health Net will:

(A) Provide and maintain employee authentication data in PeopleSoft for Health Net user IDs; and

Schedule A A - 140 Health Net / IBM Confidential

Final Execution Version

(B) Establish the criteria for resetting passwords and disclosing such passwords to authorized personnel.

(c) Health Net User ID Lifecycle Administration.

(i) For the operating systems, software tools and network infrastructure systems and devices under Supplier management, Supplier will:

(A) Provision and manage Health Net-identified user IDs for Health Net personnel; and

(B) Investigate Health Net user ID security issues, as identified by Health Net.

(ii) Health Net will:

(A) During Transition identify Health Net user IDs; and

(B) Provide approved provisioning requests for user IDs for Health Net personnel.

(d) Health Net User ID Administration Compliance Support.

(i) For Health Net End User user IDs for Equipment and Software, Supplier will:

(A) Perform annual employment verification for Health Net employees.

(B) Provide Health Net a listing of their user IDs to allow Revalidation per the ISeC ;

(C) Perform annual revalidation of Supplier privileges and access to shared user IDs and remove such privileges and access, as appropriate;

(D) Maintain audit records for user ID and privileged user ID approvals, verifications and revalidations and retain such records for two (2) years; and

(E) Provide for Health Net’s review and approval, as appropriate, non-expiring passwords and policy exception requests.

(ii) Health Net will:

(A) Revalidate Health Net user IDs, privileges and access to shared user IDs and direct Supplier to remove user IDs, as appropriate; and

(B) Approve non-expiring passwords and policy exception requests, as appropriate.

Schedule A A - 141 Health Net / IBM Confidential

Final Execution Version

(e) Physical Security and Access Management.

(i) Supplier will provide the following physical security controls at Supplier Facilities:

(A) Define controlled areas, perform a physical security assessment and document any identified control and audit issues;

(B) Identify ownership of control and audit issues and manage closure of Supplier-owned issues;

(C) Perform initial access baseline review and execute formal revalidation for new protected and restricted areas;

(D) Develop and implement the access authorization processes;

(E) Manage the implementation of the physical security environment for the controlled areas;

(F) Perform maintenance, testing and daily operations of the physical security environment; and

(G) Manage permanent and temporary access authorization devices.

(ii) In addition, Supplier will perform those physical security Services in Exhibit A-13 (Facilities Services Matrix) except for those Services expressly identified as Health Net responsibility.

8.6 Security Firewall Management Services.

(a) Security firewall management Services are those Functions related to the protection of Health Net’s networks, including by providing the following types of capabilities: firewall engineering and management, access control list engineering and management, security monitoring, compliance with Health Net’s policies and standards, helpdesk support (levels 1-3), and backup/restore services. As part of the Security firewall management Services:

(i) All testing will be done in a simulated test environment, isolated from Health Net’s entire network environment.

(ii) All technology selections must be reviewed and approved by Health Net prior to use in production environments. All firewall changes must be documented for auditability.

(iii) The firewall Services will provide the necessary security to create specific zones, limiting access to specific IP/port combinations and in certain zones down to the VLAN level using VACLs. Non-approved traffic will be dropped and logged, unless a logging exception is granted.

Schedule A A - 142 Health Net / IBM Confidential

Final Execution Version

(A) Maintain all WAPs in accordance with Health Net’s WAP security policy.

(B) The firewall Services will only permit the necessary services into or through the production network, furnishing “Internet-Only” wireless access to guests and contractors at in-scope locations. The firewalls will have to enforce non-Health Net network access after authentication is performed.

(iv) Monthly reports on availability, number of requests, and rule/object counts are made available to management. Quarterly reports on firewall interface availability are sent to the network design team.

(v) Any critical patches will be scheduled for immediate application, in accordance with Health Net’s standard Change Control Process. Beyond that, Supplier shall perform reviews of the firewall Software, appliance operating systems, and other supporting Software quarterly to determine if any patches are required to the environment.

(b) Supplier shall perform the Security firewall management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 47. Security Firewall Services Roles and Responsibilities

Security Firewall Services Roles and Responsibilities	Supplier	Health Net
8.      Recommend and procure firewall Equipment.	X
9.      Approve firewall Equipment procurement.		X
10.    Configure firewall Equipment.	X
11.    Perform firewall engineering and firewall security and rules design.	X
12.    Approve firewall engineering and security design.		X
13.    Implement, test and deploy firewalls.	X
14.    Assess firewall security and propose alternative security designs.	X
15.    Review and approve firewall security designs.		X
16.    Perform and report on firewall security risk assessments.	X
17.    Review and approve firewall risk assessments.		X
18.    Establish firewall policies.		X
19.    Provide services in conformance to firewall policies.	X
20.    Maintain access control lists (ACL) in accordance with Health Net policies.	X
21.    Review and approve firewall ACL policies.		X

8.7 Security Engineering Services.

(a) Security engineering Services are those Functions associated with supporting information infrastructure protection and analysis and security risk

Schedule A A - 143 Health Net / IBM Confidential

Final Execution Version

management, including through the use of technologies such as penetration testing/vulnerability assessment tools, network monitoring, and intrusion detection systems. Supplier’s responsibilities in this regard include:

(i) Participating in meetings, presentations and discussions on designs and reviews of Applications regarding security (COTS Software, internal written applications, web-based Applications, etc.).

(ii) Supplier will purchase new authentication certificates, on behalf of Health Net, for any existing certificates expiring as of Effective Date or any new certificates required from Effective Date onwards. Supplier will also implement the certificates on the server, and track them for timely renewal.

(iii) Support of third-party external assessments, such as those done for Internet-facing Applications.

(iv) Participate with business and Application teams to understand the functionality of the Application, data classification and requirements, connectivity requirements (i.e. Extranet vs. Internet), the customer base, any client connectivity requirements, logging and auditing functions, all Software required for the Application, and all communications required with other systems (internal or external).

(v) Conduct internal security review prior to Application deployment or modification.

(vi) Participate in testing and implementation of host security.

(vii) Consult with teams to develop standards, using tools to assess the level of host security on particular systems, and support in making configuration changes as necessary.

(viii) Consult with other IT teams to develop and implement a standard architecture for access control points, such as firewalls and ACLs.

(ix) Develop and document security practices, requirements and exceptions.

(x) Respond to ad-hoc requests, such as firewall changes and/or ideas for new products/Software.

(xi) Support of firewall admin team in reviewing firewall rules, ACL entries, etc. to verify that access control points follow Health Net standards and practices.

(xii) Performing exception handling, which includes documenting and understanding the exception request, identifying the impact of the exception, doing the risk analysis of the exception and working

Schedule A A - 144 Health Net / IBM Confidential

Final Execution Version

with security management and the business owner to understand and either accept the risk or do what is required to mitigate the risk.

(xiii) Perform weekly review of current firewall rules/ACLs. Conduct quarterly firewall architecture assessments and security reviews and gap analyses of firewall/routable devices.

(xiv) Manage Incident responses – security engineering must be available 24X7 for any issues that require security Incident response support.

(xv) Participate in Problem and Incident management resolution meetings (including “SWAT” team calls), as needed based on the scope of the Problem or Incident; provide additional ad hoc production support and technical advising to Health Net and other third parties as necessary.

(xvi) Conduct reviews of all designs, requirement, standards, practices, and other security-related decisions to confirm that the Security engineering Services meet Health Net requirements and policies.

(b) Supplier shall perform the security engineering Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 48. Security Engineering Roles and Responsibilities

Security Engineering Services Roles and Responsibilities	Supplier	Health Net
1.      Provide security engineering services.	X
2.      Consult with other IT teams to recommend, implement and maintain Health Net’s standard architecture for access control points, such as firewalls and ACLs.	X
3.      Participate in product evaluations to evaluate the security stance of the product (i.e. portal).	X
4.      Produce logical network data flow diagrams for each product evaluated.		X
5.      Support Health Net security requirements regarding firewall rules, ACL entries, etc. to verify access control points follow Health Net standards and practices.	X
6.      Review and approve firewall rules, ACL entries, etc. to verify access control points follow Health Net standards and practices.		X
7.      Participate in internal security reviews with appropriate security and engineering teams to review the specific design and Application requirements for each project to verify all existing Health Net security practices and requirements are met.	X
8.      Support Health Net in internal security reviews to verify all existing Health Net security practices and requirements as specified in the Agreement are met for systems subject to federal, government requirements.	X

Schedule A A - 145 Health Net / IBM Confidential

Final Execution Version

Security Engineering Services Roles and Responsibilities	Supplier	Health Net
9.      Attend meetings as necessary, including but not limited to status meetings, requirements gathering, designs reviews, and implementation planning.	X
10.    Resolve security threats such as newly discovered vulnerabilities, Viruses, etc.	X
11.    Provide senior level engineering technology support for security technologies or other tools, and assist in root cause analysis.	X
12.    Interfacing with vendors and/or customers as needed by the business units in support of specific requests/Incidents/Problems. Troubleshooting issues or evaluating new connectivity/products/etc.	X
13.    Participating with team members and technical groups in process improvements, project/initiative task handoffs between the various teams or project prioritization/coordination.	X
14.    Participating in operational readiness testing efforts. This requirement varies by project.	X
15.    Review firewall architecture and rules	X
16.    Provide firewall assessment.	X
17.    Review security rules for all routable devices.	X
18.    Security policy review and gap analysis.	X
19.    Provide recommendations for improved security policies and architecture.	X
20.    Participate and approve security architecture review.		X
21.    Review and approve recommendations for improved security.		X

8.8 Additional Security Terms.

(a) General. Health Net acknowledges that, for purposes of performing the Services associated with the security standards herein and subject to the terms of this Agreement, Supplier is authorized to access to Health Net’s networks and computer systems.

(b) Permission to Perform Testing.

(i) Without limiting Supplier’s obligations to meet the Service Levels or other performance requirements set forth in this Agreement, the Parties acknowledge and agree to the following with respect to Supplier’s performance of vulnerability scans and vulnerability assessments:

(A) Health Net authorizes Supplier to perform a security review of Health Net’s selected IP addresses. Supplier shall not perform scans of IP addresses owned by third parties;

(B) Additional log messages may be generated in connection with performance of such reviews resulting in additional log file disk space consumption;

Schedule A A - 146 Health Net / IBM Confidential

Final Execution Version

(C) The performance and throughput of Health Net’s system(s) as well as the performance and throughput of associated routers and firewalls may be temporarily degraded;

(D) As required to perform the Services described in this Section 8.8(b), physical access is authorized on Health Net’s premises during the attempts to penetrate the selected sites;

(E) Some data may be changed temporarily as a result of probing vulnerabilities. Supplier shall make sure that such data is changed back to its original form at the end of testing;

(F) With prior approval from Health Net, Supplier may disclose this grant of authority to a Subcontractor; and

(G) The scan may trigger alarms by intrusion detection systems.

(ii) Notwithstanding the foregoing, Supplier agrees that it will perform vulnerability scans and vulnerability assessments in a manner that is consistent with industry standards and the practices of well-managed companies that perform services similar to the Services.

(iii) Prior to disclosing the results of any vulnerability scans or penetration tests to a third party, Health Net shall (i) provide Supplier with reasonable notice of such disclosure, and (ii) for vulnerability scans and penetration tests performed on networks and systems that are not dedicated to providing the Services, receive approval from Supplier (not to be unreasonably withheld) prior to making such disclosure.

Schedule A A - 147 Health Net / IBM Confidential

Final Execution Version

SCHEDULE B

SERVICE LEVELS

Schedule B B - 1 Health Net IBM / Confidential

Final Execution Version

SCHEDULE B

SERVICE LEVELS

1.	INTRODUCTION	3
2.	DEFINITIONS	3
2.1	CERTAIN DEFINITIONS	3
2.2	OTHER TERMS	4
3.	MEASUREMENT, REPORTING AND SUPPORTING INFORMATION	4
3.1	MEASUREMENT	4
3.2	MEASUREMENT TOOLS	4
3.3	REPORTS AND SUPPORTING INFORMATION	5
4.	SERVICE LEVEL METHODOLOGY	6
4.1	GENERAL	6
4.2	SERVICE LEVEL CODES	6
4.3	FAILURE TO PERFORM	7
4.4	SERVICE LEVEL CREDITS	8
5.	MODIFICATIONS AND IMPROVEMENTS TO SERVICE LEVELS	9
5.1	DELETIONS OF SERVICE LEVELS	9
5.2	ADDITIONS OF SERVICE LEVELS	9
5.3	DESIGNATION OF CRITICAL SERVICE LEVELS AND WEIGHTING FACTORS	10
5.4	CONTINUOUS IMPROVEMENT	11
5.5	ANNUAL MEETING TO ADJUST SERVICE LEVELS	11
EXHIBIT B-1: SERVICE LEVELS		B-1
EXHIBIT B-2: FORMULA DEFINITIONS		B-2
EXHIBIT B-3: REMEDY INCIDENT AND PROBLEM PRIORITY DEFINITIONS		B-3
EXHIBIT B-4: SCHEDULED MAINTENANCE		B-4
EXHIBIT B-5: SERVICE REQUEST EXAMPLES		B-5

Schedule B B - 2 Health Net IBM / Confidential

Final Execution Version

1. INTRODUCTION.

This Schedule B sets forth the Service Levels that Supplier is required to meet or exceed in performing certain of the Services during the Term. This Schedule also describes (a) the methodology for calculating Service Level Credits that will be provided to Health Net by Supplier if Supplier fails to meet a Critical Service Level, and (b) the process the Parties will follow to add, modify or delete Service Levels during the Term.

2. DEFINITIONS.

2.1 Certain Definitions.

(a) “Amount at Risk” means an amount equal to *** of the aggregate monthly charges payable by Health Net under this Agreement (excluding Managed As Pass-Through Expenses and Pure Pass-Through Expenses and Transformation Charges).

(b) “Business Day(s)” mean Monday through Friday (except holidays on which the offices of Health Net, as applicable, are not open for regular business). Where this Schedule B provides for the addition or subtraction of a Business Day, the result will mean the same time of day as the time of an event on the original Business Day (i.e., a Problem that starts at 3:00 p.m. local time on Monday is resolved by the following Business Day if such Problem is resolved by 3:00 p.m. local time on Tuesday, provided that both Monday and Tuesday are Business Days).

(c) “Business Hours” means Monday through Friday from 08:00 to 17:00, local time, during a Business Day.

(d) “Critical Service Level or CSL” means those Service Levels that are assigned a Weighting Factor, and for which a Service Level Credit is payable in the event of a Critical Service Level Failure, and are designated by Health Net in accordance with Section 5.3 this Schedule B.

(e) “Critical Service Level Failure” means, with regard to any Critical Service Level, Supplier’s failure to perform at a level that meets the corresponding Critical Service Level during any particular Measurement Period.

(f) “Measurement Period” means, for any Service Level, the period of time during which Supplier’s actual performance of the relevant Services is to be measured against the corresponding Service Level. The Measurement Period for each Service Level is set forth on Exhibit B-1.

(g) “Pool Percentage Available for Allocation” means *** percentage points.

(h) “Scheduled Maintenance” means the aggregate amount of time during Maintenance Windows during which Equipment, Software, Services, or data are scheduled to not be available for use.

Schedule B B - 3 Health Net IBM / Confidential

Final Execution Version

(i) “Service Levels” has the meaning given in Section 6 of the General Terms and Conditions.

(j) “Service Level Credit” has the meaning provided in Section 4.3(b) of this Schedule B.

(k) “Service Level Failure” means, with regard to any Service Level, a failure by Supplier to either (i) perform at the level that meets the corresponding Service Level during any particular Measurement Period, or (ii) to (A) properly monitor or measure any Service Level, or (B) report on the performance for any Service Level in accordance with Section 3.3 below.

(l) “Weighting Factor” means the portion of the Pool Percentage Available for Allocation that Health Net has allocated with respect to a Critical Service Level. The Weighting Factor for each of the Critical Service Levels as of the Effective Date are set forth in Exhibit B-1, and shall be subject to modification pursuant to Section 5 of this Schedule B.

2.2 Other Terms.

Other terms used in this Schedule B (or any Exhibit or Attachment to this Schedule B) are either defined in the context in which they are used or are defined elsewhere in this Agreement, and in each case shall have the meanings there indicated.

3. MEASUREMENT, REPORTING AND SUPPORTING INFORMATION.

3.1 Measurement.

(a) Except as otherwise expressly provided for a particular Service Level in Exhibit B-1, the Measurement Period for each Service Level shall be each calendar month during the Term.

(b) Except as otherwise expressly indicated in this Schedule B, all references to time of day in this Schedule B shall refer to Pacific Time (“PT”), and any reference to “hour” or “hours” shall mean clock hours.

3.2 Measurement Tools.

(a) Subject to Health Net’s prior written approval, provided that such approval not be unreasonably withheld, Supplier shall develop and implement measurement tools and processes required to measure each Service Level in an automated fashion, where such automation is feasible, such that Supplier’s actual performance with respect to the Service Level shall be determined using system generated data.

(b) Supplier shall measure its performance with respect to each Service Level using tools, processes and methodologies identified for such Service Level in Exhibit B-1 or as otherwise agreed to by the Parties or as specified pursuant to Sections 3.2(d), 5.2(b)(i), and 5.2(c) of this Schedule B.

Schedule B B - 4 Health Net IBM / Confidential

Final Execution Version

(c) Supplier shall provide and utilize (and have operational, administrative and Financial Responsibility for) the necessary measurement and monitoring tools and procedures required to measure and report Supplier’s performance of the Services against the applicable Service Levels set forth in this Agreement as of the Effective Date, and thereafter in accordance with Section 5.2 of this Schedule B. Such measurement and monitoring shall permit reporting at a level of detail sufficient to verify compliance with the Service Levels, and will be subject to verification and review by Health Net. Supplier shall provide Health Net with information and access to such tools and procedures upon request, for purposes of verification.

(d) If, after the Effective Date, Supplier desires to use a different measurement tool, process or methodology for any Service Level, Supplier shall provide written notice to Health Net proposing:

(i) the alternative measurement tool, process or methodology; and

(ii) any reasonable adjustments to the Service Levels that are necessary to account for any increased or decreased sensitivity that will likely result from use of the alternative measurement tool, process or methodology.

Supplier may utilize such alternative measurement tool, process or methodology only to the extent such tool, and any associated Service Level adjustments, are approved in writing by Health Net.

3.3 Reports and Supporting Information.

(a) Supplier shall deliver the Monthly Performance Report to Health Net in accordance with Section 17.3(b) of the General Terms and Conditions.

(b) Upon Health Net’s request, Supplier shall provide to Health Net detailed supporting information (including raw performance data) relating to Supplier’s performance relative to the Service Levels. Such information shall at a minimum include all information that is necessary for Health Net to verify the accuracy of Service Level measurements and reporting, and other supporting information as reasonably requested by Health Net to the extent it is available to Supplier.

(c) Supplier shall make the reporting and supporting information described in this Section 3.3, available to Health Net both (i) in machine-readable form suitable for use on a personal computer; and (ii) via a secure website; provided, however, that if requested by Health Net, Supplier shall also provide to Health Net “real time” electronic access to performance data (i.e., access to performance data that reflects performance at the then-present time), to the extent that the agreed-upon measurement tools used to measure performance are capable of providing such access. To the extent that such tools are not capable of providing Health Net with such “real time” access, Supplier shall promptly provide access to timely data upon Health Net’s reasonable request.

Schedule B B - 5 Health Net IBM / Confidential

Final Execution Version

4. SERVICE LEVEL METHODOLOGY.

4.1 General.

(a) Upon Health Net’s reasonable request, Supplier shall provide, and Health Net will have access to, Service Level information as reasonably requested by Health Net to verify the accuracy of Service Level measurements and methodology described in this Section 4. Service Levels constitute one means, but not the exclusive means, of measuring Supplier’s performance of its commitment under Section 5.4 of the General Terms and Conditions.

(b) If a Service Level includes multiple conditions or components (e.g., components (a), (b) and(c)), then Supplier’s performance must satisfy each and every condition or component (i.e., components (a), (b) and (c)) to achieve the corresponding Service Level.

(c) If any event during the Term requires Supplier to provide any portion of the Services from a Supplier business continuity recovery environment (“Recovery Environment”) then once the Services have been restored as required by the RTO timeframes set forth in Section 2.23 of Schedule A, the Service Levels shall continue to apply.

4.2 Service Level Codes.

For each of the Service Levels set forth in Exhibit B-1, a corresponding code has been designated in the “Code” column of the applicable table, as follows:

(a) Code “A”: For each Service Level metric for which “A” is designated as the applicable code, Supplier shall meet or exceed the corresponding Service Level and pay applicable Critical Service Level Credits for any Service Level Failures as soon as Affected Employees are transitioned to Supplier, but in no event later than *** days after the Effective Date (“Code A”).

(b) Code “B”: For each Service Level metric for which “B” is designated as the applicable code, Supplier shall begin to meet the corresponding Service Level and pay applicable Critical Service Level Credits for any Service Level Failures as of the date provided in Exhibit B-1 in the column entitled “Service Level Commencement Date.” (“Code B”)

(c) Code “C”: For each Service Level metric for which “C” is designated as the applicable code, Supplier shall begin to measure the corresponding Service Level as Affected Employees are transitioned to Supplier, but in no event later than *** days after the Effective Date and the following shall apply (“Code C”):

(i) The “Baselining Period” for such metric shall mean the six (6) month period following Suppliers commencement of measurement as required by Section 4.4(c).

(ii) Immediately following the Baselining Period and not later than the eighth (8^th) month after the Effective Date, a Service Level will be

Schedule B B - 6 Health Net IBM / Confidential

Final Execution Version

established, which will be no less than *** of the arithmetic mean of the baselined data collected during the Baselining Period, provided that if there is a significant deviation and the Parties mutually agree, the Parties may agree to establish a different Service Level metric or disregard the deviant measure(s) and continue to baseline for an additional period to be mutually agreed upon; provided further that if the baselined data demonstrates performance that is unsatisfactory to Health Net, Supplier will develop a plan to improve performance and the Parties will meet to establish a mutually agreeable Service Level. Supplier shall use all Commercially Reasonable Efforts to achieve the highest possible Service Levels during the Baselining Period.

(iii) Immediately following the Baselining Period and not later than the eighth (8^th) month after the Effective Date, Supplier shall meet or exceed the established Critical Service Level and pay applicable Service Level Credits for any Service Level Failures associated with such Critical Service Levels.

4.3 Failure to Perform.

(a) For each Service Level Failure, Supplier shall (i) investigate, assemble and preserve pertinent information with respect to, and report on the causes of, the problem, including performing a root cause analysis of the problem; (ii) advise Health Net, as and to the extent requested by Health Net, of the status of remedial efforts being undertaken with respect to such problem; (iii) minimize the impact of and correct the problem and begin meeting the Service Level; and (iv) take appropriate preventive measures and use Commercially Reasonable Efforts to prevent reoccurrence of such problem in a timely matter and in no event longer than thirty (30) days after the occurrence of such event.

(b) Supplier recognizes that a Critical Service Level Failure may have a material adverse impact on the business and operations of Health Net and that the damage from such Critical Service Level Failure is not susceptible to precise determination. Accordingly, in the event of a Critical Service Level Failure for reasons other than (i) the wrongful actions of Health Net, Health Net’s Affiliates or Health Net’s third party contractors (other than Supplier or Supplier’s subcontractors), provided that Supplier has fulfilled the obligations set forth in Section 8.3 of the General Terms and Conditions; or (ii) a Force Majeure Event under Section 24.3 of the General Terms and Conditions, provided that Supplier has fulfilled the obligations set forth in Section 24.3(b) of the General Terms and Conditions, then in addition to any non-monetary remedies available to Health Net under this Agreement, at law or in equity, Health Net may elect in lieu of pursuing other monetary remedies to recover as its sole and exclusive monetary remedy for such Critical Service Level Failure a credit calculated pursuant to Section 4.4 of this Schedule B as liquidated damages (each such credit, a “Service Level Credit”). Health Net may, in the alternative, either before or after receiving any particular Service Level Credit, make a claim for damages against Supplier arising out of Supplier’s failure to meet the applicable Critical Service Level; provided, however, that if Health Net had previously received any Service Level Credits as a result of such failure, then the amount of damages then recoverable by Health Net shall equal (A) the total amount of damages then recoverable under this Agreement and

Schedule B B - 7 Health Net IBM / Confidential

Final Execution Version

incurred by Health Net with respect to such failure, without consideration of whether any Service Level Credits related to such failure had been provided to Health Net; less (B) any Service Level Credits previously provided to Health Net with respect to such failure. This Section 4.3(b) shall not limit Health Net’s rights with respect to the events upon which Health Net may rely as a basis for Health Net’s termination of this Agreement for cause.

4.4 Service Level Credits.

(a) Calculation. For each Critical Service Level Failure, the applicable Service Level Credit referenced in Section 4.3(b) above shall be calculated in accordance with the following formula:

Service Level Credit = A x B

Where:

A = the applicable Weighting Factor; multiplied by

B = the Amount at Risk for such calendar month.

For Example; assume:

For example, assume that Supplier’s Charges for the month were $100,000. Additionally, assume the applicable Weighting Factor allocated by Health Net to such Service Level is *** percentage points. The Service Level Credit due to Health Net for such Critical Service Level Failure would be computed as follows:

A = ***%; multiplied by

B = ***(which is ***%) of $100,000),

= ***(the amount of the Service Level Credit).

(b) Notification. For each Critical Service Level Failure, Supplier shall report such failure to Health Net pursuant to Section 17.3(b) of the General Terms and Conditions and Section 3.3 of this Schedule B. Such report will, at a minimum, (i) identify and describe as a “Critical Service Level Failure” such Critical Service Level Failure, and (ii) calculate the amount of the corresponding Service Level Credit, calculated pursuant to Section 4.4(a) of this Schedule B, that Health Net may elect pursuant to Section 4.3(b) of this Schedule B.

(c) Limitations.

(i) In no event shall the sum of the Weighting Factors for all Critical Service Levels exceed the Pool Percentage Available for Allocation.

(ii) In no event shall the Weighting Factor percentage points for an individual Service Level be less than *** or exceed *** percentage points of the Pool Percentage Available for Allocation.

Schedule B B - 8 Health Net IBM / Confidential

Final Execution Version

(iii) Not withstanding Section 4.4(c)(ii) above, in no event shall the following Critical Service Levels receive a Weighting Factor in excess of *** percentage points of the Pool Percentage Available for Allocation;

(A) Critical Service Level 1: Annual Customer Satisfaction Survey;

(B) Critical Service Level 2: End User Services, and

(C) Critical Service Level 3: Help Desk Satisfaction Surveys.

(iv) In no event shall the total amount of Service Level Credits payable by Supplier for Critical Service Level Failures occurring during a calendar month exceed the Amount at Risk for such calendar month.

(v) If a single incident results in the failure of Supplier to meet more than one Critical Service Level, Health Net shall have the right to determine which Critical Service Level and resulting Service Level Credit will apply (for example, if a system for which there is a System Availability Critical Service Level is unavailable and an application operating on the affected system is also unavailable as a result and for which there is an Application Availability Critical Service Level, Health Net shall have the right to elect to receive the Service Level Credit associated with the System Availability Critical Service Level or Application Availability Critical Service Level, but not both). In order for the foregoing to apply, Supplier shall have the burden of demonstrating to Health Net’s reasonable satisfaction, that a single event resulted in the failure of Supplier to meet more than one (1) Critical Service Level.

5. MODIFICATIONS AND IMPROVEMENTS TO SERVICE LEVELS.

5.1 Deletions of Service Levels.

Health Net may at any time during the Term, in its sole discretion upon written notice to Supplier, delete a then-existing Service Level.

5.2 Additions of Service Levels.

Health Net may, in its sole discretion upon written notice to Supplier, add a new Service Level. Any additions with respect to Service Levels measuring then-current Services shall be subject to the following:

(a) If Health Net adds a new Service Level for which there is at least six (6) months of historical data within the past twelve (12) months and such data indicates performance that is acceptable to Health Net, then the Service Level metric shall be ***% of the arithmetic mean of the most recent six (6) months of historical data, provided that if there is a significant deviation and the Parties mutually agree, the Parties may agree to establish a different Service Level metric or disregard the deviant measure(s) and continue to baseline for an additional period to be mutually agreed upon. For example, ***. Such Service Level shall become effective as of a date determined by Health Net, but no earlier than thirty (30) days after written notice from Health Net.

Schedule B B - 9 Health Net IBM / Confidential

Final Execution Version

(b) If Health Net adds a new Service Level for which at least six (6) months of historical data within the past twelve (12) months does not exist, then such Service Level shall be baselined in accordance with the following:

(i) Supplier and Health Net shall promptly meet to mutually agree upon the tools and procedures to be used to measure such new Service Level. Upon such agreement, Supplier shall promptly implement such agreed upon tools and/or procedures and begin measuring the new Service Level.

(ii) The “Baselining Period” for each such Service Level shall begin on the first day of the calendar month following the date upon which Supplier is capable of beginning to measure such Service Level using the agreed upon tools and procedures, and continue for six (6) months. Health Net, acting in its sole discretion, may extend the Baselining Period by informing Supplier of such extension.

(iii) Supplier shall begin to measure its performance against each such Service Level commencing on the start date of the relevant Baselining Period, and shall report on its performance with respect to each such Service Level in each of the Monthly Performance Reports covering Supplier’s performance during the Baselining Period.

(iv) Each such Service Level shall become effective as of the expiration of such Baselining Period, and the corresponding Service Level metric shall be determined in accordance with Section 5.2(a).

(c) If the addition of a new Service Level in accordance with this Section 5.2 results in additional out-of-pocket expenses to Supplier in order to measure such new Service Level, then Health Net shall reimburse Supplier for any such expenses, (i) so long as Supplier informs Health Net of the amount of such expenses reasonably in advance of incurring them, and (ii) provided that Health Net may determine not to add the applicable Service Level in order to avoid such reimbursement obligation.

5.3 Designation of Critical Service Levels and Weighting Factors.

(a) Critical Service Levels.

(i) As of the Effective Date, the Critical Service Levels are designated by the letter “Y” appearing in the corresponding “Critical Service Level” column in Exhibit B-1.

(ii) Health Net may from time to time during the Term change, in its sole discretion, the designation of any Service Level to a Critical Service Level, or change the designation of any Critical Service Level to a non-Critical Service Level, each upon written notice to Supplier from Health Net; provided, however, that Health Net may provide only one such notice during any calendar *** (which notice may contain multiple changes). For clarity, the changes contemplated in this Section shall be accomplished by changing Weighting Factors, as set forth in the next Section.

Schedule B B - 10 Health Net IBM / Confidential

Final Execution Version

(iii) Supplier shall implement such changes described in this Section 5.3(a) not later than the first (1^st) day of the calendar month following forty-five (45) days written notice from Health Net.

(b) Weighting Factors. Health Net may from time to time during the Term change, in its sole discretion, the Weighting Factor for any one or more Critical Service Levels upon written notice to Supplier; provided, however, that:

(i) Health Net may provide only one such notice during any calendar *** (which notice may contain multiple changes);

(ii) the sum of the Weighting Factors for all Critical Service Levels shall not exceed the Pool Percentage Available for Allocation; and

(iii) the Weighting Factor for any single Service Level may not be less than *** or exceed *** percentage points.

5.4 Continuous Improvement.

The Parties agree to the concept of continuous improvement of Service Levels and that the Service Levels may be modified during the Term to reflect this concept. To accomplish this, beginning twelve (12) months after the Effective Date (the “Service Level Improvement Date”) and on each anniversary of the Service Level Improvement Date, at Health Net’s request the Service Levels shall be adjusted by an amount equal to *** of the difference between the then-current Service Levels and Supplier’s actual performance, as defined below, for such Service Levels). As used in this Section 5.4, “Supplier’s actual performance” means the monthly average of the performance achieved by Supplier during the immediately preceding twelve (12) month period. In no event shall an adjustment pursuant to this Section result in a Service Level that is not as favorable to Health Net as the Service Level was prior to such adjustment. Notwithstanding the foregoing, Continuous Improvement shall not apply to the following Service Levels;

(a) Service Level 17: Response Time, Help Desk Average Time to Answer, and

(b) Service Level 19: Response Time, Help Desk Average Call Abandonment Rate.

5.5 Annual Meeting to adjust Service Levels.

Subject to Section 5.4, Health Net and Supplier will meet to review the Service Levels on an annual basis to discuss the Service Levels and will make adjustments to the Service Levels as mutually agreed to reflect improved performance capabilities associated with advances in technology, processes, methods and tools. As new technologies, processes methods and tools are introduced, additional Service Levels reflecting industry best practices for those technologies and processes will be established by the Parties in accordance with the Change Control Process.

Schedule B B - 11 Health Net IBM / Confidential

Final Execution Version

SCHEDULE C

CHARGES

Schedule C C - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE C

CHARGES

Table of Contents

1.	Introduction	4
2.	Definitions	4
2.1	Certain Definitions	4
2.2	Other Terms	5
3.	Transition and Transformation	5
3.1	Transition	5
3.2	Charges for Services Payable During Transition	6
3.3	Transformation	6
4.	Annual Services Charge	7
4.1	Annual Services Charge	7
4.2	ARCs/RRCs	8
4.3	Deadbands on ARC/RRCs	8
4.4	Adjustments to Resource Volumes	10
4.5	Minimum Commitment	11
5.	Projects	12
5.1	Project Defined	12
5.2	Baseline Project Pool	12
5.3	Project Management	14
6.	Hardware Services Charges	14
6.1	Introduction	14
6.2	Adjustments to the ASC for the Hardware Services Charges	14
6.3	Calculation of Actual HSC Expenditures	15
6.4	Charges Following Expiration of Lease Term	16
6.5	Removal of HSC Equipment	16
6.6	Server Refresh	17
6.7	Procurement Process	17
7.	Other Charges, Credits and Terms	18
7.1	Managed As Pass-Through Expenses and Pure Pass-Through Expenses	18
7.2	New Services	18
7.3	Time and Materials Charges	18
7.4	Disaster Recovery	18
7.5	Taxes	18
8.	Adjustments To Charges	18
8.1	Cost of Living Adjustment (COLA)	18
8.2	Currency	20
8.3	Onshore / Offshore Support Models	20
8.4	Extraordinary Events	20
8.5	Late Fees	21
8.6	Service Level Credits	21
8.7	Benchmarking	21
8.8	Substitute Services	21
8.9	Price Reduction Due to Termination of a Service Tower	22

Schedule C C - 2 Health Net / IBM Confidential

Final Execution Version

9.	Financial Responsibility for Equipment, Software, Facilities and Third Party Services	22
10.	Termination and Disengagement Assistance Charges	22
10.1	Termination of this Agreement or a Service Tower	22
10.2	Wind Down Costs	23
10.3	End of Term Buy-Out Obligation	25
11.	Purchase of Health Net Assets and Prepayments	26
11.1	Purchase of Health Net Assets	26
11.2	Reimbursement of Prepayments	27
12.	System Change	27
13.	Conversion of Capacity Billing to Utilization Billing	27

Table of Exhibits

Exhibit C-1 – Resource Units

Exhibit C-2 – Resource Baselines

Exhibit C-3 – Annual Services Charge

Exhibit C-4 – ARC/RRC Rates

Exhibit C-5 – T&M Rates

Exhibit C-6 – Managed Pass-Through Expenses and Pure Pass-Through Expenses

Exhibit C-7 – Form Invoice

Exhibit C-8 – Termination Charges

Exhibit C-9 – IMAC Counting Rules

Exhibit C-10 – Joint Verification Process

Exhibit C-11 – ITG Infrastructure Budget

Schedule C C - 3 Health Net / IBM Confidential

Final Execution Version

SCHEDULE C

CHARGES

1. INTRODUCTION

This Schedule C describes the methodology for calculating the Charges for the Services provided by Supplier to Health Net under this Agreement. The annual services charge described in Section 4.1 (“Annual Services Charge” or “ASC”), as adjusted by Additional Resource Charges (“ARCs”) and Reduced Resource Credits (“RRCs”) and the HSC adjustment described in Section 6; charges for Transformation described in Section 3; Managed As Pass-Through Expenses and Pure Pass-Through Expenses described in Section 7.1; charges for Projects and New Services described in Sections 5 and 7.2; any Out-of-Pocket Expenses payable under this Agreement; and any other charges or adjustments (e.g., COLA) expressly provided for in the Agreement (collectively, the “Charges”) shall fully compensate Supplier for providing the Services. There are no additional amounts payable by Health Net under this Agreement.

2. DEFINITIONS

2.1 Certain Definitions

(a) “Annual Services Charge” or “ASC” has the meaning given in Section 1.

(b) “ARC/RRC Rate” for each Resource Unit means the corresponding Resource Unit charge set forth in Exhibit C-4.

(c) “Charges” has the meaning given in Section 1.

(d) “Contract Year” has the meaning given in Section 2.1(i) of the General Terms and Conditions.

(e) “Financial Responsibility” means having responsibility for paying for resources or certain services related to resources, as indicated in the Financial Responsibility Model set forth in Schedule S.

(f) “Financial Responsibility Model” means a matrix that identifies the Financial Responsibility of each Party for certain assets, as set forth in Schedule S.

(g) “FMV” or “Fair Market Value” means what a willing buyer would pay a willing seller for an asset, neither being under any compulsion or financial distress.

(h) “ITG Infrastructure Budget” means those items from Health Net’s IT budget identified in Exhibit C-11.

(i) “Project Charges” means any Charges payable under Section 5.

(j) “Projects” has the meaning given in Section 5.1.

(k) “Resource Baseline” has the meaning given in Section 4.1.

(l) “Resource Category” means any grouping of service delivery resources for which distinct volumes are measured and charging rates or other charging mechanisms apply. Resource

Schedule C C - 4 Health Net / IBM Confidential

Final Execution Version

Categories may be added from time to time by mutual agreement of the Parties, and appropriate adjustments will be made to the existing or new Resource Baselines, as applicable. The Resource Categories and are set forth in Exhibit C-1 to this Schedule C.

(m) “Resource Unit” or “RU” for any Resource Category means the unit of chargeable resource utilization within such Resource Category. Each RU is listed and defined in Exhibit C-1.

(n) “Service Commencement Date” has the meaning given in Section 2.1(y) of the General Terms and Conditions.

(o) “Service Tower” means the Charges, and the Services corresponding to such Charges, for the following groupings of Services:

(i) Cross Tower Services, which mean those Services described in Section 2 of Exhibit C-1;

(ii) Mainframe and AS400 Services, which mean those Data Center Services that relate to systems operating on the zSeries and iSeries (i.e., AS400) platforms as set forth in Section 3 of Schedule A;

(iii) Server Services, which mean those Data Center Services other than the Mainframe and AS400 Services;

(iv) Help Desk Services, as defined in Schedule A;

(v) End User Services, as defined in Schedule A;

(vi) Data Network Services, as defined in Schedule A; and

(vii) Voice Network Services, as defined in Schedule A.

(p) “T&M Rates” has the meaning given in Exhibit C-5.

(q) “Transitioned Employees” has the meaning given in Section 2(o) of Schedule E.

(r) “Transition Period ASC” has the meaning given in Section 3.2.

(s) “Work Order” has the meaning given in Section 1.2(a) of Exhibit A-10.

2.2 Other Terms

Capitalized terms used in this Schedule C but not defined herein have the meanings given in the Glossary attached as Schedule U or elsewhere in this Agreement.

3. TRANSITION AND TRANSFORMATION

3.1 Transition

Except as provided in Sections 3.2, 3.3 and 5.2(f), for any Wind Down Costs payable under Section 10.2, and for any Charges agreed upon by the Parties through the Change Control Process, there

Schedule C C - 5 Health Net / IBM Confidential

Final Execution Version

are no charges payable by Health Net for (a) performance of the Transition; or (b) any Services provided by Supplier prior to the Service Commencement Date.

3.2 Charges for Services Payable During Transition

(a) The Charges payable by Health Net for Services prior to the Service Commencement Date consist solely of (1) the ASC specified in Exhibit C-3 for Transition (“Transition Period ASC”); and (2) the Transformation Charges payable prior to the Service Commencement Date pursuant to Section 3.3.

(b) Notwithstanding anything to the contrary in this Agreement, the Transition Period ASC is a fixed charge that shall not be adjusted by ARCs and RRCs, except ARCs and RRCs shall be determined in accordance with Section 4.2 during the Transition Period for Resource Units: (i) within the Transport Resource Categories (defined in Section 6 of Exhibit C-1); or (ii) (A) within the IT MRC Towers, that are the result of the addition or elimination of Equipment above or below that which existed as of the Effective Date and (B) within the Network MRC Towers, subject to 3.2 (b)(i) ***, for utilization of Resource Units *** the applicable Resource Baselines (the “Network Transition Deadband”).

(c) Beginning on the Effective Date, each Party shall have Financial Responsibility for Third Party Service Contracts, Software and Equipment as specified in Schedules I, J and N, respectively, and Schedule S.

3.3 Transformation

(a) Exhibit C-3 provides the non-recurring Charges payable in calendar years 2008 and 2009 for the data center migration and other Transformation Services described in Exhibits A-3 (Solution Description) and A-4 (Transition and Transformation Plan), such charges the “Transformation Charges”.

(b) During the Transformation, Supplier shall undertake to convert physical Wintel Images to virtual Wintel Images. Such conversion shall be at Supplier’s cost and expense, and there shall be no additional charges payable by Health Net in connection with such conversion, including any ARCs, hardware, software (including VMware) or labor charges, nor will any Project Hours or Small Projects (as defined in Section 5 below) be charged or used in connection with such conversion.

(c) Supplier shall invoice Health Net for the Transformation Charges as provided below in this Section 3.3(c). Health Net shall pay such invoice within thirty (30) days after receipt, subject to Section 3.3(c)(ii).

(i) Supplier shall invoice Health Net for the Transformation Charges in the months and amounts set forth in Exhibit C-3.

(ii) Within sixty (60) days of the Effective Date, the Parties shall mutually agree on the acceptance criteria for completion of the Transformation and the Health Net dependencies as set forth in Attachment A-3-1. Health Net shall have the right to withhold payment of the final monthly installment of the Transformation Charge *** set forth in Exhibit C-3 until Supplier completes the Transformation in accordance with the acceptance criteria agreed upon by the Parties.

Schedule C C - 6 Health Net / IBM Confidential

Final Execution Version

4. ANNUAL SERVICES CHARGE

This Section 4 describes the Annual Services Charge and the ARC/RRC methodology that shall be used to adjust the Annual Services Charge to account for Resource Unit utilization over or under the Resource Baselines.

4.1 Annual Services Charge

(a) The “Resource Baseline” for each Resource Category means the quantity of RUs that as of the Effective Date the Parties anticipate Health Net will utilize each Contract Year within such Resource Category. The Resource Baselines for each Resource Category are set forth in Exhibit C-2. Certain of these Resource Baselines are subject to adjustment as part of the Joint Verification Process described in Exhibit C-10.

(b) The Annual Services Charge set forth in Exhibit C-3 shall fully compensate Supplier for providing and supporting the volume of RUs set forth in the Resource Baselines. If the quantity of RUs consumed by Health Net within any Resource Category in any month is more or less than the quantity of RUs specified in such Resource Baseline, an ARC or RRC, respectively, shall be applicable as provided in Section 4.2, except as provided otherwise for particular Resource Units (e.g., RUs subject to deadbands under Section 4.3) or in particular circumstances (e.g., during Transition as provided in Section 3.2(b)). The ARCs represent compensation for the additional related Services provided. The RRCs represent credits for under-utilization of the related Services.

(c) Beginning on the Effective Date and continuing until the Service Commencement Date, Supplier shall invoice Health Net in accordance with Section 10 of the General Terms and Conditions and Section 4.1(d)(i) and (ii) below for 1/6 of the Transition Period ASC, net of any ARCs and RRCs (subject to Section 3.2(b)).

(d) Beginning after the Effective Date, Supplier shall (in each case in accordance with the payment terms under Section 10 of the General Terms and Conditions):

(i) For the period from the Effective Date to September 30, 2008, create and deliver to Health Net on or before September 10, 2008 an invoice equal to one-sixth (1/6^th) of the Transition Period ASC for Contract Year 1 for the September 2008 Services, plus an amount for the partial month of August 2008 equal to 12/31^st or 38.7% of the September 2008 Transition Period ASC charge defined above (which fraction and percentage assume an Effective Date of August 19, 2008); and

(ii) For the calendar month of February 2009, given that the period during which the Transition Period ASC is to be charged pursuant to Section 4.1(c) above ends during such month (e.g., February 15^th if the Effective Date is August 19^th), the invoice for February 2008 shall be calculated as (1) the total Transition Period ASC minus all Transition Period ASC invoiced to Health Net since the Effective Date (for example, ***), plus (2) an amount for the remainder of February 2009 equal to the actual number of days remaining in February divided by twenty-eight (i.e., the number of days in February 2009) times one-twelfth (1/12^th) of the ASC for Contract Year 1 (net of any applicable ARCs and RRCs and HSC Adjustments); and thereafter,

(iii) invoice Health Net in accordance with Section 10 of the General Terms and Conditions for 1/12 of the Annual Services Charge for the applicable Contract Year each month, net of any applicable ARCs and RRCs and HSC Adjustments, except for

Schedule C C - 7 Health Net / IBM Confidential

Final Execution Version

(iv) the final partial month of the Agreement (unless otherwise terminated earlier in accordance with the Agreement) in which case the ASC charge for such month shall be proportionally reduced to reflect only the actual number of days the Services are provided.

(e) For the avoidance of doubt, all fees, taxes, and expenses associated with and resulting from the disposal of Health Net Owned Equipment and Health Net Leased Equipment pursuant to Sections 2.25(b) and (c) of Schedule A shall be included the ASC, and Supplier may not charge Health Net any additional amounts for such fees, taxes and expenses provided (1) at the time of disposal Health Net will convey ownership to such Equipment it identifies for disposal to Supplier without any charges, payments or other obligations of Supplier (in which event Supplier shall accept such conveyance), and (2) Supplier is entitled to retain without any obligation to Health Net, any proceeds from Supplier’s subsequent sale (or reduction in disposal fees) related to Health Net Owned Equipment and Health Net Leased Equipment that Health Net conveys to Supplier in advance of disposal of such Equipment.

4.2 ARCs/RRCs

In the month immediately following the Effective Date, and each month thereafter, Supplier shall adjust the Annual Services Charges using ARCs and RRCs, as they may apply, to reflect Health Net’s actual usage of Services in accordance with the following:

(a) Supplier shall track the number of RUs actually utilized by Health Net each month within each Resource Category and provide such information with the subsequent month’s invoice.

(b) Except as provided otherwise in this Agreement (e.g., Sections 3.2(b) and 4.3), ARCs and RRCs shall be calculated each month as follows:

(i) If the quantity of RUs consumed by Health Net in a month for a Resource Category is greater than the volume of RUs set forth in the Resource Baseline for such Resource Category and month, then Health Net will be charged an ARC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by the number of RUs actually used by Health Net within such Resource Category in excess of the RUs set forth in the applicable Resource Baseline.

(ii) If the quantity of RUs consumed by Health Net in a month for a Resource Category is less than the volume of RU’s set forth in the Resource Baseline for such Resource Category and month, then Health Net will receive a RRC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by the difference between the number of RUs actually used by Health Net within such Resource Category and the RUs set forth in the applicable Resource Baseline.

(c) The ARC/RRC Rates for each Resource Category are set forth in Exhibit C-4.

4.3 Deadbands on ARC/RRCs

(a) Help Desk Calls. During the Term, no ARCs or RRCs shall apply within the Help Desk Calls Resource Category during a month unless Health Net’s actual usage of RUs within such Resource Category varies by more than *** above or below the corresponding Resource Baseline in such month (the “Help Desk Call Deadband”).

(i) If Health Net’s actual RU usage within the Help Desk Calls Resource Category during a month is more than *** above the corresponding Resource Baseline, then Health Net will be charged an ARC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by

Schedule C C - 8 Health Net / IBM Confidential

Final Execution Version

the number of RUs actually used by Health Net within such Resource Category in excess of the Help Desk Call Deadband.

(ii) If Health Net’s actual RU usage within the Help Desk Calls Resource Category during a month is more than *** below the corresponding Resource Baseline, then Health Net will receive a RRC equal to the product of the ARC/RRC Rate for such Resource Category multiplied the number of RUs actually used by Health Net within such Resource Category below the Help Desk Call Deadband.

(b) Desktop IMACs. During the Term, no ARCs shall apply within the Desktop IMACs Resource Category during a month unless Health Net’s actual usage of RUs within such Resource Category varies by more than *** above the corresponding Resource Baseline in such month (“Desktop IMAC ARC Deadband”). If Health Net’s actual RU usage within the Desktop IMACs Resource Category during a month is more than *** above the corresponding Resource Baseline, then Health Net will be charged an ARC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by the number of RUs actually used by Health Net within such Resource Category in excess of the Desktop IMAC ARC Deadband.

(i) No RRCs shall apply within the Desktop IMACs Resource Category during a month unless Health Net’s actual usage of RUs within such Resource Category is less than the following (“Desktop IMAC RRC Deadband”):

Contract Year	Desktop IMAC RRC Deadband (per month)
2009	***
2010	***
2011	***
2012	***
2013	***

(ii) If Health Net’s actual RU usage within the Desktop IMACs Resource Category during a month is below the corresponding Desktop IMAC RRC Deadband, then Health Net will receive a RRC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by the number of RUs actually used by Health Net within such Resource Category below the Desktop IMAC RRC Deadband.

(c) Mainframe DASD Deadband. During the Term, no ARCs shall apply to Charges within the Allocated DASD Resource Category unless Health Net’s actual usage of RUs within such Resource Category exceeds the greater of (i) “x” Mainframe Gb-months (as defined in Section 2.3 of Exhibit C-1), where “x” Mainframe Gb-months shall be determined by the Parties within thirty (30) days after the Effective Date, and shall equal the capacity of the Mainframe DASD that was installed as of the Effective Date; or (ii) the number of Mainframe Gb-months in the Resource Baseline for such month (the “DASD Deadband”).

(i) If Health Net’s actual RU usage within the Allocated DASD Resource Category during a month exceeds the Allocated DASD Deadband, then Health Net will be charged an ARC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by the number of Mainframe Gb-months actually used by Health Net in excess of the Allocated DASD Deadband.

Schedule C C - 9 Health Net / IBM Confidential

Final Execution Version

(ii) RRCs are payable in accordance with Section 4.2 for RUs within the Allocated DASD Resource Category below the corresponding Resource Baseline.

(iii) The Parties acknowledge that Health Net has placed a large order for Mainframe Allocated DASD Equipment from a third party prior to the Effective Date. Notwithstanding anything to the contrary in this Agreement: (1) the lease for such Equipment shall be classified in the applicable Exhibit to Schedule N as a Managed In ASC contract for which Supplier has Financial Responsibility and (2) the additional Mainframe Gb-month Resource Units added as a result of such new Equipment, whether or not such new Equipment is installed as of the Effective Date, shall not be factored into the DASD Deadband calculation set forth in Section 4.3 (c) above (i.e., they will be charged as ARCs without regard to a DASD Deadband).

(d) SAN/NAS Storage. During the Term, no ARCs shall apply to Charges within the SAN/NAS Storage Resource Category unless Health Net’s actual usage of RUs within such Resource Category exceeds the greater of (i) *** Gb-months; or (ii) the number of SAN Gb-months in the Resource Baseline for such month (the “SAN Storage Deadband”).

(i) If Health Net’s actual RU usage within the SAN Storage Resource Category during a month exceeds the SAN Storage Deadband, then Health Net will be charged an ARC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by the number of SAN Gb-months actually used by Health Net in excess of the SAN Storage Deadband.

(ii) RRCs are payable in accordance with Section 4.2 for RUs within the SAN Storage Resource Category below the corresponding Resource Baseline.

(e) Wintel System Images. During the Term, no RRCs shall apply within the Wintel System Image Resource Category during a month unless Health Net’s actual usage of RUs within such Resource Category is *** Wintel System Images (“Wintel System Image Deadband”). If Health Net’s actual RU usage within the Wintel System Image Resource Category during a month is below the corresponding Wintel System Image Deadband, then Health Net will receive a RRC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by the number of RUs actually used by Health Net within such Resource Category below the Wintel System Image Deadband.

(f) Novell Servers. During Contract Year One (1) only, no RRCs shall apply within the Novell Server Resource Category during a month unless Health Net’s actual usage of RUs within such Resource Category is *** Novell Servers (“CY1 Novell Server Deadband”). If Health Net’s actual RU usage within the Novell Server Resource Category during a month is below the corresponding CY1 Novell Server Deadband, then Health Net will receive a RRC equal to the product of the ARC/RRC Rate for such Resource Category multiplied by the number of RUs actually used by Health Net within such Resource Category below the CY1 Novell Server Deadband.

4.4 Adjustments to Resource Volumes

(a) In managing its resources, Supplier shall maintain the flexibility to respond to changes in Health Net’s demand for RUs on a day-to-day and month-to-month basis, particularly with respect to those portions of the Services for which Health Net experiences significant variances in demand.

(b) For those RUs where the Charges are based on capacity available to Health Net (e.g., Installed MIPS), or the number of items of Equipment (e.g., number of Desktop Workstations or Laptop Workstations), Supplier shall neither increase nor decrease the volume of RUs without Health Net’s prior

Schedule C C - 10 Health Net / IBM Confidential

Final Execution Version

written approval. Health Net shall not be required to pay for any RUs added without its prior written approval.

(c) For those RUs where the Charges are based on the number of items of Equipment (e.g., number of Desktop Workstations and Laptop Workstations), if Health Net requests that Supplier increase or decrease the number of RUs (through the Help Desk or other procedure established by the Parties), ARCs and RRCs shall be payable as follows unless the Parties agree otherwise as part of a Project:

(i) If Health Net notifies Supplier of a desire to remove one or more Resource Units from the scope of Services on or prior to the fifteenth (15^th ) day of a month, Supplier shall credit Health Net with the corresponding RRC (or reduction in ARCs) in the current month (retroactive to the first (1^st) day of the month). If Health Net notifies Supplier of a desire to remove one or more Resource Units from the scope of Services after the fifteenth (15^th ) day of a month, Supplier shall credit Health Net with the corresponding RRC (or reduction in ARCs) beginning on the first (1^st) day of the following month.

(ii) If Health Net notifies Supplier of a desire to add one (1) or more Resource Units to the scope of Services, and Supplier installs such new Resource Units on or prior to the fifteenth (15^th) day of a month, Supplier shall begin charging Health Net for the corresponding ARC in the current month (retroactive to the first (1^st) day of the month). If Health Net notifies Supplier of a desire to add one (1) or more Resource Units to the scope of Services, and Supplier installs such Resource Units after the fifteenth (15^th) day of a month, Supplier shall begin charging Health Net for the corresponding ARC on the first (1^st) day of the following month.

(iii) If the fifteenth (15^th) day of a month is a Saturday, references to such date shall be deemed references to the fourteenth (14^th) day of the month; if the fifteenth (15^th) day of a month is a Sunday, references to such date shall be deemed references to the sixteenth (16^th) day of the month.

(d) For those RUs that are based on available capacity or actual RU utilization by Health Net, ARCs and RRCs shall be determined based on available capacity or actual RU utilization on the last day of the month, unless stated otherwise for particular RUs in Exhibit C-1.

4.5 Minimum Commitment

(a) Exhibit C-3 sets forth minimum revenue commitments for each Contract Year of the Term (each a “Minimum Commitment”) for (i) the combined Data Network and Voice Network Service Towers (“Network MRC Towers”) and (ii) all Service Towers other than the Data Network and Voice Network Service Towers (“IT MRC Towers”). If the total Charges payable by Health Net under this Agreement within either the Network MRC Towers or IT MRC Towers are (A) in a month between the Effective Date and the Service Commencement Date, *** of the applicable Minimum Commitment for such period; or (B) in a month after the Service Commencement Date, *** of the applicable Minimum Commitment for the then current Contract Year, as a result of Health Net’s decision to withdraw Services from this Agreement and either perform them itself or use a third party to perform them, then Health Net shall pay Supplier an additional amount equal to the difference between the applicable Minimum Commitment for such month and the total Charges otherwise payable by Health Net within such Network MRC Towers or IT MRC Towers, as applicable, in such month under this Agreement. The Minimum Commitments shall be prorated for partial months and Contract Years (as applicable to the above).

(b) If Health Net terminates a Service Tower pursuant to Section 16 of the General Terms and Conditions, and pays all applicable Termination Charge and Wind Down Costs payable for such termination under Section 10 of this Schedule C, the Minimum Commitment for each Contract Year shall be reduced by an amount proportionate to the percentage of the Annual Services Charge attributable to

Schedule C C - 11 Health Net / IBM Confidential

Final Execution Version

the terminated Service Tower for each Contract Year set forth in Exhibit C-3 as of the Effective Date. For example, ***.

5. PROJECTS

5.1 Project Defined

(a) A “Project” is a work that is: (i) expressly designated as a Project in this Agreement (e.g., In-Flight Projects), or (ii) a discrete unit of non-recurring work outside the scope of Services described in this Agreement that has deliverables and requires startup, planning, execution, and completion. For the avoidance of doubt, if a Service is described in this Agreement (e.g., Equipment Refresh or installation activities), and it is not expressly designated as a Project, then it is not a “Project” for purposes of determining Charges under this Section 5.

(b) A “Project Hour” means a productive hour of Project work for Health Net, as appropriately recorded under Supplier’s labor tracking system, exclusive of nonproductive time, such as holidays, vacation time, sick leave or other personal time off, education, training, general travel, administrative and management time (e.g., Supplier internal meetings not specific to an approved Project, internal reporting, expense accounting), internal Supplier process implementation work, and idle time between projects. Hours spent for transition labor (i.e., skilled personnel brought in by Supplier to mentor Supplier Personnel) shall not be counted as Project Hours.

(c) “Small Project” means a Project that requires *** Project Hours to complete. Supplier’s performance of Small Projects, not to exceed *** Project Hours each month (the monthly “Small Project Hours Cap”), is included in the Annual Services Charge and shall not count toward the Baseline Project Pool. Project Hours incurred performing additional Small Projects above the Small Projects Hours Cap in any month during the Term shall count toward the Baseline Project Pool. Supplier shall manage Small Projects so as not to impact delivery of Services.

5.2 Baseline Project Pool

(a) The ASC includes a baseline of *** Project Hours that Supplier shall perform each Contract Year in connection with Projects requested by Health Net (“Baseline Project Pool”).

(b) Supplier shall perform Projects at no additional charge for Supplier Personnel so long as:

(i) during any Contract Year the total Project Hours do not exceed *** Project Hours (i.e., ***);

(ii) during any month the Project Hours do not exceed *** Project Hours;

(iii) the skills required for completion of the Projects are skills (A) required to perform Services under this Agreement or (B) covered by a T&M Rate category set forth in Exhibit C-5; and

(iv) the volume of network and non-network Project Hours applied against the Baseline Project Pool approximates the ratio of Supplier Personnel assigned between the Network MRC Towers and the IT MRC Towers (i.e., *** of Project Hours in the Baseline Project Pool should be applied toward network-related Projects).

Schedule C C - 12 Health Net / IBM Confidential

Final Execution Version

(c) If at Health Net’s request Supplier performs Projects in excess of the Baseline Project Pool thresholds provided in Section 5.2(b), the excess Project Hours shall be separately chargeable at the T&M Rates set forth in Exhibit C-5. Health Net and Supplier shall each use Commercially Reasonable Efforts to manage and coordinate Projects so that additional Charges incurred by Health Net are minimized.

(d) If in any quarter of a Contract Year Health Net does not use at least *** Project Hours, Supplier shall provide Health Net with a credit in the following month against the Annual Services Charge calculated as follows: [(*** Project Hours – the actual number of Project Hours used by Health Net in the quarter) * ***], subject to the following:

(i) No later than ten (10) days prior to the beginning of each month the Parties shall review the Health Net Project Pipeline to assess whether it contains a volume of Projects sufficient to utilize at least *** Project Hours in such month.

(ii) If the criteria in item (i) above is not met in a month, and in such month Health Net actually utilizes less than *** Project Hours, then the “***” number in the formula above for purposes of calculating credits at the end of a quarter shall be reduced by the difference between (A) *** Project Hours and (B) the greater of the actual number of Project Hours used in such month and the estimated Project Hours required to perform the Projects in the Health Net Project Pipeline for such month.

(iii) If Health Net suspends a Project for which a Work Order has been executed for more than five (5) Business Days, or significantly reduces the scope of a Project for which a Work Order has been executed in a month, and Supplier is unable to redeploy the resources assigned to such Project to another Project in the Health Net Project Pipeline, then the hours forecasted for such month for such delayed or reduced Project shall be deducted from the “***” number in the formula above for purposes of calculating credits at the end of a quarter.

(iv) Project Hours for which a credit was made to Health Net in accordance with this Section 5.2(d) shall be deducted from the annual Project Hours available in the Baseline Project Amount.

(v) “Health Net Project Pipeline” means all Projects: (A) that are in-progress or for which a Work Order has been executed; or (B) for which Health Net has provided Supplier with a Project Brief (defined in Exhibit A-10).

(e) Notwithstanding the foregoing, with respect to all or any portion of a Project (whether or not in excess of the Baseline Project Pool), Health Net may request that Supplier use existing resources who would otherwise be available to provide Services hereunder to perform the Project without deduction from the Baseline Project Pool or additional charge, provided that Supplier will be excused from the Service Levels applicable to the Services from which the existing resources were displaced, and further provided that Supplier continues to use Commercially Reasonable Efforts to provide the Services in accordance with this Agreement without the use of the redirected resources. The Parties shall mutually agree as to which existing resources should be reallocated to performance of the Project.

(f) The Baseline Project Pool shall apply beginning on the Service Commencement Date. Prior to the Service Commencement Date, Supplier shall not charge Health Net for Project Hours worked by Transferred Employees, but shall be allowed to charge for incremental Supplier Personnel required during such period to perform Projects that Health requests that cannot be performed by Transferred Employees.

Schedule C C - 13 Health Net / IBM Confidential

Final Execution Version

(g) For the avoidance of doubt, Health Net may not carry-over unused Project Hours from the Baseline Project Pool from one Contract Year to the next.

5.3 Project Management

The Parties shall initiate, document, and manage Projects in accordance with Exhibit A-10.

6. HARDWARE SERVICES CHARGES

6.1 Introduction

(a) The ASC contains an allocation of funds (“Hardware Services Charge” or “HSC”) that shall be used to (i) refresh Equipment within the Server Services Tower and (ii) purchase net new Equipment to accommodate growth (i.e., ARCs) in Health Net Resource Units within the Server Services Tower (collectively “HSC Equipment”). The HSC allocation included in the ASC for each Contract Year quarter is set forth below in Section 6.1(b). Supplier shall obtain written approval prior to purchasing any HSC Equipment or taking any action that impacts the amount of Actual HSC Expenditure (defined below).

(b) The table below contains the HSC allocation referenced above in 6.1(a) for each Contract Year. The quarterly HSC allocation used for the reconciliation described in Section 6.2 shall equal *** of the applicable annual Contract Year allocation in the table below.

	Contract Year
	CY1	CY2	CY3	CY4	CY5	Renewal Term CYs
HSC Allocation (1)	***	***	***	***	***	***
(1)    That portion of the HSC that pertains to the purchase of the Equipment described in Items # 17, 18 and 19 of Exhibit A-1 (Refresh) is as follows: •        Contract Year 1 = $*** •        Contract Year 2 = $*** •        Contract Year 3 = $*** •        Contract Year 4 = $*** •        Contract Year 5 = $***

6.2 Adjustments to the ASC for the Hardware Services Charges

Health Net may direct Supplier to use (or not use) the HSC to purchase HSC Equipment from time to time during the Term. On a quarterly basis, the Parties shall reconcile Health Net’s Actual HSC Expenditures with the HSC for the quarter.

(a) If the Actual HSC Expenditures in a quarter exceed the HSC for that quarter, in the following month Supplier shall invoice Health Net for the expenditure above the HSC for that quarter.

(b) If the Actual HSC Expenditure in a quarter is less than the HSC for that quarter, in the following month Supplier shall issue Health Net a credit equal to the variance in expenditure below the HSC for that quarter.

Schedule C C - 14 Health Net / IBM Confidential

Final Execution Version

6.3 Calculation of Actual HSC Expenditures

(a) “Capital Expenditures” means, with respect to any month of the Term, the sum of the Equipment suppliers’ charges for HSC Equipment (including all associated peripheral equipment), operating system Software (when procured from the Equipment supplier with the Equipment), applicable sales and use taxes (but excluding personal property taxes), freight and, if applicable, the original equipment manufacturers’ integration charges for such month.

(b) “Maintenance Charge” means, with respect to any month of the Term, the sum of the Equipment suppliers’ charges for maintenance of the HSC Equipment (if any).

(c) “Actual HSC Expenditures” means the monthly charges for HSC Equipment acquisition and maintenance in a given month. The Actual HSC Expenditures for each item of HSC Equipment will equal the following beginning on the date of acquisition:

Actual HSC Expenditure = [P * [(i/12*(1+i/12)ⁿ)/((1+(i/12))ⁿ -1)] * 1.03] + [(xx/12) * 0.5P] + M

Where:

P = the Capital Expenditures for that month;

M = the Maintenance Charge for that month;

“i” equals the Base Lease Interest Rate determined by the following:

(i) where n = 60 months, the “Base Lease Interest Rate” shall be ***%, included in which is a “Swap Rate/Initial Index Rate” equal to ***%. The Base Lease Interest Rate shall be adjusted prior to the beginning of each calendar quarter by the difference between the Swap Rate/Initial Index Rate and the average of the weekly two and three year swap rates published by the Federal Reserve Board for the week preceding the Monday closest to 40 days prior to the start of the next calendar quarter, and

(ii) where n = 48 months, the Base Lease Interest Rate shall be ***%, included in which is a Swap Rate/Initial Index Rate” equal to ***%. The Base Lease Rates shall be adjusted prior to the beginning of each calendar quarter by the difference between the Swap Rate/Initial Index Rate and the average of the weekly two year swap rates published by the Federal Reserve Board for the week preceding the Monday closest to 40 days prior to the start of the next calendar quarter.

Swap rates are published in Statistical Release H.15 and can be accessed via the Federal Reserve Board internet website.

“xx” is the personal property tax rate at time of purchase;

“n” is the number of months in the applicable lease term; and

“1.03” is percentage charged above *** for all HSC Equipment purchased through Supplier (i.e., *** Supplier procurement and administration).

Schedule C C - 15 Health Net / IBM Confidential

Final Execution Version

(d) Expenditures related to Equipment within the Server Services Tower that is included in Health Net’s environment as of the Effective Date (including VMS Equipment leases) are included in the ASC and shall not be considered Actual HSC Expenditures.

6.4 Charges Following Expiration of Lease Term

There shall be no minimum or maximum period of installation for HSC Equipment. If HSC Equipment is not Refreshed or removed from Health Net’s environment at the end of the applicable lease term, Health Net shall continue to pay Supplier for direct personal property taxes assessed upon Supplier for such HSC Equipment and additional Maintenance Charges (if any) until such HSC Equipment is Refreshed or removed. Any such personal property taxes and Maintenance Charges paid by Supplier in a month shall be deemed Actual HSC Expenditures in such month. Subject to the preceding sentences in this Section 6.4, Health Net shall have no further Actual HSC Expenditures for any HSC Equipment not Refreshed or removed from Health Net’s environment at the end of the applicable lease term.

6.5 Removal of HSC Equipment

Supplier shall remove HSC Equipment in a timely manner after receipt of a request for removal from Health Net in accordance with Section 4.4(c) of Schedule C. If Health Net requests removal of HSC Equipment prior to expiration of the applicable lease term, Supplier shall use Commercially Reasonable Efforts to re-deploy such HSC Equipment within Health Net or Supplier. If redeployment is not possible, the Parties shall allocate responsibility for any remaining Actual HSC Expenditures for that HSC Equipment as follows:

(a) Each month Supplier shall determine:

(i) the sum of the Actual HSC Expenditures, for the remaining lease terms, for any HSC Equipment that Health Net removes in that month and that cannot be redeployed within Health Net or Supplier (“Stranded HSC Costs”); and

(ii) the sum of the Actual HSC Expenditures, for the remaining lease terms, for all HSC Equipment in Health Net’s environment that month (including the removed HSC Equipment) (“Remaining HSC Expenditures”).

Example #1: assume Health Net has 10 servers, and that 5 of those servers have Actual HSC Expenditures of $100/month and remaining lease terms of 15 months (group A) and the other 5 have Actual HSC Expenditures of $200 and remaining lease terms of 10 months (group B). If Health Net removes 1 server from Group A and 1 from Group B and Supplier is unable to redeploy such servers, the Stranded Lease Costs would be $***].

(b) If in a given month the Stranded HSC Costs are *** the Remaining HSC Expenditures (“***”), Supplier shall be responsible for such Stranded HSC Costs (and the costs associated with the removed HSC Equipment shall no longer be considered Actual HSC Expenditures).

(c) If in a given month the Stranded HSC Costs are more than the ***:

(i) Supplier shall be responsible for such Stranded HSC Costs up to the *** (and the costs associated with the removed HSC Equipment shall no longer be considered Actual HSC Expenditures); and

Schedule C C - 16 Health Net / IBM Confidential

Final Execution Version

(ii) Health Net shall be responsible for such Standard HSC Costs in excess of the ***. Health Net may elect to continue paying the monthly Actual HSC Expenditures for such Stranded HSC Costs or direct Supplier to exercise any buy-out or termination rights and reimburse Supplier for the associated costs. If Health Net elects to continue paying the monthly Actual HSC Expenditures, Supplier shall store the corresponding Equipment until it can be redeployed on the Health Net account or Health Net directs otherwise. If Health Net directs Supplier to buy-out Equipment and reimburses it for the cost as provided above, upon request from Health Net, Supplier shall transfer ownership of such Equipment to Health Net at no additional charge.

Example #2: Assuming the same facts as Example #1 above, ***% of the Remaining HSC Expenditures is $1,750 and the Stranded HSC Costs are $3,500. Supplier would be responsible for $*** of such costs; Health Net would be responsible for the remaining $***.

(d) The calculations described above in this Section 6.5 shall be made each month (i.e., the Remaining HSC Expenditures and the *** will be determined without taking into account Stranded HSC Costs and HSC Equipment removed from Health Net’s environment in prior months).

6.6 Server Refresh

Exhibit A-1 sets forth a Refresh schedule for Equipment within the Server Services category. If Health Net (a) directs Supplier to delay the Refresh of Server Equipment and (b) is unable or unwilling to purchase hardware maintenance for such Server Equipment, and as a result Supplier is reasonably likely to have difficulty meeting applicable Service Levels covering such Server Equipment, then Supplier shall so notify Health Net. If after receiving such notice Health Net does not authorize Supplier to Refresh or purchase hardware maintenance (if available) for such Server Equipment, then Supplier shall be excused from the requirement to meet applicable Service Levels for such Server Equipment solely to the extent such Service Levels are affected by the Server Equipment’s performance failure (i.e., not due to Supplier’s performance of or failure to perform the Services).

6.7 Procurement Process

(a) Supplier shall use all Commercially Reasonable Efforts to obtain the best price available for HSC Equipment, including by leveraging Supplier enterprise and alliance agreements and obtaining bids from multiple suppliers for orders of multiple items.

(b) If Health Net is able to obtain and make available to Supplier commercial prices or terms and conditions for HSC Equipment that are more favorable than those commercial prices or terms and conditions offered by Supplier, Supplier will procure the applicable HSC Equipment using Health Net’s more favorable prices or terms and conditions. Health Net must notify Supplier in writing in advance of the placement of any order (provided the order has been previously approved by Health Net) for which Health Net directs Supplier to use Health Net’s more favorable prices or terms and conditions. Alternatively, Health Net may elect to lease such HSC Equipment directly from a third party. In the latter case, at Health Net’s option, the leases Health Net executes will be categorized as Managed In ASC or Managed As Pass-Through contracts, subject to any limitations in such leases.

Schedule C C - 17 Health Net / IBM Confidential

Final Execution Version

7. OTHER CHARGES, CREDITS AND TERMS

7.1 Managed As Pass-Through Expenses and Pure Pass-Through Expenses

(a) The list of Managed As Pass-Through Expenses and Pure Pass-Through Expenses existing as of the Effective Date is attached to this Schedule as Exhibit C-6. The cost for Supplier administering Managed As Pass-Through Expenses and Pure Pass-Through Expenses is included in the Annual Services Charges and there shall be no additional charge for administering such expenses.

(b) Supplier shall track and use all Commercially Reasonable Efforts to obtain for Health Net all rebates, credits, and other monetary benefits to which Health Net is entitled with respect to Managed As Pass-Through Expenses only.

7.2 New Services

The Charges for any New Services performed by Supplier at Health Net’s request shall be calculated in accordance with Section 3.8 of the General Terms and Conditions.

7.3 Time and Materials Charges

Exhibit C-5 contains hourly personnel rates (“T&M Rates”) that shall be used to calculate Charges for Projects (outside the Baseline Project Pool) and any other Services that this Agreement expressly specifies are to be charged on a time and materials basis or otherwise using the rates in Exhibit C-5. Supplier shall obtain Health Net’s written approval prior to incurring any time and materials charges.

7.4 Disaster Recovery

The Charges for all disaster recovery Services described in this Agreement as of the Effective Date are included in the Annual Services Charge. The impact of changes to such Services shall be evaluated through the Change Control Process.

7.5 Taxes

Supplier shall invoice Health Net for taxes payable by Health Net as provided in Section 9.3 of the General Terms and Conditions.

8. ADJUSTMENTS TO CHARGES

8.1 Cost of Living Adjustment (COLA)

(a) Each calendar year beginning January 1, 2010 Supplier shall have the right to increase (i) the Annual Services Charge, (ii) the ARC/RRC Rates, and (iii) the T&M Rates (collectively, the “Adjustable Charges”) using the Inflation Factor defined below (each adjustment, a “COLA”). Supplier shall not increase the Adjustable Charges prior to January 1, 2010.

(b) Subject to Section 8.1(d) below, the “Inflation Factor” for each calendar year beginning in 2010 shall be equal to *** times the percentage increase in the Consumer Price Index (rounded to two digits to the right of the decimal point) from December 31, 2008 (the “Base Year Index”) to December 31 of the year immediately preceding the year in which the COLA is to be made. If the Inflation Factor is a negative number, no adjustment shall be made. In calculating adjustments hereunder, the Inflation Factor shall be applied to the Adjustable Charges as set forth in this Agreement on the Effective Date.

Schedule C C - 18 Health Net / IBM Confidential

Final Execution Version

Example #1 (2010 Adjustment): ***.

Example #2 (2011 Adjustment): ***.

(c) If the Parties add a New Service or new Service Tower or additional Charges through the Change Control Process to this Agreement after the Effective Date that is subject to a COLA, (i) the COLA shall be made using the formula above and (ii) the Base Year Index shall equal the Consumer Price Index existing on the last day of the month in which such New Service or new Service Tower was added, unless the Parties specify otherwise in the applicable amendment or other contract document adding such New Service or new Service Tower.

(d) The inflation sensitivity percentage applied to the Consumer Price Index (i.e., ***%) to determine the Inflation Factor in Section 8.1(b) is a blended percentage that assumes all Service Towers in effect as of the Effective Date remain in effect during the Term. If (i) Health Net terminates one or more Service Towers in accordance with the terms of this Agreement; (ii) the Parties agree to add one or more new Service Towers; or (iii) Health Net declares an Extraordinary Event under Section 8.4, then Supplier shall recalculate the inflation sensitivity percentage based upon the relative Supplier labor component in the Service Towers remaining after one (1) or more of the events in items (i) through (iii) above occurs. Supplier shall present such revised inflation sensitivity percentage to Health Net, together with reasonably detailed supporting data and calculations to enable Health Net to evaluate Supplier’s determination. Upon mutual agreement to the revised percentage, the Parties shall document such revised percentage (which may be lower than or higher than the inflation sensitivity percentage as of the Effective Date or any amended percentage thereafter) in an amendment to this Schedule C. If the Parties are unable to agree on a revised inflation sensitivity percentage after one (1) or more of the events in items (i) through (iii) above occurs, then the revised percentage shall be calculated using the following percentages and the relative value of the ASC for each Service Tower at the time the triggering event occurs.

(i) Cross Tower Services: ***%

(ii) Mainframe and AS400 Services: ***%

(iii) Server Services: ***%

(iv) Help Desk Services: ***%

(v) End User Services: ***%

(vi) Data Network Services: ***%

(vii) Voice Network Services: ***%

(e) If Supplier desires to exercise the right to increase the Adjustable Charges for any year pursuant to this Section 8, it shall give Health Net notice of such estimated COLA increase at least thirty (30) days prior to the beginning of such year, including detailed calculations and supporting documentation as to the determination of the Inflation Factor and the resulting changes to the Charges for such year. The actual COLA shall be determined in January beginning in 2010 and each year thereafter, and any such COLA increase shall be included in Supplier’s January invoice.

Schedule C C - 19 Health Net / IBM Confidential

Final Execution Version

(f) “Consumer Price Index” means the unadjusted Consumer Price Index (“CPI-U”), as published in the “Summary Data from the Consumer Price Index News Release” by the Bureau of Labor Statistics, U.S. Department of Labor, For All Urban Consumers, All Cities Average, All Items, 1982-84 = 100. If the Bureau of Labor Statistics (or its successor agency) stops publishing the CPI-U or substantially changes its content and format, the Parties will substitute another comparable index published at least annually by a mutually agreeable source. If the Bureau of Labor Statistics merely redefines the base year for the CPI from 1982-1984 to another year, the Parties will continue to use the CPI-U, but will convert the base year to the new base year by using an appropriate conversion formula.

(g) The Parties recognize that a hyper-inflationary environment would likely have a negative effect on the value proposition to Health Net of Supplier’s delivery of the Services. If in any year the increase in the CPI-U (measured year by year) is greater than ***%), then, at Health Net’s request, Supplier will create an action plan of potential areas of the Services that could be eliminated or reduced as a means to offset such inflation impact. Upon mutual agreement, the Parties will implement those action plans that may include a reduction in the scope or quantity of the Services, and/or reduced Service Levels to allow Health Net to offset such high inflation environment for the period of time such situation is in effect.

8.2 Currency

All Charges in this Agreement are stated in U.S. Dollars, and shall be invoiced by Supplier and paid by Health Net in U.S. Dollars.

8.3 Onshore / Offshore Support Models

Exhibit A-3 describes the support model that Supplier intends to utilize to provide Services in support of Health Net’s Tricare contract (“Onshore Support Model”), and any other Services for which Health Net requires a similar support model as a result of regulatory or customer requirements. The ARC/RRC Rates in Exhibit C-4 are blended rates that shall be used to adjust the ASC to account for changes in utilization of Resource Units (e.g., Servers, Help Desk Calls) supported by both Supplier’s standard solution in Exhibit A-3 and Supplier’s Onshore Support Model. For example, if Health Net were to remove 10 Servers requiring an Onshore Support Model and add 15 Servers requiring standard support within the same Server Resource Category, the net impact would be 5 ARCs (i.e., 10 RRCs and 15 ARCs).

8.4 Extraordinary Events

(a) An “Extraordinary Event” means (i) a circumstance (or series of related circumstances) in which Health Net’s actual usage of the Services varies or is expected to vary for at least *** consecutive months to the degree that it will increase or decrease a Resource Baseline by more than plus or minus ***%) or (ii) Health Net’s loss, or expected loss, of its Tricare contract with the U.S. Government.

(b) If Health Net notifies Supplier of the occurrence of an Extraordinary Event, subject to Section 8.4(e) below, the Charges and Resource Baselines (including Annual Service Charges and ARCs/RRCs Rates as appropriate) shall be adjusted in accordance with this Section 8.2. Supplier’s adjustment in resources used to provide the Services shall be in accordance with a plan prepared by Supplier and approved by Health Net or, in the absence of such plan, as reasonably requested by Health Net. Only Health Net may declare an Extraordinary Event.

(c) As used in this Agreement, in connection with an Extraordinary Event:

Schedule C C - 20 Health Net / IBM Confidential

Final Execution Version

(i) “Targeted Resource Reductions” means those resources no longer required by Supplier to provide the Services.

(ii) “Targeted Cost Reductions” means the costs (including appropriate indirect and overhead costs) and related profit that can be eliminated or reduced as and when the Targeted Resource Reductions are eliminated.

(iii) “Targeted Resource Additions” means those new or modified resources newly required by Supplier to provide the Services.

(iv) “Targeted Cost Increases” means the costs (including appropriate indirect and overhead costs) and a reasonable profit that would be incurred as and when the Targeted Resource Additions are placed in service.

(d) Supplier shall use Commercially Reasonable Efforts to proceed to eliminate the Targeted Resource Reductions as quickly as feasible and Supplier will proceed to deploy the Targeted Resource Additions as quickly as feasible given Health Net’s requirements. As the Targeted Resource Reductions are eliminated, the Annual Services Charges shall be reduced by the full amount of the Targeted Cost Reductions applicable to Targeted Resource Reductions, and any affected Baselines and ARC/RRC Rates shall be equitably adjusted, as appropriate. As the Targeted Resource Additions are placed into service, the base charges will be increased by the full amount of the Targeted Cost Increases applicable to such Targeted Resource Additions, and any affected baselines and ARC/RRC Rates shall be equitably adjusted, as appropriate.

(e) The Parties initially shall attempt to agree on a reasonable basis upon (i) the occurrence of an Extraordinary Event; (ii) Targeted Resource Reductions, Targeted Cost Reductions, Targeted Resource Additions, and Targeted Cost Increases; and (iii) the appropriate adjustment to Charges and the timing thereof. If within sixty (60) days notice of the occurrence of an Extraordinary Event under this Section 8.2, the Parties have not agreed upon the foregoing, then at the initiative of either Party the issue shall be treated as a dispute under Section 26 of the General Terms and Conditions.

8.5 Late Fees

Interest shall accrue on unpaid undisputed Charges in accordance with the provisions of Section 10.2 of the General Terms and Conditions.

8.6 Service Level Credits

Supplier shall credit any Service Level Credits earned in a month against such subsequent month’s Charges.

8.7 Benchmarking

The Charges may be adjusted as and to the extent provided by the benchmarking process described in Section 9.4 of the General Terms and Conditions. In no event will the benchmarking process result in an increase in the Charges.

8.8 Substitute Services

“Substitute Services” means Services, including New Services, which displace existing Services. In any Supplier proposal for the provision of Substitute Services, Supplier shall specify the reductions, in terms of amounts for each category of Charges, which will be made to Health Net’s recurring Charges under this Schedule C if Supplier deploys the Substitute Services. If Health Net chooses to use Supplier

Schedule C C - 21 Health Net / IBM Confidential

Final Execution Version

to implement Supplier’s proposal for the Substitute Services, Supplier shall make the reductions stated in its proposal.

8.9 Price Reduction Due to Termination of a Service Tower

If Health Net terminates a particular Service Tower in accordance with the terms of this Agreement, the Annual Services Charge and any other Charges corresponding to such Service Tower shall cease to apply on the effective date of termination, subject to Health Net’s payment obligations for Disengagement Assistance (if any) under Section 16.6(c) of the General Terms and Conditions.

8.10 Adjustments due to fact that ASC begins before First Contract Year

The Parties shall make such equitable adjustments as may be necessary so that Health Net receives the benefit of Services covered by the ASC arising out of the fact that Health Net will commence paying the ASC prior to the commencement of the first Contract Year (as set forth in Section 4.1(d)(ii)). For example, the Parties shall make such equitable adjustments as are necessary so that Health Net receives the benefit of Project Hours included within the ASC for the period during which Health Net is paying the ASC prior to the first Contract Year. In addition, the Parties shall make such equitable adjustments as may be necessary arising out of the fact that provisions set forth in this Schedule C which rely on months, quarters and years, may actually be partial months, quarters or years.

9. FINANCIAL RESPONSIBILITY FOR EQUIPMENT, SOFTWARE, FACILITIES AND THIRD PARTY SERVICES

Schedule S includes a matrix that allocates Financial Responsibility for Equipment, Software and Third Party Service Contracts.

10. TERMINATION AND DISENGAGEMENT ASSISTANCE CHARGES

10.1 Termination of this Agreement or a Service Tower

(a) The Termination Fees referenced in Sections 16.1(b) (Termination for Convenience), 16.1(d)(Termination Following a Change of Control of Health Net), 16.1(e) (Termination Following a Change of Control of Supplier), 16.1(f) (Termination in the Event of a Force Majeure), 16.1(g) (Termination for Regulatory Change), and Section 16.1(h) of the General Terms and Conditions shall equal:

(i) the Termination Fee set forth in Section 1 of Exhibit C-8, as reduced in accordance with Sections 10.1(b) and 10.1(c) below; plus

(ii) Wind Down Costs (calculated pursuant to Section 1.2).

(b) The table below specifies the percentage of the Termination Fee set forth in Section 1 of Exhibit C-8 that shall be payable if Health Net terminates this Agreement or a Service Tower under Section 9.4(g)(iv), 16,1(b), 16.1(d), 16.1(e), 16.1 (f), 16.1(g), or Section 16.1(h)(Termination for Increase in Taxes) of the General Terms and Conditions. Termination Fees are not payable in any other circumstance.

Termination Event (§ References are to General Terms and Conditions)	Termination Fee
Benchmarking under Section 9.4(g)(iv)	***	%

Schedule C C - 22 Health Net / IBM Confidential

Final Execution Version

Termination Event (§ References are to General Terms and Conditions)	Termination Fee
Termination for Convenience under Section 16.1(b)	***	%
Termination for Change of Control of Health Net under Section 16.1(d)	***	%
Termination for Change of Control of Supplier under Section 16.1(e)	***	%
Termination in the Event of a Force Majeure under Section 16.1(f)	***	%
Termination for Regulatory Change under Section 16.1(g)	***	%
Termination for Increases in Taxes under Section 16.1(h)	***	%

(c) If prior to termination of this Agreement Health Net has terminated one or more Service Towers, the total Termination Fee for the entire Agreement set forth in Section 1 of Exhibit C-8 shall be reduced by the amounts previously paid for such terminations.

10.2 Wind Down Costs

This Section 10.2 describes how Wind Down Costs payable to Supplier under this Agreement in connection with a termination pursuant to Section 16,1(b), 16.1(d), 16.1(e), 16.1(g), or Section 16.1(h) of the General Terms and Conditions shall be calculated. Wind Down Costs are also payable if Health Net (1) terminates this Agreement or a Service Tower pursuant to Section 9.4(g)(iv) of the General Terms and Conditions following a benchmarking exercise, or (2) terminates this Agreement pursuant to 16.1(f) of the General Terms and Conditions following a force majeure event, but only for unaffected Service Towers terminated as a result of a termination of the Agreement. Wind Down Costs are not payable in any other circumstances.

(a) “Wind-Down Costs” consist exclusively of the following costs to the extent they are documented and arise as a result of Health Net’s termination of a Service Tower or this Agreement pursuant to Section 16,1(b), 16.1(d), 16.1(e), 16.1(f)(subject to clause (2) in the paragraph above),16.1(g), 16.1(h) or Section 9.4(g)(iv) of the General Terms and Conditions:

(i) Third Party Costs. Wind Down Costs shall include any termination or other fees that Supplier is contractually obligated to pay a third party in connection with the termination of an Equipment lease (subject to Section 10.3), Software license, Equipment or Software maintenance contract, or other agreement for third party services that is used solely to provide the terminated Services (each a “Third Party Cost”); provided, however with respect to the Network Towers, such Third Party Costs shall be limited to amounts payable by AT&T directly to a third party other than an AT&T Affiliate in connection with a termination of this Agreement or a Service Tower. Other than as set forth above, Third Party Costs shall not include any termination or other fees payable by Supplier to AT&T. In each case, Supplier shall use Commercially Reasonable Efforts to avoid incurring the Third Party Cost, including by:

(A) working with Health Net to identify all commercially reasonable means to avoid or minimize such Third Party Costs;

(B) to the extent requested by Health Net, transferring any such Equipment, Software, licenses, leases, contracts, and other agreements to Health Net pursuant to Section 16.6 of the General Terms and Conditions;

Schedule C C - 23 Health Net / IBM Confidential

Final Execution Version

(C) redeploying any remaining Equipment, Software, licenses, leases, contracts, and other agreements within Supplier’s organization if, and as soon as, commercially reasonable;

(D) selling, canceling, or otherwise disposing of any Equipment, Software, licenses, leases, contracts, and other agreements that cannot be redeployed; and

(E) negotiating with the applicable third party to eliminate or reduce the Third Party Costs to be incurred.

(ii) Supplier Owned Equipment. With respect to Equipment that: (A) is owned by Supplier or its Subcontractors; (B) used by Supplier solely to provide the terminated Services; (C) Health Net does not elect to purchase pursuant to Section 16.6 of the General Terms and Conditions; and (D) after using Commercially Reasonable Efforts, Supplier is not able to redeploy within Supplier’s or its Subcontractors business within one-hundred twenty (120) days of the effective date of termination, Wind Down Costs shall include the net book value of such Equipment reflected in Supplier’s or its Subcontractors books on the Last Day of Use (defined below), minus the Net Sales Proceeds if sold by Supplier or its Subcontractors.

(iii) “Net Sales Proceeds” shall mean any amounts obtained by Supplier in disposing of an Asset, less applicable taxes and transportation costs directly incurred in connection with such disposal.

(iv) Supplier Employees. With respect to Supplier and Subcontractor employees who (A) are primarily dedicated to providing the terminated Services as of the Last Day of Use (“Eligible Supplier Employees”); (B) cannot be reassigned to another account or elsewhere within Supplier within forty-five (45) days of the Last Day of Use; and (C) do not accept an offer of employment with Health Net or its designee prior to the Last Day of Use, Wind Down Costs shall include actual severance payments made to Eligible Supplier Employees pursuant to the then-current Supplier severance policy, provided that (1) such severance occurs within one hundred twenty (120) days after the Last Day of Use, (2) the severance payments made to such employees do not exceed those available to similarly situated employees under the then-current Supplier or Subcontractor severance policy; and (3) Health Net’s maximum obligation for severance to any Eligible Supplier Employees shall not exceed *** weeks of salary (without uplift for benefits); provided (x) the limitation in item (3) above shall not apply to Eligible Supplier Employees who were Transitioned Employees and (y) the terms set forth in Section 4.8(a) of Schedule E shall also take precedence over item (2) above.

(v) Balance Sheet Items. Wind Down Costs shall include the amount of “Balance Sheet Items” set forth in Exhibit C-8 on the effective date of termination.

(b) Exclusion of Certain Costs. If Supplier fails to fulfill its obligations under this Agreement to make Equipment, Software, third party contracts or Service Provider Personnel (or alternate equipment, software, third party contracts or personnel acceptable to Health Net in its sole discretion) available to Health Net and its designees for purchase, hiring, or other form of transfer, then Health Net shall not be responsible for any Wind Down Costs related to such Equipment, Software, third party contracts or Service Provider Personnel.

(c) Duty to Mitigate. Supplier shall use all Commercially Reasonable Efforts to mitigate the amount of Wind Down Costs payable by Health Net.

Schedule C C - 24 Health Net / IBM Confidential

Final Execution Version

(d) Partial Redeployment or Use. To the extent Equipment, Software, personnel, or other resources can be redeployed or used for another purpose, as reasonably determined by Supplier, but only to a partial extent, the Wind Down Costs to be reimbursed by Health Net will be reduced in an equitable manner to reflect the costs not absorbed by such partial redeployment or other use.

(e) Definition of Last Day of Use. Unless stated otherwise, all amounts used to calculate Wind Down Costs shall be determined on the later of (i) the effective date of termination or (ii) if the applicable Equipment, Software, personnel, or other resource is used to provide Disengagement Assistance Services, as of the date Supplier ceases to use such resource to provide Disengagement Assistance Services (the “Last Day of Use”).

(f) Payment Terms. Supplier shall invoice Health Net for any Wind Down Costs payable under this Section 10.2 as they are incurred by Supplier, provided that all such Wind Down Costs must be invoiced within one hundred twenty (120) days after the Last Day of Use of the Equipment, Software, personnel, or other resources to which the Wind Down Costs relate. Health Net shall pay such invoices in accordance with the terms of this Agreement.

(g) Estimates. Supplier will prepare an itemized list and estimate of the potential Wind Down Costs (including a list of the Equipment, Software, personnel, and agreements to which the Wind Down Costs relate) and deliver it to Health Net within thirty (30) days after Supplier’s receipt of the notice of a termination to which this Section 10.2 applies, and from time to time during the Term as Health Net may request so that Heath Net may estimate Wind Down Costs that may be payable at the time of such request.

(h) Supporting Documentation. Health Net shall not be responsible for Wind Down Costs that are not substantiated with supporting documentation. Health Net shall have the right to review such supporting documentation used by Supplier to calculate Wind Down Costs pursuant to this Section 10.2.

10.3 End of Term Buy-Out Obligation

Upon expiration of this Agreement, or in connection with a termination event for which Wind Down Costs are payable under Section 10.2, Supplier shall use Commercially Reasonable Efforts to re-deploy HSC Equipment within Health Net or Supplier. If redeployment is not possible, the Parties shall allocate responsibility for any remaining Actual HSC Expenditures for that HSC Equipment consistent with the process set forth in Section 6.5, as follows:

(a) As of the Last Day of Use, a determination shall be made of:

(i) the sum of the Actual HSC Expenditures, for the remaining lease terms, for any HSC Equipment that cannot be redeployed within Health Net or Supplier (“End Of Term Stranded HSC Costs”); and

(ii) the sum of the Actual HSC Expenditures, for the remaining lease terms, for all HSC Equipment in Health Net’s environment (including the redeployed HSC Equipment) (“End Of Term Remaining HSC Expenditures”).

(b) If the Stranded HSC Costs are ***% or less than the Remaining HSC Expenditures (“End of Term ***”), Supplier shall be responsible for such Stranded HSC Costs.

(c) If the Stranded HSC Costs are more than the End Of Term ***:

Schedule C C - 25 Health Net / IBM Confidential

Final Execution Version

(i) Supplier shall be responsible for such Stranded HSC Costs up to the End Of Term 10% Deadband; and

(ii) Health Net shall be responsible for such Standard HSC Costs in excess of the End Of Term ***. If requested by Health Net, Supplier shall exercise any buy-out or termination rights in lease agreements covering such Stranded HSC Costs, and Health Net shall reimburse Supplier for the associated costs and Supplier shall transfer ownership of such Equipment to Health Net at no additional charge.

11. PURCHASE OF HEALTH NET ASSETS AND PREPAYMENTS

11.1 Purchase of Health Net Assets

(a) If Health Net exercises its option under Section 11.2(b) of the General Terms and Conditions to sell the Health Net Owned Equipment listed in Exhibit N-1 on or after the Effective Date, the purchase price for such Health Net Equipment shall be calculated by adjusting $***, which is the June 15^th, 2008 Fair Market Value for such assets, in accordance with Section 11.1(a)(iv) below (as adjusted, the “Asset Purchase Price”). The Asset Purchase Price shall be revised to reflect the Fair Market Value of the Health Net Equipment and to address any change in the list of the Health Net Equipment as follows:

(i) If the Parties determine that equipment designated as Health Net Owned Equipment is Health Net Leased Equipment, then (A) the FMV of such Equipment shall be deducted from the Asset Purchase Price; and (B) the lease for such Equipment shall be classified as a Managed As Pass-Through contract, or retained by Health Net and classified as a Retained contract, and the ASC shall be equitably reduced to reflect the reduction in costs to be incurred by Supplier as a result of the reclassification of such Equipment (e.g., reduced depreciation expense).

(ii) If the Parties determine that equipment designated as Health Net Owned Equipment does not exist, then (A) the FMV of such Equipment shall be deducted from the Asset Purchase Price; and (B) the ASC shall be equitably reduced to reflect the reduction in costs to be incurred by Supplier as a result of the removal of such Equipment (e.g., reduced depreciation expense).

(iii) If the Parties identify equipment owned by Health Net that is either (i) purchased with funds within the ITG Infrastructure Budget; or (ii) purchased by the Health Net ITG but reimbursed by another Health net department or division, then at Health Net’s option, such equipment shall be added to Schedule N as Health Net Owned Equipment and (A) the FMV of such equipment shall be added to the Asset Purchase Price; and (B) the ASC shall be equitably increased to reflect the increase in costs to be incurred by Supplier as a result of the addition of such Equipment (e.g., added depreciation expense).

(iv) In addition to the adjustments specified above, the Parties shall recalculate the actual FMV of the Health Net Owned Assets to be sold to Supplier on the date of sale and adjust the Asset Purchase Price accordingly. In such event, the ASC shall be equitably increased or reduced to reflect the increase or decrease in costs to be incurred by Supplier as a result of such change in the Asset Purchase Price. For example, ***.

(b) All Health Net Owned Equipment that is transferred to Supplier shall be added to Schedule N and classified as Assumed Equipment under Schedule S.

Schedule C C - 26 Health Net / IBM Confidential

Final Execution Version

11.2 Reimbursement of Prepayments

Each month Supplier shall issue a credit against the Charges in an amount equal to the amortization of Health Net prepaid amounts (if any) for Equipment, Software, or Third Party Service Contracts for which Supplier assumed Financial Responsibility pursuant to the General Terms and Conditions. Such prepaid amounts shall be calculated and agreed to by the Parties within one hundred twenty (120) days after the Effective Date.

12. SYSTEM CHANGE

A “Systems Change” means a material change in the operating environment that Supplier is managing to provide the Services. Each time, if any, that Supplier makes a Systems Change (whether or not such change is initiated by Supplier or requested by Health Net), Supplier shall perform a benchmark comparison, at a reasonable and mutually agreed level of detail, between the amount of billable resource units required by that operating environment to perform a representative sample of the processing then currently being performed for Health Net prior to the Systems Change and immediately after the Systems Change. Health Net shall not be required to pay for increased RU usage due to a Systems Change.

13. CONVERSION OF CAPACITY BILLING TO UTILIZATION BILLING

As of the Service Commencement Date, the Installed MIPS Resource Unit is a measure of mainframe capacity available to Health Net (“Capacity Basis”). Upon thirty (30) days notice to Supplier, Health Net may elect to convert from receiving such Services on a Capacity Basis to receiving such Services on a utilization basis (“Utilization Basis”). At any time during the Term after making such election, upon thirty (30) days notice, Health Net may elect to convert back to receiving such Services on a Capacity Basis. Health Net may elect to convert from a Capacity Basis to a Utilization Basis or from a Utilization Basis to a Capacity Basis for Installed MIPS no more than one (1) time during the Term. All conversions made under this Section 13 shall be price neutral to both Parties.

14. AVPN

The charges that Health Net pays under this Agreement for the same Services that were being provided by AT&T to Health Net immediately prior to the Effective Date under the AT&T VPN Service – Service Order Attachment between Health Net and AT&T and executed by Health Net on October 15, 2007 (the “AT&T VPN Attachment”), shall not exceed the charges for such services paid by Health Net under the AT&T VPN Attachment immediately prior to the Effective Date.

15. NETWORK SERVICES

Supplier shall commence providing the network transport components of the Data Network Services and the Voice Network Services as of the Effective Date, and the charges for such Services during the Transition Period are included in the charges set forth in the “Transition” column of Exhibit C-3 for the Data Network Services and the Voice Network Services, subject to ARC/RRCs as described in Section 3.2(b) of this Schedule C. The Resource Baselines that will be used to compute the ARCs/RRCs, as applicable during the Transition Period, will be the Resource Baselines that are applicable for Contract Year 1 for the Data Network Services and Voce Network Services, which are as set forth in Exhibit C-2.

Concurrently with the execution of this Agreement, the Parties are entering into that certain Interim Agreement Regarding AT&T-Health Net Contracts, pursuant to which the Parties and AT&T have agreed to terminate certain Health Net-AT&T contracts (or portions thereof) under which AT&T is providing services that will be provided by Supplier under this Agreement. Pursuant to Section 6 of that Agreement, Supplier agrees to provide a true-up credit to Health Net to reflect any charges that Health Net may overpay as the result of the fact that the applicable AT&T contracts continue beyond the Effective Date. Since Health Net is entitled to the transport rates under this Agreement for the network transport components of the Data Network Services and the Voice Network Services as of the Effective

Schedule C C - 27 Health Net / IBM Confidential

Final Execution Version

Date, the Parties agree that such rates under this Agreement in effect as of the Effective Date shall be used in performing such true up and calculating any overpayment by Health Net.

Schedule C C - 28 Health Net / IBM Confidential

Final Execution Version

EXHIBIT C-1

RESOURCE CATEGORIES AND RESOURCE UNITS

***

Exhibit C-1 C-1 - 1 Health Net / IBM Confidential

EXHIBIT C-2

RESOURCE BASELINES

***

Exhibit C-2 C-2-1 Health Net / IBM Confidential

EXHIBIT C-3

ANNUAL SERVICE CHARGE

***

Exhibit C-3 C-3-1 Health Net / IBM Confidential

EXHIBIT C-4

ARC /RRC RATES

***

Exhibit C-4 C-4-1 Health Net / IBM Confidential

EXHIBIT C-5

TIME & MATERIALS RATES

***

Exhibit C-5 C-5-1 Health Net / IBM Confidential

Final Execution Version

EXHIBIT C-8

TERMINATION CHARGES

***

Exhibit C-8 C-8-1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE D

KEY SUPPLIER POSITIONS

Schedule D D-1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE D

KEY SUPPLIER POSITIONS

Key IBM Position	Part-Time or Full-Time	Initially Approved Individual	Minimum Time Period of Tenure
Project Executive (PE)	Full-time	Fernando Morgan	See Note 1 below
Delivery Project Executive (DPE)	Full-time	Frank Kalupski	See Note 1 below
Transition Manager	Full-time	Terry Wynne	Six (6) Months after the Effective Date or completion of Transition, whichever is longer, with an additional sixty (60) days of recall availability.
Transformation Manager	Full-time	See Note 2 below	Eighteen (18) Months after the Effective Date or completion of Transformation whichever is longer, with an additional sixty (60) days of recall availability.

Note 1: Individuals occupying these Key Supplier Positions shall not be removed or replaced by IBM from such position for the following time periods: (1) For the individual who is initially appointed to such position, for twelve (12) months after completion of Transition, (2) for each individual who replaces the initially appointed individual, for twelve (12) months after each such individual is appointed to such position, and (3) no more than three (3) individuals occupying the Key Supplier Positions to which this Note 1 applies may be removed or replaced within any twelve (12) month period after the initial twelve (12) month period.

Note 2: In accordance with Section 7.4(b) of the General Terms and Conditions, IBM shall propose individuals to occupy these Key Supplier Positions for Health Net’s approval within thirty (30) days after the Effective Date, and the approved individuals shall be appointed to fill these Key Supplier Positions within sixty (60) days after the Effective Date.

Note 3: Health Net shall have the right to designate two additional full time Key Supplier Positions to address Service quality concerns by giving written notice to Supplier within ninety (90) days after the Effective Date.

Schedule D D-2 Health Net / IBM Confidential

SCHEDULE E

TRANSITIONED EMPLOYEES

Exhibit E-2 E-2 - 1 Health Net / IBM Confidential

SCHEDULE E

TRANSITIONED EMPLOYEES

***

Table of Exhibits

Exhibit E-1  -  Affected Employees

Exhibit E-2  -  Employees on Approved Leave

***

Exhibit E-2 E-2 - 2 Health Net / IBM Confidential

Final Execution Version

SCHEDULE F

FACILITIES

Schedule F F - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE F

FACILITIES

1. INTRODUCTION

1.1 This Schedule F (Facilities) comprises the following three (3) lists of Facilities:

(a) a list of Health Net Facilities to which Supplier will provide the Services as of the Effective Date and applicable Supplier space requirements;

(b) a list of Supplier facilities from which Supplier plans to provide the Services as of the Effective Date; and

(c) a list of Approved Subcontractor facilities from which Approved Subcontractors plan to provide the Services as of the Effective Date.

1.2 The Parties agree that the list attached hereto is subject to modification during the Term pursuant to the change procedures of the Agreement.

2. Health net facilities

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
	Off Site/VPN			Tier 3
CA002 CA003 CA251 CA325	Aerojet	2015, 2025, 2006, 2019 Aerojet Road Rancho Cordova CA 95472	Campus	Tier 1
CA030	Gold Point - Building A Hazel Data Center	12033 Foundation Place Rancho Cordova CA 95670	Campus	Tier 1	From Effective Date: 2 offices w/lock, 45 cubes, 1 high wall cube

Schedule F F - 2 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
					(Supplier would anticipate that these requirements may be reduced if re-badged associates retain offices occupied prior to the Effective Date) Additional During Transition: 1 office w/lock, 1 cube, use of a team room., depot service facility.
CA098	Mercantile-Warehouse Facilities	2700 Mercantile Drive Suite 350 Rancho Cordova CA 95670	Campus	Tier 3
CA110	Woodland Hills-Logistics	21250 Califa St. Suite 112 Woodland Hills CA 91367	Campus	Tier 3
CA134	International Drive	10834 International Drive Suite 200 Rancho Cordova CA 95670	Campus	Tier 2
CA136	Woodland Hills-Executive Offices	21650 Oxnard Street Woodland Hills CA 91367	Campus	Tier 1
CA331	San Rafael – Kerner	2370 Kerner Blvd. San Rafael CA 94901	Campus	Tier 1
CA258	Gold Point - Building C	11971 Foundation Place Bldg C Rancho Cordova CA 95670	Campus	Tier 2
CA259	Gold Pointe - Building D	11931 Foundation Place Bldg D Rancho Cordova CA 95670	Campus	Tier 2

Schedule F F - 3 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
CA260	LNR - Bldg B	21281 Burbank Blvd. Building B — Floors 1-5 Woodland Hills CA 91367	Campus	Tier 1	From Effective Date:, 5 cubes, 3 high walled cubes w/lockable cabinets (Supplier would anticipate that these requirements may be reduced if re-badged associates retain offices occupied prior to the Effective Date)
CA261	LNR - Bldg C	21271 Burbank Blvd. Building C — Floors 2-5 Woodland Hills CA 91367	Campus	Tier 1
CA297	White Rock	10540 White Rock Road Rancho Cordova CA 95670	Campus	Tier 2
CA306	Sun Center	11031 Sun Center Drive Rancho Cordova CA 95670	Campus	Tier 1
CT003	Shelton-FMC	1 Far Mill Crossing Shelton CT 06484	Campus	Tier 1
CT006	Shelton-KCB	100 Beard Saw Mill Road 2nd - 6th Floors Shelton CT 06484	Campus	Tier 1
CT017	Shelton - Research Drive	4 Research Drive 5th floor Shelton CT 06484	Campus	Tier 1	From Effective Date:1 cube
VA015	Washington DC Regional Call Center	2107 Wilson Blvd Suite 900 Arlington VA 22201	Campus Mon. to Fri. 8am-5pm local time. Remote all non-Campus hours for Contract Year 1	Tier 1	From Effective Date: 1 cube

Schedule F F - 4 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
			Remote following Contract Year 1 to the end of the Term *
PA017	Johnstown	1 Pasquerilla Plaza Johnstown PA 15901	Campus Mon.-Fri. 8am to 5pm local time Remote all non-Campus hours for Contract Year 1 Remote following Contract Year 1 to the end of the Term *	Tier 1	From Effective Date: 1 cube
VA016	Hampton Call Center	514 Butler Farm Rd Hampton VA 23666	Campus Mon.-Fri. 8am to 5pm local time Remote all non-Campus hours for Contract Year 1, Remote following Contract Year 1 *	Tier 1	From Effective Date: 1 cube
NJ016	Old Bridge Facility	90 Matawan Rd Matawan (Old Bridge) NJ 07747	Campus Mon.-Fri. 8am to 5pm local time. Remote all non-Campus hours. Remote following Contract Year 1 to	Tier 1	From Effective Date:1 cube

Schedule F F - 5 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
			the end of the Term. *
TX015	Irving	5525 N. MacArthur Blvd. Suite 800 Irving TX 75038	Campus Mon.-Fri. 8am to 5pm local time. Remote all non-Campus hours for Contract Year 1. Remote following Contract Year 1 to the end of the Term *	Tier 1	From Effective Date:1 cube
OR008	Tigard	13221 SW 68th Parkway Tigard OR 97223-8328	Campus Mon.-Fri. 8am-5pm local time. Remote all non-Campus hours for Contract Year 1. Remote following Contract Year 1 to the end of the Term. *	Tier 1	From Effective Date:1 cube
CA045	Huntington Beach	7755 Center Ave Suite 700 Huntington Beach CA 92647	Metro	Tier 2
CA059	Pasadena	1055 E. Colorado Blvd Suite 300 Pasadena CA 91105	Metro	Tier 2

Schedule F F - 6 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
CA118	San Diego	3131 Camino Del Rio N. Suite 1100 San Diego CA 92108-5783	Metro	Tier 2
CA128	Oakland DDP	344 Pendleton Way Oakland CA 94621	Metro	Tier 2
CA256	Point Richmond	503 Canal Blvd Building # 3 Richmond CA 94804	Metro	Tier 3
CA305	Chatsworth (Print)	20559 Prairie St Chatsworth, CA 91311	Metro	Tier 3
CA326	Oakland	180 Grand Avenue Oakland CA 94612-375	Metro	Tier 2
NY024	New York-East 42nd	150 East 42nd Street 26th floor New York NY 10165	Metro Mon.-Fri. 8am to 5pm local time. Remote all non-Metro hours. Remote following Contract Year 1 to the end of the Term. *	Tier 2	From Effective Date:1 cube
AZ006	Tucson	950 North Finance Center Drive Tucson AZ 85710	Metro Mon. to Fri. 8am-5pm local time. Remote all non-Metro hours for Contract Year 1. Remote following Contract Year 1 to the end of the	Tier 2	From Effective Date:1 cube

Schedule F F - 7 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
			Term. *
AZ014	Tempe	1230 W. Washington St. Suite 400 Tempe AZ 85281	Metro Mon. to Fri. 8am-5pm local time. Remote all non-Metro hours for Contract Year 1. Remote following Contract Year 1 to the end of the Term. *	Tier 2	From Effective Date:1 cube
DC001	Washington DC-Pentagon Clinic	AHN1 @ Pentagon Arlington VA 22202	Metro Mon. to Fri. 8am-5pm local time. Remote all non-Metro hours for Contract Year 1 Remote following Contract Year 1 to the end of the Term *	Tier 3
NY003	New York MHN	40 Wall St. 6th floor New York NY 10005	Metro Mon.-Fri. 8am to 5pm local time. Remote all non-Metro hours for Contract Year 1. Remote following	Tier 2

Schedule F F - 8 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
			Contract Year 1 to the end of the Term *
AZ009	Catalina-Mesa CBH	1220 S. Alma School Rd Suite 109 Mesa, AZ 85210	Remote	Tier 3
CA079	San Marcos DDP	1637 Capalina Road San Marcos CA 92069	Remote	Tier 2
CA107	Stockton Sales	3133 W March Lane Suite 1000 Stockton CA 95219	Remote	Tier 3
CA109	Ventura	290 Maple Court Suite 190 Ventura CA 93003	Remote	Tier 2
CA127	San Mateo DDP	1941 O’Farrell Street Suite 114 San Mateo CA 94403	Remote	Tier 3
CA131	San Jose	1737 N. First St. Suite 230 San Jose CA 95112-4505	Remote	Tier 3
CA133	Mountain View DDP	625 Ellis Street Ste. 100 Mountain View CA 94043	Remote	Tier 3
CA137	Modesto DDP	2260 Floyd Ave Suite 100 Modesto CA 95355	Remote	Tier 3
CA138	Visalia	916 W. Oak SW#A Visalia CA 93291	Remote	Tier 3
CA142	San Bernadino	650 E. Hospitality Lane 2nd Floor San Bernardino CA 92408	Remote	Tier 2
CA267	Union City & Dublin	2847-B Whipple Road Union City CA 94587	Remote	Tier 3

Schedule F F - 9 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
CA269	Concord	1070 Concord Ave Suite 222 Concord CA 94520	Remote	Tier 3
CA284	Dublin OHS	11875 Dublin Ave Suite# D176 Dublin CA	Remote	Tier 3
CA286	Fresno	7485 North Palm Ave Suite 101 Fresno CA 93711	Remote	Tier 2
CA289	Bakersfield	3100 19th St Suite 200 Bakersfield CA 93301	Remote	Tier 3
CA293	El Cerrito DUI	11299 San Pablo Ave. Suite W El Cerrito CA 94530	Remote	Tier 3
CA298	Signal Hill	1600 E. Hill Street Signal Hill CA 90806	Remote	Tier 2
CA301	East Los Angeles	5055 Whittier Boulevard East Los Angeles CA 90022	Remote	Tier 3
CA302	Modesto	1940 Crows Landing Road Suite 10 Modesto CA 95358	Remote	Tier 3
CA304	Turlock	2406 W Monte Vista Ave Turlock, CA 95382	Remote	Tier 3
CT008	Electric Boat	75 Eastern Point Road Groton CT 06340	Remote	Tier 3
CT012	New London USCG Clinic	15 Mohegan Ave New London CT 06320	Remote	Tier 3
CT013	Groton NACC	220 Route 12 Suite 6 Groton CT 06340	Remote	Tier 3

Schedule F F - 10 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
DC002	Bolling AFB Clinic - MDG	238 Brookley Ave SW Bolling AFB DC 20032	Metro	Tier 3
DC003	DC USCG Clinic	2100 2nd St SW Washington, DC 20593	Metro	Tier 3
DC004	Walter Reed AMC	6900 Georgia Ave. NW Building 2 Suite 3D Washington DC 20307	Metro	Tier 3
DE001	Dover AFB Clinic	436 Medical Group 300 Tuskegee Blvd Rm. 1C8C Dover DE 19902	Remote	Tier 3
IL001	Scott AFB MC	310 W. Losey Street Bldg 1530 Rm 1206 Scott AFB IL 62225	Remote	Tier 3
IL009	Chanute AFB Clinic	601 South Century Blvd Suite 1116 Rantoul IL 61866	Remote	Tier 3
IL010	Great Lakes Naval Hospital	3001A 6th Street Building 200H 5th Floor Great Lakes IL 60088	Remote	Tier 3
IN002	Fort Ben Harrison	5807 North Post Rd. Indianapolis IN 46216	Remote	Tier 3
IN003	Grissom AFB	1200 KittyHawk Suite 102 Peru IN 46970	Remote	Tier 3
KY002	Fort Knox AH	851 Ireland Loop Basement Floor NBF-32 Fort Knox KY 40121	Remote	Tier 3
KY003	Lexington Army Depot	VA Medical Center 2250 Leestown Rd. Lexington KY	Remote	Tier 3

Schedule F F - 11 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
		40511
KY004	Fort Campbell ACH	2525 22nd Street Fort Campbell KY 42223	Remote	Tier 3
MA005	Hanscom AFB Clinic	1646 Grenier St. Bldg 1646 Bed MA 01731	Remote	Tier 3
MA006	Boston USCG Clinic	427 Commercial St Bldg 8 Boston, MA 02109	Remote	Tier 3
MA007	Cape Cod USCG Clinic/Buzzards Bay	5201 Lee Road Bourne MA 02559	Remote	Tier 3
MA015	Westover AFB MA	390 Walker Ave Rm 114 Westover AFB, MA 022022-1534	Remote	Tier 3
MD002	Malcolm Grow MC	AHN 1 ANDREWS AFB 1050 West Perimeter Rd Andrews AFB MD 20762	Remote	Tier 3
MD003	Kimbrough AHC	4407 Llewellyn Ave. Fort Meade MD 20755	Remote	Tier 3
MD004	Barquist AHC	810 Schreider St Fort Detrick MD 21702	Remote	Tier 3
MD005	Bethesda NMC	8901 Wisconsin Ave Bethesda MD 20814	Remote	Tier 2
MD006	Annapolis NMC	250 Wood Rd Annapolis MD 21401	Remote	Tier 3
MD007	Baltimore USCG Clinic	2401 Hawkins Point Rd. Baltimore MD 21226	Remote	Tier 3

Schedule F F - 12 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
MD008	Kirk AHC	2501 Oakington St. Aberdeen Proving Grounds MD 21005	Remote	Tier 3
MD009	Patuxtent River NMC	22268 Cedar Point Rd Patuxtent River MD 20670	Remote	Tier 3
ME001	Loring AFB (Limestone)	25 Sweden St Caribou, ME 04736	Remote	Tier 3
ME002	BMC NAS Brunswick	650 Sewall Room 448 Brunswick ME 04011	Remote	Tier 3
MI003	Wurtsmith AFB	5671 Skeel Ave Suite 16 Oscoda MI 48750	Remote	Tier 3
MI004	Traverse City USCG Clinic	1175 Airport Access Rd Traverse City MI 49686	Remote	Tier 3
MI005	NAF Detroit	183 Arnold Circle Building 944 Bldg 944 Selfridge MI 48045	Remote	Tier 3
MI006	Sawyer AFB	301 Explorer Street Gwinn MI 49841	Remote	Tier 3
NC003	Pope AFB Clinic	384 Maynard St. SGSI - Building 308 Pope AFB NC 28308	Remote	Tier 3
NC004	Seymour Johnson AF Clinic	1057 Jabrac Ave. Bldg 2815 Seymour Johnson AFB NC 27531	Remote	Tier 3
NC005	Camp Lejeune NH #1	100 Brewster Blvd Building NH-100 Camp Lejeune NC 28547	Remote	Tier 3
NC006	Cherry Point Naval Hospital	1 Cherry Point TriCare Bldg.	Remote	Tier 3

Schedule F F - 13 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
		4389 Rm 1410
NC010	Womack AMC	4-2817 Reilly Rd. Fort Bragg NC 28310	Remote	Tier 3
NC011	Winston-Salem	110 Oakwood Winston Salem NC 27101	Remote	Tier 3
NC012	Elizabeth City USCG Clinic	1664 Weeksville Rd Elizabeth City, NC 27909	Remote	Tier 3
NH001	Pease/Portsmouth NBMC	1 New Hampshire Ave Ste 105 Portsmouth, NH 03801	Remote	Tier 3
NJ013	Walson / McGuire Clinic	1901 E. 3rd St McGuire AFB NJ 08641	Remote	Tier 3
NJ014	Patterson AHC	1075 Stephenson Ave. 1st Floor Building 1075 Fort Monmouth NJ 07703	Remote	Tier 3
NJ015	Cape May USCG Clinic	1 Munro Ave Cape May, NJ 08204	Remote	Tier 3
NY013	Fort Drum ACH- Guthrie #1	11050 Mt. Belvedere Blvd Rm 441 (Tricare Location) Fort Drum NY 13602	Remote	Tier 3
NY014	Hamilton Ainesworth AHC	114 White Avenue Ft. Hamilton Brooklyn NY 11252	Remote	Tier 3
NY015	New York USCG Clinic	212 Coast guard Dr Staten Island, NY 10305	Remote	Tier 3
NY016	Keller ACH West Point	273 Main Highland Falls NY 10928	Remote	Tier 3
NY017	TSC Griffis AFB	125 Brookley Rd. Building	Remote	Tier 3

Schedule F F - 14 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
		510 Rome NY 13441
NY018	TSC Plattsburgh AFB	43 Durkee Suite 400 Plattsburgh NY 12901	Remote	Tier 3
NY019	Watertown - Guthrie #2	428 Washington St. Suite #3 Watertown NY 13601	Remote	Tier 3
OH003	Akron (Canton Cleveland)	2383 S. Main St. Suite D103 Akron OH 44319	Remote	Tier 3
OH004	Columbus/San Antonio DSCC	3990 East Broad St DSCC Building 52 1st Floor Columbus OH 43213	Remote	Tier 3
OH005	Wright Patterson AFB MC	4881 Sugar Maple Dr. 74th Medical Group Wright Patterson AFB Dayton OH 45433	Remote	Tier 3
OH006	Wright Peterson Sub Regional Office	4027 Colonel Glenn Hwy 4th Floor Beaver Creek, OH 45431	Remote	Tier 3
OH007	Wright Paterson Sub-Regional Office	4225 LOGISTICS AVE WRIGHT PATTERSON AFB OH 45433	Remote	Tier 3
PA014	Carlisle (Dunham AHC)	450 Gibner Rd Rm 405 Carlisle PA 17013	Remote	Tier 3
PA015	Pittsburg	333 Rouser Road Moon / Coraopolis PA 15108	Remote	Tier 3
RI001	Newport NACC	43 Smith Rd Newport RI 02841	Remote	Tier 3
RI002	Newport Sub-Regional	1300 Division Rd. Suite 301	Remote	Tier 3

Schedule F F - 15 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
		West Warwick RI 02893
SC003	Surfside Beach Call Center	8733 Highway 17 Bypass Bldg 100 Surfside Beach SC 29575	Remote	Tier 3
VA003	Kenner AHC	700 24th Street Building P8130 Suite 103 Ft. Lee VA 23801	Remote	Tier 3
VA004	McDonald ACH #1	576 Jefferson Ave Fort Eustis VA 23604	Remote	Tier 3
VA005	Langley AFB Clinic	45 Pine Rd Bldg. 266 Tricare 1st Mdg Grp/SGST Langley VA 23665	Remote	Tier 3
VA006	Portsmouth NMC #1	50 Lewis Minor St. Building 249 Portsmouth VA 23708	Remote	Tier 3
VA008	Yorktown USCG Clinic	State Route 238 Bldg 246 Yorktown VA 23690	Remote	Tier 3
VA009	Family Heath Center	2740 Prosperity Ave Ste 100, Fairfax, VA 22031	Remote	Tier 3
VA010	DeWitt ACH	9501 Farrell Rd. Building 808 Fort Belvoir VA 22060	Remote	Tier 3
VA011	Quantico NMC	3259 Catlin Ave. Quantico VA 22134	Remote	Tier 3
VA012	Andrew Radar AHC	411 Carpenter Rd Bldg 525 Rm 125 Fort Myer, WA 22211	Remote	Tier 3
VA013	Wooodbridge Family Health Center	14450 Smoke town Rd. Woodbridge VA 22193	Remote	Tier 3

Schedule F F - 16 Health Net/IBM Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Facility Classification (Campus Metro, Remote)	Network Tier Classifications	Supplier Space Requirements
VA014	Virgina Beach Sub-Regional	222 Central Park Ave. Suite 1840 Virgina Beach VA 23462	Remote	Tier 3
WA009	Tacoma Regional Head Office	3600 Port of Tacoma Road Suite 400 Tacoma WA 98424	Remote	Tier 2
WI003	Wauwatosa HMC	2600 N. Mayfair Rd. Suite 490 Wauwatosa WI 53226	Remote	Tier 3

* For those Facilities marked with an asterisk (*) in the Facilities Classification column, Health Net may, at its option, extend the higher classification noted therein beyond Contract Year 1 at the Charges set forth in Exhibit C-5 (Time and Materials Rate Card) identified as Remote Deskside Support.

3. SUPPLIER FACILITIES

IBM ENTITY	IBM LOCATION(S)
IBM Delivery Centers	United States
IBM Data Center	IBM Boulder 6300 Diagonal Highway Boulder, CO 800301
IBM Data Center	IBM Columbus, OH 4499 Fisher Road, Columbus, OH 43228

Schedule F F - 17 Health Net/IBM Confidential

Final Execution Version

IBM ENTITY	IBM LOCATION(S)
IBM Delivery Centers	United States
IBM Data Center	IBM Dallas, TX 1000 Belleview St., Dallas, TX 75215
IBM Data Center	IBM Lexington, KY 745 W New Circle Road, Lexington, KY 40511
IBM Data Center	IBM Poughkeepsie, NY 2455 South Road, Poughkeepsie, NY 12601-5400
IBM Data Center	IBM Raleigh, NC 3039 E CORNWALLIS RD, RESEARCH TRIANGLE PARK NC 27709-2195
IBM Data Center	IBM Rochester, NY 1630 Long Pond Rd, Rochester, NY 14626
IBM Data Center	IBM Southbury, CT 150 Kettletown Rd, Southbury, CT 06488
IBM Data Center	IBM Saint Louis, MO 325 McDonnell Blvd, Hazelwood, MO 63042
IBM Delivery Centers	India
IBM Data Center	IBM Global Services India Pvt. Limited, 7th Floor, Sterling Towers, 327, Anna Salai, Teynampet, Chennai – 600006
IBM Data Center	IBM Global Services Pvt Ltd, Embassy Golf Links Business Park, Off Koramangala-Indiranagar Ring Road, Bangalore 560071 India

Schedule F F - 18 Health Net/IBM Confidential

Final Execution Version

IBM ENTITY	IBM LOCATION(S)
IBM Delivery Centers	United States
IBM Data Center	IBM Global Services India Pvt. Limited, Outer Ring Road, Embassy Manyatha B, Rachenahalli & Nagawara Villages, Bangalore KA 560045, India
IBM Data Center	Mindspace Cyberabad, Building No 3, Survey No 64, APIIC Software layout, Hitech City, Madhapur, Hyderabad - 500081
IBM Delivery Centers	Argentina
IBM Data Center	Urquiza 405, Vicente Lopez, Provincia de Buenos Aires, Argentina (CP1638)
IBM Delivery Centers	Canada
IBM Delivery Centers	IBM Calgary 630 3rd Ave SW E. Calgary, AB, Canada
IBM Delivery Centers	IBM Markham 3500 Steeles Ave East, Markham, ON L3R 9Z7, Canada
IBM Delivery Centers	IBM Markham 100 Gough Road, Markham, ON, Canada
IBM Delivery Centers	IBM Montreal 275 Viger E, Montreal, QC, Canada
IBM Delivery Centers	IBM Toronto 245 Consumers Road, North York, ON M2J, Canada

Schedule F F - 19 Health Net/IBM Confidential

Final Execution Version

4. APPROVED SUBCONTRACTOR FACILITIES

SUBCONTRACTOR ENTITY	FACILITY ADDRESS
AT&T Delivery Centers	AT&T Global Network Management Center (GNMC), 630 3rd Avenue, SW, Calgary, Alberta, Canada
	Delivery at IBM United States facilities (see IBM facility list above)
AT&T Delivery Centers	4625 Creekstone Drive Durham, NC 27703
AT&T Delivery Centers	Jornalista Francisco Aguirre Proença Road SP-101, KM09 Hortolandia, Brazil 13186900
AT&T Delivery Centers	Block D, Embassy Golf Links, Off Indiranagar Koramangala Ring Road Bangalore 560071 India

Schedule F F - 20 Health Net/IBM Confidential

Final Execution Version

SCHEDULE G

GOVERNANCE

Schedule G G - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE G

GOVERNANCE

1. INTRODUCTION

This Schedule G (Governance) sets forth an integrated set of business office processes, plans and tools (“Contract Governance”). The purpose of this Contract Governance is to monitor and control all aspects of the Services in order to promote smooth operation of the Services in accordance with the Agreement. This Schedule G describes the Contract Governance plan, Health Net’s and Supplier’s roles and responsibilities, the relationship management structure, and the decision making processes related to the Services. Conflicts between this Schedule G and the General Terms and Conditions or other Schedules or Exhibits will be governed by the General Terms and Conditions or other Schedules or Exhibits.

2. CONTRACT GOVERNANCE PLAN

2.1 Health Net and Supplier will jointly develop, approve and implement the Contract Governance plan within one hundred twenty (120) days following the Effective Date. Such plan will:

(a) Specify the formal organizations, processes, and practices for managing Health Net’s and Supplier’s relationship under the Agreement;

(b) Establish organizational interfaces for management and operation of the Agreement including:

(i) the governance organization charts for Health Net and Supplier for inclusion in the Procedures Manual;

(ii) framework for reports and meetings calendars; and

(iii) operational authority and delegation.

(c) Provide a high level overview of the business office governance processes requiring Health Net’s involvement and identify the process interfaces;

(d) Establish a strategy for communicating and planning for major organization changes (i.e., people, processes, functions); and

(e) Enhance and facilitate effective operating protocols and resolution of certain disputes in accordance with Section 26 of the General Terms and Conditions.

2.2 The Contract Governance plan initially consists of the following components to be supplemented and refined pursuant to Section 2.1 above:

(a) A roles and authorities matrix to identify Health Net and Supplier individual roles and authorization levels required to operate Contract Governance for inclusion in the Procedures Manual;

Schedule G G - 2 Health Net / IBM Confidential

Final Execution Version

(b) A meetings plan reflecting the schedule, and attendees, and subject matter for meetings between Health Net and Supplier and supports the management of such meetings, which meeting plan shall include:

(i) a weekly operations meeting to discuss daily performance, issues and planned or anticipated activities and Changes;

(ii) a monthly contract performance review of the monthly reports, charges, contract performance, Changes, Deliverables, Projects and other matters as appropriate;

(iii) a quarterly Joint Management Committee meeting to review appropriate contractual, business, planning, or performance issues;

(iv) a daily operations meeting to discuss Priority 1 and other escalated issues;

(v) a semi-annual Joint Steering Committee meeting to discuss the evolving business agenda, review contract strategy and goals and assess performance against such goals;

(vi) others as set out in the Agreement or mutually agreed by the Parties; and.

(vii) unless otherwise agreed by the Parties, Supplier will publish an agenda for each meeting.

2.3 Business Office Governance Processes

Unless otherwise set forth in the Agreement, the following is an initial proposed series of business office governance processes for managing the Services. Supplier and Health Net shall meet and agree upon actual process within thirty (30) days after the Effective Date. These processes, set forth below and further defined in the Contract Governance plan, in addition to any additional processes included in the Contract Governance plan, apply to all the Services and will be implemented, as described in the Agreement:

(a) Change Control Process governance process to receive, log, assess and track proposed and agreed upon contract Changes;

(b) Deliverables governance process to identify Deliverables and track such Deliverables to completion;

(c) Customer satisfaction governance plan to assess Health Net’s priorities, set realistic expectations, measure Health Net’s satisfaction with the Services and to use such feedback to improve Health Net’s satisfaction with the Services;

(d) Formal correspondence governance process to establish and implement an agreed upon protocol for Health Net and Supplier formal communications;

(e) Program issues governance process to receive, qualify and manage issues that require the intervention of the Health Net and/or Supplier Project Executive or their respective management teams to facilitate resolution;

Schedule G G - 3 Health Net / IBM Confidential

Final Execution Version

(f) Request governance process for the submission, qualification and analysis of service requests (excluding the day-to-day operational service requests), development and delivery of proposals, as needed, for such services and logging and tracking to closure; and

(g) Service Level governance process to review, monitor and manage issues related to the Service Levels.

2.4 Responsibilities

(a) Supplier will:

(i) assign an individual to be the single point of contact to Health Net for the Contract Governance plan development and maintenance;

(ii) identify the Supplier attendees for the meetings reflected in the meetings plan and any updates as they occur;

(iii) draft the initial Contract Governance plan and provide to Health Net within ninety (90) days after the Effective Date;

(iv) review Health Net feedback and revise the draft Contract Governance plan and submit to Health Net for Health Net review and approval;

(v) identify process inhibitors, and propose process improvements to Health Net, as required;

(vi) jointly review the Contract Governance plan on an annual basis or more frequently as may be agreed by the Parties, and update / maintain the Contract Governance plan accordingly; and

(vii) provide appropriate Supplier employees access to the Contract Governance plan, as needed.

(b) Health Net will:

(i) assign an individual to be the single point of contact to Supplier for the Contract Governance plan development and maintenance;

(ii) provide, update and maintain the Health Net organization charts;

(iii) provide a list of Health Net attendees for the meetings reflected in the meetings plan and any updates as they occur;

(iv) review and provide to Supplier, in writing, Health Net’s comments, questions and proposed changes to the draft plan within thirty (30) days following Health Net’s acknowledged receipt of the draft Contract Governance plan;

Schedule G G - 4 Health Net / IBM Confidential

Final Execution Version

(v) acknowledge Health Net’s receipt and approval of the final version of the Contract Governance plan;

(vi) identify process inhibitors and propose process improvements to Supplier, as appropriate;

(vii) jointly review / update the Contract Governance plan on an annual basis or more frequently as may be agreed by the Parties; and

(viii) provide the Contract Governance plan to appropriate Health Net employees, as appropriate.

2.5 Relationship Management Structure

Within thirty (30) days after the Effective Date, Health Net and Supplier will identify the titles of the initial members of the committees set forth below and will agree upon a process for replacement of the committee members during the Term.

(a) Joint Steering Committee

(i) Health Net and Supplier will jointly create a committee consisting of three management employees from Health Net and its Affiliates and three management employees from Supplier and its Affiliates who will focus on Health Net’s and Supplier’s long-term strategic plans as they relate to the Services (“Joint Steering Committee”).

(ii) The Joint Steering Committee will:

(A) meet at least semi-annually to discuss the evolving business agenda of Health Net and Supplier as it relates to the Services;

(B) facilitate the goals of the Agreement;

(C) review performance against goals and revise such goals, as appropriate;

(D) approve and/or propose Changes to the Agreement, as appropriate;

(E) identify major Health Net organization changes (i.e., people, processes, functions) or proposed changes affecting the Agreement;

(F) review industry / business trends and the impact of technology on the Services;

(G) evaluate Supplier industry initiatives for potential applicability to the Services;

Schedule G G - 5 Health Net / IBM Confidential

Final Execution Version

(H) review operating and strategic plans prepared by the Project Executives;

(I) upon Health Net’s or Supplier’s request, assist in resolving issues arising under this Agreement; and

(J) participate in the dispute resolution process set forth in Section 26 of the General Terms and Conditions, as necessary.

(b) Joint Management Committee

(i) Health Net and Supplier will jointly create a committee consisting of three management employees from Health Net and its Affiliates and three management employees from Supplier and its Affiliates who will focus on management of the Health Net and Supplier relationship and delivery of the Services (“Joint Management Committee”).

(ii) The Joint Management Committee will:

(A) meet at least quarterly to promote effective relationship management and to validate progress under this Agreement;

(B) develop and implement plans to meet the goals of this Agreement;

(C) review performance against the established Service Levels and address contractual or management problems and issues, as appropriate;

(D) assess the quality of Health Net’s and Supplier’s working relationship and develop / implement action plans to strengthen such relationship, as appropriate;

(E) identify and address issues affecting performance of the Services;

(F) identify and manage impending change; and

(G) when appropriate, propose changes to the Joint Steering Committee regarding the Health Net and Supplier relationship, and/or the Agreement.

(c) Joint Operations Committee

(i) Within thirty (30) days after the Effective Date, Health Net and Supplier will jointly create one or more committees comprised of employees of Health Net and its Affiliates and employees of Supplier and its Affiliates (“Joint Operations Committee”) who will focus on the day-to-day operations and delivery of the Services.

(ii) Each Joint Operations Committee shall:

Schedule G G - 6 Health Net / IBM Confidential

Final Execution Version

(A) meet at least monthly to review operational performance status and plans;

(B) conduct contract performance review meetings;

(C) review operational trends and analysis and take corrective action, as required;

(D) identify and address potential operational issues;

(E) identify and manage operational change; and

(F) make recommendations, as appropriate, to the Joint Management Committee.

2.6 Dispute Resolution

If Health Net and Supplier have a dispute regarding the Services, Health Net and Supplier will follow the dispute resolution process described in Section 26 of the General Terms and Conditions of the Agreement.

Schedule G G - 7 Health Net / IBM Confidential

Final Execution Version

SCHEDULE H

SUPPLIER INSURANCE

Schedule H H - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE H

SUPPLIER INSURANCE

1. INTRODUCTION

In accordance with Section 22 (Insurance) of the General Terms and Conditions of the Agreement, this Schedule H sets forth the requirements for insurance to be maintained by Supplier and its Approved Subcontractors, set forth in Schedule P (Approved Subcontractors).

2. TYPES AND AMOUNTS OF COVERAGE

Supplier represents that as of the Effective Date it will have, and agrees that during the Term it will maintain in force, at least the following types and amounts of insurance:

(a) Employer’s Liability Insurance and Worker’s Compensation Insurance, including coverage for occupational injury, illness and disease insurance in accordance with the laws of the country, state or territory exercising jurisdiction over the employee with minimum limits per employee and per event of $1,000,000 or the minimum limit required by law, whichever limit is greater.

(b) Comprehensive General Liability Insurance, including Products, Completed Operations, Premises Operations, Bodily Injury, Personal and Advertising Injury, Broad Form Contractual and Broad Form Property Damage liability coverages, on an occurrence basis, with a minimum combined single limit per occurrence of $7,000,000 and a minimum combined single aggregate limit of $7,000,000. This coverage will name Health Net and its Affiliates as additional insureds.

(c) Property Insurance coverage, for all risks of physical loss of or damage to Health Net business property (i.e., Health Net Equipment and related tangible personal property) that is in the possession, care, custody or control of Supplier pursuant to the Agreement. Such insurance will have a minimum limit adequate to cover risks on a replacement costs basis, and name Health Net and its Affiliates as joint loss payees.

(d) Automotive Liability Insurance covering use of all owned, non-owned and hired automobiles for bodily injury, property damage liability with a minimum combined single limit per accident of $1,000,000 or the minimum limit required by law, whichever limit is greater. This coverage will name Health Net and its Affiliates as additional insureds.

(e) Commercial Crime Insurance, including blanket coverage for Employee Dishonesty and Computer Fraud (as it relates to the theft of tangible property only), for loss or damage arising out of or in connection with any fraudulent or dishonest acts committed by the employees of Supplier, acting alone or in collusion with others, with a minimum limit of $10,000,000 per occurrence. This coverage will name Health Net and its Affiliates as joint loss payees.

(f) Errors and Omissions Liability Insurance covering liability for loss or damage due to an act, error, omission or negligence, with a minimum limit of $1,000,000 per claim and a minimum combined single aggregate limit of $3,000,000.

3. TERMS OF COVERAGE

(a) The insurance coverages described in Section 2(b) and Section 2(d) above will be primary and non-contributory but only with respect to liability arising out of IBM’s

Schedule H H - 2 Health Net / IBM Confidential

Final Execution Version

negligence and as respects to this contract only. Supplier will be responsible for all deductibles and retentions with regard to such insurance.

(b) Supplier will cause its insurers to issue certificates of insurance evidencing that the coverages and policy endorsements required under this Agreement are maintained in force and that should any of the policies described herein be canceled before the expiration date thereof, the insurer affording coverage will endeavor to mail thirty (30) days written notice to the certificate holder named herein, but failure to mail such notice shall impose no obligation of liability of any kind upon the insurer affording coverage, its agents or representatives. The insurers (other than captives as related to Supplier’s property coverage set out in Section 2(c) only) selected by Supplier will have an A.M. Best rating of A-, Size VII or better, or, if such ratings are no longer available, with a comparable rating from a recognized insurance rating agency. Supplier will ensure that Approved Subcontractors maintain insurance coverages as described in this Schedule H (for the sake of clarity Approved Subcontractors are not covered under any Supplier insurance coverages).

(c) In the case of loss or damage or other event that requires notice or other action under the terms of any Supplier’s insurance coverage described above as it relates to Health Net property under Supplier’s or the Services, Supplier will be solely responsible for taking such action. To the extent Health Net knows of an event that requires notice or other action by Supplier as it relates to this Agreement, Health Net will endeavor in good faith to notify Supplier. Supplier will provide Health Net with contemporaneous notice and with such other information as Health Net may reasonably request regarding the event.

(d) The Parties do not intend to shift all risk of loss to insurance. Supplier’s obligation to maintain insurance coverage in specified amounts will not act as a limitation on any other liability or obligation which Supplier would otherwise have under the Agreement. Similarly, the naming of Health Net and its Affiliates as additional insureds is not intended to be a limitation of Supplier’s liability under the Agreement and will in no event be deemed to, or serve to, limit Supplier’s liability to Health Net to available insurance coverage or to the policy limits specified in this Schedule H, nor to limit Health Net’s rights to exercise any and all remedies available to Health Net under the Agreement, at law or in equity. The insurance policies referred to hereunder do not increase either Supplier’s obligations to the Health Net under the Agreement (other than Supplier’s obligation to maintain the coverage) or the rights or benefits afforded Health Net in the event of a breach of the Agreement.

(e) Nothing hereunder this Schedule H does not and shall not be construed to expand either Party’s obligations as to any liability for (without limitation) indirect or consequential, exemplary, punitive or special damages unless and as expressly provided under Section 24.2 of the General Terms and Conditions.

Schedule H H - 3 Health Net / IBM Confidential

SCHEDULE I

THIRD PARTY SERVICE CONTRACTS

Schedule I I - 1 Health Net / IBM Confidential

Schedule I –Third Party Service Contracts general intro language

Schedule I-1 - Third Party Service Contracts to be Assigned to IBM

Schedule I-2 - Third Party Service Contracts Managed in ASC

Schedule I-3 - Third Party Service Contracts Managed as Pass Through

Schedule I-4 - Third Party Service Contracts as Pure Pass Through

Schedule I-5 - Third Party Service Contracts to be Retained by Health Net

Schedule I I - 2 Health Net / IBM Confidential

SCHEDULE J

SOFTWARE

Schedule J J - 1 Health Net / IBM Confidential

Schedule J (Software)

Exhibit Number	Description	During Term License in Name of:
J-1	Health Net Software
J-1-1	Assumed	IBM
J-1-2	Managed-In ASC	Health Net
J-1-3	Managed-As Pass Through Expenses	Health Net
J-1-4	Retained	Health Net
J-1-5	Pure Pass Through Expenses	Health Net
J-2	Supplier Software
J-2-1	Supplier Provided Software (Commercially Available)	IBM
J-2-2	Supplier Provided Software (Non-Commerically Available)	IBM
J-2-3	Supplier Proprietary Delivery Tools	IBM
J-2-4	Supplier Third Party Software used to provide the Services (Commercially Available)	IBM
J-2-5	Supplier Third Party Software used to provide the Services (Non-Commercially Available)	IBM
J-3	Health Net Proprietary Software	Health Net

Schedule J J - 2 Health Net / IBM Confidential

Final Execution Version

SCHEDULE K

BUSINESS ASSOCIATE ADDENDUM

Schedule K K - 1 Health Net / IBM Confidential

Final Execution Version

BUSINESS ASSOCIATE ADDENDUM

This Business Associate Addendum (“Addendum”) is entered into by and between Health Net, Inc., and its affiliates (“Health Net”), and International Business Machines Corporation (“Business Associate”).

A. Health Net and Business Associate are parties to or are entering into, that certain Master Service Agreement dated August 19, 2008 (the “Current Contract”) pursuant to which Business Associate provides a service to, or performs a function on behalf of, Health Net and, in connection therewith, uses or discloses Protected Health Information including Electronic Protected Information (“EPHI”) (collectively (“PHI”) , that is subject to protection under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and certain privacy and security regulations found at 45 CFR Parts 160 through 164 (“HIPAA Regulations”);

B. Any entity which creates or receives PHI from or on behalf of Health Net is a business associate, as defined in the HIPAA implementing regulations, 45 C.F.R. Parts 160 and 164;

C. Pursuant to the HIPAA Regulations, all business associates of Health Net must agree in writing to certain mandatory provisions regarding the safeguarding, use and disclosure of PHI; and

D. The purpose of this Addendum is to satisfy the requirements of the HIPAA Regulations, including, but not limited to, business associate contract requirements set forth at 45 C.F.R. § 164.308(b)(1) and § 164.314(a) and § 164.504(e), as they may be amended from time to time.

NOW, THEREFORE, in consideration of the mutual promises and covenants contained herein, the parties agree as follows:

1. Definitions. Unless otherwise provided in this Addendum, capitalized terms have the same meaning as set forth in the HIPAA Regulations, 45 C.F.R. Parts 160 and 164.

2. Scope of Safeguards, Use and Disclosure of Protected Health Information. Except as otherwise limited in this Business Associate Addendum, Business Associate shall as set forth below safeguard, use and disclose PHI solely to provide the services, or perform the functions, described in the Current Contract. Business Associate, to the full extent applicable, shall ensure that its directors, officers, employees, contractors and agents shall:

(A) Not use or further disclose PHI other than as permitted or required by this Business Associate Addendum or as Required By Law.

(B) Implement all administrative, physical and technical safeguards as set forth in Schedule A to protect the confidentiality and integrity of the PHI that it creates, receives, maintains or transmits and to prevent use or disclosure of PHI other than as provided by this Business Associate Addendum.

(C) Mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a safeguard, use or disclosure of PHI by Business Associate in violation of the requirements of this Business Associate Addendum.

(D) Report promptly to Health Net’s designated Privacy Officer any use or disclosure of PHI not provided for by this Business Associate Addendum of which Business Associate becomes aware.

Schedule K K - 2 Health Net / IBM Confidential

Final Execution Version

(E) Require contractors or agents to whom Business Associate provides PHI received from, or created or received by Business Associate on behalf of, Health Net, to agree to the same safeguards, restrictions and conditions that apply to Business Associate with respect to such PHI under this Business Associate Addendum.

(F) Provide to Health Net or, as directed by Health Net, to an Individual, in the time and manner designated by Health Net, any information necessary to allow Health Net to respond timely to a request by an Individual for a copy of the Individual’s PHI pursuant to 45 C.F.R. § 164.524.

(G) Maintain for a period of six (6) years all Designated Record Sets relating to PHI received from, or created or received by Business Associate on behalf of, Health Net.

(H) Maintain for a period of six (6) years records of all disclosures of PHI, other than for the purpose(s) set forth in this Business Associate Addendum, including the date, name of recipient, description of PHI disclosed and purpose of disclosure.

(I) Provide to Health Net or, as directed by Health Net, to an Individual, in the time and manner designated by Health Net, any necessary information collected in accordance with Section 2(H) of this Business Associate Addendum in order to allow Health Net to respond timely to a request by an Individual for an accounting of the disclosures of the Individual’s PHI pursuant to 45 C.F.R. § 164.528.

(J) Make any amendments to PHI that Health Net directs or agrees to pursuant to 45 C.F.R. § 164.526 at the request of Health Net or an Individual in the time and manner designated by Health Net.

(K) Make reasonable efforts to implement any restriction of the use or disclosure of PHI that Health Net has agreed to as described under Section 3(C). this Business Associate Addendum.

(L) As required by 45 CFR Part 164, Subpart C with respect to EPHI, implement administrative, physical, and technical safeguards that are set forth in Schedule A to protect the confidentiality, integrity, and availability of the EPHI that Business Associate creates, receives, maintains, or transmits on behalf of Health Net.

(M) As required by 45 CFR Part 164, Subpart C with respect to EPHI, ensure that any agent, including a subcontractor, to whom Business Associate provides EPHI, agrees to implement, as applicable, these safeguards to protect the EPHI.

(N) As required by 45 CFR Part 164, Subpart C with respect to EPHI, report to Health Net any Security Incident of which Business Associate becomes aware.

(O) Make Business Associate’s internal practices, books, and records relating to the safeguards, use and disclosure of PHI received from, or created or received by Business Associate on behalf of, Health Net available to Health Net or, at the request of Health Net, to the Department of Health and Human Services (“DHHS”), in a time and manner designated by Health Net or DHHS, for purposes of determining Health Net’s compliance with the HIPAA Regulations; provided that, in all events, Business Associate shall immediately notify Health Net upon receipt by Business Associate of any request

Schedule K K - 3 Health Net / IBM Confidential

Final Execution Version

received from DHHS relating to Health Net’s compliance with the HIPAA Regulations and shall provide Health Net with copies of any materials provided to DHHS.

(P) Business Associate agrees that with respect to any and all PHI received from Health Net or created or received by Business Associate on behalf of Health Net that Business Associate maintains, or which is maintained by any contractor or agent of Business Associate, in any form (collectively for this Section referred to as “Health Net PHI”) and is no longer needed to perform services under the Current Contract, or, at any time upon Health Net’s request and upon termination of the Current Agreement(s), Business Associate will return or destroy all Health Net PHI, and shall retain no copies of such Health Net PHI; provided that if such return or destruction is not feasible, in Health Net’s reasonable discretion, Business Associate shall extend the protections of this Business Associate Addendum to the Health Net PHI and limit further uses and disclosures to those purposes that make the return or destruction of the Health Net PHI infeasible. A senior officer of Business Associate shall certify in writing to Health Net, within five (5) days after termination, that all PHI has been returned or destroyed as provided above and that Business Associate retains no copies of PHI in any form; and

(Q) Allow Health Net, upon reasonable notice, to inspect Business Associate’s procedures and practices with respect to compliance with the terms of this Business Associate Addendum; provided, however, that Health Net has no duty to inspect and its decision not to inspect does not relieve Business Associate of its compliance responsibility.

3. Obligations of Health Net. To assist Business Associate in the proper use and disclosure of PHI, Health Net shall:

(A) Provide Business Associate with the notice of privacy practices that Health Net produces in accordance with 45 C.F.R. § 164.520, as well as any changes to such notice.

(B) Provide Business Associate with any changes in, or revocation of, permission by an Individual to use or disclose PHI, if such changes affect Business Associate’s permitted or required uses and disclosures.

(C) Notify Business Associate of any restriction on the use or disclosure of PHI that Health Net has agreed to in accordance with 45 C.F.R. § 164.522; and

(D) Not request Business Associate to use or disclose PHI in any manner that would not be permissible under the HIPAA Regulations if the PHI were to be so used or disclosed by Health Net.

4. Standard Transactions. To the extent Business Associate conducts Standard Transaction(s) on behalf of Health Net, Business Associate shall, without limitation, comply with the HIPAA Regulations, “Administrative Requirements for Transactions,” 45 C.F.R. § 162.100 et seq., and shall not: (a) Change the definition, data condition or use of a data element or segment in a standard; (b) Add any data elements or segments to the maximum defined data set; (c) Use any code or data elements that are either marked “not used” in the standard’s implementation specification or are not in the standard’s implementation specification(s); or (d) Change the meaning or intent of the standard’s implementation specifications.

5. Termination for Breach. Health Net shall have the right to terminate the Current Contract upon written notice to Business Associate specifying the effective date of termination if Business

Schedule K K - 4 Health Net / IBM Confidential

Final Execution Version

Associate materially breaches this Business Associate Addendum; provided that Health Net shall provide such notice not later than six (6) months after Health Net has actual notice of Business Associate’s material breach of this Business Associate Addendum, and further provided that Health Net’s remedies under this Business Associate Addendum and the section(s) of the Current Contract related to termination, if any, shall be cumulative.

6. Survival of Terms. The obligations of Business Associate under Sections 2(F), 2(G), 2(H), 2(I) and 2(P) of this Business Associate Addendum shall survive the termination or expiration of the Current Contract.

7. Injunctive Relief. Business Associate agrees that the remedies at law for any breach by it of the terms of this Business Associate Addendum may be inadequate and that monetary damages resulting from such breach may not be readily measured. Accordingly, in the event of a breach or threatened breach by Business Associate of the terms of this Business Associate Addendum, Health Net shall be entitled to seek immediate injunctive relief. Nothing herein shall prohibit Health Net from pursuing any other remedies available to it for such breach, and Health Net’s rights under this Business Associate Addendum and the sections of the Current Contract related to injunctive relief, if any, shall be cumulative.

8. Amendment of Addendum. In the event of a material change in the HIPAA Regulations or state law affecting safeguards or the use or disclosure of PHI, or amendments for new or changed Standard Transactions or Identifiers, Health Net may amend this Business Associate Addendum and the Current Contract as necessary to comply with the change in the law or regulation and such amendment shall become effective sixty (60) days after receipt by Business Associate, provided any such change shall be subject to the Change Control Process. Health Net’s rights under this Addendum and the section(s) of the Current Contract related to amendments, if any, shall be cumulative.

9. Notice of Investigation or Lawsuit and Indemnification. Business Associate shall notify Health Net immediately upon receipt of notice of an investigation or of a lawsuit filed against Business Associate related to or arising from the use or disclosure of PHI by Business Associate pursuant to this Business Associate Addendum.

10. Confidentiality. Notwithstanding the foregoing, PHI shall not be included within the definition of “confidential information” in the section(s) of the Current Contract related to protection of confidential information, if any, as Business Associate’s obligations with respect to PHI are set forth in this Business Associate Addendum.

11. State Law Requirements. To the extent that state law applicable to Business Associate pursuant to Section 27.5 of the Current Contract is more stringent than the HIPAA Regulations, any safeguard, use or disclosure of PHI by Business Associate shall be made in accordance with such state law.

12. Interpretation. Any ambiguity in this Business Associate Addendum shall be resolved in favor of a meaning that permits Health Net to comply with the HIPAA Regulations.

13. Effective Date. This Business Associate Addendum shall be effective on the Effective Date of the Current Contract.

* * * * *

Schedule K K - 5 Health Net / IBM Confidential

Final Execution Version

SCHEDULE L

DISENGAGEMENT ASSISTANCE

Schedule L L - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE L

Disengagement Assistance

1. INTRODUCTION

1.1 Disengagement Assistance, Generally

(a) This Schedule describes the Disengagement Assistance (as defined in Section 2.1(l) of the General Terms and Conditions) that Supplier is required to carry out in connection with the cessation of any Services or the expiration or earlier termination (for any reason) of this Agreement to facilitate the orderly wind-down of the affected Services and, where applicable, migration of the affected Services from Supplier to Health Net and/or its designee(s), as directed by Health Net.

(b) Disengagement Assistance shall be deemed to be Services, and Supplier shall provide such Disengagement Assistance in accordance with Service Levels and otherwise in accordance with this Agreement, including the terms of this Schedule L, unless the Parties expressly agree otherwise in the Disengagement Plan described below. Disengagement Assistance will be provided by Supplier as requested by Health Net, and pursuant to the Disengagement Plan, as defined in Section 1.2.

1.2 Disengagement Plan

(a) Disengagement Assistance will be provided pursuant to a mutually agreed plan, which will include a plan and schedule for (i) migrating performance of the affected Services to Health Net and/or a third party service provider designated by Health Net (or winding down the affected Services, as applicable), (ii) to the extent requested by Health Net, the transfer of the corresponding employees and contractor personnel to one or more of such entities as described in Section 16.6(a)(i) of the General Terms and Conditions, (iii) to the extent requested by Health Net, the transfer of the corresponding assets to one or more of such entities as described in Sections 12 and 16.6(a)(iii) and (iv) of the General Terms and Conditions, (iv) the staff roll-off schedule for the Supplier Personnel performing the affected Services; and (v) other information as set forth in this Schedule L (the “Disengagement Plan”). The Disengagement Plan will include Supplier’s plan for providing, to Health Net and/or its designee, reasonable training in the performance of the affected Services.

(b) The Parties will develop the Disengagement Plan as described below promptly upon written request from Health Net to commence development of such Disengagement Plan.

(c) The Disengagement Plan will focus on Supplier’s performance of the Disengagement Assistance Services described in this Schedule L and is intended to be a component of Health Net’s (and if applicable its designee’s) master plan for transferring responsibility for the Services to Health Net (or its designee). Supplier will prepare the proposed Disengagement Plan for Health Net’s review, comment and mutual agreement. Supplier shall provide other information regarding the affected Services or Supplier’s performance of Disengagement Assistance with respect to the affected Services that may be reasonably requested by Health Net in connection with Health Net’s review and comment on the

Schedule L L - 2 Health Net / IBM Confidential

Final Execution Version

Disengagement Plan. Supplier shall identify to Health Net (i) known risks associated with any Health Net proposed changes to the Disengagement Plan (including any potential disruption in the affected Services) and suggested means by which such risks may be mitigated, and (ii) operational constraints that may conflict with Health Net’s proposed changes to the Disengagement Plan.

(d) Once the Disengagement Plan has been agreed upon, both Parties will comply with it, subject to Health Net’s right to extend the Disengagement Assistance Period as provided in this Agreement.

2. HEALTH NET ACCESS TO PERSONNEL, EQUIPMENT, THIRD PARTY SERVICE CONTRACTS AND SOFTWARE LICENSES

2.1 Applicable Requirements and Access

(a) Definition of Resources. At no additional cost, Supplier will provide to Health Net and/or any designated third party service provider:

(i) Timely access to and use of Equipment, Software (as provided in the General Terms and Conditions), Supplier Personnel, third party contracts (including leases, licenses and contracts), systems, and sites from which the affected Services were provided, documentation (including the updated Procedures Manual), and other materials or resources that are used to provide the affected Services (collectively the “Resources”) to fulfill the requirements of Sections 2.3 through 2.8 below; and

(ii) Information concerning the Resources as reasonably requested by Health Net, subject to the confidentiality obligations of this Agreement and any applicable Laws).

(b) Transfer of Resources Generally.

(i) Supplier’s obligations relating to obtaining Required Consents and similar rights with respect to Resources are set forth in Sections 11.10, 12 and 16.6(a)(iii) and (iv) of the General Terms and Conditions.

(ii) Supplier shall provide all reasonable assistance required for, and shall take all reasonable actions (including by executing documents) necessary to effect, the transfer of Resources as contemplated in this Section 2. Health Net shall reasonably cooperate with Supplier in effecting such transfer of Resources, and shall use Commercially Reasonable Efforts to cause any successor supplier to do the same, in each case with due consideration given to minimizing the costs to Supplier and Health Net associated with such transfer of Resources. Supplier shall use Commercially Reasonable Efforts to minimize the costs associated with the transfer of, or assumption of responsibility for, Resources pursuant to this Section 2.

(iii) Unless otherwise requested by Health Net, the effective date of any transfer of Resources pursuant to this Section 2 shall be the cutover date for the corresponding affected Services; provided, however, that any such transfer shall not take place before the cutover date for the corresponding affected Services unless mutually agreed by the Parties in writing; and

Schedule L L - 3 Health Net / IBM Confidential

Final Execution Version

(iv) Unless otherwise agreed by the Parties in writing, Health Net will not assume, and shall not be liable for, any of Supplier’s or any of its Affiliates’ or Subcontractors’ obligations to any third party with respect to any non-personnel Resource owned, leased, licensed, or contracted for by Supplier or any of its Subcontractors (such obligations collectively the “Supplier Non-Personnel Resource Obligations”), and Supplier shall be responsible for performing such Supplier Non-Personnel Resource Obligations; provided, however, that for any such Resource transferred to Health Net or its designee pursuant to this Section 2, Health Net shall be responsible for such obligations to the limited extent such obligations (A) arise under a contract that is assigned to Health Net or its designee under this Section 2, and (B) arise after the effective date of assignment of such contract under this Section 2.

2.2 Personnel

Supplier will provide to Health Net:

(a) A list of Core Personnel and associated Core Personnel Information in accordance with Section 6 of Schedule E; and

(b) The following additional information relating to Supplier Personnel:

(i) The approximate number of current Supplier Personnel that are not Core Personnel, the estimated number of full-time equivalents represented by such group, and the number of heritage Health Net employees within such group; and

(ii) A current account organizational chart that identifies all Supplier Personnel, and summarizes their organizational relationship among one another, including the Core Personnel (e.g., solid-line versus dotted-line reporting from one person to another), and which specifically distinguishes the Core Personnel from other Supplier Personnel. For the Core Personnel, such chart shall include roles, responsibilities, and authority of such personnel.

(c) Health Net or its designee may undertake to recruit and hire any Supplier Personnel in accordance with Section 16.6(a)(i) of the General Terms and Conditions.

2.3 Equipment

(a) At Health Net’s request, Supplier will provide information to Health Net or its designee concerning the Equipment owned or leased by Supplier (or its Affiliate or Subcontractor) that is used primarily to perform the affected Services being terminated, which shall include a complete inventory of such Equipment (in the form and format agreed in Schedule W (Reports)) specifying make, model, serial number, the corresponding affected Services such Equipment is used to provide, location, purchase date or lease start date and lease term, net book value and other reasonable information requested by Health Net. Health Net may audit the accuracy of such information in accordance with Section 18 of the General Terms and Conditions.

(b) As requested by Health Net, Supplier will sell to Health Net or its designee some or all of the owned Equipment and will assign to Health Net some or all of the leased Equipment in accordance with Section 16.6(a)(iii) of the General Terms and Conditions. Supplier will convey the purchased Equipment with all available user and other documentation to Health Net

Schedule L L - 4 Health Net / IBM Confidential

Final Execution Version

free of any liens, claims or encumbrances, and will execute a bill of sale in a mutually agreed form to evidence the conveyance. The aggregate purchase price will be as set forth in the bill of sale, attached as Schedule T. All Equipment purchased will be on an “AS IS” basis with no representations or warranties from Supplier; provided, however, that all relevant manufacturer and retailer warranties will be transferred and assigned to Health Net to the extent they exist and are able to be transferred in such underlying agreements. If and to the extent requested by Health Net in connection with Disengagement Assistance for any affected Services, Supplier will obtain Health Net’s prior written approval before (A) taking any action with respect to the removal, reassignment, transfer, disabling or disposal of any dedicated Equipment, or (B) amending, terminating or extending the terms of (or entering into new) agreements governing such Equipment.

2.4 Third Party Service Contracts

(a) At Health Net’s request, Supplier will provide information to Health Net or its designee concerning the Third Party Service Contracts and licenses in Supplier’s (or any of its Affiliate’s or Subcontractor’s) name that are used to perform the affected Services (other than Equipment leases and maintenance agreements for such Equipment, which are governed by Section 2.3 above, but including any third party maintenance and support services agreements for Software), which shall include a complete inventory of such contracts (in MS Excel format) specifying the third party, the nature of the contract ), the corresponding Services such contract is used to provide, term and expiration date, and to the extent permitted in such underlying agreements, other reasonable information requested by Health Net. Health Net may audit the accuracy of such information in accordance with Section 18 of the General Terms and conditions.

(b) Supplier will transfer or make available to Health Net or its designee such third party agreements in accordance with Sections 12 and 16.6(a)(iii) and (iv) of the General Terms and Conditions. If and to the extent requested by Health Net in connection with Disengagement Assistance for any affected Services, Supplier will obtain Health Net’s prior written approval before amending, terminating or extending the terms of (or entering into new) agreements governing such Third Party Service Contracts.

2.5 Telephone Numbers, Domain Names and IP Addresses.

(a) At Health Net’s request, Supplier will provide information to Health Net or its designee concerning any telephone numbers, domain names and IP addresses (i) for which Supplier or a Subcontractor is the customer of record, and (ii) that are exclusively dedicated for use in the provision of the affected Services (e.g., help desk numbers), which shall include (A) a complete inventory of such numbers, domain names and IP addresses (in MS Excel format), (B) for telephone numbers, the corresponding Services each of such numbers is used to provide, the corresponding network provider and country of origin, and (C) other reasonable information requested by Health Net. Health Net may audit the accuracy of such information in accordance with Section 18 of the General Terms and Conditions.

(b) At Health Net’s request, Supplier shall cause each of the telephone numbers, domain names and IP addresses described in Section 2.5(a) that are exclusively dedicated for use in the provision of the affected Services to be ported to Health Net or its designee as of the

Schedule L L - 5 Health Net / IBM Confidential

Final Execution Version

corresponding cutover date(s), thereby making Health Net or its designee the customer of record for such numbers.

2.6 Proprietary Networks.

To the extent that Supplier has involved a proprietary network in the provision of affected Services, Supplier will provide Health Net and its designees access and use of such network, subject to the terms of this Agreement as part of Disengagement Assistance, and subject to the Disengagement Plan, in order to allow Health Net and its designees to transition to an alternative arrangement selected by Health Net.

2.7 Software Licenses

(a) At Health Net’s request, Supplier will provide information to Health Net or its designee concerning the Software used for the provision of the affected Services (such Software collectively the “Affected Software”), which shall include a complete inventory of such Software (in MS Excel format), the corresponding licensor of such Software, a description of such Software, the affected Services each of such Software is used to provide, and other information reasonably requested by Health Net. Health Net may audit the accuracy of such information in accordance with Section 18 of the General Terms and Conditions.

(b) If Health Net is entitled under this Agreement, including as provided in Section 12.7 of the General Terms and Conditions, to a sublicense or other right not previously granted to Use any Software owned or licensed by Supplier (or its Affiliate or Subcontractor), Supplier will grant such sublicense or other right.

2.8 Unidentified Assets.

(a) For any affected Services, if after the corresponding cutover date, any (i) Equipment (either owned or leased by Supplier) or third party agreements that are dedicated for use in the provision of the affected Services; or (ii) Affected Software is discovered that was not identified by Supplier pursuant to Sections 2.3 through 2.7 (each, an “Unidentified Asset”), Supplier shall provide Health Net or its designee with notice of such discovery (such notice for any such Unidentified Asset a “Discovery Notice” for such asset), which notice shall provide a description of the corresponding Unidentified Asset which includes the information described in Sections 2.3(a), 2.4(a), 2.5(a), and 2.7(a), as applicable.

(b) Subject to the provisions of Section 12 of the General Terms and Conditions, as of each corresponding cutover date, Supplier herby grants to Health Net and its designees access to, and use of the Unidentified Resources; provided, however, that with respect to any Unidentified Asset that is Equipment leased by Supplier or a third party agreement, Supplier may terminate the lease or agreement corresponding to such Unidentified Asset, but only after: (i) Supplier has provided Health Net with a Discovery Notice for such Unidentified Asset, (ii) Supplier has presented Health Net with a complete copy of the corresponding agreement, to the extent permitted in such underlying agreement, and has provided Health Net with the opportunity to exercise its rights pursuant to Sections 2.3(b) (with respect to Equipment leases) and 2.4(b) (with respect to other third party agreements); and (iii) Health Net has notified Supplier that it does not wish to exercise its rights pursuant to Sections 2.3(b) (with respect to Equipment leases) and 2.4(b) (with respect to other third party agreements). For any such

Schedule L L - 6 Health Net / IBM Confidential

Final Execution Version

Unidentified Asset that is Equipment leased by Supplier or a third party agreement, Health Net shall provide the notification as to whether it wishes to accept assignment of the corresponding lease or agreement within sixty (60) days after Supplier’s delivery of the corresponding agreement to Health Net pursuant to clause (ii) of this Section 2.8(b).

3. DISENGAGEMENT ASSISTANCE IMPLEMENTATION AND EXECUTION

3.1 General Support for Disengagement Assistance Implementation.

(a) Supplier shall support the implementation of the Disengagement Plan by performing its responsibilities relating to the Disengagement Assistance (including performing any reasonably requested Disengagement Assistance relating to the Disengagement Assistance, and performing Supplier’s responsibilities described in the Disengagement Plan) in accordance with the Disengagement Plan.

(b) During the Disengagement Assistance and subject to the Change Control Process, to the extent that Health Net requests Disengagement Assistance beyond that which is set forth in the Disengagement Plan, Health Net will consult and coordinate with Supplier, so as to mitigate the possibility of disrupting Supplier’s provision of Services.

3.2 Supplier Disengagement Assistance Team.

Until the completion of the Disengagement Assistance, Supplier will assign an individual to serve to manage and oversee Supplier’s support of Disengagement Assistance activities (such position the “Supplier Disengagement Assistance Lead”). The individual serving as the Supplier Disengagement Assistance Lead shall be subject to Health Net’s prior written approval. The Supplier Disengagement Assistance Lead will meet with his or her Health Net counterparts on a weekly basis (or more frequently if requested by Health Net), and will serve as an escalation point for issues relating to the Disengagement Assistance. In addition, Supplier shall assign other individuals to the Disengagement Assistance team as reasonably necessary to support Disengagement Plan.

3.3 Operational Transition.

Supplier shall perform activities to facilitate the orderly migration and transition of operational responsibility for the affected Services in a manner to minimize interruption or adverse effect from Supplier’s operating environment(s) to the replacement operating environment(s) of Health Net or its designee, as reasonably directed by Health Net, and in accordance with Supplier’s responsibilities under the Disengagement Plan and this Schedule L. These activities shall include the following as set forth in the Disengagement Plan or as otherwise reasonably requested by Health Net:

(a) Subject to the terms of Section 12 of the General Terms and Conditions, providing to Health Net or its designee, as directed by Health Net, machine-readable Source Code (to the extent required of Supplier under this Agreement) and object code, data base, file, record layouts and field descriptions with respect to the Health Net Software (and other Software, to the extent Health Net is entitled to a license to the same), along with the

Schedule L L - 7 Health Net / IBM Confidential

Final Execution Version

documentation and associated program execution statements, and other similar information necessary for the designee to execute Software for Health Net’s benefit;

(b) To the extent used to provide the Services and subject to Section 2.7, providing available documentation and delivering program materials, including source and object libraries, reference files, interface definitions, specifications, implementation procedures relative to Health Net’s technical environment, and embedded software;

(c) Delivering then-existing systems support profiles, change logs including enhancement and maintenance, history, problem tracking/resolution documentation, and scale, functional and complexity assessment analyses;

(d) Providing work volumes, staffing requirements, demand backlog and information on historical performance for the Service Levels, and to the extent available for each Equipment component or system, over the preceding six (6) months;

(e) Identifying and documenting the demarcation points for each portion of the affected Services, including any operating level agreements with other Health Net or Supplier groups at those demarcation points and information regarding the physical and virtual locations affected by the Disengagement Assistance;

(f) Providing copies of Health Net Data in Supplier’s or its Subcontractors’ possession with the respective data bases and files on electronic media as specified by Health Net or its designee;

(g) Identifying work and projects expected to be in progress at the completion of the Disengagement Assistance Period, and with respect to such work, documenting current status (including Project budget information), stabilizing for continuity during transition, and providing any reasonably required training to qualified personnel to achieve transfer of responsibility;

(h) Providing the following information and services before the corresponding cutover date(s):

(i) Provide available documentation used by Supplier to provide the affected Services, including technical documentation necessary to provide continuity of service during transition, in hard-copy or electronic media as indicated by Health Net;

(ii) Provide Health Net with any help desk or service request tickets and problem logs it does not already have, reporting back at least six (6) months prior to the completion date of the Disengagement Assistance Period (but no earlier than the Effective Date);

(iii) Identify, record and provide change control historical records including release and maintenance levels for Systems Software;

(iv) After consultation with Health Net, discontinue all discretionary Software changes;

(v) Provide and coordinate assistance in notifying outside vendors of the procedures to be followed during the Disengagement Assistance;

Schedule L L - 8 Health Net / IBM Confidential

Final Execution Version

(vi) Review the organization, structure use and contents of all Software libraries including those utilized for test, staging and production with Health Net’s or its designee’s operations staff;

(vii) Assist Health Net or its designee in the analysis of the direct access storage capacity required to accommodate Software libraries and Health Net’s data files;

(viii) Provide reasonable assistance to Health Net or its designee in transferring operational standards including naming and addressing conventions;

(ix) Subject to Section 2.7, document and deliver all tools and databases used to provide the Services, including those for tracking projects and service information requests, and those used for knowledge transfer;

(x) Subject to Section 2.7, provide the Source Code for the Software (including third party Software if permitted by applicable licenses) in a form reasonably requested, and deliver the such Source Code, technical specifications and materials, and user documentation in form and format in Suppliers possession for the Software to Health Net or its designee;

(xi) At Health Net’s request and to the extent applicable, deliver the materials required to cause and control program execution and associated appropriate program execution documentation and procedures to Health Net or its designee;

(xii) Make arrangements for any physical de-installation, transportation, and relocation of Equipment and physical assets to be performed as part of the Disengagement Assistance;

(xiii) Provide reasonably available documentation and diagrams for the voice, data, video, and other communications capabilities, including asset information and configuration settings (including configurations, router tables, IP addressing schema, managed device thresholds) for all configurable items (including media access, media, routing, bridging and switching devices and other equipment and software providing communications service delivery and management functions); and

(xiv) Provide interim Health Net Data, in such format and on such media as reasonably requested by Health Net;

(xv) Cooperate and assist Health Net and its designees in achieving a state of operational readiness, as such readiness is reasonably determined by evaluation the Services; and

(xvi) As possible at no additional charge to Supplier by third parties, transfer membership to Health Net in all associations, forums, or other trade or industry entities related to the affected Services;

(i) Providing the following Services on or before the corresponding cutover date(s):

(i) Copy and deliver to Health Net all requested Health Net Data files and other Health Net Confidential Information (including content listings and with respect to control

Schedule L L - 9 Health Net / IBM Confidential

Final Execution Version

file information, printouts of the same), and subject to Section 2.7, copy and deliver Source Code listings;

(ii) In conjunction with Health Net or its designee, conduct a rehearsal of any migration that is part of the Disengagement Assistance prior to the cutover date as scheduled by Health Net, and provide any reasonably required corrective action identified during the rehearsal;

(iii) Provide reasonable assistance to Health Net or its designee in making Health Net Data files available on the storage devices of the new environment;

(iv) Provide reasonable assistance to Health Net or its designee with the transmission or movement of data from then-existing databases to the new environment;

(v) Provide an image copy (and mirrored DASD volumes if available) of each operating system environment (in dump/restore or image mode, as applicable to the operating system platform);

(vi) Reasonably assist in the installation and operation of such software, equipment or communications capabilities that may be necessary to allow for the synchronous or asynchronous replication of Health Net Data from Supplier facilities to the facilities of Health Net or its designee;

(vii) Provide reasonable assistance to Health Net or its designee with the turnover of operations and the execution of parallel testing and parallel operations;

(viii) Assist Health Net or its designee in the identification and removal of security access credentials for Supplier employees, agents and designees from Disengagement Assistance computing communications devices and associated software; and

(ix) Transfer responsibility to Health Net or its designee for off-site media and document storage; and

(j) Providing, after the corresponding cutover date(s) and subject to Section 3.4, additional assistance as reasonably requested by Health Net, including:

(i) Returning to Health Net (or if requested by Health Net destroying) any remaining Health Net property in Supplier’s possession or under Supplier’s control, including remaining reports, data and Health Net Data or Health Net Confidential Information;

(ii) Transferring to Health Net any tape media in Supplier’s or its Subcontractors’ possession used solely to store Health Net Data; and

(iii) Vacating Health Net Facilities in a timely manner.

3.4 Organizational Transition.

Supplier shall provide reasonable assistance required to transfer, in accordance with the Disengagement Plan, the information developed during the Term to support the delivery of the

Schedule L L - 10 Health Net / IBM Confidential

Final Execution Version

Affected Services in accordance with this Agreement (including Section 12 of the General Terms and Conditions). Supplier’s responsibilities shall include, as Health Net requests:

(a) Providing the then-existing documentation, including functional organization charts, operating level agreements with third-party contractors, phone trees, contact lists, and standard operating procedures;

(b) Transferring physical and logical security processes and tools, including cataloguing and tendering all badges and keys, documenting ownership and access levels for all passwords, and instructing Health Net or its designee in the use and operation of security controls; and

(c) Revoking Supplier Personnel access to Health Net Facilities (or secure locations within such facilities), Health Net Data, Health Net Confidential Information, Equipment, Software and other systems, processes and tools, as such Supplier Personnel are transitioned away from Health Net’s account or as the functions performed by such Supplier Personnel are transitioned away from Supplier, and accordingly, corresponding access to such items is no longer required.

3.5 Business Continuity Transition.

Supplier shall provide, in accordance with the Disengagement Plan, reasonable assistance to support Health Net’s requirements for business continuity for the affected Services during the Disengagement Assistance and, to the extent business continuity Services are among the affected Services, to transfer responsibility to enable Health Net or its designee to provide similar services as part of the Disengagement Assistance. Supplier’s responsibilities shall include, as Health Net requests:

(a) Supplying the then existing documentation used by Supplier to provide business continuity Services with respect to the affected Services, including the business continuity plans, testing procedures and frequencies including the reports of the results of such tests, redundancy diagrams and other plans;

(b) Informing Health Net or its designee of then-current policies and procedures with regard to backup and business continuity for the affected Services;

(c) Providing for overlapping coverage or support in accordance with the Disengagement Plan through the Disengagement Assistance to minimize disruption in the event of an outage during that period;

(d) In accordance to the Disengagement Plan and to the extent Health Net Data corresponding to the affected Services is replicated to another facility, Supplier shall transfer such data to Health Net or its designee, and upon Health Net’s request, Supplier shall provide reasonable assistance to Health Net in developing equipment requirements and other requirements for relocating such data.

Schedule L L - 11 Health Net / IBM Confidential

Final Execution Version

3.6 Knowledge Transfer.

(a) Supplier will provide for a transfer of knowledge regarding the affected Services, Health Net’s requirements, and related topics, so as to facilitate the provision of the affected Services by Health Net or its designee. Supplier’s responsibilities shall include, as Health Net requests:

(i) Providing Health Net and/or its designee with information regarding the affected Services that is necessary to implement the Disengagement Plan, and providing such information regarding Services as necessary for Health Net or its designee to assume responsibility for continued performance of the affected Services in an orderly manner so as to minimize disruption in operations. Pursuant to the Agreement, information that Supplier is obligated to provide under this Section 3.6 shall include: (A) relevant available documentation; (B) the Procedures Manual; (C) available schedules, frequencies, work product and related information for activities and deliverables as requested by Health Net; (D) current operating level arrangements with third-party vendors of goods and services to the extent relevant to the Affected Services; (E) available security plans and procedures; and (F) key support contacts (names and phone numbers) of Health Net and third-party personnel, and of Supplier Personnel during the Disengagement Assistance;

(ii) Providing reasonable training to Health Net’s or its designee’s personnel in the performance of those Services that are to be transferred;

(iii) Explaining the particular Supplier implementation of the processes enumerated in Schedule A of this Agreement, and the human, procedural and technical interfaces to and interactions with Health Net (including the Procedures Manual) to Health Net or its designee’s operations staff; and

(iv) Responding to inquiries from Health Net regarding the Affected Services, including by providing reasonable access (e.g., by telephone) to active and still employed Supplier Personnel who were performing such affected Services at the cutover date(s).

(b) Supplier’s performance of the obligations described in Section 3.6(a) shall be in accordance with a knowledge transfer plan which Supplier shall include in the Disengagement Plan for the affected Services (each such plan a “Knowledge Transfer Plan”). Each Knowledge Transfer Plan will be aligned with the Disengagement Plan, and shall, at a minimum, describe the overall knowledge transfer process, including: (i) Supplier’s overall approach; (ii) major activities and schedules for the knowledge transfer; (iii) the Supplier Personnel who will participate in the knowledge transfer; (iv) a detailed description of the documentation that Supplier will provide in connection with the knowledge transfer; and (v) designation of resources required of Health Net and associated schedules. Each Knowledge Transfer Plan shall be provided to Health Net for its review, comment, and approval. The reasonable comments or suggestions of Health Net will be incorporated as applicable into each such Knowledge Transfer Plan and Health Net’s final approval will be obtained prior to implementation of the Knowledge Transfer Plan.

Schedule L L - 12 Health Net / IBM Confidential

Final Execution Version

3.7 Financial Transition.

As of the completion date for Disengagement Assistance for any affected Services, and continuing for a period of three (3) months thereafter (each such period a “Financial Reconciliation Period”), Supplier will reasonably cooperate with Health Net, within the defined three-month period, to achieve a final reconciliation with respect to the areas identified in this Section 3.7.

(a) Supplier Invoicing. Supplier shall submit its invoice for all charges and credits applicable to the affected Services through the corresponding cutover date, which shall be payable in accordance with Schedule C. Effective as of the corresponding cutover date for any affected Services, each Party will submit to the other reconciliation information (including as reasonably requested by the other Party) to reconcile any outstanding charges or credits, and each Party shall work diligently and in good faith to achieve a final reconciliation of such charges and credits by the end of the Financial Reconciliation Period.

(b) Third Party Contract Invoices.

(i) The Parties acknowledge the possibility that invoices for third-party contracts (e.g., Third Party Service Contracts or Equipment leases) used to provide the affected Services and transferred to Health Net or its designees pursuant to Section 2 may be misdirected by third-party vendors after the effective date of transfer, and provided to Supplier instead of Health Net or its designee. Supplier shall provide any such invoices in their original form to Health Net in a timely manner.

(ii) Supplier shall reimburse Health Net for third party products or services, if any, for which Supplier has Financial Responsibility, and that are used to provide the affected Services before the cutover date but invoiced to Health Net or its designee.

(iii) Health Net shall reimburse Supplier for those payments made by Supplier under those third party contracts assigned to Health Net or its designee pursuant to Sections 2.3 (with respect to Equipment leases) and 2.4 (with respect to third party agreements), to the extent (A) the payments are for charges for products or services provided or performed on or after the corresponding cutover date, and (B) Supplier paid the third-party invoice for such services for periods that extend past the corresponding cutover date. For any such reimbursement to be made by Health Net pursuant to this Section 3.7(b)(iii), Supplier shall provide a copy of the corresponding invoice, and if requested by Health Net, the original invoice and other reasonable backup information and documentation; provided, however, that if the reimbursement arises under an invoice for which Supplier or a Subcontractor is designated as the entity required to make payment, Supplier shall present an invoice in Supplier’ name to Health Net for reimbursement of the corresponding charges, and shall provide a copy of the corresponding third-party invoice in support of the same.

(iv) On or before a corresponding cutover date, Supplier shall provide Health Net with information reasonably requested by Health Net regarding any third party contracts used to provide the affected Services such that Health Net can reasonably validate that the corresponding third party vendor has invoiced, and Supplier has paid, any charges arising under such contracts before such cutover date.

Schedule L L - 13 Health Net / IBM Confidential

Final Execution Version

(c) Asset Acquisitions. Sections 2.3 through 2.8 describe terms pursuant to which Health Net or its designee may acquire certain resources used to provide the affected Services. Each Party shall work diligently and in good faith to achieve, by the end of the Financial Reconciliation Period, a final reconciliation of the financial issues arising from any transfer of such resources to Health Net or its designee under such provisions.

4. OTHER TERMS REGARDING DISENGAGEMENT ASSISTANCE

4.1 Commercially Reasonable Efforts

The Disengagement Plan will provide for each Party to use Commercially Reasonable Efforts to assist the other Party in the orderly termination of the affected Services and the transfer of all Deliverables, work-in-progress, and other items and materials, as may be specified in this Agreement (including Sections 12 and 15 of the General Terms and Conditions and applicable project plans or statements of work executed by the Parties under this Agreement) to facilitate the orderly, non-disrupted business continuation of each Party.

4.2 Post-Disengagement Assistance Period

During the six (6) month period following the Disengagement Assistance Period, Supplier will (a) use Commercially Reasonable Efforts to answer all reasonable and pertinent written questions from Health Net regarding the Services and, if Supplier has not already delivered to Health Net all Health Net-owned reports and documentation in Supplier’s (or its Affiliates’ or subcontractors’) possession, it will do so, and (b) continue to perform the financial transition activities as set forth in Section 3.7.

4.3 Survival of Agreement

Disengagement Assistance will be deemed to be governed by the terms and conditions of this Agreement notwithstanding its earlier termination or expiration, other than any terms or conditions that do not reasonably apply to the Disengagement Assistance.

4.4 Compensation

Health Net shall compensate Supplier for performing the Disengagement Assistance Services in accordance with Section 16.6(c) of the General Terms and Conditions.

Schedule L L - 14 Health Net / IBM Confidential

SCHEDULE M

[INTENTIONALLY LEFT BLANK]

Schedule M M - 1 Health Net / IBM Confidential

Schedule N (Equipment)

Exhibit Number	Description	Category as Described in Schedule S	Title on or after Effective Date
N-1	Health Net Owned Equipment to be Purchased by Supplier	n/a	Supplier
N-1-1	Desktops
N-1-2	Assets from GE Profile
N-1-3	Mid Range Owned Assets
N-1-4	Mainframe Owned Assets
N-1-5	Voice Network
N-1-6	Voice Call Manager
N-1-7	Voice Video Conferencing
N-1-8	iSeries
N-2	Health Net Leased Equipment to be Assumed by Supplier (i.e., take assignment and title of Asset)	Assumed	Supplier
N-3	Health Net Owned Equipment that Health Net Will Retain	Retained	Health Net
N-4	Health Net Leased Equipment that Health Net Will Retain	Retained	Health Net
N-5	Health Net Leased Equipment to be paid by Supplier and retained in Health Net’s name	Managed as Pass Through	Health Net

Schedule N N - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE O

HEALTH NET POLICIES AND PROCEDURES

Schedule O O - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE O

HEALTH NET POLICIES AND PROCEDURES

In accordance with Section 5.4(c) of the General Terms and Conditions of the Agreement, listed below are the Health Net Polices and Procedures which the Parties acknowledge have been disclosed to Supplier by Health Net prior to the Effective Date

A. SECURITY POLICIES

SECURITY POLICIES

** The “Folder” and “Filename” columns include references to the CD provided to IBM containing these policies

Tower	Policy Name	Description	Category	Folder	Filename
Cross-Functional	SOX404 - IT Key Controls	System and process controls to reduce financial impacts and comply with SOX.	SOX Compliance	Auditing	SOX404 - IT Key Controls (2008).xls
Cross-Functional	SOX IT Controls	System and process controls to reduce financial impacts and comply with SOX. A more comprehensive list than the one above.	SOX Compliance	Auditing	All SOX IT Control 051308.xls
Data Center	Database Security Policies	Oracle and DB2 control and security policies pertaining to user access, rights, and DITSCAP restrictions.	Database Security	DBA	Database Security Policies.doc
Data Center	iSeries Team - Security Policies	documents the procedures related to security for the iSeries systems	Mainframe Security	iSeries	AS400 Security Policy & Procedures.doc
Data Center	AS-400 Security Policies & Procedures	Security Administration Policy & Procedures documents user security, system security, monitoring and reporting	Mainframe Security	iSeries	Security Procedures.doc
Data Center	RACF Backup & Restore Procedure	The following policy and procedure is used to describe the RACF database structure and weekly backup cycle	Database Security	zSeries	RACF Backup and Restore Procedure.doc
Data Center	RACF Extraordinary Access Request Procedure	The following procedure is used to validate and selectively grant requests for extraordinary access to RACF accounts.	User Accounts	zSeries	RACF Extraordinary Access Request Procedure.doc
Data Center	RACF FHP1 & HNP2 Password Standards	password standards	Password	zSeries	RACF FHP1 & HNP2 Password Standards.doc
Data Center	RACF FHP3 & HNP6 Password Standards	password standards	Password	zSeries	RACF FHP3 & HNP6 Password Standards.doc
Data Center	RACF HNP4 Password Standards	password standards	Password	zSeries	RACF HNP4 Password Standards.doc

Schedule O O - 2 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	RACF Identification Naming Standards	All RACF logon identification names must conform to accepted naming convention and standards required for production processing.	User Accounts	zSeries	RACF Identification Naming Standard.doc
Data Center	RACF RVARY Password Response Procedure	The following procedure is used to respond to RACF message ICH702A or ICH703A. These messages are issued to the S/390 system master console in response to a RACF RVARY command request.	Password	zSeries	RACF RVARY Password Response Procedure.doc
Data Center	Resetting Passwords for FTP Userids in RACF	The following procedure can be used when a password is changed for a RACF FTP userid at the request of a client	Password	zSeries	Resetting Passwords for FTP Userids in RACF.doc
Data Center	Setting the RACF RVARY Password for the S/390 System	The following procedure is used to set/change the RACF RVARY passwords.	Password	zSeries	Setting the RACF RVARY Password for the OS390.doc
Data Center	z_OS OFFSHORE Process	A new RACF group named OFFSHORE has been created exclusively for Medical staff augmentation programmers located in India	User Accounts	zSeries	z_OS OFFSHORE Process.doc
Data Center	z_OS RACF Change Password Procedure	Procedure for user password changes	Password	zSeries	z_OS RACF Change Password procedures.doc
Data Center	z_OS Security Procedures	Security Administration Procedures for z/OS Security Server (RACF) documents user security, system security, monitoring and reporting	Mainframe Security	zSeries	z_OS Security Procedures version 3.doc
Data Center	Security Administration Procedures	Security Administration Procedures for Health Net Unix Systems documents user security, system security, monitoring and reporting	Midrange Security	Unix	Security Administration Procedures - OSG Unix V2.0.doc
Data Center	HIPAA Procedures	The purpose of this document is to provide guidance to all Information Technology Group (ITG) associates for protecting PHI in the course of completing their job duties and responsibilities.	HIPAA	VMS	HIPAA_Procedures.doc
Data Center	Corporate Information Security Standards & Guidelines	These standards and guidelines are intended to provide guidance to all Company users for protecting Company information in carrying out their job responsibilities.	Information Security	VMS	Information_Security_Standards.pdf
Data Center	Network Security Data Storage on Home PC’s Policy	The policy at Health Net to have a standard for using non-company owned PC’s when transferring confidential information.	Data Storage	ISS	eNS3001POL - Network Security Data Storage on Home PC’s.pdf
Data Center	Network Security Electronic Transfer of Data Policy	The purpose of this document is to define Health Net’s policy of prohibiting electronic file transfers unless specifically allowed per an approved EFT Request Form	Data Transfer	ISS	eNS3002POL - Network Security Electronic Transfer of Data.pdf

Schedule O O - 3 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Network Security Electronic File Transfer Request Procedure	The purpose of this document is to detail the procedure for Electronic File Transfer (EFT) requests.	Data Transfer	ISS	eNS3002PRa - Network Security Electronic File Transfer Request Procedure.pdf
Data Center	Electronic File Transfer (EFT) Request Form	Form used to request the following: 1. Electronic File Transfers (EFT) to be performed by the EFT Team as a scheduled job with external parties. 2. “Self-Service” File Transfers to be performed by the requesting entity (and not by the EFT Team) with external parties.	Data Transfer	ISS	eNS3002PRb - Network Security Electronic File Transfer (EFT) Request FORM.pdf
Data Center	Network Security Encryption of Data Networks Policy	The purpose of this document is to explain encryption standards required when transferring data through private Health Net, Inc. WAN links	Data Encryption	ISS	eNS4002POL - Network Security Encryption of Data Networks.pdf
Data Center	Network Security Encryption of VPN Connections Policy	The purpose of this document is to explain encryption standards required when transferring data through Virtual Private Networking (VPN) connections.	Data Encryption	ISS	eNS4003POL - Network Security Encryption of VPN Connections.pdf
Data Center	Network Security Remote Control Software Policy	The purpose of this policy is to document the reason why the Remote Control Software shall not be used in the Health Net, Inc. network without Corporate Information Security approval	Remote Control	ISS	eNS2001POL - Network Security Remote Control Software.pdf
Data Center	Network Security Approved Remote Control Software Usage	The purpose of this document is to provide a list of remote control software that has been approved by Client technology Services.	Remote Control	ISS	eNS2001PRa - Network Security Approved Remote Control Software Usage.pdf
Data Center	Network Security Remote Control Software on Workstations	The purpose of this document is to describe the process for obtaining approval for remote control software on a user workstation when deemed necessary for business needs.	Remote Control	ISS	eNS2001PRb - Network Security Remote Control Software on Workstations.pdf
Data Center	Network Security Secure RIB Configuration Procedure	The purpose of this document is to explain the security features that must be implemented for RIB access.	Remote Control	ISS	eNS2001PRc - Network Security Secure RIB Configuration.pdf
Data Center	Network Security Requesting a New SSL Certificate Procedure	The purpose of this document is to explain the procedure for processing NEW (not pre-existing renewals) for SSL Certificate requests.	SSL Certificates	ISS	eNS2003PRa - Network Security Requesting a New SSL Certificate.pdf
Data Center	Index of ISS Documents	A complete listing of all ISS Policy & Procedures documents	Cross-functional	ISS	Index of ISS Documents.xls

Schedule O O - 4 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Network Security Accessing the WIDS Console	This document will outline the process by which an authorized associate would obtain and install the console software required to access the AirMagnet Enterprise solution	Wireless	ISS	AccessingWIDSconsole-DRAFT.pdf
Data Center	Network Security Wireless IDS Sensor Deployment	Selected locations, including all new sites and technology refreshes will be required to include the deployment of wireless IDS Sensors. This document will outline the appropriate process by which AirMagnet wireless IDS sensors should be deployed.	Wireless	ISS	AirMagnetSensorDeployment-DRAFT.pdf
Data Center	Network Security Use of SNMP Policy	This policy applies to enabling SNMPv1, SNMPv2 or SNMPv3 on network attached devices	SNMP	ISS	eNS7001POL - Network Security Use of SNMP Policy.pdf
Data Center	Network Security Network Traffic Monitoring Policy	The purpose of this document is to explain the policy of Network Traffic Monitoring by the Network Infrastructure and Security Services (NISS) team.	Monitoring	ISS	eNS7002POL - Network Security Network Traffic Monitoring.pdf
Data Center	Network Security Port Scanning Policy	The purpose of this document is to explain the policy of multiple IP address scans.	Scanning	ISS	eNS7003POL - Network Security Port Scanning.pdf
Data Center	Network Security Port Scanning Request Procedure	The purpose of this document is to explain the procedure for processing a Port Scan Request with the Network Infrastructure Security Services (NISS) team.	Scanning	ISS	eNS7003PRa - Network Security Port Scanning Request.pdf
Data Center	Network Security Use of ICMP Policy	The purpose of this document is to explain the use of ICMP.	ICMP	ISS	eNS7004POL - Network Security Use of ICMP.pdf
Data Center	Network Security Analog Phone Line Audit	In an effort to address an industry recognized network security threat from the inappropriate use of modem devices attached to corporate analog phone lines, NISS has deployed the PhoneSweep wardialer solution with 4 specialized modems to audit and report on the use of all known (Telecom provided) analog 1MB and DID phone lines.	Scanning	ISS	iNS7005PRa Basic Phonesweep Wardialer Usage.pdf
Data Center	Network Security Foreign Computers on HNI Core Network	The purpose of this document is to explain the corporate policy when foreign computers and or contractors are connecting to the Health Net, Inc. network	Foreign Computers	ISS	eNS1002POL - Network Security Foreign Computers on HNI Core Network.pdf

Schedule O O - 5 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Network Security - Use of Additional Communications Interfaces by Network Attached Devices Policy	This policy prohibits any device connected to the Health Net network from having more than one communication interface enabled at any given time. The purpose of this policy is to provide a standard for Health Net regarding communication interfaces		ISS	eNS1010POL - Network Security Use of Additional Communications Interfaces. PDF
Data Center	Network Security Enterprise Routing Policy	The purpose of this document is to describe the criteria for acceptable network traffic routing within the Health Net, Inc. Network.		ISS	eNS1021POL - Network Security Enterprise Routing. PDF
Data Center	Network Security Wireless Networking	The purpose of this document is to explain the corporate policy for wireless access to Health Net, Inc. networks, hosts, and services		ISS	eNS1022POL - Network Security Wireless Networking. PDF
Data Center	Network Security Internet Content Filtering	The purpose of this policy is to Provide defined use for content filtering within Health Net, Identify the oversight and administrative roles involved with content filtering operations, Provide the criteria for authorizing a request for a reporting of an associate’s Internet usage, Provide guidance on how to make changes to Internet content filtering.	Content Filtering	ISS	eNS1023POL - Network Security Internet Content Filtering. PDF
Data Center	Network Security Management Monitoring of Associate Internet Usage	The purpose of this policy is to provide definition for content filtering reporting within Health Net.	Content Filtering	ISS	eNS1024POL - Network Security Management Monitoring of Associate Internet Usage.pdf
Data Center	Remote Access Services Policy	This policy is being written to summarize all activities and support criteria associated with existing Dial Network and VPN Network policies and processes. There are several process/procedure documents and rules of thumb that have existed for Health Net for many years - but are now quite outdated and are to be superseded by this policy	Remote Access	ISS	eNS1025POL - Network Security RAX Services Policy.pdf
Data Center	Network Security SSL Certificate Policy	The purpose of this document is to explain the policy that will be used by the Network Infrastructure Security Service team (NISS) to generate, order, and track new Secure Sockets Layer - SSL Certificate	SSL Certificates	ISS	eNS2003POL - Network Security SSL Certificate.pdf
Data Center	Network Security Categories of Managed Network Devices	The purpose of this document is to provide a corporate definition for Health Net network attached end-user hosts, including workstations and laptops. The document will also provide guidance on how each category of host shall be supported		ISS	eNS2004POL - Network Security Categories of Managed Network Devices.pdf

Schedule O O - 6 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Network Security Encryption Standards Policy	The purpose of this document is to explain the Health Net encryption policy when transmitting Electronic Protected Health Information (EPHI) data over Internet or Dial-up lines		ISS	eNS4001POL - Network Security Minimum Encryption Standards.pdf
Data Center	Network Security Network Assessment Scanning	The purpose of this policy is to provide explicit permission and restrictions regarding network security scanning performed by the approved internal auditing entities within Health Net		ISS	eNS7005 - Network Security Network Assessment Scanning.pdf
Data Center	Network Security Small Site	The purpose of this document is to explain the Health Net Inc. policy of Small Site Security		ISS	iNS1017POL - Network Security Small Site Security.pdf
Data Center	Network Security Internet Only VLAN Implementation Policy	The purpose of this policy is to establish parameters in permitting temporary access for contractors and vendors to access Health Net, Inc. provided resources.		ISS	iNS1019POL - Network Security Internet Only VLAN Implementation.pdf
Data Center	Network Security Remote Access Security	The purpose of this document is to explain the attributes of perimeter access control devices.		ISS	NS1008POL - Network Security Remote Access Security.pdf
Data Center	Network Security Foreign Computers on HNI Network	The purpose of this document is to explain the procedure for processing an exception to policy eNS1002POL.	Procedures	ISS	eNS1002PRa - Network Security Foreign Computers on HNI Network.pdf
Data Center	Network Security Partner Connections	The purpose of this policy is to set a standard for all partner connections to meet all corporate and regulatory security standards		ISS	eNS1005POL - Network Security Partners Connection Policy.pdf
Data Center	Network Security Partner Audits	Vendors and/or contractors requiring remote access are deemed Partner Connections. Remote access includes, but may not be limited too, dedicated connections (e.g. Site –VPN, Site-Citrix, Frame-Relay, etc), Internet client connections (e.g. Client –VPN, Client-Citrix) and dial-up. Each Partner Connection must have an associated Partner Connection Form. This form is reviewed annually	Procedures	ISS	eNS1005PRb - Network Security Partners Connection Audit.pdf
Data Center	Network Security Third Party Remote Control of Systems	The purpose of this document is to explain the procedure for requesting remote control access for Partner Connections.	Procedures	ISS	eNS1005PRc - Network Security Partners Connection Remote Control.pdf
Data Center	Network Security Vendor Modem Security Checklist	Following is a checklist to assist teams in gathering the required information for requesting a Third Party Vendor connection.	Procedures	ISS	eNS1005PRd - Network Security Partners Connection Modem Checklist.pdf

Schedule O O - 7 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Network Security Perimeter Access Control Policy	The purpose of this document is to explain the attributes of perimeter access control devices		ISS	eNS1018POL Network Security Firewall Policy.pdf
Data Center	Network Security Firewall Access Requests	“Separation of Duties” requires a Network Security Auditor to examine and scrutinize requests for network traffic flow and IP device access to other environments. The audit process for analyzing access on the corporate firewalls is provided in this procedure	Procedures	ISS	eNS1018PRa Firewall Access Requests.pdf
Data Center	Request a Basic Internet Only VLAN Procedure	This document outlines the procedure for requesting access to the Basic Internet only-VLAN, and the services available.	Procedures	ISS	eNS1019PRb - Network Security Request a Basic Internet Only VLAN.pdf
Data Center	Network Security Wireless Access Procedure	The purpose of this document is to describe the specifics for connectivity to the wireless LAN at some Health Net, Inc. facilities by contractors, vendors, non-HNI associates as well as HNI associates.	Procedures	ISS	eNS1022PRa - Network Security Wireless Access.pdf
Data Center	Network Security Extranet VPN Security Policy	The purpose of this document is to explain the policy for securing Extranet VPN connections		ISS	iNS1009POL - Network Security Extranet Security VPN Security.pdf
Data Center	Network Security Modem Request Procedure	The purpose of this document is to explain the procedure for requesting an outside connectivity device.	Procedures	ISS	iNS1010PRa - Network Security Modem Request.pdf
Data Center	Network Security Analog Line Audit Procedure	This document will outline the process by which Health Net analog phone lines will be audited and reported.	Procedures	ISS	iNS1010PRb - Network Security Analog Line Audit.pdf
Data Center	Network Security Perimeter Security Scan Scheduling	The purpose of this document is to explain three basic types of Perimeter Security scans and when they are scheduled to be run.	Procedures	ISS	iNS1013PRa - Network Security Perimeter Security Scan Scheduling.pdf
Data Center	Network Security Internet Site Access Policy	The purpose of this document is to explain the policy that Health Net, Inc. associates must follow when accessing all electronic transmissions.		ISS	iNS1014POL - Network Security Internet Site Access.pdf
Data Center	Network Security Restricted Internet Site Access Procedure	The purpose of this document is to create a process when associates are accessing the Internet or any electronic transmissions and are requesting access to a blocked location.	Procedures	ISS	iNS1014PRa - Network Security Restricted Internet Site Access.pdf
Data Center	Network Security Unrestricted Internet Site Access Procedure	The purpose of this document is to explain the procedure for requesting unrestricted internet access.	Procedures	ISS	iNS1014PRb - Network Security Unrestricted Internet Site Access.pdf
Data Center	Network Security Third Party Vendor Access Policy	The purpose of this document is to provide a corporate policy of Third Party Vendor access to the Health Net Inc. Network.		ISS	iNS1016POL - Network Security Third Party Vendor Access.pdf

Schedule O O - 8 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Network Security Basic Internet Only VLAN Procedure	The purpose of this document is to explain the procedure for configuring a network connection to support foreign computers.	Procedures	ISS	iNS1019PRa - Network Security Basic Internet Only VLAN.pdf
Data Center	Network Security Support of Non-Policy IP Connections Procedure	This document defines the options for supporting a partner connection that does not meet Health Net’s minimum standard for fully supported partner connections as defined in Health Net Policy eNS1020POL - Partner IP Addressing	Procedures	ISS	iNS1020PRa - Network Security Support of Non-Policy IP Connections.pdf
Data Center	Network Security Remote Access Malicious Activity Response Procedure	The purpose of this document is to explain the procedure for addressing malicious activity from a device connected through remote access	Procedures	ISS	NS1008PRa - Network Security Remote Access Malicious Activity Response.pdf
Data Center	Network Security Policy Development	The purpose of this policy is intended to provide the Network Infrastructure and Security Services (NISS) team guidelines when creating Corporate Policies and Procedures	Policies	ISS	eNS0001POL - Network Security Policy Development.pdf
Data Center	Network Security Procedure Approval Procedure	The purpose of this procedure is to describe the process by which the Network Infrastructure Security Services (NISS) team will follow in having procedures and/or policies approved and implemented.	Procedures	ISS	eNS0001PRa - Network Security Policy Approval Procedure.pdf
Data Center	Network Security Policy Numbering System	The purpose of this document is to describe the method by which NISS Policies, Procedures, Risk Assessment, Standards and Guidelines are documented and cataloged for reference, storage and retrieval purposes in the Domino Doc Lotus Notes Database.		ISS	eNS0001PRb - Network Security Policy Numbering System.pdf
Data Center	Network Security Policy Approval	The purpose of this procedure is to describe the processes the Network Infrastructure Security Services (NISS) team will follow in having policies approved and implemented.		ISS	eNS0001PRg - Network Security Policy Approval Procedure.pdf
Data Center	Network Security HNI Security Environments Policy	The purpose of this document is to define the policy for the Network Infrastructure Security Services (NISS) team when conducting testing of any new products and/or services before implementation into production environments		ISS	eNS0002POL - Network Security HNI Security Environments.pdf

Schedule O O - 9 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Network Security Corporate Change v	The purpose of this document is to define the policies the ITG Network Infrastructure Security Services (NISS) team is to follow in regards to effecting changes in the Health Net Enterprise Network. These processes are located in the HNI Corporate Change Management Request policy. (Located in section “IV. Related Policies”).		ISS	eNS0003POL - Network Security Change Control Policy.pdf
Data Center	Network Security Change Management Request Procedure	The purpose of this document is to explain the procedure that the NISS team will follow when creating a routine Change Management Request (CMR).	Procedures	ISS	eNS0003PRa - Network Security Notification Only CMR.pdf
Data Center	Network Security CMR Meetings Agenda Procedure	Describes the tasks that contribute to a successful CMR meeting.		ISS	eNS0003PRd - Network Security CMR Meetings Agenda.pdf
Data Center	Network Security Spoofed Email Notification Policy	The purpose of this document is to explain that NISS shall respond to reports of spoofed email		ISS	eNS0004POL - Network Security Spoofed Email Notification.pdf
Data Center	Network Security Response to Spoofed Email Notification Procedure	The purpose of this document is to explain how NISS shall respond to reports of spoofed email		ISS	eNS0004PRa - Network Security Response to Spoofed Email Notification.pdf
Data Center	Network Security Logging Policy	The purpose of this document is to describe the importance regarding logging capabilities that must be enabled on equipment that collects and maintains system and user events		ISS	eNS0005POL - Network Security Logging Policy.pdf
Data Center	Network Security Password Maintenance Policy	The purpose of this document is to explain the corporate password policy for Network Infrastructure Security Services (NISS).		ISS	eNS0006POL - Network Security Password Maintenance Policy.pdf
Data Center	Network Security Administrative Password Procedure	The purpose of this document is to explain administrative password changes by Network Infrastructure Security Services (NISS) associates	Procedures	ISS	eNS0006PRa - Network Security Administrative Passwords.pdf
Data Center	Network Security Emailing New Administrative Password Procedure	The purpose of this document is to describe how to send the Enable Password Change email	Procedures	ISS	eNS0006PRb - Network Security Emailing New Admin Password.pdf
Data Center	Network Security Changing Cisco Passwords Procedure	The purpose of this document is to explain the process for changing Cisco passwords	Procedures	ISS	eNS0006PRc - Network Security Changing Cisco Passwords.pdf

Schedule O O - 10 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Network Security Document Creation Procedure	The purpose of this document is to explain in detail the procedure that the NISS Personnel must follow when creating and storing documents, particularly Policies, Procedures, Guidelines and Risk Assessments. This procedure does not address Standards, as those documents are the responsibility of INFOSEC.	Procedures	ISS	iNS0001PRc - Network Security Document Creation.pdf
Data Center	Network Security Document Revision Procedure	The purpose of this document is to define Minor and Material Document revisions and to explain the procedure for updating a document after a revision. This procedure will specifically apply to Network Security Policies, Procedures, Guidelines and Risk Assessments.		ISS	iNS0001PRd - Network Security Document Revision.pdf
Data Center	Network Security Domino Document Manager Storage and Revision Procedure	The purpose of this document is to explain in detail the procedure to add documents and revise existing documents in Domino Document Manager (DomDoc); this would include Policies, Procedures, Guidelines and Risk Assessments.		ISS	iNS0001PRe - Network Security Domino Document Manager Storage and Revion.pdf
Data Center	Network Security Firewall Change Requests	Describe the details involved in making a request to modify a firewall rule base	Procedures	ISS	iNS0003PRe - Network Security Firewall Change Request.pdf
Data Center	Network Security Firewall Audit	Describe the details involved in extracting open IP/port information from the Health Net Cisco PIX firewalls. The information is then compared and cross-referenced to existing audit documents for purposes of updates and maintenance	Procedures	ISS	iNS0003PRf - Network Security Firewall Audit.pdf
Data Center	Network Security Altiris Weekly Summary Report Policy	The purpose of the Altiris report is to document and track the number of unaccounted workstations for Health Net, Inc.		ISS	iNS0008POL - Network Security Altiris Weekly Summary Report Policy.pdf
Data Center	Network Security Altiris Weekly Summary Report Procedure	The purpose of this procedure is to describe the process by which the Network Infrastructure Security Services (NISS) team will follow in updating and running the Weekly Altiris Summary Report.	Procedures	ISS	iNS0008PRa - Network Security Altiris Weekly Summary Report Procedure.pdf
Help Desk	Convergence Phone Updating Your Personal Greeting	Voicemail greetings procedures	Procedures	Help Desk	Convergence Phone Personal Greeting Update Procedure.doc

Schedule O O - 11 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Help Desk	Help Desk Password Reset Verification	The purpose of the Policy is to support compliance with Information Security regulations. Associates contacting the Help Desk requesting a password reset for ANY application, will be required to verify their identity including providing the last four digits of their Social Security number.	Password	Help Desk	Password reset verifications policy.doc
Help Desk	Privacy and Security Awareness Week Script Policy	The purpose to this policy is to outline why a Help Desk agent must input a special phone script on their personal greeting to greet a client via the Rockwell Convergence IVR during, Privacy and Security Awareness Week.		Help Desk	Privacy and Security Awareness Week Policy.doc
Help Desk	Privacy and Security Awareness Week Scripts	This purpose to this procedure is to outline the scripts the Help Desk will use to greet a client via the Rockwell Convergence IVR during, Privacy and Security Awareness Week	Procedures	Help Desk	Privacy and Security Awareness Week Procedure.doc
Help Desk	Novell Directory Services (NDS) and NT Domain Administration Guideline and Procedure	This guideline is intended to prevent abuse of administrative capabilities on NT and NetWare file servers and their associated directories (NDS, AD, LDAP). The assignment of NDS and NT Domain Access administrative rights is contingent upon acceptance of these terms, as represented by signature of this document		Help Desk	SS NDS-NT security guideline rev6.doc
Help Desk	Visitor Confidentiality Notification	Copy of notice to visitors to a Health Net secure facility	Site Visitors	Help Desk	Visitor Confidentiality Notification (Final).doc
Data Center	Client Technology Services Directory	List of all services provided by Client Technology Services	CTS Services	CTS	Client Technology Services Summary.xls
Data Center	Example Intrust & NetVision alerts	Samples of alerts	Alerts	CTS	Example Alert Data.doc
Data Center	Security Logging - Alerts and Reports	The purpose of this document is to provide a list of Alerts and Reports CTS generates from the security log data collected by the NetVision and Quest InTrust systems	Alerts	CTS	Security Logging - Alerts and Reports.pdf
Data Center	Security Logging Detailed Design	This document will provide a detailed architectural design of the Security logging that has been implemented on Client Technology Services (CTS) supported Microsoft Windows and Novell NetWare servers.	Security Logging	CTS	Security Logging - Detailed Design v1.5.pdf

Schedule O O - 12 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Security Administration Procedures for Microsoft Active Directory	Security responsibilities are conducted for the following Microsoft Active Directory Forest HEALTHNET.COM (Including Domains HNCORP, FS, and RMT) for Health Net, Inc.:	MS Active Directory	CTS	Security_Administration_ Procedures_AD.doc
Data Center	Security Administration Procedures for Novell eDirectory	The above responsibilities are conducted for the following Novell eDirectory Trees Meta and FHC for Health Net, Inc.:	Novell eDirectory	CTS	Security_Administration_ Procedures_eDir.doc
Cross-Functional	#Index.xls	Index of files for DIACAP	DIACAP Index	DIACAP	#Index.xls
Cross-Functional	Attachment C for HNFS TRICARE Contract	1.0 GENERAL. Section C includes two categories of outcome based statements: Objectives and Technical Requirements. The “Objectives” represent the outcomes for this contract and are supported by technical requirements. These requirements represent specific tasks, outcomes, and/or standards that, at a minimum, shall be achieved. The purpose of this contract is to provide Managed Care Support (MCS) to the Department of Defense (DoD) TRICARE program. The MCS Contractor shall assist the Military Health System in operating an integrated health care delivery system combining resources of the military’s direct medical care system and the Contractor’s managed care support to provide health, medical and administrative support services to eligible beneficiaries	DIACAP Requirements	DIACAP	00_ATTACHMENT_C.pdf
Cross-Functional	TRICARE Systems Manual 7950.2-M, February 1, 2008, General Automated Data Processing (ADP) Requirements	The TRICARE Systems Manual (TSM) describes how TRICARE business functions are implemented technically via system-to-system interactions and government provided applications. The TSM also describes the technical concept of operations, including the responsibilities associated with various information systems including Defense Enrollment Security Administration Procedures for Novell eDirectory Eligibility Reporting System (DEERS), the contractor systems, and selected Direct Care (DC) information systems.	DIACAP Requirements	DIACAP	C19S3.pdf

Schedule O O - 13 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Cross-Functional	TRICARE Operations Manual 6010.56-M, February 1, 2008, Health Insurance Portability and Accountability Act (HIPAA) of 1996	The contractor shall comply with the provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 Privacy and Security Rules (45 CFR Parts 160, 162, and 164).	HIPAA Requirements	DIACAP	C1S1_1.pdf
Cross-Functional	Health Net Government & Specialty Services Security and Privacy Policies, Procedures, Standards, and Guidelines	All of the following documents and Web sites are available online, and specify our security policies, procedures, and requirements that must be incorporated within the Health Net / IBM contract.	DIACAP Policies Listing	DIACAP	DIACAP Policies and Standards.doc
Cross-Functional	DoD Background Check Requirement Map	User Access guide to HNFS systems	User Access	DIACAP	DoD Background Check Requirement Map.xls
Cross-Functional	Internal Audit Requirements	The Health Net Internal Audit Department requires access to data center locations (where the audit scope requires) to conduct their audits. A link to their charter is below, explaining these audit activities (Internal Health Net Link).	Audits	DIACAP	Internal Audit Requirements.doc
Cross-Functional	MHS Physical Security Assessment Matrix	MHS Physical Security Assessment Matrix	Physical Security	DIACAP	Physical Security Requirements.xls
Cross-Functional	ITG Protecting Health Information	The purpose of this document is to provide guidance to all Information Technology Group (ITG) associates for protecting PHI in the course of completing their job duties and responsibilities	PHI	Logistics	HIPAA_Procedures.doc
Cross-Functional	Corporate Information Security Standards & Guidelines	This document contains the corporate information security standards and guidelines for Health Net, Inc. and its subsidiaries and affiliates (the “Company”). These standards and guidelines are intended to provide guidance to all Company users for protecting Company information in carrying out their job responsibilities. In addition, these standards and guidelines help ensure Company personnel meet applicable laws and regulations regarding security and privacy of information protection including the Health Insurance Portability and Accountability Act of 1996 (HIPAA).	Information Security	InfoSec	Information_Security_Standards.pdf
Cross-Functional	ARISC Form	Use this form to document acknowledgment of temporary noncompliance with a security control standard or of noncompliance on a permanent basis (reviewed annually).	Security Control Waiver	InfoSec	ARISC Form.doc

Schedule O O - 14 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Cross-Functional	Business Unit Security Review Program	Business Units have a duty to protect information assets from a variety of threats such as service interruption, error, fraud, embezzlement, sabotage, terrorism, extortion, industrial espionage, privacy violation and natural disaster		InfoSec	HNI Business Unit Security Review Program.doc
Cross-Functional	Business Unit Security Review Questionnaire	The Business Unit Security Review Questionnaire is intended to provide a process to meet the due diligence of evaluating a Health Net company entity’s (i.e., Business unit) information security compliance with the Health Net Inc’s corporate programs, policies, standards and appropriate state and federal security regulations or published security criteria.		InfoSec	HNI Business Unit Security Review Questionnaire.doc
Cross-Functional	Service Provider Security Assessment Questionnaire	The Service Provider Security Assessment Questionnaire is intended to provide a process to meet the due diligence of evaluating a non-company entity’s (i.e., service provider) information security compliance with the Health Net Inc’s corporate programs, policies, standards and appropriate state and federal security regulations or published security criteria		InfoSec	HNI Security Assessment Questionnaire.doc
Cross-Functional	HN Incident Report Form	Security breach incident report form		InfoSec	Incident Report Form.doc
Cross-Functional	Information Security Policy	All information used in the course of business is considered a Company asset. Toward this end, management and Users are responsible and accountable for its protection.		InfoSec	Information Security Policy.pdf
Cross-Functional	Acknowledgment of Reduced Information Security Control (A-RISC) Form Instructions	Due to unique or special business circumstances, a department may not be able to comply with a particular aspect of a Corporate Information Security policy or standard.	Security Control Waiver	InfoSec	INFOSEC A-RISC Instructions.ver1.0.928905.final.doc
Cross-Functional	Security Self-Assessment Questionnaire Instructions	Security Self-Assessment Questionnaire Instructions. The Security Self-Assessment Questionnaire (“Questionnaire”) review is intended to help departments determine how well their security systems are in compliance with Company security policies and standards		InfoSec	Security Self-Assessment Questionnaire Instructions.pdf
Cross-Functional	Security Self-Assessment Questionnaire	Security Self-Assessment Questionnaire.		InfoSec	Security Self-Assessment Questionnaire.xls

Schedule O O - 15 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Cross-Functional	Security Administration Procedures Template Instructions	All security systems at Health Net, including physical security, network, operating system, application, and databases, need to have documented procedures that are used to administer their security	System Security	InfoSec	Security_Administration_Procedures _Template_Instructions.pdf
Cross-Functional	Security Administration Procedures Template	Security Administration Procedures template	System Security	InfoSec	Security_Administration_Procedures _Template.doc
Cross-Functional	Security and Privacy Incident Response Plan	This document will provide the details of the Security and Privacy Incident Response Plan including the typical events that would invoke it and the definition of the roles and responsibilities of the Incident Response Management Team that will support it.	Incident Response	InfoSec	Security_and_Privacy_Incident_ Response_ Plan (September 2007 - website edition).doc
Cross-Functional	Vendor Product Security Assessment	As part of the process in evaluating vendor products with security functions, Health Net Inc. (HNI) requires potential vendors to elaborate on the security functions and controls that the product has in place to meet company information security standards. The answers to this assessment will be used by Health Net Inc. to gain an insight into the overall security capabilities of a potential vendor product	Vendor Products Security	InfoSec	Vendor Product Security Assessment.doc
Data Center	ABS PROD - DAccount Violation Policy	D Account Violation Policy	ABS	DCS	ABS D Account Violation Policy - Procedure.doc
Data Center	Alternate Approval List for Power and D Accounts	Alt Approver roster for Power and D Accounts	ABS	DCS	Alternate Approval List for Power and D Accounts.xls
Data Center	CICS TS Newcopy Procedures	This document describes how to do a CICS Newcopy and validate the Newcopy worked.	CICS	DCS	CICS TS Newcopy Procedures.doc
Data Center	Data Center Access Log Sheet	Data Center Access Log Sheet (Form)	Data Center	DCS	Data Center Access Log Sheet_ 2-3-08.xls
Data Center	Procedure to gain access to the Data Center Raised Floor Area	Procedure for vendor access to the Data Center Raised Floor Area	Data Center	DCS	Data Center Vendor Access for Support Groups1.doc
Data Center	How to Review Robot Products Security	AS400	Mainframe	DCS	How to review Robot Products Security.doc
Data Center	SCLM Code Moves	Program Code Moves via SCLM utility	ZOS/390	DCS	IBM - SCLM Moves.doc
Data Center	MC400 Power Account Policy	Power Acct Enable/Disable guideline and SLA	AS400	DCS	MC400 Power Account Policy - Procedure.doc
Data Center	Programming Code Migration for MC400/HNNE	MC400 Code Migration - MKS	MC400	DCS	MKS Proccedure.doc
Data Center	MKS Rollback Procedure	MC400 Code Migration - MKS	MC400	DCS	MKS Rollback.doc

Schedule O O -16  Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Data Center	Operations procedure for Data Center Vendor Access	Provides direction for Operations when Vendor access to the Data Center is requested.	Data Center	DCS	Operations Actions For Vendor Access.doc
Data Center	Code Move Access Audit - Quarterly	Quarterly audit of Computer Operations and Production Control access to move program code into Production.	Production Control	DCS	Pgm Code Move Access Audit.doc
Data Center	Offsite & Onsite Tape Management	Tape handling procedures for all host platforms	Production Control	DCS	POLICY OFFSITE AND ONSITE TAPE MANAGEMENT.doc
Data Center	PRELUDE AS400 Procedure for enabling/disabling Power Accounts	Power Acct Enable/Disable - Prelude	AS400	DCS	Power account Procedure for PRELUDE.doc
Data Center	SYMPHONY AS400 Procedure for enabling/disabling Power Accounts	Power Acct Enable/Disable - Symphony	AS400	DCS	Power account Procedure for SYMPHONY.doc
Data Center	HNNE AS400 Procedure for enabling/disabling Power Accounts	Power Account Enable/Disable - MC400.	AS400	DCS	Procedures to enable-disable power accouts.doc
Data Center	Gold Pointe building “A” temporary and contractor badge issuance	This procedure will provide direction for security personnel when issuing access badges for the Health Net, Inc. data center Gold Pointe building “A” located at 12033 Foundation Place, Hazel Data Center (HDC). Only HDC is covered by this procedure.	Data Center	DCS	Revised Desk officer policy 10-31-07.doc
Data Center	SCLM Package Backout Process	SCLM Move Backout - explains the new function in SCLM	ZOS/390	DCS	SCLM Package Backout facility.doc
Data Center	SCLM Package Restore Procedure	SCLM Move Backout - is the procedures on backing out a package.	ZOS/390	DCS	SCLM Package Restore Procedure.doc
Data Center	Offsite & Onsite Tape Management	Vendor Dial-in Access	All Platforms	DCS	Vendor Access - Procedure.doc
Data Center	Vendor CEs Roster	Roster of vendor contacts that have frequent access to Data Center Host systems.	Data Center	DCS	Vendor CEs - Resident021908.xls
Data Center	VMS BACKOUT MOVES ON ALPHA CLUSTER Procedures	ABS Move Backout	ABS	DCS	VMS BACKOUT MOVES ON APLHA CLUSTER.doc
Data Center	VMS PRD VMS MOVES ON ALPHA CLUSTER	ABS Moves	ABS	DCS	VMS PRD VMS MOVES ON APLHA CLUSTER.doc
Data Center	Plan to Ensure Continued Preservation of Electronically Stored Information (ESI)	Presentation on the need to maintain auditable records regarding Electronically Stored Information (ESI)	ESI	DCS SWS	Health Net ESI Preservation Roadshow - Privileged and Confidential - rev05.ppt
Data Center	ITLS Process Manual For Associate Document Requests	Process Manual For Associate Document Requests	General	DCS SWS	ITLS Process Manual.doc
Data Center	Intent to Archive Data System	Intent to Archive Data System form	Storage	DCS SWS	Sample Archive Documentation.doc
Data Center	Intent to Decommission or Transfer System	Intent to Decommission or Transfer System form	Storage	DCS SWS	Sample Decommission

Schedule O O - 17 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
					Transfer Documentation.doc
Cross-Functional	CODE OF BUSINESS CONDUCT AND ETHICS	Corporate Code of Business Conduct and Ethics	General	Privacy	business_conduct_code.pdf
Cross-Functional	Notification of Access	Procedures for notification to requesters of accounts for new users and notification of modifications and additional system access for current users.	Access Admin	Access Admin	Access Administration Notification Policy 3-14-07.doc
Cross-Functional	Rules of Engagement	Policy stating the conditions under which the Access Administration (“AA”) Team will agree to perform the duties of Access Administration (account adds, modifies, & deletes), Periodic Review, and Supervision of Account Inactivity for a system/application.	Access Admin	Access Admin	Access Administration Project Implementation Rules.doc
Cross-Functional	Roles & Responsibilities	Policy stating the roles & responsibilities of the Access Administration Team, and the expected responsibilities of other teams with which they work.	Access Admin	Access Admin	Access Administration Roles & Responsibilities.doc
Cross-Functional	Security Roles & Responsibilities	Definition of the roles and responsibilities of a security administrator, security SME, and of the Access Admin team.	Access Admin	Access Admin	Access Administration Security Roles & Responsibilities.doc
Cross-Functional	Naming Standard – All New Accounts	Health Net naming standard for all new user id accounts	Access Admin	Access Admin	Company Naming Standard 10-4-05.doc
Cross-Functional	Contractor/Temporary Employee Policy	Access Admin policies and procedures pertaining to contract and temp employees.	Access Admin	Access Admin	Contractor - Temp Employee Policy.doc
Cross-Functional	Inactive/Disable/Delete Policy	P&P pertaining to inactive and disabled user accounts	Access Admin	Access Admin	Disable and Delete Policy 6-26-07.doc
Cross-Functional	Novell eDirectory & Microsoft Active Directory Security Policy	Agreement form relating to various policies and procedures surrounding Novell eDirectory and Microsoft Active Directory security	CTS	Access Admin	eDIR - AD Security Policy v14b.pdf
Cross-Functional	Executive Account Deletions	P&P relating to the deletion of userid accounts held by executive officers, such a CXO and SVPs.	Access Admin	Access Admin	Executive Accounts - Deletion 3-14-05.doc
Cross-Functional	Emergency Access Procedures	To provide a quick means for a person, such as an associate, , a vendor, or a contractor, to gain access to Health Net information and systems during an interruption of normal connectivity, when necessary to maintain Health Net business.	Access Admin	Access Admin	HNFS Emergency Access Procedures 6-1-04.doc
Cross-Functional	Disabled Account Policy	Older version of Disable and Delete Policy 6-26-07.doc above (This document should be deleted.)	Access Admin	Access Admin	Inactive Account Policy 4-17-07.doc
Cross-Functional	MC400 Power Accounts	(Duplicate of document above. This document should be deleted.)	Access Admin	Access Admin	MC400 Power Account Policy - Procedure.doc

Schedule O O - 18 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Cross-Functional	Notification of Account Ids and Passwords	Older version of Access Administration Notification Policy 3-14-07.doc above. (This document should be deleted.)	Access Admin	Access Admin	Notification of Account IDs and Passwords Procedure.doc
Cross-Functional	Novell eDirectory & Microsoft Active Directory Security Policy	(Duplicate of eDIR - AD Security Policy v14b.pdf above. One of these should be deleted.)	Access Admin	Access Admin	NT- HIPAA Domain Account Policy 2-25-03.pdf
Cross-Functional	OS390 Termination Policy	The purpose of this document is to describe the process to terminate/remove a RACF account from the IBM OS390 system when the associate/contractor has been terminated or inactive for greater than 60 days.	Access Admin	Access Admin	OS390 RACF Termination Policy.doc
Cross-Functional	OS390 Termination Policy	The purpose of this document is to describe the process to terminate/remove a RACF account from the IBM z-Series system when the associate/contractor has been terminated or inactive for greater than 60 days.	Access Admin	Access Admin	OS390 Termination Policy 7-27-04.doc
Cross-Functional	Role-Based Access in the MC400	P&P relating to the creation and maintenance of roles and the assignment of roles to users within the MC400 environment	MC400	Access Admin	Role Based Access MC400 P&P rev.04.28.04.doc
Cross-Functional	IS Request Processing – Temp to Perm	This document will state the policy on submitting an IS Request for the purpose of converting a temporary employee to a permanent one and vice versa. The policy aims to reduce the time spent by Access Administration in reviewing and processing the IS Requests for temp to perm and perm to temp conversion.	Access Admin	Access Admin	Temp to Perm Policy 3-22-07.doc
Cross-Functional	Associate/Contractor Termination Policy	This document will describe Associate/Contractor Termination Policy. The termination should be completed on or as close to the termination date as possible. The goal is to revoke access from all systems. In certain cases, the associate may need to maintain their access to the former position for a period of time. It is the responsibility of the supervisor/manager to notify OE that an associate or contractor will be terminated.	Access Admin	Access Admin	Termination Policy 20070706.doc
Cross-Functional	Training Accounts	The purpose of this document is to describe the process to establish and maintain training accounts within the guidelines of the Information Security Policy	Access Admin	Access Admin	Training Account Policy.doc

Schedule O O - 19 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Folder	Filename
Cross-Functional	Associate Transfer Process	P&P relating to the transfer of an associate from one department to another within HN. Includes P&Ps relating to the temporary “bridging” of an associate’s access across two departmental boundaries.	Access Admin	Access Admin	Transfer Policy and Procedure 6-6-07.doc
Cross-Functional	Associate Transfer - IS Request Processing	An older version of the Transfer Policy and Procedure 6-6-07.doc document listed above. (This document should be deleted.)	Access Admin	Access Admin	Transfer Policy.doc
Cross-Functional	ASSOCIATE GUIDELINES AND PROCEDURES ACKNOWLEDGMENT FORM	ASSOCIATE GUIDELINES AND PROCEDURES ACKNOWLEDGMENT FORM	Access Admin	Access Admin	Associate Acknowledgment Form-hard copy dist. version.doc
Cross-Functional	CONFIDENTIALITY STATEMENT - RESTRICTED GROUP ACCESS EMPLOYEE CLAIM, MEDICAL AUTHORIZATION AND ELIGIBILITY DATA	CONFIDENTIALITY STATEMENT - RESTRICTED GROUP ACCESS EMPLOYEE CLAIM, MEDICAL AUTHORIZATION AND ELIGIBILITY DATA	Access Admin	Access Admin	Confidentiality Agreement.doc
Cross-Functional	ASSOCIATE PROPRIETARY PASSWORD AGREEMENT	ASSOCIATE PROPRIETARY PASSWORD AGREEMENT	Access Admin	Access Admin	Password Agreement 2.01.doc
Cross-Functional	Novell Directory Services (NDS) and NT Domain Administration Guideline and Procedure	Older version of the eDIR - AD Security Policy v14b.pdf listed above. (This version should be deleted.)	Access Admin	Access Admin	SMS NDS-NT Security Guideline rev13.pdf
Data Network	Critical Security Incident Escalation Process	This purpose of this document is to provide guidelines for the Network Operations staff to notify Health Net the IT Utility of a critical security issue.	Security Escalation	NetOps	Critical Security Incident Escalation Process.doc
Data Network	Enterprise Networking Security Document Index	(Should be deleted).		NetOps	Enterprise Networking Security Document Index.doc
Data Center	System Password Documentation	System password documentation and update used by Computer Operations and Production Control	Data Center	DCS	99.Documentation Template.doc
Data Center	ABS PROD - DAccount Policy & (User’s) Procedures	Method and criteria for enable / disable of D Accounts	Data Center	DCS	Policy and Procedure for Activating D Accounts.doc

Schedule O O - 20 Health Net / IBM Confidential

Final Execution Version

B. OTHER HEALTH NET POLICIES AND PROCEDURES

OTHER HEALTH NET POLICIES

Tower	Policy Name	Description	Category	Notes
Help Desk	Remedy Incident Priority Category Definitions	Defines Incident Priority	Incident and Problem Management
Help Desk	Remedy Problem Priority Category Definitions	Defines Problem Priority	Incident and Problem Management
Help Desk	Remedy Problem Management Policy and User Guide	Remedy Problem Management Policy and User Guides.	Problem Management
Help Desk	Point of Contact Guide	Provides procedure for calls in to the Help Desk	Help Desk
Cross-Functional	Military Health System (MHS) Information Assurance (IA) Policy/Guidance Manual
Cross-Functional	Change Management User Guide	Remedy Change Management User Guide describes basic Change Management functions.	Change and Release Management
Cross-Functional	Change Management Policy-		Change and Release Management
Help Desk	Remedy User Guide		Change and Release Management
Cross-Functional	Change Management Quick Reference Guide		Change and Release Management
Cross-Functional	Oracle Naming Standards
Cross-Functional	Health Net Disaster Recovery Policies and Procedures Document	https://hnconnect.healthnet.com/business_units/itg/policies_and_procedures/Disaster_Recovery/ DR_Critical_Applications_Policies__Procedures_Revised_July_2.pdf	IT Continuity & Disaster Recovery Services
Cross-Functional	Mission Critical Applications Policies and Procedures		IT Continuity & Disaster Recovery Services

Schedule O O - 21 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Notes
Cross-Functional	DR Account Management Procedure		IT Continuity & Disaster Recovery Services
Cross-Functional	2007 ITG Disaster Recovery Program Overview		IT Continuity & Disaster Recovery Services
Cross-Functional	Disaster Recovery Critical Path		IT Continuity & Disaster Recovery Services
Cross-Functional	Disaster Recovery Process Lifecycle		IT Continuity & Disaster Recovery Services
Cross-Functional	Plan to Ensure Continued Preservation of Electronically Stored Information (ESI)		Storage Management, Data Retention
Data Center	Internal Policies for ISeries	Describes the Health Net iSeries Policies
Cross-Functional	Outage Reporting Procedure	Describes how to report an outage	Help Desk
Cross-Functional	Tibco Posting Procedures	Details how to obtain Tibco support from Tibco website
Cross-Functional	Vendor Technical Support Message Posting Policies	Describes how to post messages regarding support of Middleware
Data Network	Network Engineering Charter	Provides functional roles for the Network Design and Engineering and Network Engineering Architecture and Converged Services	Engineering/Development
Data Network	Network Facilities design and engineering charter	Provides descriptions and responsibilities for design and engineering	Engineering/Development
Data Network	Network Production Support engineering charter	Provides functional roles for the Network Production Support Team	Engineering/Development
Cross-Functional	Tape Management Policy Procedures	Purpose of the document is provide Tape Management guidelines in order to comply with SOX	Storage Management, Data Retention
Voice Network	Voice Network Policies and Procedures	Documents are Corporate Telecom Functional Responsibilities (including Roles and Responsibilities and the Telecom Services Charter	Voice Network Operations and Administration

Schedule O O - 22 Health Net / IBM Confidential

Final Execution Version

Tower	Policy Name	Description	Category	Notes
Help Desk	Help Desk Internal Policies and Procedures	Service Desk Procedure database containing all policies and procedures that are used for the Help Desk	Help Desk General Policies and Procedures	Service Desk Policy & Procedures Lotus Notes database located on SACDOM50
Cross-Functional	Facilities Standards & Policies		Environment and Facilities Support
Network Voice	Telephone Service Request
Data Center	Batch and Online Processing Policy	Guidelines for Batch and Online process and monitoring.	General Policies and Procedures for Ops and Prod Cntrl	Batch and Online Processing Policy - Procedure.doc
Data Center	Document and Archive Retention Policy	Archive and retention policy for Production documents.	General Policies and Procedures for Ops and Prod Cntrl	Document Archive Retention Policy - Procedure.doc
Data Center	Escalation and Notification Policy	Policy for escalation and notification of Priority 1 and 2 problems.	General Policies and Procedures for Ops and Prod Cntrl	Escalation and Notification Policy Procedure for Problem Pri 1 and 2 Oct 2006.doc
Data Center	Exceptions to Normal Processing Policy	Error handling measures for exceptions to normal processing.	General Policies and Procedures for Ops and Prod Cntrl	Exceptions to Normal Processing Policy - Procedure.doc
Data Center	File Transfer Validation Policy	Validation of file transfers / uploads.	General Policies and Procedures for Ops and Prod Cntrl	File Transfer Validation Policy - Procedure.doc
Data Center	Media Retention Policy and Procedure	Media retention and definition.	General Policies and Procedures for Ops and Prod Cntrl	Media Retention Policy - Procedure.doc
Data Center	Monitoring Batch Processing Policy	Monitor of batch process to ensure completion and accountability of exceptions.	General Policies and Procedures for Ops and Prod Cntrl	Monitoring Batch Processing Policy - Procedure.doc
Data Center	Output and Report Policy	Guideline for Operations to support output report issues normally addressed by remote sites.	General Policies and Procedures for Ops and Prod Cntrl	Output and Report Policy.doc
Data Center	Removable Labeling of Backup Media Policy	Guideline for Operations to ensure backup output media created outside of tape tracking software is being labeled.	General Policies and Procedures for Ops and Prod Cntrl	Removable labeling of backup media Policy - Procedure.doc

Schedule O O - 23 Health Net / IBM Confidential

Final Execution Version

Data Center	Scheduling Policy - Procedure	Guideline for setting up required jobs in automated scheduler.	General Policies and Procedures for Ops and Prod Cntrl	Scheduling Policy - Procedure.doc
Data Center	Spool File Retention Policy	Guideline to control amount of spool files currently being generated on system.	General Policies and Procedures for Ops and Prod Cntrl	Spool File Retention Policy - Procedure.doc
Cross Functional	ITG Technology Plan 2008	Provides the Technical Architecture for Health Net	Planning and Analysis;
Cross Functional	Preservation of Electronic Data	Preservation of Electronic Data	Data Retention
Data Center	Cumulative PTF Application Strategy	PTF Application Strategy
Data Center	AS400 System Software Maintenance Policy	AS400 System Software Maintenance
Cross Functional	Health Net Associate Policy	Provides the Health Net policies regarding its associates	Human Resources
Cross Functional	Health Net Signature Authority Policy	Provides the Health Net rules regarding Signature Authority	Cross Functional

Schedule O O - 24 Health Net / IBM Confidential

Final Execution Version

SCHEDULE P

APPROVED SUBCONTRACTORS

Schedule P P - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE P

APPROVED SUBCONTRACTORS

1. INTRODUCTION

1.1 This Schedule P (Approved Subcontractors) comprises the list of all Approved Subcontractors as of the Effective Date. Changes to this listing will be made in accordance with Section 7.7 of the General Terms and Conditions.

2. APPROVED SUBCONTRACTORS

Subcontractor	Scope of Services
AT&T	Provide voice and video conferencing services and LAN/WAN management Services for Health Net Service Recipients in the United States.
Cisco	Provide voice and/or data maintenance services for Health Net Service Recipients in the United States.
NCR	Provide voice and/or data maintenance services for Health Net Service Recipients in the United States.
Siemens	Provide voice and/or data maintenance services for Health Net Service Recipients in the United States.
Nortel	Provide voice and/or data maintenance services for Health Net Service Recipients in the United States.

Schedule P P - 2 Health Net / IBM Confidential

Final Execution Version

SCHEDULE Q

PROCEDURES MANUAL

Schedule Q Q - 1 Health Net / IBM Confidential

Final Execution Version

1. INTRODUCTION

This Schedule Q (Procedures Manual Table of Contents) describes the general content and organization of the Procedures Manual that will be developed to support delivery of the Services to Health Net in accordance with the Agreement, and may include, (i) procedures used to manage the relationship between Supplier and Health Net, track and report the financial details related to the Agreement, report performance results, and other governance related processes that are expressly defined in the Agreement.

2. GENERAL CONTENT AND ORGANIZATION

The table below provides the general organization and content of the Procedures Manual to be developed by Supplier with reasonable assistance from Health Net. The Procedures Manual will provide the procedures that will be followed to provide the Services to Health Net. These procedures assist to identify and outline the processes followed by Supplier in areas such as communication, reporting, issue resolution and other interactions between Supplier, Health Net and applicable third parties. Specific references to detailed text or requirements in the Agreement may be incorporated within the Procedures Manual.

The Procedures Manual generally documents how Supplier will perform its obligations set forth in Schedule A (Services), as well as additional detail regarding the Functions to be performed in support of each process. The Functions and activities to be performed by the Parties are generally indicated within this document (including general functions and activities). The Procedures Manual will be used by the Parties to assist in Services delivery for day-to-day operations of the in-scope activities as well as projects undertaken as part of the Services delivered by Supplier to Health Net. The table below represents the table of contents for the Procedures Manual for content identified as of the Effective Date. This content shall be supplemented during the Term as Health Net reasonably requests.

Content	Brief Description
1.1    Organizational Overview
(a)    Supplier Management and Delivery Organization	Include Supplier’s organization charts, description of functions performed, and contact information.
(b)    Key Contacts – Health Net	A list of contacts within Health Net that are identified by Health Net as key users of the Services and/or perform a liaison function in regard to the Services (by business unit, by geography).
(c)    Key Contacts – Third Parties	A list of key third parties (maintenance providers, software providers, telecom carriers, etc).
1.2    Internal Performance Management Procedures	Ongoing, “steady state” procedures and policies; content below will include information on coordination Functions and activities to be performed by each Party
(a)    Services Monitoring and	Supplier will in accordance with its obligations under the Agreement

Schedule Q Q - 2 Health Net / IBM Confidential

Final Execution Version

Content	Brief Description
Reporting Procedures	describe procedures it will use to verify Service delivery on a day-to-day basis, including its internal tracking and reporting obligations set out in the Agreement.
(b)    Problem Management and Escalation Procedures	Supplier will in accordance with its obligations under the Agreement describe procedures it will use to identify Problems, report and resolve Problems, and escalate as necessary within Supplier’s organization and/or Health Net.
(c)    Root Cause Analysis Procedures	Supplier will in accordance with its obligations under the Agreement describe procedures it will use to determine root cause of Problems, including involvement of (and/or support to) applicable third parties and/or Health Net.
(d)    Service Level Measurement and Reporting Procedures	Supplier will in accordance with its obligations under the Agreement describe procedures it will use internally to validate Service Levels are maintained at or above the minimum Service Levels. This process includes methodology for the identification of potential problems, and response / mitigation process for any identified problems. Supplier with Health Net’s assistance as reasonably required will estimate the associated tools required to capture and track the data needed to support the Service Level reporting.
(e)    Other relevant procedures	Supplier will describe, as commercially appropriate for this section, procedures that may be required to deliver the Services as mutually agreed to by the Parties.
1.3    Project & Change Management Procedures	Ongoing, “steady state” procedures and policies content below generally includes information on coordination functions and activities to be performed by each Party (by title/function)
(a)    Project Estimating Procedures	Supplier, in accordance with its obligations under the Agreement, will generally describe the procedures used to estimate the resource requirements and charges associated with a proposed Project.
(b)    Project Management Procedures	The Project management procedures generally describe the methodology and procedures used to manage and report on Projects.
(c)    Change Management – Operational and Technical Procedures	The Change management – operational and technical procedures generally describe the notification process, timing, planning, authorization, and implementation regarding Changes to the operational and technical environment. Such procedures will include Functions and activities to be performed by Health Net, including any necessary Health Net approvals.
(d)    Other relevant procedures	Such other procedures (as appropriate for this section) generally describe any other processes or policies which may be required to deliver the Services as mutually agreed to by the Parties.

Schedule Q Q - 3 Health Net / IBM Confidential

Final Execution Version

Content	Brief Description
1.4    Security and Business Continuity Procedures	Ongoing, “steady state” procedures and policies; content below generally includes information on coordination functions and activities to be performed by each Party (by title/function)
(a)    Physical Access & Security Procedures	Physical Access & Security Procedures generally describe the physical access and security procedures used at both Health Net locations and Supplier locations.
(b)    Network Access & Security Procedures	Network Access & Security Procedures generally describe the network access and security procedures used as Supplier deems necessary and appropriate to comply with Health Net’s security policies that are relevant and appropriate to the Services.
(c)    Business Continuity	Business Continuity Procedures generally describe the Supplier policies and procedures used in regard to business continuity of the Services if one or more events impact Supplier’s ability to deliver the Services (e.g., power outage, Force Majeure Event, etc.). Supplier may reference other documents containing comprehensive procedures (e.g., the disaster recovery Services set out in the Agreement), but will at a minimum provide general overview within the Procedures Manual.
1.5    Audit Support Procedures	Ongoing, “steady state” procedures and policies content below will include information on functions and activities, including coordination activities to be performed by each Party (by title/function)
(a)    Auditing	Supplier will describe procedures for operational and/or financial audits as required under the Agreement. Supplier will describe notification process and procedures to resolve audit findings.
(b)    Other relevant procedures	Supplier will describe other procedures (as appropriate for this section) required to deliver the Services as mutually agreed to by the Parties.
1.6    Relationship Management
(a)    Health Net Satisfaction Surveys	Supplier will describe the process to be used for conducting customer satisfaction surveys in accordance with its obligations under the Agreement. Content will include procedures regarding action items and attempts to resolve Service Recipient issues.
(b)    Users	Supplier will describe procedures and responsibilities regarding responding to users’ problems, requests, and questions.

Schedule Q Q - 4 Health Net / IBM Confidential

Final Execution Version

Content	Brief Description
(c)    Third Party Vendors	Supplier will describe procedures for relationship regarding third party vendors which may provide services or products that are ancillary to (or support) the overall delivery of Services. Procedures and coordination with key third party vendors will be documented.
(d)    Other Third Parties	Supplier will describe procedures for other contact or requests from other third parties in regard to the Services.
(e)    Other relevant procedures	Supplier will describe other procedures (as appropriate for this section) required to deliver the Services as mutually agreed to by the Parties.
1.7    Supplier Operational Procedures	Ongoing, “steady state” procedures and policies content below will include information on functions and activities, including coordination activities to be performed by each Party (by title/function)
Operational Procedures (by function, as applicable)	Supplier will describe the activities that Supplier will undertake in order to provide the Services in accordance with the Agreement, including those directions, supervision, monitoring, staffing, reporting, planning and oversight activities normally undertaken by Supplier which shall be consistent with those Supplier activities used to provide services similar to the Services.

Schedule Q Q - 5 Health Net / IBM Confidential

SCHEDULE R

[INTENTIONALLY LEFT BLANK]

Schedule R R - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE S

ASSET RESPONSIBILITY ALLOCATION MATRIX

Schedule S S - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE S

ASSET RESPONSIBILITY ALLOCATION MATRIX

1. Framework

This Section 1 creates a framework under which the Parties shall classify and allocate Financial Responsibility for certain types of Equipment, Software, and Third Party Service Contracts (collectively, “Assets”).

Category

Ownership (1)

Financial Responsibility (2)

Charging Mechanism (3)

Administrative Responsibility (4)

Operational Responsibility (5)

Ongoing Operations

Upgrades/ Enhancements

Growth (7)

Technology Refresh (8)

Install

Support

Maintain

Move/ Add/ Change

Disaster Recovery (6)

Assumed

Supplier

Supplier

Supplier

Supplier

Supplier

Base Charges

Supplier

Supplier

Supplier

Supplier

Supplier

Supplier

Managed – In ASC

HNT

Supplier

Supplier

Supplier

Supplier

Base Charges

Supplier

Supplier

Supplier

Supplier

Supplier

Supplier

Managed – As Pass Through

HNT

Supplier

Supplier

Supplier

Supplier

Managed-As Pass Through Expense (as set forth in the General Terms and Conditions )

Supplier

Supplier

Supplier

Supplier

Supplier

Supplier

Retained

HNT

HNT

HNT

HNT

HNT

Retained

HNT

Supplier

Supplier

Supplier

Supplier

Supplier

Pure-Pass Through

HNT

HNT

HNT

HNT

HNT

Pure Pass Through Expense (as set forth in the General Terms and Conditions)

HNT

HNT

HNT

HNT

HNT

HNT

^[1] This column specifies the Party that is intended to have legal responsibility for the Asset (i.e., ownership if it is an owned Asset, or a contractual relationship with the third party if it is a lease or third party service contract). If this column shows Supplier for a particular Asset category, then the Parties have agreed to assign any Existing Health Net Assets within such Asset category to Supplier, and such categorization is referred to as “Assumed”. If this column shows Health Net, then the Parties have agreed that Health Net will retain legal responsibility for the asset.

^[2] These columns specify which Party shall have Financial Responsibility for an Asset’s capital cost, which: (i) for Equipment or Software, means that such Party shall be responsible for all current (applicable immediately after the effective date of such Financial Responsibility) and future financial costs and expenses of acquisition, lease, license, or other ownership costs for such Assets, including upgrades, enhancements, new releases, expanded license rights, changes due to growth and technology refresh (including third party hardware and software maintenance agreements); and (ii) for third party service contracts, means that such Party shall be responsible for all current and future financial costs and expenses arising from the delivery of the Services using such contract.

^[3] This column identifies the charging mechanism through which Supplier is compensated for the costs and profit associated with any item for which Supplier has Financial Responsibility. “Base Charges” means that Supplier has Financial Responsibility and is fully compensated for the forgoing through the Annual Service Charge, as adjusted by ARCs and RRCs and adjustments to the Hardware Services Charge required under Schedule C. “Managed As Pass-Through Expense”

Schedule S S - 2 Health Net / IBM Confidential

Final Execution Version

and “Pure Pass-Through Expense” shall have the meaning provided in Sections 9.1(a) and (b), respectively, of the General Terms and Conditions. “Retained” means that Health Net has retained these costs.

^[4] This column specifies which Party shall be responsible for managing an Asset, including (i) the tracking of renewal dates and license compliance provisions, (ii) providing notice to the Party with legal responsibility when actions need to be taken with respect to such Asset (e.g., notification of renewal of the license for such Asset), and (iii) receiving invoices from third party vendors, promptly reviewing such invoices, and providing to the Party with Financial Responsibility the original invoice together with a statement identifying which charges are proper and valid.

^[5] This column specifies which Party shall be responsible for operational support of an Asset, generally including (i) the unpacking, configuration, staging, setup and installation of such Asset; (ii) the support of such Asset; (iii) the maintenance of such Asset; (iv) moves/adds/changes; and (v) disaster recovery, all as further set forth in Schedule A.

^[6] Where this Schedule S identifies Supplier as having responsibility with respect to disaster recovery, such Services shall be provided in accordance with and only to the extent of Supplier’ responsibilities with respect to disaster recovery as provided in Schedule A.

^[7] “Growth” means, without limiting the application of ARCs and RRCs in accordance with Schedule C, additional Equipment, Software licenses, and Services required to accommodate Health Net’s request for increased Service volumes (e.g., additional Installed MIPS, new Servers). For example, if Health Net requires a new Web Server, Supplier will install and configure the new server with all Software from Schedule J required by Health Net for the web server and Financial Responsibility for such Software shall be allocated as provided in the matrix above.

^[8] “Refresh” has the meaning given in Section 2.21 of Schedule A.

2. Asset Schedules

(a) Assets existing as of the Effective Date (“Existing Health Net Assets”) are classified in Schedules I (Third Party Service Contracts), J (Software), and N (Equipment) (collectively, “Asset Schedules”). The Parties shall update the Asset Schedules pursuant to the Joint Verification Process described in Exhibit C-10, and subsequently during the Term in accordance with this Section 2. Each Asset added to an Asset Schedule shall be classified within one of the five Asset categories in the matrix above.

(b) Supplier shall validate and update the Asset inventories during the Joint Verification Process as set forth in Exhibit C-10, and thereafter shall maintain accurate and current inventories of Assets in use within Health Net’s environment in accordance with Schedule A. Supplier shall provide Health Net with access to such Asset inventories upon request at any time during the Term.

(c) At any time during the Term, Health Net can request, at no additional charge, (i) that an Asset classified as Managed As Pass-Through be reclassified as Retained or (ii) that an Asset classified as Pure Pass-Through be removed from the Asset Schedules all together. In addition, on a quarterly basis, Supplier shall provide Health Net with proposed updates to the Asset Schedules reflecting all changes to the Equipment, Software, and third party service contracts made in the prior quarter (e.g., new lease agreements; changes in Software products). At Health Net’s request, the Parties shall execute amendments to this Agreement with mutually agreed revisions to the Asset Schedules.

Schedule S S - 3 Health Net / IBM Confidential

Final Execution Version

3. Phase Out

(a) “Phase Out Assets” means those certain Assets that have a date (e.g., such as “plus 1 from signing” inserted in the column labelled “Phase Out Date” on Schedules I, J or N). Health Net is only obligated to make such Phase Out Assets available to Supplier until the designated phase out date in Schedule I, J or N. After such date, Health Net shall no longer be obligated to make any such Phase Out Assets available to provide the Services subject to 3(b) below.

(b) With respect to such Phase Out Assets that Health Net may discontinue making available as set forth in paragraph (a) above, Supplier shall have the right to request Health Net to continue to make any such Phase Out Asset available to Supplier for the sole purpose of providing Services to Health Net pursuant to this Agreement, by providing not less than thirty (30) days prior written notice to Health Net prior to such date set forth on Schedule I, J or N (as applicable); provided that (i) upon the date that Health Net would have otherwise been permitted to discontinue making such Phase Out Asset available, such Asset shall be deemed to be Managed In ASC, (ii) at any time after such discontinuance date, if Supplier provides written notice to Health Net requesting Health Net to exercise any termination right with respect to such Phase Out Asset, then Health Net shall exercise such right, provided Supplier shall be responsible for any termination charges or fees associated with such termination if such fees were the direct result of an extension of making such Phase Out Asset available to Supplier, and (iii) if the Phase Out Asset cannot be terminated by the end of the Term, upon the effective date of expiration or termination of the Phase Out Asset contract, Supplier shall issue Health Net a credit equal to the remaining lease, maintenance or other related payments to the licensor, lessor or other third party (as applicable) Health Net actually incurs, on an Out of Pocket Expense basis, in connection with such Asset to the extent Health Net would not have otherwise incurred such Out of Pocket expenses except for the Agreement. Upon request from Supplier, Health Net shall provide Supplier with a copy of the relevant Phase Out Asset contract. Notwithstanding the foregoing, if Health Net elects to use a Phase Out Asset for purposes outside the scope of Services, then the charges for such Phase Out Assets shall be equitably pro rated to account for Supplier’s continued use of the Phase Out Asset to provide Services and Health Net’s use of the Phase Out Asset for such other purposes.

(c) Unless such Phase Out extension is requested by Supplier as set forth in 3(b) above, Supplier shall incur no additional expenses related to Phase Out Assets unless provided for elsewhere under the Agreement, including this Schedule S. For clarity, such Phase Out Assets shall be extended at no cost to Supplier in the event that such extension is a result of a Health Net suspension or other extension of Transformation or Transition pursuant to Section 13.5(b) of the Agreement and not due to a Supplier request.

Schedule S S - 4 Health Net / IBM Confidential

Final Execution Version

SCHEDULE T

BILL OF SALE

Schedule T T - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE T

BILL OF SALE

This Bill of Sale is entered into, to be effective as of the          day of             , 200[9] (the “Sale Effective Date”), by and between Health Net, Inc., a Delaware corporation(“Health Net”) and International Business Machines Corporation, a New York corporation (“IBM”). IBM and Health Net entered into that certain Master Services Agreement dated August x, 2008 (the “Agreement”). As used in this Bill of Sale, capitalized terms used and not otherwise defined shall have the meanings given them in the Agreement. Health Net agrees to convey and IBM agrees to purchase those assets listed in Exhibit 1 to this Bill of Sale (collectively the “Purchased Assets”).

In accordance with Section 11 of Schedule C of the Agreement, IBM shall pay              US dollars (the “Purchased Assets Price”)on the Sale Effective Date, pursuant to payment directions provided by Health Net, in full satisfaction of the Purchased Assets being sold by Health Net to IBM.

NOW, THEREFORE, in consideration of the mutual covenants contained in this Bill of Sale and for other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged,

1. Health Net hereby irrevocably sells, transfers, conveys, and assigns to IBM, its successors and assigns, all of Health Net’s right, title, and interest in and to the Purchased Assets.

2. IBM hereby accepts the sale, transfer, conveyance, and assignment of the Purchased Assets.

3. Health Net represents and warrants that it has clear title to all of the Purchased Assets and that all of the Purchased Assets are being transferred free and clear of any and all liabilities, obligations, liens, claims, and encumbrances of every kind and character whatsoever.

4. EXCEPT AS SET FORTH HEREIN, HEALTH NET MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, WITH RESPECT TO THE PURCHASED ASSETS, INCLUDING, WITHOUT LIMITATION, MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE, AND THE PURCHASED ASSETS ARE BEING CONVEYED “AS IS” WHERE IS.

5. This Bill of Sale may be executed in any number of counterparts, each of which will be deemed an original, but all of which together will constitute one and the same instrument.

6. This Bill of Sale and performance under it shall be governed by and construed in accordance with the laws of the state of New York without regard to its choice of law principles.

7. For all litigation which may arise with respect to this Bill of Sale, the Parties irrevocably and unconditionally submit (a) to the exclusive jurisdiction and venue (and waive any claim of forum non conveniens and any objections as to laying of venue) of the United States District Court for the Central District of California, or (b) if such court does not have subject matter jurisdiction, to the Superior Court of the State of California, Los Angeles County in connection with any action, suit or proceeding arising out of or relating to this Agreement. The Parties further consent to the jurisdiction of any state court located within a district that encompasses assets of a Party against which a judgment has been rendered for the enforcement of such judgment or award against the assets of such Party.

8. This Bill of Sale is a Schedule to the Agreement.

Schedule T T - 2 Health Net / IBM Confidential

Final Execution Version

IN WITNESS WHEREOF, the undersigned have caused their duly authorized officers to execute this Bill of Sale on the date first written above.

International Business Machines Corporation

By:

Name:

Title:

Date:

Health Net, Inc.

By:

Name:

Title:

Date:

Schedule T T - 3 Health Net / IBM Confidential

Final Execution Version

ATTACHMENT 1

LIST OF PURCHASED ASSETS

As of the Effective Date, the Purchased Assets are listed in the Exhibit N-1 to Schedule N to the Agreement. Such list will be updated pursuant to Section 11.1 of Schedule C and the updated list will be attached to this Bill of Sale upon execution by the Parties.

Schedule T T - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE U

GLOSSARY

Schedule U U - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE U

GLOSSARY

The following capitalized terms, when used in the Agreement, will have the meanings given below unless the context requires otherwise. In the event of a conflict between the definitions in the body of the General Terms and Conditions and this GLOSSARY, the provisions in the body of General Terms and Conditions shall prevail.

Defined Term	Meaning	Primary Use Location
***	Has the meaning set forth in Section 6.5(b) of Schedule C to the General Terms and Conditions	Schedule C
“Acceptance Criteria”	Has the meaning set forth in Section 1.2(b)(vi) of Exhibit A-10 to Schedule A of the General Terms and Conditions	Exhibit A-10
“Acceptance Period”	Has the meaning set forth in Section 2 of Annex A-10-1 to Exhibit A-10 to Schedule A of the General Terms and Conditions	Annex A-10-1
“Acceptance Tests”	Has the meaning set forth in Section 4(a) of Annex A-10-1 to Exhibit A-10 to Schedule A of the General Terms and Conditions	Annex A-10-1
“Actual HSC Expenditures”	Has the meaning set forth in Section 6.3(c) of Schedule C to the General Terms and Conditions	Schedule C
“Addendum”	Has the meaning set forth in the introductory paragraph of Schedule K to the General Terms and Conditions	Schedule K
“Adjustable Charges”	Has the meaning set forth in Section 8.1(a) of Schedule C to the General Terms and Conditions	Schedule C
“Affected Employees”	Has the meaning set forth in Section 2(a) of Schedule E to the General Terms and Conditions	Schedule E
“Affected Software”	Has the meaning set forth in Section 2.7(a) of Schedule L to the General Terms and Conditions	Schedule L
“Affiliate”	Has the meaning set forth in Section 2.1(a) of the General Terms and Conditions	Gen’l Terms
“Agreement”	Has the meaning set forth in Section 2.1(b) of the General Terms and Conditions	Gen’l Terms
“Amount at Risk”	Has the meaning set forth in Section 2.1(a) of Schedule B to the General Terms and Conditions	Schedule B

Schedule U U - 2 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Annual Customer Satisfaction”	Has the meaning set forth in Section 1.1 of Exhibit B-1 to Schedule B to the General Terms and Conditions	Exhibit B-1
“Annual Refresh Plan”	Has the meaning set forth in 2.20(b)(iv) of Schedule A to the General Terms and Conditions	Schedule A
“Annual Services Charge”	Has the meaning set forth in Section 1 of Schedule C to the General Terms and Conditions	Schedule C
“Application”	Has the meaning set forth in Section 2.1(c) of the General Terms and Conditions	Gen’l Terms
“Application Migration Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Application Software”	Has the meaning set forth in Section 2.1(c) of the General Terms and Conditions	Gen’l Terms
“Approved Leave”	Has the meaning set forth in Section 2(b) of Schedule E to the General Terms and Conditions	Schedule E
“Approved Subcontractor”	Has the meaning set forth in Section 7.7(b) of the General Terms and Conditions	Gen’l Terms
“Archived Tape”	Has the meaning set forth in Section 1(b) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“ARCs”	Has the meaning set forth in Section 1 of Schedule C to the General Terms and Conditions	Schedule C
“ARC/RRC Rate”	Has the meaning set forth in Section 2.1(b) of Schedule C to the General Terms and Conditions	Exhibit C-4
“AS/400 Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“ASC”	Has the meaning set forth in Section 1 of Schedule C to the General Terms and Conditions	Schedule C
“ASC Invoice”	Has the meaning set forth in Section 10.1(a) of the General Terms and Conditions	Gen’l Terms
“Asset”	Has the meaning set forth in Section 1 of Schedule S to the General Terms and Conditions	Schedule S
“Asset Category”	Has the meaning set forth in Section 1(a) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10

Schedule U U - 3 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Asset Management Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Asset Purchase Price”	Has the meaning set forth in Section 11.1(a) of Schedule C to the General Terms and Conditions	Schedule C
“Asset Schedules”	Has the meaning set forth in Section 2(a) of Schedule S to the General Terms and Conditions	Schedule S
“Assumed”	Has the meaning set forth in Footnote 1 of Schedule S to the General Terms and Conditions	Schedule S
“AT&T VPN Attachment”	Has the meaning set forth in Section 14 of Schedule C to the General Terms and Conditions	Schedule C
“Auditors”	Has the meaning set forth in Section 18.1(a) of the General Terms and Conditions	Gen’l Terms
“Audits”	Has the meaning set forth in Section 18.1(a) of the General Terms and Conditions	Gen’l Terms
“Automated Call Distribution (ACD) Services”	Has the meaning set forth in Section 5.12(a) of Schedule A to the General Terms and Conditions	Schedule A
“Background Checks”	Has the meaning set forth in Section 7.2(a) of the General Terms and Conditions	Gen’l Terms
“Backup / Recovery Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Balance Sheet Items”	Has the meaning set forth in Section 10.2(a)(v) of Schedule C to the General Terms and Conditions	Schedule C
“Bankruptcy Code”	Has the meaning set forth in Section 15.5(b) of the General Terms and Conditions	Gen’l Terms
“Base Charges”	Has the meaning set forth in Footnote 3 of Schedule S to the General Terms and Conditions	Schedule S
“Base Lease Interest Rate”	Has the meaning set forth in Section 6.3(c)(i) of Schedule C to the General Terms and Conditions	Schedule C
“Baseline Project Pool”	Has the meaning set forth in Section 5.2(a) of Schedule C to the General Terms and Conditions	Schedule C

Schedule U U - 4 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Base Year Index”	Has the meaning set forth in Section 8.1(b) of Schedule C to the General Terms and Conditions	Schedule C
“Baseline Project Pool”	Has the meaning set forth in Section 5.2(a) of Schedule C to the General Terms and Conditions	Schedule C
“Baselining Period”	Has the meaning set forth in Section 4.2(c)(i) of Schedule B to the General Terms and Conditions	Schedule B
***	Has the meaning set forth in Section 9.4(g)(ii) of the General Terms and Conditions	Gen’l Terms
“Benchmarker”	Has the meaning set forth in Section 9.4(c) of the General Terms and Conditions	Gen’l Terms
“Benchmarking Adjustment Caps”	Has the meaning set forth in Section 9.4(g)(iii) of the General Terms and Conditions	Gen’l Terms
“Benchmarking Commencement Date”	Has the meaning set forth in Section 9.4(b) of the General Terms and Conditions	Gen’l Terms
“Benchmark Level”	Has the meaning set forth in Section 9.4(g)(i) of the General Terms and Conditions	Gen’l Terms
“Benchmark Process”	Has the meaning set forth in Section 9.4(d) of the General Terms and Conditions	Gen’l Terms
“Beneficiary”	Has the meaning set forth in Section 2.1(d) of the General Terms and Conditions	Gen’l Terms
“Benefit Program”	Has the meaning set forth in Section 2.1(e) of the General Terms and Conditions	Gen’l Terms
“Business Associate”	Has the meaning set forth in the introductory paragraph of Schedule K to the General Terms and Conditions	Schedule K
“Business Continuity Recovery Point Objective”	Has the meaning set forth in 2.22(e)(ii)(B) of Schedule A to the General Terms and Conditions	Schedule A
“Business Continuity Restoration Time”	Has the meaning set forth in 2.22(e)(ii)(A) of Schedule A to the General Terms and Conditions	Schedule A
“Business Day”	Has the meaning set forth in Section 2.1(b) of Schedule B to the General Terms and Conditions	Schedule B
“Business Hours”	Has the meaning set forth in Section 2.1(c) of Schedule B to the General Terms and Conditions	Schedule B

Schedule U U - 5 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“C & A”	Has the meaning set forth in Section 2.2(c)(i) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Call”	Has the meaning set forth in Section 5 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Call Center Agent”	Has the meaning set forth in Section 7.3(c) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Capacity Basis”	Has the meaning set forth in Section 13 of Schedule C to the General Terms and Conditions	Schedule C
“Capital Expenditures”	Has the meaning set forth in Section 6.3(a) of Schedule C to the General Terms and Conditions	Schedule C
“Cascade”	Has the meaning set forth in Section 2(c)(ii) of Exhibit C-9 to Schedule C to the General Terms and Conditions	Exhibit C-9
“Cause”	Has the meaning set forth in Section 2(c) of Schedule E to the General Terms and Conditions	Schedule E
“CBOC”	Has the meaning set forth in Section 1.1(a)(ii)(D) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Change”	Has the meaning set forth in Section 17.5(a) of the General Terms and Conditions	Gen’l Terms
“Change Control Process”	Has the meaning set forth in Section 17.5(a) of the General Terms and Conditions	Exhibit A-7
“Change of Control of Health Net”	Has the meaning set forth in Section 16.1(d) of the General Terms and Conditions	Gen’l Terms
“Change of Control of Supplier”	Has the meaning set forth in Section 16.1(e) of the General Terms and Conditions	Gen’l Terms
“Change Management Services” or “CM”	Has the meaning set forth in Section 2.17(b) of Schedule A.	Schedule A
“Change Notice” or “CN”	Has the meaning set forth in Section 2.1 of Exhibit A-7 to Schedule A to the General Terms and Conditions	Exhibit A-7

Schedule U U - 6 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Charges”	Has the meaning set forth in Section 1 of Schedule C to the General Terms and Conditions	Schedule C
“Claim	Has the meaning set forth in Section 23.1 of the General Terms and Conditions	Gen’l Terms
“CM”	Has the meaning set forth in Section 2.17(b) of Schedule A to the General Terms and Conditions	Schedule A
“Code A”	Has the meaning set forth in Section 4.2(a) of Schedule B to the General Terms and Conditions	Schedule B
“Code B”	Has the meaning set forth in Section 4.2(b) of Schedule B to the General Terms and Conditions	Schedule B
“Code C”	Has the meaning set forth in Section 4.2(c) of Schedule B to the General Terms and Conditions	Schedule B
“COLA”	Has the meaning set forth in Section 8.1(a) of Schedule C to the General Terms and Conditions	Schedule C
“Commercially Available”	Has the meaning set forth in Section 2.1(f) of the General Terms and Conditions	Gen’l Terms
“Commercially Reasonable Efforts	Has the meaning set forth in Section 2.1(g) of the General Terms and Conditions	Gen’l Terms
“Comparator”	Has the meaning set forth in Section 9.4(e)(i) of the General Terms and Conditions	Gen’l Terms
“Confidential Information”	Has the meaning set forth in Section 21.1(a) of the General Terms and Conditions	Gen’l Terms
“Configuration Management Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Consequential Damages”	Has the meaning set forth in Section 24.2(a) of the General Terms and Conditions	Gen’l Terms
“Consumer Price Index”	Has the meaning set forth in Section 8.1(f) of Schedule C to the General Terms and Conditions	Schedule C
“Contract Governance”	Has the meaning set forth in Section 1 of Schedule G to the General Terms and Conditions	Schedule G
“Contract Year”	Has the meaning set forth in Section 2.1(d) of the General Terms and Conditions	Gen’l Terms
“Control” and its derivatives	Has the meaning set forth in Section 2.1(i) of the General Terms and Conditions	Gen’l Terms

Schedule U U - 7 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“COOP”	Has the meaning set forth in Section 2.2(h)(i) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Core Personnel”	Has the meaning set forth in Section 6.1(a) of Schedule E to the General Terms and Conditions	Schedule E
“Core Personnel Information”	Has the meaning set forth in Section 6.1(a) of Schedule E to the General Terms and Conditions	Schedule E
“CPI-U”	Has the meaning set forth in Section 8.1(f) of Schedule C to the General Terms and Conditions	Schedule C
“Critical Service Level or CSL”	Has the meaning set forth in Section 2.1(d) of Schedule B to the General Terms and Conditions	Schedule B
“Critical Service Level Failure”	Has the meaning set forth in Section 2.1(e) of Schedule B to the General Terms and Conditions	Schedule B
“Cross Tower Charge”	Has the meaning set forth in Section 2 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Cross Tower Services”	Has the meaning set forth in Section 2.1(o)(i) of Schedule C to the General Terms and Conditions	Schedule C
“Cross Tower Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Currency Requirement”	Has the meaning set forth in 2.20(a)(iii) of Schedule A to the General Terms and Conditions	Schedule A
“Current Contract”	Has the meaning set forth in Section A of Schedule K to the General Terms and Conditions	Schedule K
“CY1 Novell Server Deadband”	Has the meaning set forth in Section 4.3(f) of Schedule C to the General Terms and Conditions	Schedule C
“DASD”	Has the meaning set forth in Section 3.3(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“DASD Deadband”	Has the meaning set forth in Section 4.3(c) of Schedule C to the General Terms and Conditions	Schedule C
“DAVA”	Has the meaning set forth in Section 1.1(a)(ii)(E) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6

Schedule U U - 8 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Data Center Relocation Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Data Center Services”	Has the meaning set forth in Section 3(a) of Schedule A to the General Terms and Conditions	Schedule A
“Data Center Transformation Date”	Has the meaning set forth in Section 24.2(f) of the General Terms and Conditions	Gen’l Terms
“Data MACs”	Has the meaning set forth in the Introduction to Exhibit C-9 to Schedule C to the General Terms and Conditions	Exhibit C-9
“Data Network”	Has the meaning set forth in Section 4(b) of Schedule A to the General Terms and Conditions	Schedule A
“Data Network Services”	Has the meaning set forth in Section 4(a) of Schedule A to the General Terms and Conditions	Schedule C
“Database Instance”	Has the meaning set forth in Section 4.9(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-10
“DBA Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Deliverable”	Has the meaning set forth in Section 2.1(j) of the General Terms and Conditions	Gen’l Terms
“Deliverable Defect”	Has the meaning set forth in Section 4(e) of Annex A-10-1 to Exhibit A-10 to Schedule A to the General Terms and Conditions	Annex A-10-1
“Dependents”	Has the meaning set forth in Section 4.1(e) of Schedule E to the General Terms and Conditions	Schedule E
“Derivative Work”	Has the meaning set forth in Section 15.1(c) of the General Terms and Conditions	Gen’l Terms
“Desk Phone Services”	Has the meaning set forth in Section 5.6(a) of Schedule A to the General Terms and Conditions	Schedule A
“Deskside Support Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Desktop IMAC”	Has the meaning set forth in Section 6.5(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1

Schedule U U - 9 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Desktop IMAC ARC Deadband”	Has the meaning set forth in Section 4.3(b) of Schedule C to the General Terms and Conditions	Schedule C
“Desktop IMAC RRC Deadband”	Has the meaning set forth in Section 4.3(b)(i) of Schedule C to the General Terms and Conditions	Schedule C
“Desktop Workstation”	Has the meaning set forth in Section 6.2 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Developed Material”	Has the meaning set forth in Section 15.3(a) of the General Terms and Conditions	Gen’l Terms
“Development Servers Available for Use”	Has the meaning set forth in Section 2.3(b)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Development Servers Availability”	Has the meaning set forth in Section 2.3(a) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Development Servers Downtime”	Has the meaning set forth in Section 2.3(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Development Servers Maintenance Window”	Has the meaning set forth in Section 2.3(b)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Development Servers Scheduled Uptime”	Has the meaning set forth in Section 2.3(b)(iv) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“DHCP”	Has the meaning set forth in Section 4.9 of Schedule A to the General Terms and Conditions	Schedule A
“DHHS”	Has the meaning set forth in Section 2(O) of Schedule K to the General Terms and Conditions	Schedule K
“DIACAP”	Has the meaning set forth in Section 2.1(c)(i) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Disaster Recovery Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Discovery and Joint Verification Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2

Schedule U U - 10 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Discovery Notice”	Has the meaning set forth in Section 2.8(a) of Schedule L to the General Terms and Conditions	Schedule L
“Disengagement Assistance”	Has the meaning set forth in Section 2.1(k) of the General Terms and Conditions	Schedule L
“Disengagement Assistance Period”	Has the meaning set forth in Section 2.1(l) of the General Terms and Conditions	Schedule L
“Disengagement Plan”	Has the meaning set forth in Section 1.2(a) of Schedule L to the General Terms and Conditions	Schedule L
“Disengagement Event”	Has the meaning set forth in Section 2(f) of Schedule E to the General Terms and Conditions	Schedule E
“Dispute Date”	Has the meaning set forth in Section 26.1(a)(i) of the General Terms and Conditions	Gen’l Terms
“Disputed Charges”	Has the meaning set forth in Section 10.7(a) of the General Terms and Conditions	Gen’l Terms
“Disputed Charges Cap”	Has the meaning set forth in Section 10.7(b) of the General Terms and Conditions	Gen’l Terms
“DNS”	Has the meaning set forth in Section 4.9 of Schedule A to the General Terms and Conditions	Schedule A
“Documentation”	Has the meaning set forth in Section 2.1(m) of the General Terms and Conditions	Gen’l Terms
“Documentation Services”	Has the meaning set forth in Section 2.20(a) of Schedule A to the General Terms and Conditions	Schedule A
“DoD SI”	Has the meaning set forth in Section 2.2(a)(i) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Effective Date”	Has the meaning set forth in the preamble to the General Terms and Conditions	Gen’l Terms
“Effective Date System Images”	Has the meaning set forth in Section 4.5 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Eligible Supplier Employees”	Has the meaning set forth in Section 10.2(a)(iv) of Schedule C to the General Terms and Conditions	Schedule C
“E-Mail Mailbox”	Has the meaning set forth in Section6.6(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1

Schedule U U - 11 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“End of Term***”	Has the meaning set forth in Section 10.3(b) of Schedule C to the General Terms and Conditions	Schedule C
“End of Term Remaining HSC Expenditures”	Has the meaning set forth in Section 10.3(a)(ii) of Schedule C to the General Terms and Conditions	Schedule C
“End of Term Stranded HSC Costs”	Has the meaning set forth in Section 10.3(a)(i) of Schedule C to the General Terms and Conditions	Schedule C
“End User”	Has the meaning set forth in Section 2.1(o) of the General Terms and Conditions	Gen’l Terms
“End User Resources”	Has the meaning set forth in Section 6(b) of Schedule A to the General Terms and Conditions	Schedule A
“End User Services”	Has the meaning set forth in Section 6(a) of Schedule A to the General Terms and Conditions	Schedule C
“End User Services and Help Desk Satisfaction”	Has the meaning set forth in Section 1.1(a) of Exhibit B-1 to Schedule B to the General Terms and Conditions	Exhibit B-1
“Enterprise Security Management Services”	Has the meaning set forth in Section 8 of Schedule A to the General Terms and Conditions	Schedule A
“EPHI”	Has the meaning set forth in Section A of Schedule K to the General Terms and Conditions	Schedule K
“Equipment”	Has the meaning set forth in Section 2.1(p) of the General Terms and Conditions	Gen’l Terms
“Equipment Refresh Schedule”	Has the meaning set forth in 2.20(a)(ii) of Schedule A to the General Terms and Conditions	Schedule A
“Existing DR Contracts”	Has the meaning set forth in 2.23(j) of Schedule A to the General Terms and Conditions	Schedule A
“Existing Health Net Assets”	Has the meaning set forth in Section 2(a) of Schedule S to the General Terms and Conditions	Schedule S
“Existing Versions”	Has the meaning set forth in 2.20(a)(iii) of Schedule A to the General Terms and Conditions	Schedule A
“Extraordinary Event”	Has the meaning set forth in Section 8.4(a) of Schedule C to the General Terms and Conditions	Schedule C

Schedule U U - 12 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Fair Market Value”	Has the meaning set forth in Section 2(g) of Schedule C to the General Terms and Conditions	Schedule C
“Final Benchmarker Report”	Has the meaning set forth in Section 9.4(f) of the General Terms and Conditions	Gen’l Terms
“Financial Responsibility”	Has the meaning set forth in Section 2.1(e) of Schedule C to the General Terms and Conditions	Schedule C
“Financial Reconciliation Period”	Has the meaning set forth in Section 3.7 of Schedule L to the General Terms and Conditions	Schedule L
“Financial Responsibility Model”	Has the meaning set forth in Section 2(f) of Schedule C to the General Terms and Conditions	Schedule C, Schedule S
“Firewall Hard MAC”	Has the meaning set forth in Section 7.2(m) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Firewall Soft MAC”	Has the meaning set forth in Section 7.2(n) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Flexible Spending Accounts”	Has the meaning set forth in Section 4.7 of Schedule E to the General Terms and Conditions	Schedule E
“FMV”	Has the meaning set forth in Section 2(g) of Schedule C to the General Terms and Conditions	Schedule C
“Force Majeure Event”	Has the meaning set forth in Section 24.3(a) of the General Terms and Conditions	Gen’l Terms
“Former Health Net Affiliate”	Has the meaning set forth in Section 2.1(r) of the General Terms and Conditions	Gen’l Terms
“Form Invoice”	Has the meaning set forth in Section 10.1(c) of the General Terms and Conditions	Gen’l Terms
“Functions”	Has the meaning set forth in Section 3.2(a) of the General Terms and Conditions	Gen’l Terms
“Furnishing Party”	Has the meaning set forth in Section 21.1(a) of the General Terms and Conditions	Gen’l Terms
“General Systems Available for Use”	Has the meaning set forth in Section 1.3(a)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2

Schedule U U - 13 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“General Systems Availability”	Has the meaning set forth in Section 1.3(a)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“General Systems Downtime”	Has the meaning set forth in Section 1.3(a)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“General Systems Maintenance Window”	Has the meaning set forth in Section 1.3(a)(iv) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“General Systems Schedule Uptime”	Has the meaning set forth in Section 1.3(a)(v) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“General Terms and Conditions”	Has the meaning set forth in Section 1.3 of the General Terms and Conditions	Gen’l Terms
“GLB Act”	Has the meaning set forth in Section 14.6(a) of the General Terms and Conditions	Gen’l Terms
“Growth”	Has the meaning set forth in Footnote 7 of Schedule S to the General Terms and Conditions	Schedule S
“Hard MAC with Wire”	Has the meaning set forth in Section 7.3(f) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Hard MAC without Wire”	Has the meaning set forth in Section 7.3(e) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Hardware Services Charge”	Has the meaning set forth in Section 6.1(a) of Schedule C to the General Terms and Conditions	Schedule C
“Health Net”	Has the meaning set forth in the preamble to the General Terms and Conditions	Used throughout the Agreement
“Health Net 401(k) Savings Plan”	Has the meaning set forth in Section 2(g) of Schedule E to the General Terms and Conditions	Schedule E
“Health Net Data”	Has the meaning set forth in Section 14.1 of the General Terms and Conditions	Gen’l Terms
“Health Net Executive Sponsor”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Health Net Facility”	Has the meaning set forth in Section 2.1(s) of the General Terms and Conditions	Gen’l Terms

Schedule U U - 14 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Health Net Federal Services” or “HNFS”	Has the meaning set forth in Section 1.1(a) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Health Net Indemnities”	Has the meaning set forth in Section 23.2 of the General Terms and Conditions	Gen’l Terms
“Health Net ITG”	Has the meaning set forth in Section 1.2(b) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Health Net Leased Equipment”	Has the meaning set forth in Section 11.4(a) of the General Terms and Conditions	Gen’l Terms
“Health Net Leased Facilities”	Has the meaning set forth in Section 11.9(a) of the General Terms and Conditions	Gen’l Terms
“Health Net Licensed Software”	Has the meaning set forth in Section 11.7(a) of the General Terms and Conditions	Gen’l Terms
“Health Net Owned Equipment”	Has the meaning set forth in Section 11.3(a) of the General Terms and Conditions	Gen’l Terms
“Health Net Owned Software”	Has the meaning set forth in Section 11.6(a) of the General Terms and Conditions	Gen’l Terms
“Health Net Non-public Data”	Has the meaning set forth in Section 14.6(a) of the General Terms and Conditions	Gen’l Terms
“Health Net PHI”	Has the meaning set forth in Section 2(P) of Schedule K to the General Terms and Conditions	Schedule K
“Health Net Project Pipeline”	Has the meaning set forth in Section 5.2(d)(v) of Schedule C to the General Terms and Conditions	Schedule C
“Health Net Third Party Service Contracts”	Has the meaning set forth in Section 11.5(a) of the General Terms and Conditions	Gen’l Terms
“Help Desk Call Deadband”	Has the meaning set forth in Section 4.3(a) of Schedule C to the General Terms and Conditions	Schedule C
“Help Desk Services”	Has the meaning set forth in Section 7(a) of Schedule A to the General Terms and Conditions	Schedule C
“Help Desk Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2

Schedule U U - 15 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“High”	Has the meaning set forth in Section I of Exhibit B-3 to Schedule B to the General Terms and Conditions	Exhibit B-3
“HIPAA”	Has the meaning set forth in Section A of Schedule K to the General Terms and Conditions	Schedule K
“HIPAA Regulations”	Has the meaning set forth in Section A of Schedule K to the General Terms and Conditions	Schedule K
“hour” or “hours”	Has the meaning set forth in Section 3.1(b) of Schedule B to the General Terms and Conditions	Schedule B
“HSC”	Has the meaning set forth in Section 6.1(a) of Schedule C to the General Terms and Conditions	Schedule C
“HSC Equipment”	Has the meaning set forth in Section 6.1(a) of Schedule C to the General Terms and Conditions	Schedule C
“Human Resources Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“HVAC”	Has the meaning set forth in Section 11.10(a) of the General Terms and Conditions	Gen’l Terms
“IAVA”	Has the meaning set forth in Section 2.2(j)(i) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“IBM”	Has the meaning set forth in the preamble to the General Terms and Conditions	Gen’l Terms
“IBM’s Worldwide Project Management Methodology” or “WWPMM”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“IMACs”	Has the meaning set forth in the Introduction to Exhibit C-9 to Schedule C to the General Terms and Conditions	Exhibit C-9
“Impact”	Has the meaning set forth in Section I of Exhibit B-3 to Schedule B to the General Terms and Conditions	Exhibit B-3
“Inbound Toll Free / Call Center Service”	Has the meaning set forth in Section 5.11(a) of Schedule A to the General Terms and Conditions	Schedule A
“Incident”	Has the meaning set forth in Section I of Exhibit B-3 to Schedule B to the General Terms and Conditions	Exhibit B-3

Schedule U U - 16 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“including” (and any of its derivative forms)	Has the meaning set forth in Section 25.10(a)(i) of the General Terms and Conditions	Used throughout the Agreement
“Independent IP”	Has the meaning set forth in Section 15.1(b) of the General Terms and Conditions	Gen’l Terms
“Inflation Factor”	Has the meaning set forth in Section 8.1(b) of Schedule C to the General Terms and Conditions	Schedule C
“In-Flight Projects”	Has the meaning set forth in Section 13.2(c) of the General Terms and Conditions	Gen’l Terms
“Information Security Controls (ISeC) Document”	Has the meaning set forth in Section 8.1(a) of Schedule A to the General Terms and Conditions	Schedule A
“Installed MIPS”	Has the meaning set forth in Section 3.2(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Intellectual Property Rights”	Has the meaning set forth in Section 15.1(a) of the General Terms and Conditions	Gen’l Terms
“Intel, UNIX, VMS, AS/400, Novel Server Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Interim Period”	Has the meaning set forth in Section 4 of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Inventory”	Has the meaning set forth in Section 2(a) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“In-Scope CTI Interfaces”	Has the meaning set forth in Section 5.1(d) of Schedule A to the General Terms and Conditions	Schedule A
“in writing”	Has the meaning set forth in Section 25.10(a)(iv) of the General Terms and Conditions	Used throughout the Agreement
“iSeries (AS/400) LPAR”	Has the meaning set forth in Section 3.4 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“ITG Infrastructure Budget”	Has the meaning set forth in Section 2(h) of Schedule C to the General Terms and Conditions	Schedule C

Schedule U U - 17 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“IT Infrastructure”	Has the meaning set forth in Section 2.1(t) of the General Terms and Conditions	Gen’l Terms
“IT MRC Towers”	Has the meaning set forth in Section 4.5(a) of Schedule C to the General Terms and Conditions	Schedule C
“IT Towers”	Has the meaning set forth in Section 9.4(a) of the General Terms and Conditions	Gen’l Terms
“Joint Management Committee”	Has the meaning set forth in Section 2.5(b)(i) of Schedule G to the General Terms and Conditions	Schedule G
“Joint Operations Committee”	Has the meaning set forth in Section 2.5(c)(i) of Schedule G to the General Terms and Conditions	Schedule G
“Joint Steering Committee”	Has the meaning set forth in Section 2.5(a)(i) of Schedule G to the General Terms and Conditions	Schedule G
“Joint Verification Process” or “JVP”	Has the meaning set forth in Section 1(c) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“JVP Results”	Has the meaning set forth in Section 2(b) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Key Health Net Transformation Deliverables”	Has the meaning set forth in Section 2.2 of Attachment A-3-1 to Exhibit A-3 to Schedule A to the General Terms and Conditions	Attachment A-3-1
“Key Supplier Positions”	Has the meaning set forth in Section 7.4(a) of the General Terms and Conditions	Gen’l Terms
“Knowledge Transfer Plan”	Has the meaning set forth in Section 3.6(b) of Schedule L to the General Terms and Conditions	Schedule L
“LAN Hard MAC”	Has the meaning set forth in Section 7.2(k) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“LAN Soft MAC”	Has the meaning set forth in Section 7.2(l) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Laptop Workstation”	Has the meaning set forth in Section 6.3 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1

Schedule U U - 18 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Large Firewall”	Has the meaning set forth in Section 7.2(g) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Large Router”	Has the meaning set forth in Section 7.2(c) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Large Switch”	Has the meaning set forth in Section 7.2(f) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Last Day of Use”	Has the meaning set forth in Section 10.2(e) of Schedule C to the General Terms and Conditions	Schedule C
“Law”	Has the meaning set forth in Section 2.1(u) of the General Terms and Conditions	Gen’l Terms
“Long Distance Services”	Has the meaning set forth in Section 5.7(a) of Schedule A to the General Terms and Conditions	Schedule A
“Losses”	Has the meaning set forth in Section 23.1 of the General Terms and Conditions	Gen’l Terms
“Lotus Notes / Active Directory Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Low”	Has the meaning set forth in Section I of Exhibit B-3 to Schedule B to the General Terms and Conditions	Exhibit B-3
“Mainframe and AS400 Services”	Has the meaning set forth in Section 2.1(o)(ii) of Schedule C to the General Terms and Conditions	Schedule C
“Mainframe Gb-month”	Has the meaning set forth in Section 3.3(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Mainframe Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Maintenance Charge”	Has the meaning set forth in Section 6.3(b) of Schedule C to the General Terms and Conditions	Schedule C
“Managed As Pass-Through Expense”	Has the meaning set forth in Section 9.1(a) of the General Terms and Conditions	Schedule S
“Managed Third Parties”	Has the meaning set forth in Section 7.8 of the General Terms and Conditions	Gen’l Terms

Schedule U U - 19 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Measurement Period”	Has the meaning set forth in Section 2.1(f) of Schedule B to the General Terms and Conditions	Schedule B
“Measurements / Reports Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Medium”	Has the meaning set forth in Section I of Exhibit B-3 to Schedule B to the General Terms and Conditions	Exhibit B-3
“MIB”	Has the meaning set forth in Section 4.5(a)(iii) of Schedule A to the General Terms and Conditions	Schedule A
“may”	Has the meaning set forth in Section 25.10(a)(ii) of the General Terms and Conditions	Used throughout the Agreement
“may not”	Has the meaning set forth in Section 25.10(a)(ii) of the General Terms and Conditions	Used throughout the Agreement
“Medium Router”	Has the meaning set forth in Section 7.2(b) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Medium Switch”	Has the meaning set forth in Section 7.2(e) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Mental Impressions”	Has the meaning set forth in Section 15.6(a) of the General Terms and Conditions	Gen’l Terms
“MER”	Has the meaning set forth in Exhibit A-13 to Schedule A to the General Terms and Conditions	Exhibit A-13
“MHS”	Has the meaning set forth in Section 2.1(c)(vii) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Middleware”	Has the meaning set forth in Section 3.11(a) of Schedule A to the General Terms and Conditions	Schedule A
“Middleware Infrastructure Available for Use”	Has the meaning set forth in Section 2.5(b)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Middleware Infrastructure Availability”	Has the meaning set forth in Section 2.5(a) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Middleware Infrastructure Downtime”	Has the meaning set forth in Section 2.5(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2

Schedule U U - 20 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Middleware Infrastructure Downtime”	Has the meaning set forth in Section 2.5(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Middleware Infrastructure Maintenance Window”	Has the meaning set forth in Section 2.5(b)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Middleware Infrastructure Scheduled Uptime”	Has the meaning set forth in Section 2.5(b)(iv) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Milestones”	Has the meaning set forth in Section 1.2(b)(iii) of Exhibit A-10 to Schedule A of the General Terms and Conditions	Exhibit A-10
“Minimum Commitment”	Has the meaning set forth in Section 4.5(a) of Schedule C to the General Terms and Conditions	Schedule C
“Monthly Performance Report”	Has the meaning set forth in Section 17.3(b) of the General Terms and Conditions	Schedule B
“NAS Available for Use”	Has the meaning set forth in Section 2.7(b)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“NAS Availability”	Has the meaning set forth in Section 2.7(a) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“NAS Downtime”	Has the meaning set forth in Section 2.7(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“NAS Maintenance Window”	Has the meaning set forth in Section 2.7(b)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“NAS Scheduled Uptime”	Has the meaning set forth in Section 2.7(b)(iv) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Net Sales Proceeds”	Has the meaning set forth in Section 10.2(a)(iii) of Schedule C to the General Terms and Conditions	Schedule C
“Network Baseline”	Has the meaning set forth in Section 5.3(a) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Network MRC Towers”	Has the meaning set forth in Section 4.5(a) of Schedule C to the General Terms and Conditions	Schedule C

Schedule U U - 21 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Network RU Deadband”	Has the meaning set forth in Section 5.3(b)(i) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Network Towers”	Has the meaning set forth in Section 9.4(a) of the General Terms and Conditions	Gen’l Terms
“New Services”	Has the meaning set forth in Section 3.8(a) of the General Terms and Conditions	Gen’l Terms
“New Work”	Has the meaning set forth in Section 15.1(c) of the General Terms and Conditions	Gen’l Terms
“Newly Discovered Contract”	Has the meaning set forth in Section 3.1 of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Network Transition Deadband”	Has the meaning set forth in Section 3.2(b) of Schedule C to the General Terms and Conditions	Schedule C
“Network Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Non-Commercially Available”	Has the meaning set forth in Section 2.1(v) of the General Terms and Conditions	Gen’l Terms
“Non-Production Server Available for Use”	Has the meaning set forth in Section 2.4(b)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Non-Production Server Availability”	Has the meaning set forth in Section 2.4(a) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Non-Production Server Downtime”	Has the meaning set forth in Section 2.4(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Non-Production Server Maintenance Window”	Has the meaning set forth in Section 2.4(b)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Non-Production Server Scheduled Uptime”	Has the meaning set forth in Section 2.4(b)(iv) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Normalization Objection Period”	Has the meaning set forth in Section 9.4(d)(v) of the General Terms and Conditions	Gen’l Terms

Schedule U U - 22 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Notice of Election”	Has the meaning set forth in Section 23.5(a) of the General Terms and Conditions	Gen’l Terms
“Novell Server”	Has the meaning set forth in Section 4.7 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Open Source Code”	Has the meaning set forth in Section 19.8(a)(iv) of the General Terms and Conditions	Gen’l Terms
“Online Directory Services”	Has the meaning set forth in Section 5.9(a) of Schedule A to the General Terms and Conditions	Schedule A
“Onshore Support Model”	Has the meaning set forth in Section 8.3 of Schedule C to the General Terms and Conditions	Schedule C
“On-Site Health Net Resources”	Has the meaning set forth in Section 11.12(a) of the General Terms and Conditions	Gen’l Terms
“On-Time Completion”	Has the meaning set forth in Section 1.2 of Exhibit B-1 to Schedule B to the General Terms and Conditions	Exhibit B-1
“Operational Deliverable”	Has the meaning set forth in Section 4(a) of Annex A-10-1 to Exhibit A-10 to Schedule A of the General Terms and Conditions	Annex A-10-1
“Operations and Maintenance Services” or “O&M Services”	Has the meaning set forth in Section 2 of Schedule A to the General Terms and Conditions	Schedule A
“Operations Transitions Manager” or “OTM”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Out-of-Pocket Expenses”	Has the meaning set forth in Section 2.1(w) of the General Terms and Conditions	Gen’l Terms
“Overall Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Parent”	With respect to an entity, any other entity or person Controlling such entity.	Gen’l Terms
“Participant”	Has the meaning set forth in Section 4.5(b) of Schedule E to the General Terms and Conditions	Schedule E
“Parties”	Has the meaning set forth in the preamble to the General Terms and Conditions	Gen’l Terms

Schedule U U - 23 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Party”	Has the meaning set forth in the preamble to the General Terms and Conditions	Gen’l Terms
“Payable Date”	Has the meaning set forth in Section 10.2 of the General Terms and Conditions	Gen’l Terms
“PBX VM Mailbox”	Has the meaning set forth in Section 7.3(d) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“PCR”	Has the meaning set forth in Section 2(b) of Exhibit A-10 to Schedule A of the General Terms and Conditions	Exhibit A-10
“PDA”	Has the meaning set forth in Section 6.7(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“PDLC”	Has the meaning set forth in Section 2(a)(i) of Exhibit A-10 to Schedule A of the General Terms and Conditions	Exhibit A-10
“Periodic Events”	Has the meaning set forth in Section 6.10(b) of Schedule A to the General Terms and Conditions	Schedule A
“Phase Out Assets”	Has the meaning set forth in Section 3(a) of Schedule S to the General Terms and Conditions	Schedule S
“PHI”	Has the meaning set forth in Section A of Schedule K to the General Terms and Conditions	Schedule K
“POA&M”	Has the meaning set forth in Section 2.2(j)(iv)(A) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“POC”	Has the meaning set forth in Section 2.2(d)(i) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Pool Percentage Available for Allocation”	Has the meaning set forth in Section 2.1(g) of Schedule B to the General Terms and Conditions	Schedule B
“Priority”	Has the meaning set forth in Section I of Exhibit B-3 to Schedule B to the General Terms and Conditions and Exhibit B-5 to Schedule B to the General Terms and Conditions	Exhibit B-3 Exhibit B-5

Schedule U U - 24 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Problem”	Has the meaning set forth in Section II of Exhibit B-3 to Schedule B to the General Terms and Conditions	Exhibit B-3
“Problem / Change Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Procedures Manual”	Has the meaning set forth in Section 17.4(a) of the General Terms and Conditions	Gen’l Terms
“Process Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Procurement Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Production Applications Available for Use”	Has the meaning set forth in Section 2.6(b)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Production Applications Availability”	Has the meaning set forth in Section 2.6(a) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Production Applications Downtime”	Has the meaning set forth in Section 2.6(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Production Applications Maintenance Window”	Has the meaning set forth in Section 2.6(b)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Production Applications Scheduled Uptime”	Has the meaning set forth in Section 2.6(b)(iv) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Program Manager”	Has the meaning set forth in Section 8.1(a) of the General Terms and Conditions	Schedule G
“Project”	Has the meaning set forth in Section 5.1(a) of Schedule C to the General Terms and Conditions	Schedule C
“Project Brief”	Has the meaning set forth in Section 1.1(a) of Exhibit A-10 to Schedule A of the General Terms and Conditions	Exhibit A-10
“Project Charges”	Has the meaning set forth in Section 2(i) of Schedule C to the General Terms and Conditions	Schedule C

Schedule U U - 25 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Project Estimate”	Has the meaning set forth in Section 1.1(b) of Exhibit A-10 to Schedule A of the General Terms and Conditions	Exhibit A-10
“Project Hour”	Has the meaning set forth in Section 5.1(b) of Schedule C to the General Terms and Conditions	Schedule C
“Project Manager”	Has the meaning set forth in Section 1.2(b)(viii) of Exhibit A-10 to Schedule A to the General Terms and Conditions	Exhibit A-10
“PT”	Has the meaning set forth in Section 3.1(b) of Schedule B to the General Terms and Conditions	Schedule B
“PTO”	Has the meaning set forth in Section 4.3 of Schedule E to the General Terms and Conditions	Schedule E
“Purchasable Items”	Has the meaning set forth in 2.25(a) of Schedule A to the General Terms and Conditions	Schedule E
“Purchased Assets”	Has the meaning set forth in the introductory section of Schedule T to the General Terms and Conditions	Schedule T
“Purchased Assets Price”	Has the meaning set forth in the introductory section of Schedule T to the General Terms and Conditions	Schedule T
“Pure Pass-Through Expense”	Has the meaning set forth in Section 9.1(b) of the General Terms and Conditions	Schedule S
“Raised (Access) Floor”	Has the meaning set forth in Exhibit A-13 to Schedule A to the General Terms and Conditions	Exhibit A-13
“Rancho Data Center”	Has the meaning set forth in Section 13.5(c)(i) of the General Terms and Conditions	Gen’l Terms
“Rancho Service Cessation Obligation”	Has the meaning set forth in Section 13.5(c)(i) of the General Terms and Conditions	Gen’l Terms
“Rancho Vacate Obligation”	Has the meaning set forth in Section 13.5(c)(ii) of the General Terms and Conditions	Gen’l Terms
“RCA”	Has the meaning set forth in Section 2.6(b) of Schedule A	Schedule A
“RM”	Has the meaning set forth in Section 2.17(c) of Schedule A to the General Terms and Conditions	Schedule A
“Receiving Party”	Has the meaning set forth in Section 21.1(a) of the General Terms and Conditions	Gen’l Terms

Schedule U U - 26 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Recovery Environment”	Has the meaning set forth in Section 4.1(c) of Schedule B to the General Terms and Conditions	Schedule B
“Refresh”	Has the meaning set forth in Section 2.20(a)(ii) of Schedule A to the General Terms and Conditions	Schedule A
“Regulated Contracts”	Has the meaning set forth in Exhibit A-3 to Schedule A to the General Terms and Conditions	Exhibit A-3
“Regulatory Change”	Has the meaning set forth in Section 27.5(b) of the General Terms and Conditions	Gen’l Terms
“Remaining HSC Expenditures”	Has the meaning set forth in Section 6.5(a)(ii) of Schedule C to the General Terms and Conditions	Schedule C
“Remote Access Available for Use”	Has the meaning set forth in Section 2.1(b)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Remote Access Availability”	Has the meaning set forth in Section 2.1(a) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Remote Access Downtime”	Has the meaning set forth in Section 2.1(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Remote Access Maintenance Window”	Has the meaning set forth in Section 2.1(b)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Remote Access Scheduled Uptime”	Has the meaning set forth in Section 2.1(b)(iv) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Remote Site MAC”	Has the meaning set forth in Section 7.2(o) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Replacement”	Has the meaning set forth in Section 2(c) to Exhibit C-9 to Schedule C to the General Terms and Conditions	Exhibit C-9
“Representative Sample”	Has the meaning set forth in Section 9.4(e)(i) of the General Terms and Conditions	Gen’l Terms
“Required Consents”	Has the meaning set forth in Section 2.1(x) of the General Terms and Conditions	Gen’l Terms
“Resources”	Has the meaning set forth in Section 2.1(a)(i) of Schedule L to the General Terms and Conditions	Schedule L

Schedule U U - 27 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Resource Baseline”	Has the meaning set forth in Section 4.1(a) of Schedule C to the General Terms and Conditions	Schedule C
“Resource Category”	Has the meaning set forth in Section 2.1(l) of Schedule C to the General Terms and Conditions	Schedule C
“Resource Unit”	Has the meaning set forth in Section 2.1(m) of Schedule C to the General Terms and Conditions	Schedule C
“Retained”	Has the meaning set forth in Footnote 3 of Schedule S to the General Terms and Conditions	Schedule S
“Re-Transfer”	Has the meaning set forth in Section 6.3(a) of Schedule E to the General Terms and Conditions	Schedule E
“Re-Transfer Date”	Has the meaning set forth in Section 6.3(a) of Schedule E to the General Terms and Conditions	Schedule E
“Re-Transfer Employee”	Has the meaning set forth in Section 6.3(a) of Schedule E to the General Terms and Conditions	Schedule E
“Review Period”	Has the meaning set forth in Section 9.4(f) of the General Terms and Conditions	Gen’l Terms
“RM”	Has the meaning set forth in Section 2.17(c) of Schedule A to the General Terms and Conditions	Schedule A
“RPO”	Has the meaning set forth in 2.22(e)(ii)(B) of Schedule A to the General Terms and Conditions	Schedule A
“RRCs”	Has the meaning set forth in Section 1 of Schedule C to the General Terms and Conditions	Schedule C
“RTO”	Has the meaning set forth in 2.22(e)(ii)(A) of Schedule A to the General Terms and Conditions	Schedule A
“RU”	Has the meaning set forth in Section 2(m) of Schedule C to the General Terms and Conditions	Schedule C
“Sale Effective Date”	Has the meaning set forth in the introductory paragraph of Schedule T to the General Terms and Conditions	Schedule T
“SAN Availability”	Has the meaning set forth in Section 1.4(a) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“SAN Available for Use”	Has the meaning set forth in Section 1.4(b)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2

Schedule U U - 28 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“SAN Downtime”	Has the meaning set forth in Section 1.4(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“SAN Maintenance Window”	Has the meaning set forth in Section 1.4(b)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“SAN Scheduled Uptime”	Has the meaning set forth in Section 1.4(b) (iv) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“SAN/NAS Gb-month”	Has the meaning set forth in Section 4.6 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“SAN Storage Deadband”	Has the meaning set forth in Section 4.3(d) of Schedule C to the General Terms and Conditions	Schedule C
“SAS 70 Audit”	Has the meaning set forth in Section 18.5(a) of the General Terms and Conditions	Gen’l Terms
“SEC”	Has the meaning set forth in Section 21.2(d) of the General Terms and Conditions.	Gen’l Terms
“Scheduled Maintenance”	Has the meaning set forth in Section 2.1(h) of Schedule B to the General Terms and Conditions	Schedule Bik
“Security Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Self Help Tools”	Has the meaning set forth in Section 7.9 of Schedule A to the General Terms and Conditions	Schedule A
“Server Consolidation Project”	Has the meaning set forth in Section 7 of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Server Image Deadband”	Has the meaning set forth in Section 5.2(b)(i) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Server Services”	Has the meaning set forth in Section 2.1(o)(iii) of Schedule C to the General Terms and Conditions	Schedule C
“Service Commencement Date”	Has the meaning set forth in Section 2.1(y) of the General Terms and Conditions	Gen’l Terms

Schedule U U - 29 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Service Level Credit” (or “SLC”)	Has the meaning set forth in Section 4.3(b) of Schedule B to the General Terms and Conditions	Schedule B
“Service Level Failure”	Has the meaning set forth in Section 2.1(k) of Schedule B to the General Terms and Conditions	Schedule B
“Service Level Improvement Date”	Has the meaning set forth in Section 5.4 of Schedule B to the General Terms and Conditions	Schedule B
“Service Levels”	Has the meaning set forth in Section 6.1 of the General Terms and Conditions	Schedule B
“Service Recipient”	Has the meaning set forth in Section 3.5(a) of the General Terms and Conditions	Gen’l Terms
“Service Recipient Damages”	Has the meaning set forth in Section 24.2(d) of the General Terms and Conditions	Gen’l Terms
“Service Tower”	Has the meaning set forth in Section 2.1(o) of Schedule C to the General Terms and Conditions	Schedule C
“Services”	Has the meaning set forth in Section 3.2 of the General Terms and Conditions	Gen’l Terms
“Services Solution”	Has the meaning set forth in Section 1.6(a) of Schedule A to the General Terms and Conditions	Schedule A
“shall”	Has the meaning set forth in Section 25.10(a)(iii) of the General Terms and Conditions	Used throughout the Agreement
“Small Project”	Has the meaning set forth in Section 5.1(c) of Schedule C to the General Terms and Conditions	Schedule C
“Small Project Hours Cap”	Has the meaning set forth in Section 5.1(c) to Schedule C to the General Terms and Conditions	Schedule C
“Small Router”	Has the meaning set forth in Section 7.2(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Small Switch”	Has the meaning set forth in Section 7.2(d) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Soft MAC-ACD”	Has the meaning set forth in Section 7.3(g) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Soft MAC – PBX”	Has the meaning set forth in Section 7.3(h) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1

Schedule U U - 30 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Soft MAC - Voicemail”	Has the meaning set forth in Section 7.3(i) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Software	Has the meaning set forth in Section 2.1(aa) of the General Terms and Conditions	Gen’l Terms
“Software Distribution Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Source Code”	Has the meaning set forth in Section 2.1(bb) of the General Terms and Conditions	Gen’l Terms
“SPOC”	Has the meaning set forth in Section 7.2(a)(i) of Schedule A to the General Terms and Conditions	Schedule A
“SSO Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Standard”	Has the meaning set forth in 6.4(b) of Schedule A to the General Terms and Conditions	Schedule A
“Standard HSC Costs”	Has the meaning set forth in Section 6.5(a)(i) of Schedule C to the General Terms and Conditions	Schedule C
“Standard UNIX Image”	Has the meaning set forth in Section 4.4(a)(i) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Standard Voice PBX Port”	Has the meaning set forth in Section 7.3(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Standard VoIP Port”	Has the meaning set forth in Section 7.3(b) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Standard Wintel Image”	Has the meaning set forth in Section 4.3(a)(i) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Stranded HSC Costs”	Has the meaning set forth in Section 6.5(a)(i) of Schedule C to the General Terms and Conditions	Schedule C
“Subcontractor”	Has the meaning set forth in Section 7.7 of the General Terms and Conditions	Gen’l Terms

Schedule U U - 31 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Substitute Services”	Has the meaning set forth in Section 8.8 of Schedule C to the General Terms and Conditions	Schedule C
“Successor Supplier”	Has the meaning set forth in Section 2(l) of Schedule E to the General Terms and Conditions	Schedule E
“Supplier”	Has the meaning set forth in the preamble to the General Terms and Conditions	Used throughout the Agreement
“Supplier 401(k) Plan”	Has the meaning set forth in Section 4.5(a) of Schedule E to the General Terms and Conditions	Schedule E
“Supplier’s actual performance”	Has the meaning set forth in Section 5.4 of Schedule B to the General Terms and Conditions	Schedule B
“Supplier Disengagement Assistance Lead”	Has the meaning set forth in Section 3.2 of Schedule L to the General Terms and Conditions	Schedule L
“Supplier Facilities”	Has the meaning set forth in Section 5.2(a) of the General Terms and Conditions	Gen’l Terms
“Supplier Indemnities”	Has the meaning set forth in Section 23.4 of the General Terms and Conditions	Gen’l Terms
“Supplier Non-Personnel Resource Obligations”	Has the meaning set forth in Section 2.1(b)(iv) of Schedule L to the General Terms and Conditions	Schedule L
“Supplier PE”	Has the meaning set forth in Section 17.1(a) of the General Terms and Conditions	Gen’l Terms
“Supplier Personnel”	Has the meaning set forth in Section 2.1(dd) of the General Terms and Conditions	Gen’l Terms
“Supplier Proprietary Delivery Tool”	Has the meaning set forth in Section 12.7(b)(ii)(D) of the General Terms and Conditions	Gen’l Terms
“Supplier’s Actual Performance”	Has the meaning set forth in Section 5.4 of Schedule B to the General Terms and Conditions	Schedule B
“Supplier Software”	Has the meaning set forth in Section 2.1(ee) of the General Terms and Conditions	Gen’l Terms
“Swap Rate/Initial Index Rate	Has the meaning set forth in Section 6.3(c)(ii) of Schedule C to the General Terms and Conditions	Schedule C
“System Image”	Has the meaning set forth in Section 4.2(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1

Schedule U U - 32 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Systems Change”	Has the meaning set forth in Section 12 of Schedule C to the General Terms and Conditions	Schedule C
“Systems Software”	Has the meaning set forth in Section 2.1(cc) of the General Terms and Conditions	Gen’l Terms
“T&M Rates”	Has the meaning set forth in Section 7.3 of Schedule C to the General Terms and Conditions	Schedule C
“Tape Operations Transition Manager”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Targeted Cost Increases”	Has the meaning set forth in Section 8.4(c)(iv) of Schedule C to the General Terms and Conditions	Schedule C
“Targeted Cost Reductions”	Has the meaning set forth in Section 8.4(c)(ii) of Schedule C to the General Terms and Conditions	Schedule C
“Targeted Resource Additions”	Has the meaning set forth in Section 8.4(c)(iii) of Schedule C to the General Terms and Conditions	Schedule C
“Targeted Resource Reductions”	Has the meaning set forth in Section 8.4(c)(i) of Schedule C to the General Terms and Conditions	Schedule C
“TBCP”	Has the meaning set forth in 2.23(a) of Schedule A to the General Terms and Conditions	Schedule A
“Solution Description”	Has the meaning set forth in Section 1.4(a) of Schedule A to the General Terms and Conditions	Schedule A
“Technology Plan”	Has the meaning set forth in Section 17.6 of the General Terms and Conditions	Gen’l Terms
“Teleconferencing Service”	Has the meaning set forth in Section 5.10(a) of Schedule A to the General Terms and Conditions	Schedule A
“Term”	Has the meaning set forth in Section 4.1 of the General Terms and Conditions	Gen’l Terms
“Termination Fees”	Has the meaning set forth in Section 1 of Exhibit C-8 to Schedule C to the General Terms and Conditions	Exhibit C-8
“Third Party Costs”	Has the meaning set forth in Section 10.2(a)(i) of Schedule C to the General Terms and Conditions	Schedule C
“***Critical Service Levels”	Has the meaning set forth in Section 16.1(c) of the General Terms and Conditions	Gen’l Terms

Schedule U U - 33 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Transfer Date”	Has the meaning set forth in Section 2(n) of Schedule E to the General Terms and Conditions	Schedule E
“Transformation”	Has the meaning set forth in Section 13.1 of the General Terms and Conditions	Schedule A
“Transformation Charges”	Has the meaning set forth in Section 3.3(a) of Schedule C to the General Terms and Conditions	Schedule C
“Transformation Plan”	Has the meaning set forth in Section 13.2(b) of the General Terms and Conditions	Gen’l Terms
“Transition”	Has the meaning set forth in Section 13.1 of the General Terms and Conditions	Schedule E
“Transition Architect”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Transition Engineer”	Has the meaning set forth in Exhibit A-2 to Schedule A to the General Terms and Conditions	Exhibit A-2
“Transition Period ASC”	Has the meaning set forth in Section 2.1(r) of Schedule C to the General Terms and Conditions	Schedule C
“Transition Plan”	Has the meaning set forth in Section 13.2(b) of the General Terms and Conditions	Gen’l Terms
“Transitioned Employee”	Has the meaning set forth in Section 2(o) of Schedule E to the General Terms and Conditions	Schedule E
“Transport Resource Categories”	Has the meaning set forth in Section 7.4(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“TRICARE Program”	Has the meaning set forth in Section 1.1(a)(i) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“TSM Environment”	Has the meaning set forth in Row 6 of Table 23 of Schedule A to the General Terms and Conditions	Schedule A
“Update Letter”	Has the meaning set forth in Section 18.5(c)(i) of the General Terms and Conditions	Gen’l Terms
“UPS”	Has the meaning set forth in Section 11.10(a) of the General Terms and Conditions	Gen’l Terms
“Unidentified Asset”	Has the meaning set forth in Section 2.8(a) of Schedule L to the General Terms and Conditions	Schedule L

Schedule U U - 34 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“UNIX Server”	Has the meaning set forth in Section 4.2(b) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“UNIX System Images”	Has the meaning set forth in Section 5.2(a)(ii) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Urgency”	Has the meaning set forth in Section I of Exhibit B-3 to Schedule B to the General Terms and Conditions	Exhibit B-3
“Use”	Has the meaning set forth in Section 2.1(ff) of the General Terms and Conditions	Gen’l Terms
“Utilization Basis”	Has the meaning set forth in Section 13 of Schedule C to the General Terms and Conditions	Schedule C
“VA”	Has the meaning set forth in Section 1.1(a)(ii) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“VAMC”	Has the meaning set forth in Section 1.1(a)(ii)(A) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“Variable Charge Invoice”	Has the meaning set forth in Section 10.1(a) of the General Terms and Conditions	Gen’l Terms
“Video Conference Services”	Has the meaning set forth in Section 5.14(a) of Schedule A to the General Terms and Conditions	Schedule A
“VIP	Has the meaning set forth in Section 6.10(a) of Schedule A to the General Terms and Conditions	Schedule A
“VIP Workstation”	Has the meaning set forth in Section 6.4 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Virtualized UNIX Image”	Has the meaning set forth in Section 4.4(a)(ii) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Virtualized Wintel Image”	Has the meaning set forth in Section 4.3(a)(ii) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Virus”	Has the meaning set forth in Section 19.9 of the General Terms and Conditions	Gen’l Terms

Schedule U U - 35 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“VISN”	Has the meaning set forth in Section 1.1(a)(ii)(A) of Exhibit A-6 to Schedule A to the General Terms and Conditions	Exhibit A-6
“VMS Alpha Image”	Has the meaning set forth in Section 4.8(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“VMS Image”	Has the meaning set forth in Section 4.8 of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“VMS Itanium Image”	Has the meaning set forth in Section 4.8(b) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“VMS System Image”	Has the meaning set forth in Section 5.2(a)(iii) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Virus”	Software code that is: (i) program code or programming instruction(s) or set(s) of instructions intentionally designed to disrupt, disable, harm, interfere with or otherwise adversely affect computer programs, data files or operations (excluding software keys); or (ii) other code typically described as a virus, Trojan horse, worm, back door or other type of harmful code.	Gen’l Terms
“Voice Available For Use”	Has the meaning set forth in Section 2.2(b)(i) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Voice Availability”	Has the meaning set forth in Section 2.2(a) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Voice Downtime”	Has the meaning set forth in Section 2.2(b)(ii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Voice Mail Services”	Has the meaning set forth in Section 5.8(a) of Schedule A to the General Terms and Conditions	Schedule A
“Voice Maintenance Window”	Has the meaning set forth in Section 2.2(b)(iii) of Exhibit B-2 to Schedule B to the General Terms and Conditions	Exhibit B-2
“Voice MACs”	Has the meaning set forth in the Introduction to Exhibit C-9 to Schedule C to the General Terms and Conditions	Exhibit C-9

Schedule U U - 36 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Voice Network”	Has the meaning set forth in Section 5(b) of Schedule A to the General Terms and Conditions	Schedule A
“Voice Network Services”	Has the meaning set forth in Section 5(a) of Schedule A to the General Terms and Conditions	Schedule C
“VPN User”	Has the meaning set forth in Section 7.2(h) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“WAN Hard MAC”	Has the meaning set forth in Section 7.2(i) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“WAN Soft MAC”	Has the meaning set forth in Section 7.2(j) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“WARN”	Has the meaning set forth in Section 5.3 of Schedule E to the General Terms and Conditions	Schedule E
“Weighting Factor”	Has the meaning set forth in Section 2.1(l) of Schedule B to the General Terms and Conditions	Schedule B
“will”	Has the meaning set forth in Section 25.10(a)(iii) of the General Terms and Conditions	Used throughout the Agreement
“Wind Down Costs”	Has the meaning set forth in Section 10.2(a) of Schedule C to the General Terms and Conditions	Schedule C
“Wintel Consolidation Cap”	Has the meaning set forth in Section 7 of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Wintel Server”	Has the meaning set forth in Section 4.2(c) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“Wintel System Images”	Has the meaning set forth in Section 5.2(a)(i) of Exhibit C-10 to Schedule C to the General Terms and Conditions	Exhibit C-10
“Wintel System Image Deadband”	Has the meaning set forth in Section 4.3(e) of Schedule C to the General Terms and Conditions	Schedule C
“Work Order”	Has the meaning set forth in Section 1.2(a) of Exhibit A-10 to Schedule A of the General Terms and Conditions	Exhibit A-10

Schedule U U - 37 Health Net / IBM Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Working Paper Employee”	Has the meaning set forth in Section 5.2(a) of Schedule E to the General Terms and Conditions	Schedule E
“Working Paper Employment Costs”	Has the meaning set forth in Section 5.2(c) of Schedule E to the General Terms and Conditions	Schedule E
“Work Product”	Has the meaning set forth in Section 15.1(c) of the General Terms and Conditions	Gen’l Terms
“Workstations”	Has the meaning set forth in Section 6.1(a) of Exhibit C-1 to Schedule C to the General Terms and Conditions	Exhibit C-1
“written”	Has the meaning set forth in Section 25.10(a)(iv) of the General Terms and Conditions	Used throughout the Agreement
“Written Deliverables”	Has the meaning set forth in Section 3(a) of Annex A-10-1 to Exhibit A-10 to Schedule A of the General Terms and Conditions	Annex A-10-1

Schedule U U - 38 Health Net / IBM Confidential

SCHEDULE V

SUPPLIER COMPETITORS

***

Schedule V V - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE W

REPORTS

Schedule W W - 1 Health Net / IBM Confidential

Final Execution Version

SCHEDULE W

REPORTS

Without limiting Supplier’s obligations and Health Net’s rights set forth elsewhere in the Agreement (including Section 17.3 of the General Terms and Conditions), this Schedule W lists certain reports that Supplier shall create and provide to Health Net as of the Effective Date. In addition to those reports listed in this Schedule W, as reasonably requested by Health Net, Supplier shall also provide Health Net with ad hoc reports. Any requests for ad hoc reports falling outside of this scope shall be provided by IBM using hours from the Project Pool.

Helpdesk	IVR Self Service Novell Password Reset report	This report details the volume of calls for password resets that were successful or unsuccessful.	Monthly, Quarterly, Annually	Current Media HN generates today.
Helpdesk	MC400 Self Service Password Reset report	This report details the volume of calls for password resets that were successful or unsuccessful.	Monthly, Quarterly, Annually	Current Media HN generates today. Assumed VRU automation
Assets	Hardware and Software Assets	This report includes all Health Net hardware and software assets.	Quarterly	Altitis will be customized to generate these reports if they do not exist today. Assume all of this data is captured today and will be captured when IBM takes over
Assets	Active Hardware Assets	This report provides information with respect to all active hardware assets available for the customer in the asset data repository.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 2 Health Net / IBM Confidential

Final Execution Version

Assets	Inactive Hardware Assets	This report provides information with respect to all inactive hardware assets available for the customer in the asset data repository.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Daily Asset Count	This report shows the count of active assets by category and subcategory.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Hardware Seat Count	This report is a summary of account billable categories and subcategories, followed by detail corresponding to the summary.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Disposed/Decommissioned Hardware Assets	This report provides information with respect to all disposed /decommissioned hardware assets for the customer in the asset data repository.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Newly Added Active Hardware Assets – Prior Month	This report provides information with respect to all active hardware assets added to the asset data repository in the prior month.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Changes to Customer Bill	This report provides information with respect to all changes to a customer bill.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Duplicate Serial Number –Physical	This report provides information with respect to duplicate entries.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Duplicate Serial Number – Financial	This report provides information with respect to duplicate serial numbers on the same asset	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 3 Health Net / IBM Confidential

Final Execution Version

Assets	Duplicate Asset Tag – Physical	This report provides information with respect to duplicate tags on multiple assets.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Variance – Serial Number	Asset variance serial number report is a listing of variances between physical and financial on serial number.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Variance – Location	This report provides a listing of variances between physical and financial on location.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Variance – Organization	This report provides a listing of variances between physical and financial on organization.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Variance – Model	This report provides a listing of variances between physical and financial on models.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Imminent and Expired Lease	This report provides a listing of assets whose lease stream is scheduled to expire.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Imminent and Expired Warranty	This report provides a listing of assets whose warranty period is scheduled to expire.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	AWOL Assets	This report provides information with respect to all active assets that are assigned to the Asset Without Location (AWOL) User ID.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 4 Health Net / IBM Confidential

Final Execution Version

Assets	Stock Assets	This report is a listing of all active assets that are assigned STOCK.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Active Assets with Inactive Owners (Primary User)	This report provides information of all active assets assigned to an inactive primary user.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Invalid Serial Numbers	This report is a listing of serial numbers that do not fit known patterns.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Information Object – Asset	This information object contains financial and physical asset information based on asset tag for the account.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Assets	Information Object - Variance Asset	This information object contains financial and physical asset information based on asset tag for the account. The variance information object provides the capability to query the financial and physical data sources to find variances on the following: financial assets not in the physical asset data source; physical assets not in the financial asset data source; and variance between attributes found in the physical and financial data sources.	Scheduled, On Demand.	GSMRT Tool/Print hardcopy as needed by recipient
Data Center (Mainframe and Midrange	Resource Summary reporting	Last full month and month to date drill down reports that include: •        Met or exceed targets •        Missed expected targets but met minimum targets •        Missed minimum targets •        Problem reports for job abnormalities	Monthly, On Demand	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 5 Health Net / IBM Confidential

Final Execution Version

Data Center (Mainframe and Midrange	General Availability Detail	Availability summary with ability to drill down reports.	Monthly, On Demand	GSMRT Tool/Print hardcopy as needed by recipient
Data Center (Mainframe and Midrange	Configuration report	Configurations in the environment and their conformance with standards.	Monthly, On Demand	GSMRT Tool/Print hardcopy as needed by recipient
Data Center Midrange	URL Filtering report	Report on potential malware infections based on excessive visits to sites, individual usage reports, volume/metric data for services, internet content filtering configuration, and administration.	On Demand
Data Center (Server)	Software Currency	Report that describes software versions.	Quarterly, Annually
Data Center (Server)	Server Refresh Progress report	Measurement of Server Refresh for performance of maintaining a consistent Deliverable to End Users by change of technology.	Quarterly, Annually	HN processes and tools as of the Effective Date
Data Center (Server)	Midrange Systems Performance reporting	Report detailing performance for the midrange systems (All Platforms): 1. CPU utilization across all LPARs 2. CPW utilization across all LPARs 3. Disk arm utilization across all iSeries LPARs	Monthly
Data Center (Server)	Monthly RightFax report	Report contains a detailed listing of every transaction or fax that has been sent or received for the previous month.	Monthly
Data Center	Mainframe	Report detailing performance for the mainframe systems for the zSeries and	Monthly

Schedule W W - 6 Health Net / IBM Confidential

Final Execution Version

(Mainframe)	Systems Performance reporting	iSeries, including 1. CPU utilization across all LPARs. 2. CPW utilization
Cross Tower	Enterprise Change Board Meeting Agenda	This report contains a summary and detail for all open Change CMR#, Planned Date/Time, Duration, Requestor, CTI, Group Owner, Client Notification, Priority, Status, Description.	Bi-weekly, On Demand	GSMRT Tool/Print hardcopy as needed by recipient
Cross Tower	Change Management Performance report	This report displays a summary for all closed Change records. Report should be broken down as follows: 1. Consolidated report by vendor, Tower and Service Area.. The report fields included are: Change Type, Priority, Total Successful, Total Successful with Problems, Total Unsuccessful, Total Process Violations, Total Change by Type, Percentage of Emergency Changes, Change Category	Monthly, Quarterly, Annually, On Demand	GSMRT Tool/Print hardcopy as needed by recipient.
Cross Tower	Past Due Changes	This report contains summary and detail data for all past due Changes. The summary and detail data is displayed by account major, workgroup and scheduled start date. Past due criteria = Change start date/time + duration + 1 Business Day.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient.
Cross Tower	Past Due Measurement	This report contains trend and detail data for all closed past due Changes. The trend and detail data is displayed by account, major, workgroup and scheduled start date. Past due criteria = (Change close date/time greater than Change start date/time + duration + 1 Business Day).	On Demand	GSMRT Tool/Print hardcopy as needed by recipient.

Schedule W W - 7 Health Net / IBM Confidential

Final Execution Version

Cross Tower	Technical Change Meeting	This report contains summary and detail data for all open Change tickets that are not past due. The summary and detail data is grouped by account major, previous period/current week/future Changes and scheduled start date.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
Cross Tower	Percentage of Changes Causing Problems	Any Problem ticket that has a related Change Notice with a relationship reason of Change caused Problem on closing is counted in this metric.	Monthly, Quarterly, Annually, On Demand	GSMRT Tool/Print hardcopy as needed by recipient
Cross Tower	Change Management Violation Summary	List of Owners with violations, number of violations and details.	Monthly, Quarterly, Annually, On Demand	GSMRT Tool/Print hardcopy as needed by recipient
Cross Tower	Technology Briefing	Report on technical trends and independent research on products and services with potential use for Health Net.	Once per annum	White paper or conference call.
Cross Tower	Security report	Report on security violations to a specific application or access point, including violations to a specific MAC address, port address, and UserID where possible.	Monthly, On Demand	GSMRT Tool/Print hardcopy as needed by recipient. If being generated today IBM will continue to use the existing tool until it can be customized for gSMRT
Cross Tower	Security Vulnerability report	Entire networks are tested to determine the susceptibility of their hosts to current attacks. Measurement for this service is Outside Hours of Operation. Pre-Scheduled Maintenance shall be performed during periods of service inactivity.	Monthly	IBM will continue to use the existing tools until it can be customized to GSMRT

Schedule W W - 8 Health Net / IBM Confidential

Final Execution Version

Cross Tower	IT Security Management	With the approval of an OE VP, requests for the web usage of specific associates can be requested.	On-Demand
	Static reports
	IMAC Assignee Performance Summary	This report is a listing of all IMAC records opened, closed, cancelled, or in work by IMAC assignee and category.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
	IMAC Group Performance Summary	This report is a list of all IMAC records opened, closed, cancelled, or in work by category.	On Demand
	Information Objects
	IMAC - Advanced	This is a tool that allows the End User to create his/her own reports from the fields available on the content tab. The data contained in this object provides ticket summary data and enables the End User to perform ticket analysis	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
	IMAC - All Tasks	This is a tool that allows the End User to create his/her own reports from the fields available on the content tab. This object allows user to perform task analysis	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
	Queries
	Active IMACs	This report is a list of all open IMAC records by a group of ID’s, or by a single ID.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
	All Tasks Complete - Record Not Closed	This report is a list of all active IMAC with all tasks 100% complete.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 9 Health Net / IBM Confidential

Final Execution Version

Coordinator Not Assigned	This report is a listing of all active records with assignee person equal to unknown.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
IMACs Approaching SLA	This report is a listing of all IMAC records approaching the SLA for each category.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
IMACs Exceeding SLA	This report is a listing of all open IMAC records exceeding the SLA for each category.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
IMACs Greater than 10 Days	This report is a list of all active IMAC records aged more than 10 days.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
IMACs Met SLA	This report is a listing of IMAC records that met their SLA.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
IMACs Missed SLA	This report is a list of IMAC records that missed their SLA.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
IMACs Set to Held	This report is a list of active IMAC records that are currently in held status.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
Perform Complete - Tracking Incomplete	This report is a list of active records with completed tasks and incomplete tracking task.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 10 Health Net / IBM Confidential

Final Execution Version

	Task Resource Not Assigned	This report is a listing of all active records where task assignee person is blank.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Age Ticket Breakout report	Aging of open tickets by count per age bucket.	On Demand	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Daily Morning Incident	This report displays summary and detail data for all open Incident tickets; sorted by account major, account minor and then Priority with tickets in a wait state at the bottom of the report.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Manage Incident Against Timeframe	This is an Incident management measurement report which contains Incident tickets resolved within target date by Priority.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Manage Top 10 Incident Measurement	This is an Incident management measurement report which contains the top 10 reported issues by component.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 11 Health Net / IBM Confidential

Final Execution Version

All Towers	Minimize Life Cycle Incident	This is an Incident management measurement report which displays the average time to close Incident tickets and the average time to resolve Incident tickets by Priority.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Monthly OOC Measurement Incident	This report contains a summary of all tickets that were out of criteria in the timeframe specified by workgroup.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Out Of Criteria Incident	This report contains open Incident tickets that are either out of criteria or near out of criteria (where 75% or more of the SLA time has expired), sorted by workgroup then Priority	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 12 Health Net / IBM Confidential

Final Execution Version

All Towers	Queue Hopping Incident	This report contains Incidents which have been reassigned 3 or more times.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Priority 1 & 2 Incident	This report contains Incident tickets opened within specified time period: sorted by Priority, status and workgroup.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Age Breakout Problem report	Aging Incident and Problem tickets for all open tickets by count per age bucket. Broken down by vendor, Tower, service area	Weekly, On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 13 Health Net / IBM Confidential

Final Execution Version

All Towers	Daily Morning report	This report displays summary and detail data for all open Problem Priority 1 and 2 tickets.	Daily, Monthly, On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	Being created today using Access Database and Remedy. IBM will continue to use the existing tool until it can be customized for GSMRT. Print Hardcopy as needed.
All Towers	Daily Morning report	This report displays summary and detail data for all open Problem tickets; sorted by account major, account minor and then Priority with tickets in a wait state at the bottom of the report.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Manage Problem Against Timeframe	This is a Problem management measurement report which contains Problem tickets resolved within target date by Priority.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 14 Health Net / IBM Confidential

Final Execution Version

All Towers	Manage Top 10 Problem Measurement	This is a Problem management measurement report which contains the top 10 reported issues by component.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Closed Ticket Performance report	This is a Problem management measurement report which displays the average time to close Problem tickets and the average time to resolve Problem and Incident tickets by Priority. This report is for all tickets with the exception of the Help Desk. The Help Desk will have its own report. The report includes the following: Consolidated Roll up Consolidated Roll up by Vendor By Vendor, Tower, Service Area	Monthly, Quarterly, Annually, On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
Help Desk	Closed Ticket Performance report	This is a Problem management measurement report which displays the average time to close Problem tickets and the average time to resolve Problem and Incident tickets by Priority. This is a separate report from the all Towers report.	*NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient. If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 15 Health Net / IBM Confidential

Final Execution Version

All Towers	Monthly OOC Measurement	This report contains a summary of all tickets that were out of criteria in the timeframe specified by workgroup.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Out Of Criteria	This report contains open Problem tickets that are either out of criteria or near out of criteria (where 75% or more of the SLA time has expired), sorted by workgroup then Priority.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Problems Summary by Location Type	This is a Problem management measurement summary report which contains the number of Problems reported by location type.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Problems Summary by Problem Type	This is a Problem management measurement summary report which contains the number of Problems reported by type.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 16 Health Net / IBM Confidential

Final Execution Version

All Towers	Problems Summary by Assigned Group	This is a Problem management measurement summary report which contains the number of Problems reported by assignment group.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Problems Summary by Priority	This is a Problem management measurement summary report which contains the number of Problems reported by Priority.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Root Cause Analysis (RCA) report	This is a report regarding all RCAs performed (and those in progress) since the previous report for Priority 1 Problems and Incidents as well as those Priority 2 Problems and Incidents that have been promoted to a Priority. 1 by Supplier of Health Net including remediation efforts (if any).	Weekly, Monthly or as RCAs occur *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 17 Health Net / IBM Confidential

Final Execution Version

All Towers	Problem Management Ticket Queue Hopping	This report contains Problems which have been reassigned 3 or more times.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Priority 1 & 2	This report contains Problem tickets opened within specified time period; sorted by Priority, status and workgroup.	On Demand *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	Service Level report	report provides service performance results relative to the agreed Service Levels including trending data.	Monthly	GSMRT Tool/Print hardcopy as needed by recipient
All Towers	DR report	Provide results of Disaster Recovery testing including applications and the corresponding recovery timeframes designated by Health Net.	Once per annum	Written report in a form specified or agreed to between HN and IBM

Schedule W W - 18 Health Net / IBM Confidential

Final Execution Version

Mainframe	CICS Daily Response Time	Provides hourly response time, usage and utilization data for defined mainframe systems.	Daily *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.	GSMRT Tool/Print hardcopy as needed by recipient
Mainframe	CICS Monthly Response Time	Provides response time, usage and utilization data for defined mainframe systems.	Monthly	GSMRT Tool/Print hardcopy as needed by recipient
Mainframe	MVS CPU Box Utilization	Provides response time, usage and utilization data for defined mainframe systems.	Hourly, Daily, Monthly	GSMRT Tool/Print hardcopy as needed by recipient
Mainframe	MVS CPU LPAR Usage by Service Class	Provides response time, usage and utilization data for defined mainframe systems.	Hourly, Daily, Monthly	GSMRT Tool/Print hardcopy as needed by recipient
Mainframe	MVS CPU LPAR Usage by Workload	Provides response time, usage and utilization data for defined mainframe systems.	Monthly	GSMRT Tool/Print hardcopy as needed by recipient
Mainframe	MVS DASD Capacity Monthly	Provides response time, usage and utilization data for defined mainframe systems.	Monthly	GSMRT Tool/Print hardcopy as needed by recipient
Mainframe	MVS Tape Capacity Monthly	Provides response time, usage and utilization data for defined mainframe systems.	Monthly	GSMRT Tool/Print hardcopy as needed by recipient

Schedule W W - 19 Health Net / IBM Confidential

Final Execution Version

Mainframe	VM CPU Box Utilization	Provides response time, usage and utilization data for defined mainframe systems.	Monthly	GSMRT Tool/Print hardcopy as needed by recipient
Mainframe	VM CPU LPAR Usage	Provides response time, usage and utilization data for defined mainframe systems.	Monthly	GSMRT Tool/Print hardcopy as needed by recipient
Mainframe	Mainframe Performance Package	Provides response time, usage and utilization data for defined mainframe systems.	Monthly	GSMRT Tool/Print hardcopy as needed by recipient
Network Services	Network Services Monthly report	Provides a service description and statistical summary of overall network services delivery, data and voice services, including Availability, bandwidth utilization, performance, Service Levels, trouble ticket analysis, fault analysis, Problem determination and resolution, and root cause analysis results.	Monthly	Web Portal Tool/Print hardcopy as needed by recipient
Network Services	Network Security Management report	Provides a summary of network security risks, intrusion attempts, security Incidents, security events, and countermeasures and corrective actions taken.	Monthly	Tool/Print hardcopy as needed by recipient
Network Data	Firewall Performance report	Provides a summary of firewall performance and security Incidents and events and corrective actions taken.	Monthly and On Demand	Tool/Print hardcopy as needed by recipient
Network Data	Network Asset Hardware Inventory report	Provides a summary printout of data network devices.	On demand	Tool/Print hardcopy as needed by recipient

Schedule W W - 20 Health Net / IBM Confidential

Final Execution Version

Network Data	Network Asset Software Inventory report	Provides a summary printout of data network software.	On demand	Tool/Print hardcopy as needed by recipient
Network Data	Network Overview Performance Report	Provides a narrative and statistical overview of network performance, including bandwidth usage, traffic loading, traffic volumes and utilization.	On Demand	Tool/Print hardcopy as needed by recipient
Network Data	Performance Management and Historic Trending report	Provides a narrative and statistical description of network performance and historical trending.	On Demand	Tool/Print hardcopy as needed by recipient
Network Data	Network Device report	Device configuration, CPU and memory utilization.	On Demand	Tool/Print hardcopy as needed by recipient
Network Data	Network Traffic reports	Provides report on WAN utilization, LAN utilization, and RAS utilization, including throughput, volumes, errors, and discards.	On Demand	Tool/Print hardcopy as needed by recipient
Network Data	VLAN report	Provides report on VLAN configuration, device reports, and traffic reports.	On Demand	Tool/Print hardcopy as needed by recipient
Network Data	RMON reports	Provides RMON report on switched dedicated Ethernet segments and shared media Ethernet segments.	On Demand	Tool/Print hardcopy as needed by recipient
Network Data	Data network SLA report	Provides report on SLA metrics such as Availability, latency, etc.	On Demand	Tool/Print hardcopy as needed by recipient

Schedule W W - 21 Health Net / IBM Confidential

Final Execution Version

Network Data	Load Balancers Report	Provides report on load balancer performance.	On Demand	Tool/Print hardcopy as needed by recipient
Data Network	Riverbed Wide Area Application Services report	Provides report on the performance of the Riverbed Wide Area Application Services appliances	On Demand	Tool/Print hardcopy as needed by recipient
Data Network	Network Architecture Overview Drawings	Provides a high level architecture description and drawing of the major components (WAN, LAN, and RAS, etc) of the data network.	Quarterly	Tool/Print hardcopy as needed by recipient. Visio is used as the drawing media
Data Network	WAN, LAN, and RAS Drawings	Provides site network topology and configuration drawings of the LAN, WAN, and RAS.	On Demand	Tool/Print hardcopy as needed by recipient. Visio is used as the drawing media
Data Network	Billing and Invoicing report	Provides a narrative and statistical summary of data services ordering, billing, and invoicing.	Monthly and On Demand	Tool/Print hardcopy as needed by recipient.
Data Network	Network Management – Circuit Errors	Circuit Metrics include: Top T1/T3 % error interfaces, Top T1/T3 coding violations, Top T1/T3 % unavailable seconds, etc.	Monthly
Data Network	Capacity / Performance Trend Analysis	Actions by IBM for proactive monitoring and intervention to minimize capacity bottlenecks and activities to be taken for implementing approved system capacity and operational usage Change requests.	Monthly	If being generated today IBM will continue to use the

Schedule W W - 22 Health Net / IBM Confidential

Final Execution Version

	and reporting Measurement / analysis and periodic notification on resource utilization and trends for critical system resources. Service Measure- Accuracy of monitoring and reporting threshold alerts and anomalies Res			existing tool until it can be customized for GSMRT
Voice Network	HNFS ACD SLA reporting (AD003)	System metrics include: Rockwell ACD performance, Availability, and SLA metrics.	Monthly, Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	Monthly VTC Usage report	Update rolling summary report of VTC usage and share with key business client.	Monthly, Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 23 Health Net / IBM Confidential

Final Execution Version

Voice Network	Quarterly SLA and Outage review meeting with Aspect Communications	System metrics include: Aspect and Rockwell ACD’s, IVR’s and peripheral call center applications performance, Availability, and SLA metrics.	Monthly, Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	Monthly SLA and Outage review meeting with AT&T	Availability of the voice communications network, including all circuits and all associated hardware. Can refer to either the overall environment or to the voice communications services pertaining to a specific designated client facility.	Monthly, Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	Traffic Analysis reporting	Traffic Analysis reporting consists of hourly and daily call volume summary and trunk utilization reports; reports are available from the carrier, and the PBX.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	Trunk Utilization reports	Trunk utilization reports detailing the percentage of usage by each trunk. The summary reports detail call totals, duration of call, average call length, and complete and incomplete calls.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	Peak Period Call Analysis	Call analysis requires periodic monitoring of these reports during peak periods to ensure the trunk groups are functioning properly and SLA’s concerning outgoing and incoming blockage are being met; call analysis shall also define those areas in which there is a pattern of excessive trunking being experienced.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 24 Health Net / IBM Confidential

Final Execution Version

Voice Network	Detailed Call Accounting reports	Detailed call accounting reports	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	OE/HR reports	OE/HR reporting requirements in support of the performance management process.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	Monthly Invoice Processing	Includes the review of all telecom carrier and service provider invoices for appropriate charges to service order history and contract rate compliance, assigning costs to the appropriate cost center, forwarding authorized invoices to accounts payable for further processing in a timely fashion that avoids any service disruptions from disconnects due to late or non-payment, investigate all billing and service inventory errors and discrepancies to final resolution, documenting and withholding disputed payment amounts, pursuing and processing credits and corrections, and provides analysis and ad-hoc reports to management as required for topics including service inventory, usage history, cost history, dispute history, and cost recovery performance.	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Long Distance Services	Calling Card reports	reports detailing calling cards and usage by card and summary by cost center.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 25 Health Net / IBM Confidential

Final Execution Version

Voice Network – Long Distance Services	Long Distance reports	Provide the following reports to Health Net on dates as established by Health Net with respect to international long distance or incoming toll-free usage not to exceed two months in arrears. Call data as a spreadsheet file is to include: originating number, dialed number, terminating number, date and time, duration and applicable charges, any account code or authorization codes if utilized, employee name, cost center, department and billing account information.	On Demand As requested by Health Net	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Voice Mail Services	Voice Mail User List	Provide list of all users by voice mail number, and list of users by class of service.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Voice Mail Services	Voice Mail list of Names	Provide list of all names of the users that are on the voice mail system.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Voice Mail Services	Voice Mail Capacity	Capacity reporting such as available disk space, number of ports in use, etc.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Voice Mail Services	Voice Mail Daily Error Log	Monitor and address daily error log (lists last 100 errors on the voice mail system, for review).	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 26 Health Net / IBM Confidential

Final Execution Version

Voice Network – Voice Mail Services	Voice Mail Weekly Back Up report	Prepare a weekly back-up report to ensure that there were no problems with the back-up process.	On Demand
Voice Network	Voice network Architecture Overview Drawings	Provides a high level architecture description and drawing of the major components of the voice network.	Quarterly	Tool/Print hardcopy as needed by recipient. Visio is used as the drawing media
Voice Network	Voice Network Asset Hardware Inventory report	Provides a summary printout of voice network devices.	On demand	Tool/Print hardcopy as needed by recipient
Voice Network	Voice Network Asset Software Inventory report	Provides a summary printout of voice network software.	On demand	Tool/Print hardcopy as needed by recipient
Voice Network	Voice Network Drawings	Provides site network topology and configuration drawings of the voice network.	On Demand	Tool/Print hardcopy as needed by recipient. Visio is used as the drawing media
Voice Network	Voice Network Performance report	Provides a narrative and statistical summary of the performance of the voice network and systems.	Monthly, Quarterly, Annually, On Demand	Tool/Print hardcopy as needed by recipient.

Schedule W W - 27 Health Net / IBM Confidential

Final Execution Version

Voice Network	VoIP report	Provides a narrative and statistical summary of the performance of the voice over IP (VoIP) network and systems.	Monthly , Quarterly, Annually, On Demand	Tool/Print hardcopy as needed by recipient.
Voice Network	Cisco VoIP report	Provides a narrative and statistical summary of the performance of the Cisco voice over IP (VoIP) network components.	Monthly, Quarterly, Annually, On Demand	Tool/Print hardcopy as needed by recipient.
Voice Network	PBX Management report	Provides a narrative and statistical summary of the performance of the PBX systems.	Monthly , Quarterly, Annually, On Demand	Tool/Print hardcopy as needed by recipient.
Voice Network	ACD Management report	Provides a narrative and statistical summary of the performance of the ACD systems.	Monthly, Quarterly, Annually, On Demand	Tool/Print hardcopy as needed by recipient.
Voice Network	Voice Network Transport report	Provides a narrative and statistical summary of the various voice transport services.	Monthly, Quarterly, Annually, On Demand	Tool/Print hardcopy as needed by recipient.
Network Voice	Billing and Invoicing report	Provides a narrative and statistical summary of voice services ordering, billing, and invoicing.	Monthly, Quarterly, Annually, On Demand	Tool/Print hardcopy as needed by recipient.
Voice Network – Teleconferencing Services	Teleconference Monthly Cost Summary	Monthly cost summary, including setup cost, bridge connection cost, long distance cost and feature cost.	Monthly, Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Teleconferencing Services	Teleconference Summary report by Host	Monthly summary report by host, including: conference types, total number of connects, total number of minutes, total call charges, total feature charges, and total charges.	Monthly, Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 28 Health Net / IBM Confidential

Final Execution Version

Voice Network – Teleconferencing Services	Teleconference report by Host	Detail report by host, including: conference ID, reserved minutes, reserved connections, and by conference, including type of access, date and time connected, total minutes connected, and total cost.	On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Teleconferencing Services	Teleconference Summary Data for Long Distance and Toll-Free	Summary data for long distance and toll-free billing charges related to teleconference service.	Monthly, Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Teleconferencing Services	Teleconference Automated reports by Cost Center for Vendor and Contract Invoice Summaries	Automated reports by cost center for vendor and contract invoice summaries.	Monthly , Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Teleconferencing Services	Teleconference Spending	Teleconference spending by month by year.	Monthly, Quarterly, Annually, On Demand	Spreadsheet
Voice Network – Teleconferencing Services	Teleconference Number of Profiles/Hosts	Number of profiles/hosts by month.	Monthly	Spreadsheet

Schedule W W - 29 Health Net / IBM Confidential

Final Execution Version

Voice Network – Teleconferencing Services	Teleconference Number of Reservationless Accounts	Number of reservationless accounts assigned by month by year.	Monthly	Spreadsheet
Voice Network – Teleconferencing Services	Teleconference No Show Charges	No show teleconference charges by month by host.	Monthly	Spreadsheet
Voice Network – Teleconferencing Services	Teleconference Counts by Call Type	Counts by call type (caller paid, 800 host paid, etc) month by year.	Monthly, Quarterly, Annually, On Demand	Spreadsheet
Voice Network	Toll Free Number report	Monthly report of all toll-free numbers and associated services utilized by Health Net. Report detail will include origination and termination numbers and dates.	Monthly Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	Voice Network Utilization reports	Monthly utilization reports that include: total number of daily calls to all toll free numbers, dialed number summary by hour, monthly call volumes, detailed call analysis (including originating numbers, time of day, duration etc), calls originated from either selected area code(s) or states (sorting options	On Demand	If being generated today IBM will continue to use the existing tool until it

Schedule W W - 30 Health Net / IBM Confidential

Final Execution Version

		also available),call prompter analysis (how many callers pressed 1, pressed 2 etc) exception reports (caller’s number for calls not answered) and call completion analysis, and graphical depiction of each toll free number routing plan as they are added.		can be customized for GSMRT
Projects	Schedule Variance report	The schedule variance for a major enhancement or projects	Monthly, On Demand	Written report in a form specified in the Procedures Manual
Voice Network	Toll Free Number report	Monthly report of all toll-free numbers and associated services utilized by Health Net. Report detail will include origination and termination numbers and dates.	Monthly Quarterly, Annually, On Demand
Voice Network	Traffic and Cost Analysis reports	Hourly/daily/monthly traffic and cost analysis reports including: 800 in-bound network traffic summary report, call detail hourly summary, call detail traffic summary, report by each 800 number, call detail traffic summary by state, trunk utilization for all trunk groups, call detail by Health Net location, call completion analysis, resellers summarized traffic by number, call prompter summary, traffic by number and date, unassigned Routing Termination Number (RTN), dial number by RTN	Hourly/ Daily/ Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Video Conference Services	Number of Bridged Calls	Monthly reporting of number of bridged calls	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Video Conference Services	Video Conference Monthly Invoice Review	Monthly invoice review and chargeback to user (host) cost center including chargeback of fee for late cancellation of bridge reservation.	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 31 Health Net / IBM Confidential

Final Execution Version

Voice Network – Video Conference Services	Video Conference Monthly reports by Site	Monthly reports by site.	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network – Video Conference Services	Maintenance Contracts for Hardware and Software	Annual renewal of maintenance contract for hardware and software.	Annual	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Projects	Financial Variance reporting	The financial variance for a Project shall not exceed ten percent (10%). This report applies only to Projects that are not priced by IBM on a fixed price basis or other basis with an agreed limitation on total price, such as time and materials with a cap.	Weekly, Monthly, On Demand	Written report in a form specified in the Procedures Manual
Cross Tower	Business Metrics report	Reports are based on business department hours, site(s), critical applications, department, length of outage and user count.	Monthly, Quarterly, Annually	GSMRT
Cross Tower	ITG Application and Services Detail	Reports are based on application Availability hours, user count, length of outage and impacted user count.	Monthly, Quarterly, Annually	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 32 Health Net / IBM Confidential

Final Execution Version

Cross Tower	Percentage of HNFS Application Availability	HNFS report to the Government - outage vs. uptimes.	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Data Network Tower	Security Engineering Review	Within 30 days of the new quarter, the Supplier must deliver a completed document, summarizing the previous quarter’s review findings and suggestions for improvement.	Quarterly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Data Network Tower	Security Engineering Review	Monthly reports detailing all current efforts and progress towards Deliverables being worked including the business unit, project name, the estimated project timeframe and hours assigned to the project.	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Cross Tower, End User Tower	On-line Director Services	Reporting on monthly metrics for adds, changes, and deletions of employee and office locations. Metrics to be delivered electronically and available securely, on the Health Net Intranet.	Monthly, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Cross Tower	Active User Access Account List	Report should be broken down by system/application (based on Health Net’s application list)/common share drive and contain all active users. Data Fields to be included: 1. Assoicate ID # or Contractor ID#	Weekly, Monthly, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized

Schedule W W - 33 Health Net / IBM Confidential

Final Execution Version

		2. User ID 3. User Name 4. Last Used Date 5. Identifier/Privilege 6. Cost Center 7. System 8. Department		for GSMRT
Data Center	Symphony Role reports	Sent at the beginning of each month to audit the role access on Symphony. This is a series of approximately 100 AS400 queries that generate 7 reports.	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Data Center	ABS reports	Sent at the beginning of each month to audit access to BusPlan shared folders, CLMEXAM and PRVCAPU privileges and the CAP_GUI_READ identifier.	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Data Centerl	Symphony Keyword report	Sent once a month to audit access to the BENEREPO keyword on Symphony.	Monthly	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT

Schedule W W - 34 Health Net / IBM Confidential

Final Execution Version

Data Center	Application Job Failure Summary and Detail report	This report is a summary of all job failures by application with drill down ability to the detail information for each failure.	Monthly, Quarterly, Annually, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
All Towers	Inventory report	The report will display a summary count of production work from the Remedy Problem management application. A start of month ticket and task count of unresolved issues, a tally of tickets and task that were newly received during the month, a tally of tickets and task that were resolved during the month and final tally of tickets and task unresolved at the end of the month.	Monthly, On Demand	If being generated today IBM will continue to use the existing tool until it can be customized for GSMRT
Voice Network	Telecom Expense Savings report.	Reports the monthly/annual/one-time value of their telecom network invoice and cost management activities.	Quarterly	If being generated today, IBM will continue to use the existing tool until it can be customized for GSMRT.
Voice Network	Telecom IS Request Metrics report.	This would report the number of telecom IS Requests processed and key metrics such as milestone response times from received to completion.	Quarterly	If being generated today, IBM will continue to use the existing tool until it can be customized for GSMRT.
Cross Tower	Audit Reports	Provide Health Net reports regarding audits conducted by IBM and/or Health Net	As Requested	If being generated today, IBM will continue to use the existing tool until it can be customized for GSMRT.

Schedule W W - 35 Health Net / IBM Confidential

Final Execution Version

Cross Tower	Managed As Pass Through Expenses Report	Provide Health Net with consolidated reports regarding the status of all Managed As Pass Through Expenses.	As Requested	If being generated today, IBM will continue to use the existing tool until it can be customized for GSMRT.
Cross Tower	Pure Pass Through Expenses Report	Provide Health Net with consolidated reports regarding the status of all Pure Pass Through Expenses.	As Requested	If being generated today, IBM will continue to use the existing tool until it can be customized for GSMRT.
Data Network Tower	Server / Workstation Patch Management Process Report	Server/workstation patch management process reports to provide detailed information of required security system patches. Patches are currently applied monthly to all Intel based servers and desktops. This process provides a view to how well the vendor is maintaining currency on this support component. Exceptions due to application compatibility issues should be noted.	Monthly	If being generated today, IBM will continue to use the existing tool until it can be customized for GSMRT.
Voice Network Tower	Data / Voice Circuit Report	Provide reporting for the Transport (Network and Voice) Resource Category and provide information regarding the size and configuration of the circuits and services. The report will include average and peak traffic data for both voice and data circuits and identify any circuits that show little to no traffic. For data circuits that include bursting charges (i.e. AT&T MIS), the report will provide information regarding port size and bursting charges to show that they are optimally configured for price and performance. For services (i.e. Advanced Features), the report will provide information showing that the services are optimally configured for price and performance.	Quarterly	If being generated today, IBM will continue to use the existing tool until it can be customized for GSMRT.
Voice	Project	The report shall include information on all Projects (including Small Projects),	Monthly	If being generated

Schedule W W - 36 Health Net / IBM Confidential

Final Execution Version

Network Tower	Implementation Report	including the following: Design change or new build (verify changes or adds are documented); application changes at ACD, quality monitor or ATT Route IT are documented; valid run of call flow change, holiday schedule or design implementation (error free in production); Build, Run task completed on time and within budget.		today, IBM will continue to use the existing tool until it can be customized for GSMRT.
Helpdesk	Abandoned Call Rate Daily	The percent of calls that were abandoned. For example, if the caller selects to speak to a help desk rep. and hangs up before the call is answered by the help desk rep., the call is considered as abandoned. It is directly affected by Average Speed to Answer and/or Percent Answered in X Seconds. If a call center is meeting Average Speed to Answer and/or Percent Answered in X Seconds and the service level is reasonably consistent over time, the Abandon Rate is primarily a reflection of the customer’s satisfaction with the contracted level of service, not the delivery of that service. The calculation used to obtain this percentage is: Qty. Abandoned divided by Qty. Received * 100 = % Abandoned Note: Qty. Received = (answered + abandoned)	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Abandoned Rate Hourly		Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Average Call	The average length of time the caller and helpdesk representative talk. For	Hourly, Daily,	GSMRT Tool/Print

Schedule W W - 37 Health Net / IBM Confidential

Final Execution Version

	Duration	example, call duration is measured from the time the help desk rep. answers the call, through the time the call is complete, and the phone is hung up. It is a direct contributor to Average Call Service Time and an indirect driver of Average Speed to Answer and Percent Answered in X Seconds. A consistent level of Average Call Duration with low variance contributes to consistent staffing estimates. The calculation used to obtain this measurement is: Total Talk Time divided by Qty. Answered = Average Call Duration	Weekly, Monthly	hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Average Call Out Duration	The average length of time the helpdesk representative either talks to or leaves a message for, an end user. It is an indirect driver of Average Speed to Answer and Percent Answered in X Seconds because it takes agents away from the task of answering inbound calls. The calculation used to obtain this measurement is: Total Outgoing Talk Time divided by Total Outgoing Calls = Average Call Out Duration	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Average Call Service Time Daily	The average call service time is the Average Total Incoming Talk Time + Average Total Work Time + Time a caller is placed on Hold / Total Calls Answered (Work time is call related work done when an agent is not on a call. This mode is entered by the helpdesk rep., manually, by pressing the After Call Work (ACW) button on the phone). It is an indirect driver of Average Speed to Answer and Percent Answered in X Seconds. A consistent level of Average Call Service Time with low variance contributes to consistent staffing estimates.	Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.

Schedule W W - 38 Health Net / IBM Confidential

Final Execution Version

Helpdesk	Average Call Wait Time Daily	The average time it takes for a caller to reach a helpdesk representative. For example, when the caller dials the help desk number, a main menu is reached. One of the choices is to speak to a help desk rep. Wait time is measured from the time that option is selected, until the call is answered by a help desk rep. Average Call Service Time and Calls Received directly affect it, as well as the staffing level. Because it is an average, it tends to be more volatile than a percentile measurement. The calculation used to obtain this measurement is: Total Wait Time divided by Qty. Answered = Average Wait Time	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Average Hold Time Hourly	This metric measures Average Hold Time the current month to date. This is the average time a caller is placed on hold by a call center agent. This only frequency for which this report is available is hourly.	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Average Time to Abandon Daily	The average time it takes for a caller to abandon. Average Abandon Time is measured from the time the caller picks an option to speak to an agent until the time the caller hangs up. The calculation used to obtain this measurement is: Total Abandon Time divided by Qty. Abandoned = Average Time to Abandon	Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.

Schedule W W - 39 Health Net / IBM Confidential

Final Execution Version

Helpdesk	Average Wait Time Hourly	The average time it takes for a caller to reach a helpdesk representative. For example, when the caller dials the help desk number, a main menu is reached. One of the choices is to speak to a help desk rep. Wait time is measured from the time that option is selected, until the call is answered by a help desk rep. Average Call Service Time and Calls Received directly affect it, as well as the staffing level. Because it is an average, it tends to be more volatile than a percentile measurement. The calculation used to obtain this measurement is: Total Wait Time divided by Qty. Answered = Average Wait Time	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Percent of Calls Answered in Acceptable Range Daily	The percent of time calls are answered within the defined SLA objective. For example, the caller selects to speak to an agent, and the agent answers the call. The time between the selection and when the agent answered the call is tracked and the percent answered within the SLA is reported. Average Call Service Time and Calls Received directly affect it, as well as the staffing level. Because it is a percentage measure, it is often more difficult to recover in a given time period than an average measure would be. The calculation used to obtain this percentage is: Qty. Answered within criteria divided by Qty. Answered * 100 = % Answered within XX Seconds	Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Status Calls Avoided	The status calls avoided is the sum of calls abandoned by the caller after listening to the call center status message. This measure is used as a primary workload driver for a call center. As such, it is a primary determinant of staffing levels required to meet SLAs. While it may be impossible for a call	Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These

Schedule W W - 40 Health Net / IBM Confidential

Final Execution Version

		center to affect the number of problem calls, efforts to reduce the need for customers to call back for follow-up, etc. can have a positive effect on the level of this measure. This measure is not included in the help desk Abandon Rate.		daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Calls Abandoned Hourly	The total calls abandoned is the sum of calls abandoned by the call center. This measure is one of the primary workload driver for a call center. As such, it is a primary determinant of staffing levels required to meet SLAs. While it may be impossible for a call center to affect the number of problem calls, efforts to reduce the need for customers to call back for follow-up, etc. can have a positive effect on the level of this measure.	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Calls Abandoned Daily	The total calls abandoned is the sum of calls abandoned by the call center. This measure is one of the primary workload driver for a call center. As such, it is a primary determinant of staffing levels required to meet SLAs. While it may be impossible for a call center to affect the number of problem calls, efforts to reduce the need for customers to call back for follow-up, etc. can have a positive effect on the level of this measure.	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Calls Answered	The total calls answered is the sum of calls answered by the call center. This measure is one of the primary workload driver for a call center. As such, it is	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed

Schedule W W - 41 Health Net / IBM Confidential

Final Execution Version

	Daily	a primary determinant of staffing levels required to meet SLAs. While it may be impossible for a call center to affect the number of problem calls, efforts to reduce the need for customers to call back for follow-up, etc. can have a positive effect on the level of this measure		by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Calls Answered Hourly	The total calls answered is the sum of calls answered by the call center. This measure is one of the primary workload driver for a call center. As such, it is a primary determinant of staffing levels required to meet SLAs. While it may be impossible for a call center to affect the number of problem calls, efforts to reduce the need for customers to call back for follow-up, etc. can have a positive effect on the level of this measure	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Calls Received Daily	The total calls received is the sum of calls answered and calls abandoned. This report adds the two data points and displays the total. This measure is the primary workload driver for a call center. As such, it is a primary determinant of staffing levels required to meet SLAs. While it may be impossible for a call center to affect the number of problem calls, efforts to reduce the need for customers to call back for follow-up, etc. can have a positive effect on the level of this measure	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.

Schedule W W - 42 Health Net / IBM Confidential

Final Execution Version

Helpdesk	Total Calls Received Hourly	The total calls received is the sum of calls answered and calls abandoned. This report adds the two data points and displays the total. This measure is the primary workload driver for a call center. As such, it is a primary determinant of staffing levels required to meet SLAs. While it may be impossible for a call center to affect the number of problem calls, efforts to reduce the need for customers to call back for follow-up, etc. can have a positive effect on the level of this measure	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Calls Service Time Daily	The Total Call Service time is the Total Incoming Talk Time + Total Work Time + Time a caller is placed on Hold / Total Calls Answered (Work time is call related work done when an agent is not on a call. This mode is entered by the helpdesk rep., manually, by pressing the After Call Work (ACW) button on the phone). It is an indirect driver of Average Speed to Answer and Percent Answered in X Seconds. A consistent level of Total Call Service Time with low variance contributes to consistent staffing estimates.	Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Incoming Talk Time Daily	The actual length of time (in minutes) the caller(s) and helpdesk representative talk. For example, incoming call talk time is measured from the time the help desk rep. answers the call, through the time the call is complete, and the phone is hung up.	Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.

Schedule W W - 43 Health Net / IBM Confidential

Final Execution Version

Helpdesk	Total Outgoing Calls Daily	The total of all outgoing calls placed by the help desk representative. Because time spent on Outbound Calls is time that cannot be spent on Inbound Calls, the level of this measure relative to the level of Calls Received is an important contributor to staffing requirements, thus indirectly affecting SLA attainment	Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Outgoing Calls Hourly	The total of all outgoing calls placed by the help desk representative. Because time spent on Outbound Calls is time that cannot be spent on Inbound Calls, the level of this measure relative to the level of Calls Received is an important contributor to staffing requirements, thus indirectly affecting SLA attainment	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT daily, containing information current through 04:30 PT.
Helpdesk	Total Outgoing Talk Time Daily	The total outgoing talk time is the total minutes the help desk spent on outgoing calls	Hourly, Daily, Weekly, Monthly	GSMRT Tool/Print hardcopy as needed by recipient *NOTE: These daily reports must be produced and submitted to Health Net by 06:00 PT

Schedule W W - 44 Health Net / IBM Confidential

Final Execution Version

daily, containing information current through 04:30 PT.

Schedule W W - 45 Health Net / IBM Confidential

Final Execution Version

SCHEDULE X

AUDITS

***

Schedule X X - 1 Health Net / IBM Confidential

EX-10.2

Exhibit 10.2

Final Execution Version

MASTER SERVICES AGREEMENT

Between

Health Net, Inc.

and

Cognizant Technology Solutions U.S. Corporation

Dated

September 30, 2008

The mark *** indicates that text has been redacted pursuant to a request for confidential treatment under Rule 24b-2 of the Securities Exchange Act of 1934, as amended, and filed separately with Securities and Exchange Commission.

Terms and Conditions Health Net / Cognizant Confidential

Final Execution Version

TABLE OF CONTENTS

1	PREAMBLE	1
	1.1           Background and Purpose	1
	1.2           Objectives	1
	1.3           Structure of Agreement	2
	1.4           Construction of Preamble	4
2	DEFINITIONS	4
	2.1           Defined Terms	4
	2.2           Other Terms	7
3	SERVICES	7
	3.1           Provision of the Services	7
	3.2           Implied Services	7
	3.3           Evolution of the Services	8
	3.4           Users of the Services	8
	3.5           Services Not Exclusive; Variable	8
	3.6           Cooperation and Coordination with Other Parties	9
	3.7           New Services	9
4	TERM AND REGULATORY APPROVALS	9
	4.1           Initial Term	9
	4.2           Renewal Terms	10
	4.3           Regulatory Approvals and Federal Business	10
5	PERFORMANCE	10
	5.1           Performance, Generally	10
	5.2           Place of Performance	10
	5.3           Time of Performance	11
	5.4           Manner of Performance	11
	5.5           Quality Assurance and Continuous Improvement	12
	5.6           User Satisfaction	12
6	SERVICE LEVELS	12
	6.1           General	12
	6.2           Failure to Perform	12
7	SUPPLIER PERSONNEL	12
	7.1           Provision of Suitable Personnel	12
	7.2           Screening and Background Checks	12
	7.3           Responsibility for Supplier Personnel, Generally	13
	7.4           Key Supplier Positions	13
	7.5           Removal and Replacement of Supplier Personnel	14
	7.6           Controlling Turnover of Supplier Personnel	14
	7.7           Subcontracting	15
	7.8           Managed Third Parties	16
8	HEALTH NET RESPONSIBILITIES	16
	8.1           Appointment of Health Net Program Management Office (PMO) Personnel	16
	8.2           Health Net Cooperation Duties	16
	8.3           Savings Clause	17
9	CHARGES	17

Terms and Conditions i Health Net / Cognizant Confidential

Final Execution Version

	9.1           Pass-Through Expenses	17
	9.2           Incidental Expenses	18
	9.3           Taxes	18
	9.4           Benchmarking	20
10	INVOICING AND PAYMENT	20
	10.1        Invoicing	20
	10.2        Payment Due	21
	10.3        Accountability	21
	10.4        Proration	21
	10.5        Refundable Items	21
	10.6        Deductions	22
	10.7        Disputed Charges	22
11	TRANSFER OR USE OF RESOURCES	22
	11.1        Transfer of Personnel	22
	11.2        Health Net Owned Equipment	22
	11.3        Health Net Leased Equipment	23
	11.4        Health Net Third Party Service Contracts	23
	11.5        Health Net Owned Software	23
	11.6        Health Net Licensed Software	24
	11.7        Health Net Facilities	25
	11.8        Terms Applicable to Health Net Facilities, Generally	25
	11.9        Required Consents	26
	11.10      Health Net Resources Provided to Supplier Personnel Working On-site	26
12	RESOURCE ACQUISITIONS DURING THE TERM	27
	12.1        General Responsibility and Compatibility	27
	12.2        Equipment	27
	12.3        Software	27
	12.4        Network Connectivity	28
	12.5        Health Net Rights to certain Software upon Termination/Expiration	28
13	TRANSITION	28
	13.1        “Transition” Defined	28
	13.2        Transition Plan	28
	13.3        Conduct of the Transition	29
	13.4        Health Net Cooperation and Support	29
	13.5        Completion of Transition Projects	29
14	DATA SECURITY AND PROTECTION	30
	14.1        “Health Net Data” Defined	30
	14.2        Health Net Data, Generally	30
	14.3        Data Security	30
	14.4        Compliance with Data Privacy and Data Protection Laws, Regulations and Policies	31
	14.5        Import/Export Controls	31
	14.6        Compliance with Gramm-Leach-Bliley (“GLB Act”)	32
15	INTELLECTUAL PROPERTY RIGHTS	32
	15.1        Defined Terms	33
	15.2        Independent IP	33
	15.3        Copyright in Work Product	34

Terms and Conditions ii Health Net / Cognizant Confidential

Final Execution Version

	15.4        Intellectual Property Rights Other than Copyright	34
	15.5        Other Developed Items	35
	15.6        Intellectual Property Rights Agreements with Supplier Personnel	35
	15.7        Other Obligations and Rights Regarding Work Product	35
	15.8        Mental Impressions	35
16	TERMINATION	36
	16.1        Termination By Health Net	36
	16.2        Termination By Supplier	38
	16.3        Extension of Termination/Expiration Date	38
	16.4        Partial Termination	38
	16.5        Disengagement Assistance	38
	16.6        Survival	39
	16.7        Bid Assistance	40
17	GOVERNANCE AND MANAGEMENT	41
	17.1        Governance Structure and Processes	41
	17.2        Meetings	41
	17.3        Reports	42
	17.4        Procedures Manual	42
	17.5        Change Control	43
	17.6        Annual Technology Plan	44
18	AUDITS AND RECORDS	45
	18.1        Audit Rights	45
	18.2        Audit Follow-up	46
	18.3        Confidentiality of Audits	46
	18.4        Records Retention	46
	18.5        Supplier Audits	47
	18.6        Financial Reports	47
	18.7        Overcharges	47
19	REPRESENTATIONS, WARRANTIES AND COVENANTS OF SUPPLIER	47
	19.1        Work Standards	47
	19.2        Maintenance	47
	19.3        Efficiency and Cost-Effectiveness	48
	19.4        Technology	48
	19.5        Deliverables	48
	19.6        Documentation	48
	19.7        Compatibility	48
	19.8        Non-Infringement	48
	19.9        Viruses	49
	19.10      Disabling Code	50
	19.11      Compliance with Health Net Policies and Procedures	50
	19.12      Compliance with Laws; Export Control	50
	19.13      Date and Currency Compliance	50
	19.14      Corporate Social Responsibility	50
	19.15      Subcontractor Confidentiality and Assignment	51
	19.16      No Improper Inducements	51
20	MUTUAL REPRESENTATIONS AND WARRANTIES; DISCLAIMER	51
	20.1        Mutual Representations and Warranties	51
	20.2        Disclaimer	52

Terms and Conditions iii Health Net / Cognizant Confidential

Final Execution Version

21	CONFIDENTIALITY	52
	21.1        “Confidential Information” Defined	52
	21.2        Obligations of Confidentiality	53
	21.3        No Implied Rights	54
	21.4        Compelled Disclosure	54
	21.5        Confidential Treatment of this Agreement	54
	21.6        Disclosure of Information Concerning Tax Treatment	54
	21.7        Return or Destruction	54
	21.8        Duration of Confidentiality Obligations	55
22	INSURANCE	55
23	INDEMNIFICATION	55
	23.1        “Claim” and “Losses” Defined	55
	23.2        Indemnification By Supplier	56
	23.3        Infringement Claims	56
	23.4        Indemnification By Health Net	56
	23.5        Indemnification Procedures	57
	23.6        Subrogation	58
24	LIABILITY	58
	24.1        General Intent	58
	24.2        Limitations of Liability	58
	24.3        Force Majeure	59
	24.4        Disaster Recovery and Business Continuity	60
25	RULES OF CONSTRUCTION	61
	25.1        Entire Agreement	61
	25.2        Contracting Parties; No Third Party Beneficiaries	61
	25.3        Contract Amendments and Modifications	61
	25.4        Governing Law	61
	25.5        Relationship of the Parties	62
	25.6        Consents and Approvals	62
	25.7        Waiver	62
	25.8        Remedies Cumulative	62
	25.9        References	62
	25.10      Rules of Interpretation	63
	25.11      Order of Precedence	63
	25.12      Severability	63
	25.13      Counterparts	63
	25.14      Reading Down	63
26	DISPUTE RESOLUTION	63
	26.1        Informal Dispute Resolution	64
	26.2        Litigation	64
	26.3        Continued Performance	65
	26.4        Equitable Remedies	65
	26.5        Waiver of Jury Trial	65
	26.6        Disclaimer of Uniform Computer Information Transactions Act	66
27	GENERAL	66
	27.1        Binding Nature and Assignment	66
	27.2        Nondiscrimination	66

Terms and Conditions iv Health Net / Cognizant Confidential

Final Execution Version

27.3        Beneficiary Hold Harmless	67
27.4        Notices	67
27.5        Non-solicitation of Employees	67
27.6        Legal Compliance	68
27.7        Covenant of Good Faith	68
27.8        Public Disclosures	68
27.9        Service Marks	68
27.10      Mutually Negotiated	69

Terms and Conditions v Health Net / Cognizant Confidential

Final Execution Version

Master Services Agreement

This Agreement, effective as of September 30, 2008 (the “Effective Date”), is between Health Net, Inc., a Delaware corporation with its principal place of business located at 21650 Oxnard Street, Woodland Hills, CA 91367 and Cognizant Technology Solutions U.S. Corporation (“Supplier”), a Delaware corporation having an office at 500 Frank W. Burr Blvd., Teaneck, New Jersey 07666 (each, a “Party” and collectively, the “Parties”). The Parties agree that the following terms and conditions shall apply to the services to be provided by Supplier to Health Net under this Agreement, in consideration of certain payments to be made by Health Net, all as more specifically described below.

1 PREAMBLE

1.1 Background and Purpose

This Agreement is made and entered into with reference to the following:

(a) Health Net, Inc. is among the nation’s largest publicly traded managed health care companies. Its mission is to help people be healthy, secure and comfortable. Health Net, Inc. is among the nation’s largest publicly traded managed health care companies. Its mission is to help people be healthy, secure and comfortable. The company’s health plans and government contracts subsidiaries provide health benefits to approximately 6.7 million individuals across the country through group, individual, Medicare, Medicaid and TRICARE and Veterans Affairs programs.

(b) Supplier and its Affiliates are providers of application maintenance and development services.

(c) Prior to the Effective Date, Supplier provided services to Health Net pursuant to a Master Staff Augmentation and Application Development Services Agreement (the “Staff Augmentation Agreement”), effective as of May 3, 2006. The Staff Augmentation Agreement will remain in effect after the Effective Date, as set forth in Section 25.1(b).

(d) After a comprehensive evaluation and negotiation process, Health Net has selected Supplier to also provide the Services described in this Agreement, during the Term of the Agreement and pursuant to the terms and conditions of this Agreement, and Supplier desires to provide to Health Net the Services through the execution of this Agreement and the attached schedules, exhibits and appendices, all of which are governed by the terms and conditions set forth in this Agreement.

1.2 Objectives

(a) Health Net and Supplier have agreed upon the following over-arching goals and objectives as those they expect to be accomplished by their execution of this Agreement and the performance of Services entered into pursuant to the Agreement:

(i) A seamless transition of outsourced services to Supplier from Health Net and incumbent vendors in a manner that ensures minimal business disruption and business risk to Health Net;

Terms and Conditions 1 Health Net / Cognizant Confidential

Final Execution Version

(ii) A Technical Solution and Service delivery model that is scalable and responsive to change;

(iii) Quality of service consistent with that of the leading providers of similar services and continuous improvement;

(iv) A Technical Solution and Services that keep pace with modernization and consumerization of technology;

(v) Supplier integration among other Health Net service providers to Health Net and service-wide responsibility for the Services; and

(vi) Services and solutions that are continuously aligned to Health Net business needs and imperatives – i.e., a Technical Solution, Service delivery model and platform that will support rapid scalability, growth, and change in the composition and location of Health Net’s businesses.

(b) The goals and objectives set out in this Section 1.2 are intended to be a general introduction to, and statement of the spirit of, this Agreement. Although they are not intended to expand or reduce the scope of the Parties’ express obligations under this Agreement, Supplier’s performance under this Agreement will be measured, in part, based on the extent to which Supplier’s performance causes or contributes to the achievement of them. Further, to the extent that the terms of this Agreement do not address a particular circumstance, are unclear or ambiguous, or require the Parties to discuss, negotiate or agree on a particular matter, such terms must be construed in accordance with, and each Party must act to give the fullest possible effect to, the goals and objectives set out in this Section 1.2.

1.3 Structure of Agreement

This document (the “Terms and Conditions”) sets out the basic terms and conditions under which the Parties will conduct the transactions contemplated by this Agreement. In addition, there will be a number of Schedules and Exhibits attached to the Terms and Conditions, including:

Schedule A (Services)

Exhibit A-1 (Intentionally Left Blank)

Exhibit A-2 (Transition Description)

Attachment A-2-1 (Transition Plan)

Exhibit A-3 (Solution Description)

Exhibit A-4 (In-Scope Applications)

Exhibit A-5 (Change Control Process)

Attachment A-5-1 (Sample Change Notice)

Exhibit A-6 (Project Framework)

Attachment A-6-1 (Deliverable Acceptance Procedures)

Exhibit A-7 (In Flight Projects)

Exhibit A-8 (Testing Center of Excellence)

Terms and Conditions 2 Health Net / Cognizant Confidential

Final Execution Version

Exhibit A-9 (SAP Responsibility Matrix)

Exhibit A-10 (Intentionally Left Blank)

Exhibit A-11 (Network Diagram)

Schedule B (Service Levels)

Exhibit B-1 (Service Level Metrics)

Exhibit B-2 (Remedy Incident and Problem Priority Level Definitions)

Exhibit B-3 (Service Request Completion Times)

Schedule C (Charges)

Exhibit C-1 (Production Support Charge)

Exhibit C-2 (Individual Application Production Support Charges)

Exhibit C-3 (Applications Development Charges)

Exhibit C-4 (Applications Development Hours – Onshore and Offshore Personnel)

Exhibit C-5 (Transitioned Employees)

Exhibit C-6 (T&M Rates)

Exhibit C-7 (Skillset Mix and Supporting Skillset Rates)

Schedule D (Key Supplier Positions)

Schedule E (Transitioned Employees)

Exhibit E-1 (Affected Employees)

Exhibit E-2 (Employees on Approved Leave)

Exhibit E-3 (Transition Start Date and Scheduled Steady-State Date)

Schedule F (Facilities)

Exhibit F-1 (Seat Requirements)

Schedule G (Governance)

Schedule H (Insurance)

Schedule I (Third Party Service Contracts)

Schedule J (Software)

Exhibit J-1 (Health Net Owned Service Delivery Software)

Exhibit J-2 (Health Net Leased Service Delivery Software)

Exhibit J-3 (Health Net Associated Tools and Software)

Exhibit J-4 (Cognizant Office Productivity Software)

Schedule K (Business Associate Addendum)

Schedule L (Disengagement Assistance)

Schedule M (Health Net Policies and Procedures)

Schedule N (Equipment)

Schedule O (Approved Subcontractors)

Schedule P (Reports)

Schedule Q (Glossary)

Terms and Conditions 3 Health Net / Cognizant Confidential

Final Execution Version

Schedule R (Supplier Competitors)

Schedule S (Form Non-Disclosure Agreement)

Schedule T (Security Questionnaire)

1.4 Construction of Preamble

The provisions of this Section 1 are intended to provide a general introduction to this Agreement and a context in which to interpret this Agreement’s terms and conditions in circumstances where their meanings are unclear or ambiguous. It is not intended to alter the plain meaning of this Agreement or to expand the scope of the Parties’ express obligations under it.

2 DEFINITIONS

2.1 Defined Terms

The following capitalized terms, when used in this Agreement, will have the meanings given them below:

(a) “Affiliate” means, with respect to an entity, any other entity or person Controlling, Controlled by or under common Control with such entity.

(b) “Agreement” shall mean this Terms and Conditions document as well as all schedules, exhibits, and appendices attached hereto, as the same may be amended by the Parties from time to time in accordance with Section 25.3.

(c) “Application” or “Application Software” means Software that performs specific End User-related data processing, data management and telecommunications tasks.

(d) “Beneficiary” means a person who has enrolled in and/or is eligible to receive services under a Benefit Program at the time services are rendered. The Parties acknowledge that the term “member” may be used by Health Net and for purposes of this Agreement, the term Beneficiary includes the term “member” wherever used.

(e) “Benefit Program” means a plan offered by Health Net or its Affiliates whereby Health Net or a Health Net Affiliate is obligated to provide or arrange for health care services, or compensation therefor, to Beneficiaries in accordance with the provisions contained in such plans.

(f) “Commercially Reasonable Efforts” means taking all such steps and performing in such a manner as a well managed company would undertake where it was acting in a determined, prudent and reasonable manner to achieve a particular desired result for its own benefit.

(g) “Control” and its derivatives, such as “Controlling” means with regard to any entity the legal, beneficial or equitable ownership, directly or indirectly, of: (i) fifty percent (50%) or more of the capital stock (or other ownership interest if not a stock corporation) of such entity ordinarily having voting rights; or (ii) (A) twenty percent (20%) or more of the capital stock (or other ownership interest if not a stock corporation) and (B) either

Terms and Conditions 4 Health Net / Cognizant Confidential

Final Execution Version

(1) a greater percentage than any other juridical person or (2) management control in fact or by agreement.

(h) “Deliverable” means any tangible Work Product produced in the course of performing the Services that is listed or described in a Statement of Work, Work Order or other Service request document (or a project plan developed pursuant to this Agreement) or is otherwise required to be delivered by Supplier to Health Net in order to satisfy Supplier’s obligations with respect to any item to be provided by Supplier under a Statement of Work, Work Order or other Service request document or project plan.

(i) “Disengagement Assistance” means, collectively, the Functions that Health Net requests from Supplier or that are otherwise required to enable an orderly transfer of Services from Supplier to Health Net or its designees without interruption or adverse effect to Health Net in connection with the cessation of any Services, or the expiration or earlier termination (for any reason) of this Agreement, in whole or in part, including the Functions described in Section 16.5 and Schedule L (Disengagement Assistance).

(j) “Disengagement Assistance Period” means the period of time that Supplier is obligated to provide Disengagement Assistance pursuant to Section 16.5(a).

(k) “Documentation” means written materials (including materials published on an Internet or Intranet site or otherwise online) that are available or necessary to instruct or assist End Users, operators or systems personnel in the installation, development, maintenance, operation, use or modification of any Equipment, Software, system, or Deliverable (including applicable functional and technical specifications), as such documentation is updated from time to time.

(l) “Effective Date” has the meaning set forth in the preamble.

(m) “End Users” means direct users of the Services provided under this Agreement.

(n) “Equipment” means any computer and telecommunications machines or other hardware (without regard to the entity owning or leasing it) used by the Supplier in the provision of the Services, including all associated attachments, features, accessories and peripheral devices and related services (e.g., maintenance and support services, upgrades, and subscriptions services).

(o) “Financial Responsibility” means having responsibility for furnishing and paying for resources or certain services related to resources.

(p) “Former Health Net Affiliate” means: (i) any entity affiliated with Health Net at any time during the Term (such designation expiring at the end of the twenty-fourth (24^th) month after the date that such entity ceases to Control, be Controlled by, or be under common Control with, Health Net); or (ii) the purchaser of all or substantially all of the assets of any line of business of Health Net or its Affiliates (such designation (A) applying only with respect to the business so acquired; and (B) expiring at the end of the twenty-fourth (24^th) month after the date of such purchase.) At Health Net’s option, each Former Health Net Affiliate shall be deemed to be an Affiliate of Health Net.

(q) “Health Net Facility” means a Health Net office or business location at which, or with respect to which, Supplier performs the Services.

Terms and Conditions 5 Health Net / Cognizant Confidential

Final Execution Version

(r) “In-Scope Applications” has the meaning set forth in Section 1.3 of Schedule A.

(s) “IT Infrastructure” means the Equipment and Software (regardless of ownership) that comprise the infrastructure of Health Net’s and its Affiliates’ information technology organizations.

(t) “Law” means: (i) any applicable law, statute, regulation, ordinance or subordinate legislation in force from time to time to which a Party or any of its Affiliates is subject; (ii) the common law as applicable to the Parties or any of their Affiliates from time to time; (iii) any binding court order, judgement or decree (including consent agreements); and (iv) any applicable directive, policy, rule or order that is binding on a Party or any of its Affiliates and that is made or given by any government, an agency thereof, or any regulatory body; of any country, the European Union, or other national, federal, commonwealth, state, provincial or local jurisdiction, and of any exchange or association (including the New York Stock Exchange and the National Association of Securities Dealers) whose regulations are binding on either Party pursuant to a self-regulating mechanism approved by a governmental entity.

(u) “Out-of-Pocket Expenses” means reasonable, demonstrable and actual out-of-pocket expenses incurred by Supplier for Equipment, materials, supplies or services provided to or for Health Net as identified in this Agreement, but not including Supplier’s actual or allocated overhead costs, administrative expenses or other mark-ups.

(v) “Required Consents” means such consents as may be required for (i) the assignment to a Party, or the grant to a Party of rights of access and use, of resources otherwise provided to or licensed by the other Party.

(w) “Service Commencement Date” shall mean February 2, 2009, which is the date that Supplier shall achieve Steady-State with respect to the first In-Scope Application, as set forth on Exhibit A-2-1 to Schedule A, or any other date mutually agreed by the Parties in writing.

(x) “Software” means program code (in both object code and Source Code forms) and all supporting documentation, media, on-line help facilities and tutorials, including any update, enhancement, modification, releases and Derivative Work of any item comprising Software.

(y) “Source Code” means the computer code of Software in programming languages, including all comments and procedural code, and all related development documents (e.g., flow charts, schematics, statements of principles of operations, End User manuals, architectural standards, Documentation, and any other specification that are used to create or that comprise the computer code, of the Software concerned.

(z) “Supplier Competitor” means those entities listed in Schedule R.

(aa) “Supplier Personnel” means, collectively, any and all personnel furnished or engaged by Supplier to perform any part of the Services, including: (i) the employees of Supplier; (ii) Subcontractors; and (iii) the employees of such Subcontractors.

(bb) “Systems Software” means those programs or programming (including the supporting Documentation, media, on-line help facilities and tutorials) that perform (i) tasks basic to

Terms and Conditions 6 Health Net / Cognizant Confidential

Final Execution Version

the functioning of Equipment and which are required to operate the Applications Software or a system; or (ii) tasks other than as performed by Applications Software of a system. If programs or programming are not Applications Software, they are deemed to be Systems Software. Systems Software includes mainframe, midrange and desktop operating systems, server operating systems, network operating systems, systems utilities (including measuring and monitoring tools), data security Software and telecommunications monitors.

(cc) “Use” means to access, use, copy, maintain, modify, enhance, perform, display, distribute and create derivative works.

2.2 Other Terms

Other capitalized terms used in this Agreement but not defined above are defined where they are used and have the meanings there indicated. Those terms, acronyms, and phrases utilized in the information technology or health and wellness industry which are not otherwise defined in this Agreement shall be interpreted in accordance with their generally understood meaning in such industry or business context.

3 SERVICES

3.1 Provision of the Services

Starting on the Service Commencement Date, Supplier will provide the following services, functions and responsibilities, as they may be supplemented, enhanced, modified or replaced (collectively, the “Services”):

(a) the functions, responsibilities, activities and tasks (collectively, “Functions”) described in Schedule A (Services) or elsewhere in this Agreement or in a Work Order executed pursuant to Exhibit A-6, other than those expressly designated as Functions for which Health Net is responsible;

(b) any Functions performed during the *** months preceding the Effective Date by Health Net’s or its Affiliates’ personnel (including employees and contractors) who were transitioned to Supplier or displaced pursuant to the Transition Plan, or whose Functions were displaced pursuant to the Transition Plan; and

(c) performance, management, and completion of the projects listed or described in Exhibit A-7 (In-Flight Projects), the Transition as described in Exhibit A-2 (Transition), and any projects requested by Health Net.

3.2 Implied Services

If any Functions, other than those retained by Health Net under this Agreement, are reasonably required for, and incidental to or inherent in, the proper performance and provision of the Services (regardless of whether they are specifically described in the Agreement), they shall be deemed to be implied by and included within the scope of the Services to be provided by Supplier to the same extent and in the same manner as if specifically described in the Agreement.

Terms and Conditions 7 Health Net / Cognizant Confidential

Final Execution Version

3.3 Evolution of the Services

Throughout the Term, Supplier will seek to improve the quality, efficiency and effectiveness of the Services to keep pace with technological advances and support Health Net’s (and its Affiliates’) evolving business needs and efforts to maintain competitiveness in the markets in which it (and they) competes. Without limiting the generality of the foregoing, Supplier will: (i) identify and apply ‘best practice’ techniques and methodologies in performing and delivering the Services, (ii) train Supplier Personnel in new techniques and technologies used generally within Supplier’s organization or the IT services industry and approved by Health Net for use in rendering the Services; and (iii) make investments to maintain the currency of Supplier’s tools, infrastructure and other resources used by Supplier to render the Services. Changes in the Services pursuant to this Section 3.3 will not be considered New Services.

3.4 Users of the Services

(a) Supplier will provide the Services to Health Net and, as designated by Health Net from time to time, its Affiliates, Former Health Net Affiliates, licensees, customers, providers, contractors and other entities with whom Health Net has a business relationship with Health Net which is broader than the mere resale of Services (each such entity a “Service Recipient”). For purposes of this Agreement, Services provided to such entities shall be deemed to be Services provided to Health Net.

(b) With respect to Former Health Net Affiliates, Supplier will continue to provide the Services being provided as of the date of divestiture as is requested by Health Net for as long as such entity continues to meet the definition of “Former Health Net Affiliate” (or such shorter period of time designated by Health Net). There shall be no additional charge or fee (i.e., in addition to the charges for the actual Services as provided in this Agreement) for the provision of Services to Former Health Net Affiliates.

3.5 Services Not Exclusive; Variable

(a) This Agreement is non-exclusive. Except as set forth in Section 7.10 of Schedule C, nothing in this Agreement shall be construed to limit in any way Health Net’s ability to request that other third parties provide, or propose to provide, services that are the same as or similar to the Services, including with respect to the In-Scope Applications. Health Net (and its Affiliates) may contract with other suppliers for any products and services, including products and services that are similar to or competitive with the Services or that formerly were part of the Services. In the case of Health Net’s withdrawal of portions of the Services from Supplier (including a withdrawal by Health Net of any In-Scope Applications from the scope of this Agreement), the charges shall be reduced using the unit rates and charging methodologies provided in Schedule C (Charges), or otherwise in an equitable manner to the extent such unit rates and charging methodologies do not apply to the withdrawn portions of the Services.

(b) The Services are variable in volume. Such variations are provided for in the charging mechanisms set forth in Schedule C (Charges). Supplier shall be responsible for adjusting the resources used to provide the Services to accommodate the changes in volume (regardless of the amount of time remaining in the Term) in such a manner as to comply with all Service Levels. Supplier shall not be entitled to receive an adjustment to the Charges resulting from such variations in volume except as set forth in Schedule C (Charges).

Terms and Conditions 8 Health Net / Cognizant Confidential

Final Execution Version

(c) Except as set forth in Section 7.10 of Schedule C, Health Net (and its Affiliates) make no commitment for any minimum or maximum volume, scope, or value of the Services under this Agreement or to any minimum or maximum payments to be made to Supplier.

3.6 Cooperation and Coordination with Other Parties

(a) If Health Net performs itself, or retains a third party to perform, any services that interface or interact with the Services, or that formerly were part of the Services, Supplier will, in accordance with and subject to Section 3.6(b), cooperate and coordinate with Health Net or such third party as reasonably required for Health Net or the third party to perform such services. Supplier’s cooperation and coordination will include, as applicable: (i) providing reasonable access to the facilities being used by Supplier to provide the Services as necessary for Health Net or the third party to perform its work; (ii) providing reasonable access to the Equipment and Software used in providing the Services to the extent permitted under any applicable agreements with third parties; and (iii) providing such information regarding the operating environment, system constraints and other operating parameters as a person with reasonable commercial skills and expertise would find reasonably necessary for Health Net or the third party to perform its work.

(b) Third parties retained by Health Net who utilize Supplier’s resources shall comply with Supplier’s reasonable security and confidentiality requirements and, as relevant, with Supplier’s reasonable work standards, methodologies and procedures, if provided in writing by Supplier to Health Net and such third parties. Supplier shall immediately notify Health Net if an act or omission of such a third party may cause a problem or delay in providing the Services and shall work with Health Net to prevent or circumvent such problem or delay.

3.7 New Services

(a) “New Services” means Functions Health Net requests Supplier to perform under this Agreement

(i) that are materially different from, and in addition to, the Services, and

(ii) for which there is no existing charging mechanism in this Agreement.

(b) Supplier will not perform any additional Functions that would constitute New Services prior to informing Health Net what the additional charges would be for performing them, and receiving Health Net’s authorization to proceed. Such New Services and such additional charges would be set forth in a Change Order or contract amendment signed by both Parties. Additionally, if Supplier does perform the additional Functions without Health Net’s prior authorization, they will be deemed to have been performed as part of the Services at no charge.

4 TERM AND REGULATORY APPROVALS

4.1 Initial Term

Terms and Conditions 9 Health Net / Cognizant Confidential

Final Execution Version

The term of this Agreement shall be commence on the Effective Date and expire on December, 31, 2013, unless it is terminated earlier or is extended pursuant to the terms of this Agreement (such period, together with all extensions thereof, the “Term”).

4.2 Renewal Terms

By giving notice to Supplier no less than three months prior to the then-existing expiration date of the Agreement, Health Net may extend the Term for a period designated by Health Net of up to one year on the terms and conditions (including pricing and cost-of-living adjustments pursuant to Section 8.1 of Schedule C) then in effect. Health Net shall have two (2) such extension options of up to one year each.

4.3 Regulatory Approvals and Federal Business

(a) Health Net’s obligations under this Agreement are conditioned upon Health Net obtaining regulatory consents and approvals from the appropriate governmental or other regulatory body necessary or advisable for Health Net to obtain in order to proceed with the transactions contemplated by this Agreement. In the event that Health Net is not able to obtain such a consent or approval, Health Net shall have the right to remove any impacted services from the scope of this Agreement without charge, and the Parties shall cooperate to make such changes as may be necessary to remove such Services from scope.

(b) Supplier shall comply with provisions arising our of Health Net’s contracts for federal business, including restrictions against providing services from offshore and audit requirements.

5 PERFORMANCE

5.1 Performance, Generally

Supplier is responsible for managing and successfully performing, completing, and delivering the Services, subject to the overall direction of Health Net and with the cooperation and support of Health Net as specified in this Agreement.

5.2 Place of Performance

Supplier will perform the Services primarily at the Health Net Facilities described in Section 2 of Schedule F (Facilities), and the Supplier facilities and Subcontractor facilities described in Sections 3(a) and 4 of Schedule F (Facilities), respectively, (the “Supplier Facilities”). During the Term, Supplier will not change any location from which it provides Services to Health Net, or materially reallocate the volume or nature of work processed between locations from which it provides Services to Health Net, without Health Net’s prior written approval, which may be granted or withheld in Health Net’s discretion. Supplier will manage any approved relocations in accordance with this Agreement and a migration plan to be prepared by Supplier and approved by Health Net. Prior to seeking Health Net’s approval of any proposed relocation, Supplier will fully examine and evaluate the risks and anticipated effects of the contemplated relocation on the Services and Health Net, including the operational, technical, security, regulatory, and other effects, and will prepare and submit to Health Net an analysis of the effects. Supplier will be responsible for all costs, taxes and other expenses incurred by Supplier, and any new or additional costs, taxes and other expenses incurred by Health Net and reasonably demonstrated to Supplier

Terms and Conditions 10 Health Net / Cognizant Confidential

Final Execution Version

that are related to any Supplier-initiated relocation of an operational facility from which the Services are provided.

5.3 Time of Performance

(a) Supplier will (and will provide the resources necessary to) perform and complete the Services diligently and in a timely manner and in accordance with any applicable time schedules set forth in this Agreement.

(b) Supplier will promptly notify Health Net upon becoming aware of any circumstances that may reasonably be expected to jeopardize the timely and successful completion (or delivery) of any Service, project or Deliverable. Supplier will use Commercially Reasonable Efforts to avoid or minimize any delays in performance and will inform Health Net of the steps Supplier is taking or will take to do so, and the projected actual completion (or delivery) time.

(c) If Supplier believes a delay in performance by Health Net (or a third party service provider Health Net is responsible for managing) has caused or will cause Supplier to be unable to perform its obligations on time, Supplier will promptly so notify Health Net and use Commercially Reasonable Efforts to perform its obligations on time notwithstanding Health Net’s (or its third party service provider’s) failure to perform. If Supplier’s use of Commercially Reasonable Efforts to perform on time in such a circumstance would cause Supplier to incur significant Out-of-Pocket Expenses, Supplier will so notify Health Net. In that case, Supplier’s obligation to continue its efforts to work around the Health Net-caused delay will be subject to Health Net agreeing to reimburse Supplier for its additional Out-of-Pocket Expenses incurred in the course of such efforts.

5.4 Manner of Performance

Except as this Agreement expressly provides otherwise, Supplier will perform the Services at least at the same level and with at least the same degree of accuracy, quality, timeliness, responsiveness and efficiency as was provided prior to the Effective Date by or for Health Net and other Service Recipients and in compliance with the following:

(a) all applicable Service Levels;

(b) the Procedures Manual;

(c) applicable standards, policies and procedures of Health Net (and its Affiliates) provided in this Agreement or provided to Supplier in connection with this Agreement;

(d) all other compliance obligations of Supplier under this Agreement, including compliance with data security requirements in Section 14 and compliance with Law obligations in Section 27.6; and

(e) in cases where this Agreement does not prescribe or otherwise regulate the manner of Supplier’s performance of the Services, proven best practices followed by the leading providers of similar services.

Terms and Conditions 11 Health Net / Cognizant Confidential

Final Execution Version

5.5 Quality Assurance and Continuous Improvement

In performing the Services, Supplier will follow commercially reasonable quality assurance procedures designed to ensure that the Services are performed with a high degree of professional quality and reliability. Such procedures shall include checkpoint reviews, testing, acceptance, and other procedures for Health Net to confirm the quality of Supplier’s performance. Supplier, as part of its total quality management process, will provide continuous quality assurance and quality improvement through: (i) the identification and application of proven techniques and tools from other installations within its operations; and (ii) the implementation of concrete programs, practices and measures designed to improve performance (including the Service Levels). Supplier will utilize project management tools, including productivity aids and project management systems, as appropriate in performing the Services.

5.6 User Satisfaction

Supplier will conduct Satisfaction Surveys in accordance with Section 6 of Schedule B. Health Net’s satisfaction with the Services will be taken into account by Supplier in its performance appraisals of Supplier Personnel.

6 SERVICE LEVELS

6.1 General

Quantitative performance standards for certain of the Services (“Service Levels”) are set forth in Schedule B (Service Levels).

6.2 Failure to Perform

Supplier will place ***%) of the aggregate monthly charges payable by Health Net under this Agreement (excluding Pass-Through Expenses) at risk each month for Service Level Credits (such amount the “Amount at Risk”). Supplier’s obligation to pay Service Level Credits is further described in Schedule B. Health Net may allocate the Pool Percentage Available for Allocation among Critical Service Levels for the purpose of calculating Service Level Credits, as further described in Schedule B.

7 SUPPLIER PERSONNEL

7.1 Provision of Suitable Personnel

Supplier will assign an adequate number of Supplier Personnel to perform the Services who are properly educated, trained, familiar with and fully qualified for the Services they are assigned to perform, and Supplier shall ensure (to the extent reasonably possible) that any outgoing Supplier Personnel leaving the Health Net account spend a reasonable period of time training the new Supplier Personnel who will be replacing such outgoing personnel. Supplier is responsible for taking action at its own expense such that Supplier Personnel assigned to perform Services have the legal right to work in the countries in which they are assigned to work.

7.2 Screening and Background Checks

Supplier shall, at no additional expense to Health Net, and prior to placing any Supplier Personnel at Health Net or on the Health Net account, complete background checks for all such personnel,

Terms and Conditions 12 Health Net / Cognizant Confidential

Final Execution Version

excluding Transitioned Employees (“Background Checks”). Background Checks shall include, without limitation, verification of work history, I-9 completion (to the extent required by the laws of the United States), reference checks from at least three (3) prior employers (if such personnel have had three prior employers, and if not then from such personnel’s prior employers), drug testing and such other background checks as Health Net may request. Checks shall also identify State, county, federal and other applicable jurisdictions felonies and misdemeanor convictions and verify the social security number of such personnel, if applicable to such personnel. The personnel will be asked for education and, with respect to United States resident personnel, the last seven (7) years of residences. Subject to applicable Law, Supplier Personnel may be tested for drugs and/or alcohol whenever Supplier or Health Net has reasonable suspicion that the personnel is under the influence of drugs and/or alcohol in the workplace or has violated the substance abuse policy. Such personnel have the right to refuse to submit to drug or alcohol testing; however, any personnel who does so will be subject to removal from the Health Net account. Results of Background Checks and drug testing will remain Supplier’s Confidential Information and will not be provided to Health Net, but any negative or questionable Background Check or drug test of a personnel will require Supplier to remove or not assign such personnel. Supplier shall hire all Supplier Personnel and other personnel involved in the Health Net account strictly in accordance with all Laws applicable to the hiring and employment of individuals including, without limitation, the Fair Labor Standards Act, Immigration Reform and Control Act and all equal employment opportunity Laws.

7.3 Responsibility for Supplier Personnel, Generally

Supplier will manage, supervise and provide direction to Supplier Personnel and cause them to comply with the obligations and restrictions applicable to Supplier under this Agreement. Supplier will make Supplier Personnel aware of, and cause them to comply with, Health Net’s safety and security policies that have been made known to Supplier while they are performing Services at Health Net Facilities or accessing Health Net Data or systems. As between Supplier and Health Net, Supplier is responsible for all wages, salaries and other amounts due Supplier Personnel, and for all tax withholdings, unemployment insurance premiums, pension and social welfare plan contributions, and other employer obligations with respect to Supplier Personnel. Supplier is responsible for the acts and omissions of Supplier Personnel under or relating to this Agreement.

7.4 Key Supplier Positions

(a) “Key Supplier Positions” means those positions designated as Key Supplier Positions in Schedule D (Key Supplier Positions). Supplier’s Client Partner will be one of the Key Supplier Positions. Supplier will cause each of the Supplier Personnel filling the Key Supplier Positions (whether as of the Effective Date, or replacement personnel filling such Key Supplier Position during the Term) to devote substantially full time and effort to the provision of the Services. Supplier Personnel approved as of the Effective Date to fill the Key Supplier Positions are listed in Schedule D (Key Supplier Positions).

(b) Before the initial and each subsequent assignment of an individual to a Key Supplier Position, Supplier will notify Health Net of the proposed assignment, introduce the individual to appropriate Health Net representatives and, consistent with Supplier’s personnel practices, provide Health Net a curriculum vitae and other information about the individual reasonably requested by Health Net. Upon request, Supplier will provide Health Net representatives an opportunity to meet with the individual. If Health Net in good faith objects to the proposed assignment, the Parties will attempt to resolve Health

Terms and Conditions 13 Health Net / Cognizant Confidential

Final Execution Version

Net’s concerns on a mutually agreeable basis. If the Parties have not been able to resolve Health Net’s concerns within five (5) Business Days, Supplier may not assign the individual to that position and must propose the assignment of another suitably qualified individual.

(c) Health Net may from time to time change the positions designated as Key Supplier Positions under this Agreement. However, without Supplier’s consent, the number of Key Supplier Positions may not exceed the number designated in Schedule D (Key Supplier Positions) as of the Effective Date.

(d) Without prior written approval by Health Net, Supplier will not reassign or replace any person assigned to a Key Supplier Position during the *** of his or her assignment to such Key Supplier Position (or during such other timeframe for a particular Key Supplier Position that may be stated in Schedule D). Supplier will give Health Net, where reasonably possible, at least sixty (60) days advance notice of a proposed change in personnel filling a Key Supplier Position, and will discuss with Health Net any objections Health Net may have. Supplier will arrange***, for the proposed replacement to work side-by-side with the individual being replaced during the notice period to effectuate a seamless transfer of knowledge prior to the incumbent leaving the Key Supplier Position. Individuals filling Key Supplier Positions may not be transferred or re-assigned until a suitable replacement has been approved by Health Net, and no such re-assignment or transfer may occur at a time or in a manner that would have an adverse impact on delivery of the Services or Health Net’s operations. Supplier will establish and maintain an up-to-date succession plan for the individuals serving in Key Supplier Positions. Supplier may remove an individual filling a Key Supplier Position after notification to Health Net for reasons of death, disability, resignation or termination from employment by Supplier, or otherwise as mutually agreed by the Parties.

7.5 Removal and Replacement of Supplier Personnel

Health Net may immediately remove any Supplier Personnel from any Health Net Facilities if the person is threatening or abusive, commits a crime, engages in an act of dishonesty while performing Services for Health Net or violates Health Net’s policies and procedures pertaining to safety, security or use of Health Net Facilities. If Health Net determines in good faith that the continued assignment to Health Net’s account of any of the Supplier Personnel is not in the best interests of Health Net, then Health Net may give Supplier written notice to that effect. After receipt of such a notice, Supplier will have a reasonable period of time (not to exceed ten (10) Business Days) in which to investigate the matters stated in the notice, discuss its findings with Health Net and resolve Health Net’s concerns. If, following such process, Health Net requests replacement of the individual, Supplier will replace the individual with another suitably qualified person.

7.6 Controlling Turnover of Supplier Personnel

Health Net and Supplier agree that it is in their mutual best interests to keep the turnover rate of Supplier Personnel to a reasonably low level. Accordingly, if Health Net believes that Supplier’s turnover rate is excessive and so notifies Supplier, Supplier will provide data concerning its turnover rate and meet with Health Net to discuss the reasons for, and impact of, the turnover rate. *** Notwithstanding any turnover of Supplier Personnel, Supplier remains obligated to perform the Services in compliance with the requirements of this Agreement.

Terms and Conditions 14 Health Net / Cognizant Confidential

Final Execution Version

7.7 Subcontracting

“Subcontractor” means a third party engaged by Supplier to provide products and/or services used by Supplier in rendering the Services, as well as any entity to whom a Subcontractor further subcontracts (or otherwise sub-delegates) any of its subcontracted duties or obligations. Supplier may subcontract or delegate the performance of Services only in accordance with the following:

(a) Supplier may subcontract the performance of Services to any of its wholly-owned Affiliates who are qualified to conduct business in the United States.

(b) Supplier may, in the ordinary course of business, subcontract for third party services or products (which include services and products from non-wholly owned Supplier Affiliates) that satisfy the following conditions: (i) are not dedicated to performance of Services for Health Net, (ii) are not material to a Function constituting a part of the Services, and (iii) do not result in a material change in the way Supplier conducts its business; provided (1) such subcontract does not adversely affect Health Net; and (2) in each case Supplier provides at least sixty (60) days prior written notice of the same to Health Net. If Health Net expresses concerns to Supplier about a subcontract covered by this paragraph, Supplier will discuss such concerns with Health Net and work to resolve Health Net’s concerns on a mutually acceptable basis.

(c) Except as provided in Sections 7.7(a) and 7.7(b), Supplier shall not subcontract for performance of, or delegate any of its responsibilities under this Agreement without first obtaining the prior written approval of Health Net. When seeking such approval, Supplier will (i) give Health Net reasonable prior written notice specifying the components of the Services affected, the scope of the proposed subcontract, the identity and qualifications of the proposed Subcontractor and the results of any due diligence carried out with regard to the proposed Subcontractor; and (ii) at Health Net’s request, provide Health Net a description of the scope and material terms (other than financial) of the proposed subcontract. Health Net may approve or reject proposed Subcontractors in its discretion. Health Net may also condition the approval of a proposed Subcontractor on Supplier’s obtaining the right from the proposed Subcontractor to assign the related subcontract to Health Net upon expiration/termination of this Agreement, and at such time and upon Health Net’s request, Supplier shall so assign the subcontract to Health Net. Health Net may require Supplier to replace any previously approved Subcontractor found, in the reasonable judgment of Health Net, to be unacceptable. Any such Subcontractors approved by Health Net, in its discretion, shall be an “Approved Subcontractor” hereunder.

(d) Approved Subcontractors as of the Effective Date are listed in Schedule P (Approved Subcontractors).

(e) In any subcontracts entered into by Supplier after the Effective Date for performance of the Services, Supplier will require the Subcontractor to be bound to Supplier by all applicable terms of this Agreement and to assume toward Supplier all of the applicable obligations and responsibilities that Supplier, by this Agreement, has assumed toward Health Net.

(f) Supplier may use Approved Subcontractors to perform the Services to the extent permitted by Health Net’s approval. Supplier is responsible for managing all Subcontractors. Supplier remains responsible for all Functions delegated to

Terms and Conditions 15 Health Net / Cognizant Confidential

Final Execution Version

Subcontractors to the same extent as if such Functions were to be performed by Supplier acting through its officers, directors, employees, and agents and, for purposes of this Agreement, such Functions will be deemed Functions performed by Supplier. Supplier will be Health Net’s sole point of contact regarding the Services, including with respect to payment.

(g) Supplier may disclose Health Net Confidential Information only to Approved Subcontractors who have agreed in writing to protect the confidentiality of such Confidential Information in a manner substantially equivalent to that required of Supplier under this Agreement and to permit both Supplier and Health Net, or both, to enforce such terms directly against such Subcontractor. As between the Parties, Supplier shall be responsible for all acts and omissions of (i) Supplier’s independent contractors and other Subcontractors as if they were Supplier’s employees and (ii) any third party to whom Supplier permits access to Health Net Data or Health Net Confidential Information.

7.8 Managed Third Parties

“Managed Third Parties” are third parties under contract to Health Net or its Affiliates who supply applications Software and tools which are part of the In-Scope Applications and Associated Tools and Software or which will be used by Supplier in rendering the Services, all pursuant to the contracts identified in Schedule I. Health Net shall have the right to add additional entities as Managed Third Parties by sending written notice to Supplier. Except where Schedule A (Services) provides otherwise, (A) Supplier is responsible for coordinating with the Managed Third Parties, including contacting such parties and working with such parties to obtain patches and resolve problems, and (B) Supplier will notify Health Net promptly if Supplier becomes aware that a Managed Third Party is failing to perform or observe its contractual responsibilities to Health Net, or otherwise adversely affecting the Services or Health Net (or its Affiliates), and in addition to its obligations in Schedule A, will work with Health Net in an effort to cause the Managed Third Party to meet its contractual obligations.

8 HEALTH NET RESPONSIBILITIES

8.1 Appointment of Health Net Program Management Office (PMO) Personnel

Health Net will designate an individual to serve as Health Net’s “Program Manager”, who will be Supplier’s principal point of contact for obtaining decisions, information, approvals and acceptances required from Health Net.

8.2 Health Net Cooperation Duties

(a) In support of Supplier’s performance of the Services and subject to Section 8.3, Health Net will perform the Functions identified in this Agreement as retained Health Net Functions and provide or make available to Supplier the Equipment, Software, Health Net Facilities and other resources that this Agreement specifies are to be provided by Health Net.

(b) Health Net will cooperate with Supplier, including by making available management decisions, information, approvals and acceptances, as reasonably requested by Supplier so that Supplier may accomplish its obligations and responsibilities under this Agreement.

Terms and Conditions 16 Health Net / Cognizant Confidential

Final Execution Version

8.3 Savings Clause

Health Net’s failure to perform its responsibilities set forth in this Agreement (or cause them to be performed) will not constitute grounds for termination by Supplier except as provided in Section 16.2 (Termination by Supplier). Supplier’s nonperformance of its obligations under this Agreement will be excused if and to the extent (a) such Supplier nonperformance results from Health Net’s failure to perform its responsibilities, and (b) Supplier provides Health Net with reasonable notice of such nonperformance and uses Commercially Reasonable Efforts to perform notwithstanding Health Net’s failure to perform. If Supplier’s use of Commercially Reasonable Efforts to perform in such a circumstance would cause Supplier to incur significant Out-of-Pocket Expenses, Supplier may so notify Health Net. If it does, Supplier’s obligation to continue its efforts to work around Health Net’s failure to perform will be subject to Health Net agreeing to reimburse Supplier for its additional Out-of-Pocket Expenses incurred in the course of such efforts. SUPPLIER ACKNOWLEDGES THAT HEALTH NET WOULD NOT BE WILLING TO ENTER INTO THIS AGREEMENT WITHOUT ASSURANCE THAT THIS AGREEMENT MAY NOT BE TERMINATED BY SUPPLIER AND THAT SUPPLIER SHALL NOT HAVE THE RIGHT TO SUSPEND PERFORMANCE OF THE SERVICES EXCEPT, AND ONLY TO THE EXTENT, EXPLICITLY PROVIDED HEREIN.

9 CHARGES

Schedule C (Charges) sets forth all the charges payable to Supplier for performing the Services and the associated invoicing and payment procedures and terms. Health Net will not be required to pay Supplier any amounts for or in connection with performing the Services and fulfilling Supplier’s obligations under this Agreement other than those amounts expressly payable to Supplier under this Agreement.

9.1 Pass-Through Expenses

(a) “Pass-Through Expenses” means third party charges that are to be both (i) paid by Health Net (either (A) directly to the third party or (B) to Supplier, which, in turn, pays the third party) on an Out-of-Pocket Expenses basis, and (ii) administered by Supplier. Any Pass-Through Expenses shall be agreed upon in accordance with Section 7.1 of Schedule C. Supplier shall arrange for delivery by third parties to Supplier of invoices for Pass-Through Expenses, and Supplier promptly shall review such invoices and provide Health Net with the original invoice together with a statement identifying which charges are proper and valid and should be paid by Health Net.

(b) Supplier shall use Commercially Reasonable Efforts to minimize the amount of Pass-Through Expenses. With respect to services or materials paid for on a Pass-Through Expenses basis, Health Net reserves the right to: (i) obtain such services or materials directly from a third party; (ii) designate the third party source for such services or materials; (iii) designate the particular services or materials (e.g., equipment make and model) Supplier shall obtain; (iv) designate the terms for obtaining such services or materials (e.g., purchase or lease and lump sum payment or payment over time); (v) require Supplier to identify and consider multiple sources for such services or materials or to conduct a competitive procurement; and (vi) review and approve the applicable Pass-Through Expenses before entering into a contract for particular services or materials.

Terms and Conditions 17 Health Net / Cognizant Confidential

Final Execution Version

9.2 Incidental Expenses

Supplier acknowledges that, except as may be otherwise provided in this Agreement, expenses that Supplier expects to incur in performing the Services (including travel and lodging, document reproduction and shipping, and long-distance telephone) are included in Supplier’s Charges and rates set forth in this Agreement. Accordingly, such Supplier expenses are not separately reimbursable by Health Net unless, on a case-by-case basis for unusual expenses, Health Net has agreed in advance and in writing to reimburse Supplier for the expense.

9.3 Taxes

The Parties’ respective responsibilities for taxes arising under or in connection with this Agreement shall be as follows:

(a) Each Party shall be responsible for any personal property taxes on property it owns or leases, for franchise and privilege taxes on its business, and for taxes based on its net income or gross receipts.

(b) Supplier shall be responsible for any sales, use, excise, value-added, services, consumption and other taxes and duties payable by Supplier on the goods or services used or consumed by Supplier in providing the Services where the tax is imposed on Supplier’s acquisition or use of such goods or services and the amount of tax is measured by Supplier’s costs in acquiring such goods or services.

(c) Health Net shall be responsible for any sales, use, excise, value-added, services, consumption or other tax that is assessed on the provision of the Services as a whole, or on any particular Service by any governmental or taxing authority within the United States; provided, however, that (i) Supplier invoices reflect on a current basis (and in any event before any such tax becomes due and payable) the amount of any such tax in each jurisdiction and the taxable Services to which such tax relates, (ii) if Supplier fails to reflect on its invoice any such tax on a current basis, Supplier shall be financially responsible for any penalties and interest assessed by the taxing authority with respect to such tax, and (iii) if Supplier fails to reflect any such tax on an Supplier invoice within *** after the date that such tax is due and payable, Supplier shall be financially responsible for the full amount of such tax, including any penalties and interest.

(d) Supplier shall be responsible for any sales, use, excise, value-added, services, consumption or other tax that is assessed on the provision of the Services as a whole, or on any particular Service, by any governmental or taxing authority outside the United States as of the Effective Date or during the Term.

(e) Supplier shall be responsible for any payments required to compensate Supplier Personnel for compensatory tax treatment resulting from Supplier Personnel traveling to perform services, subject to the remainder of this paragraph. In the event that the assignment (or potential assignment) of particular Supplier Personnel to perform Services for Health Net has reached a point such that the continued assignment of such particular personnel is likely to trigger compensatory tax treatment of the travel related expenses reimbursed to such particular Supplier Personnel, Supplier may inform Health Net in writing that Supplier is close to becoming subject to compensatory tax treatment as a result of such assignment, and shall provide an estimate of the amount of such compensatory tax liability. If Supplier fails to so notify Health Net, Supplier shall remain

Terms and Conditions 18 Health Net / Cognizant Confidential

Final Execution Version

responsible for any amounts resulting from compensatory tax treatment of such particular Supplier Personnel. Following such notice by Supplier, Health Net may then elect by sending written notice to Supplier to be financially responsible for any payments required to compensate Supplier with respect to such particular Supplier Personnel in an amount equal to the compensatory taxes assessed to such particular Supplier Personnel as the result of such assignment to the Health Net account. If Health Net does not so elect, Supplier shall remain responsible for any amounts resulting from compensatory tax treatment of such particular Supplier Personnel, provided, however, Supplier may then relocate such Supplier Personnel to avoid such taxes, and the Parties shall cooperate to make other arrangements so that the Services will be performed without interruption.

(f) In the event that a sales, use, excise, value added, services, consumption or other tax is assessed on the provision of any of the Services, the Parties shall work together to segregate the payments under this Agreement into three (3) payment streams:

(i) those for taxable Services;

(ii) those for which Supplier functions merely as a payment agent for Health Net in receiving goods, supplies, or services (including leasing and licensing arrangements); and

(iii) those for other nontaxable Services.

(g) The Parties agree to cooperate with each other to enable each to more accurately determine its own tax liability and to minimize such liability to the extent legally permissible. Supplier’s invoices shall separately state the amounts of any taxes Supplier is collecting from Health Net, and Supplier shall remit such taxes to the appropriate authorities. Each Party shall provide and make available to the other any resale certificates, information regarding out-of-state or out-of-country sales or use of equipment, materials or services, and other exemption certificates or information reasonably requested by the other Party.

(h) Supplier shall promptly notify Health Net of, and coordinate with Health Net the response to and settlement of, any claim for taxes asserted by applicable taxing authorities for which Health Net is responsible hereunder, it being understood that with respect to any claim arising out of a form or return signed by a Party to this Agreement, such Party shall have the right to elect to control the response to and settlement of the claim, but the other Party shall have all rights to participate in the responses and settlements that are appropriate to its potential responsibilities or liabilities. If Health Net requests Supplier to challenge the imposition of any tax, Supplier shall do so in a timely manner and Health Net shall reimburse Supplier for the reasonable legal fees and expenses it incurs. Health Net shall be entitled to any tax refunds or rebates granted to the extent such refunds or rebates are of taxes that were paid by Health Net.

(i) Supplier is responsible, at its own risk and expense, for determining the extent (if any) to which Supplier will be required to collect and remit national, federal, state or local (or foreign) taxes: (i) on (or in respect of) any products or Services provided by Supplier or any of its Subcontractors under this Agreement in the jurisdictions in (or from) which Supplier chooses to provide the Services, or (ii) on (or in respect of) Supplier’s charges to Health Net under this Agreement.

Terms and Conditions 19 Health Net / Cognizant Confidential

Final Execution Version

9.4 Benchmarking

(a) Health Net shall have the right during the Term, beginning on the *** anniversary of the Effective Date, to benchmark the charges for all or a portion of the Services pursuant to this Section 9.4, provided that benchmarking of particular Charges cannot be undertaken more than one time in any *** period. Health Net may conduct such a benchmarking pursuant to this Section 9.4 not more *** during the Term.

(b) A benchmarking under this Section shall be conducted by an independent industry-recognized benchmarking service provider designated by Health Net and approved by Supplier (“Benchmarker”). Supplier agrees that Gartner Group, Nautilus Advisors, and Compass Group are acceptable as a Benchmarker. *** The Parties shall reasonably cooperate with the Benchmarker, including, as appropriate, making available knowledgeable personnel and pertinent documents and records. Prior to conducting the Benchmarking, Benchmarker, Health Net and Supplier shall enter into commercially reasonable confidentiality agreements to protect the confidential information of Benchmarker, Health Net and Supplier. In the event Health Net or any Benchmarker requires either (i) onsite access to Supplier facilities or (ii) direct access to Supplier systems, Health Net or the Benchmarker, as applicable, shall comply with all reasonable security guidelines with respect to the benchmarking.

(c) The Benchmarker shall perform the benchmarking in accordance with Benchmarker’s documented procedures which shall be provided upon request to the Parties prior to the start of the benchmarking process. The Benchmarker shall compare the charges under this Agreement for the Services being benchmarked to the costs being incurred in a representative sample of IT operations (as applicable) by or for other entities. The Benchmarker shall select the representative sample from entities (i) identified by the Benchmarker and approved by the Parties and (ii) identified by a Party and approved by the Benchmarker. The sample transactions shall be similar to the transaction contemplated by this Agreement and the service providers shall be similar to Supplier. The following conditions apply to the representative sample: (A) it shall include not less than *** entities and (B) it may include entities that are outsourcing customers of Supplier.

(d) ***

(e) ***

(f) ***

10 INVOICING AND PAYMENT

10.1 Invoicing

(a) Supplier shall invoice Health Net for all amounts due under this Agreement on a monthly basis in arrears (i.e., Charges for Services delivered in August will be invoiced on the invoice delivered to Health Net in September), or as otherwise agreed by the Parties in writing. Each invoice shall, for each Charge on the invoice, cite the specific section of the Agreement on which such Charge is based. Supplier shall include the calculations utilized to establish the Charges.

Terms and Conditions 20 Health Net / Cognizant Confidential

Final Execution Version

(b) To the extent a credit may be due Health Net pursuant to this Agreement, Supplier shall provide Health Net with an appropriate credit against amounts then due and owing. If no further payments are due to Supplier, Supplier shall pay such amounts to Health Net within *** days.

(c) Supplier shall render a single consolidated invoice for each month’s Charges showing such details as reasonably specified by Health Net, including as necessary to satisfy Health Net’s internal accounting and chargeback requirements (such as allocating Charges among Service components, locations and departments). The form of invoice shall be mutually agreed by the Parties during Transition and any changes to such form invoice during the Term must be approved by Health Net.

(d) Each month’s invoice shall be complete as to the Charges for such month. Supplier may not charge Health Net any additional amounts for a month for which an invoice has been rendered, except where a particular month’s invoice (i) indicates that certain Charges are incapable of being determined as of the date of such invoice and (ii) Supplier provides an estimate of such Charges so that Health Net can make appropriate accruals, in which event Supplier may includes such Charges on a later invoice, although in no event shall Charges be billed more than *** days after the month during which the invoice for such Charges should have been provided to Health Net pursuant to Section 10.1(a)

10.2 Payment Due

Subject to the other provisions of this Section 10, invoices provided for under Section 10.1 and properly submitted to Health Net pursuant to this Agreement shall be due and payable by Health Net within *** days after receipt thereof. Any amount due under this Agreement for which a time for payment is not otherwise specified shall be due and payable within *** days after receipt of a proper invoice for such amount.

10.3 Accountability

Supplier shall maintain complete and accurate records of and supporting documentation for the amounts billable to and payments made by Health Net hereunder in accordance with generally accepted accounting principles applied on a consistent basis. Supplier agrees to provide Health Net with documentation and other information with respect to each invoice as may be reasonably requested by Health Net to verify accuracy and compliance with the provisions of this Agreement.

10.4 Proration

Except as may be otherwise provided in this Agreement, periodic Charges under this Agreement are to be computed on a calendar month basis, and shall be prorated for any partial month.

10.5 Refundable Items

(a) Prepaid Amounts. Where Health Net has prepaid for a service or function for which Supplier is assuming Financial Responsibility under this Agreement, Supplier shall refund to Health Net, upon either Party identifying the prepayment, that portion of such prepaid expense which is attributable to periods on and after the Effective Date.

Terms and Conditions 21 Health Net / Cognizant Confidential

Final Execution Version

(b) Refunds and Credits. If Supplier should receive a refund, credit or other rebate for goods or services previously paid for by Health Net, Supplier shall promptly notify Health Net of such refund, credit or rebate and shall promptly pay the full amount of such refund, credit or rebate, as the case may be, to Health Net.

10.6 Deductions

With respect to any amount to be paid by Health Net hereunder, Health Net may deduct from such amount any amount that Supplier is obligated to pay Health Net hereunder.

10.7 Disputed Charges

Subject to Section 10.6, Health Net shall pay undisputed Charges when such payments are due under this Section 10 and Schedule C. Health Net may withhold and/or set off payment of particular Charges that Health Net disputes in good faith, and may set off amounts due and owing to Health Net as credits against Charges payable to Supplier under this Agreement. If any such disputed Charges have already been paid, Health Net may deduct such disputed Charges from future amounts owed by Health Net to Supplier. If an invoiced amount is disputed in good faith by Health Net, then Health Net shall provide written notification to Supplier of the dispute and the basis for such dispute, and the Parties shall utilize the procedures in Section 26.1 to resolve the issue. In the event that Charges cover both disputed and undisputed items, Health Net shall pay all undisputed items in accordance with this Agreement. If, after following the procedures in Section 26.1, it is determined that Health Net should have paid all or a portion of the disputed amounts, (a) Supplier shall submit to Health Net an invoice for an amount equal to the amount of disputed charges that Health Net should have paid, and (b) Health Net will endeavor to remit payment for such invoice as promptly as possible, but in no event more than *** days from receipt of such invoice.

11 TRANSFER OR USE OF RESOURCES

This Section 11 sets forth the processes by which certain resources used by Health Net prior to the Effective Date will be transferred or otherwise made available to Supplier for use in providing the Services. RIGHTS OF USE GRANTED BY HEALTH NET TO SUPPLIER UNDER THIS SECTION 11 ARE GRANTED ON AN ‘AS-IS, WHERE-IS’ BASIS, WITHOUT WARRANTIES OF ANY KIND.

11.1 Transfer of Personnel

Schedule E (Transitioned Employees) sets forth general terms and conditions governing the recruitment and transition of existing Health Net personnel to Supplier.

11.2 Health Net Owned Equipment

(a) “Health Net Owned Equipment” means Equipment owned by Health Net (or a Health Net Affiliate) that is to be made available to Supplier for use in providing the Services. The Health Net Owned Equipment is listed or described in Schedule N (Health Net Equipment).

(b) As of the Effective Date, Health Net grants to Supplier, without sale, the right to use the Health Net Owned Equipment listed or described as retained Health Net Owned Equipment in Schedule N (Health Net Equipment) during the Term during its remaining useful life until , for each item of Equipment, the earlier of (A) the cessation or

Terms and Conditions 22 Health Net / Cognizant Confidential

Final Execution Version

termination of the applicable Services, or (B) the expiration of the Term.

11.3 Health Net Leased Equipment

(a) “Health Net Leased Equipment” means Equipment leased by Health Net (or a Health Net Affiliate) that is to be made available to Supplier for use in providing the Services. The Health Net Leased Equipment is listed or described as such in Schedule N (Health Net Equipment).

(b) As of the Effective Date, Health Net grants to Supplier, without assignment of the lease and solely for the purpose of providing the Services, the right to use the Health Net Leased Equipment listed or described as retained Health Net Leased Equipment in Schedule N (Health Net Equipment) during the Term (or the applicable lease term, if shorter) solely to perform the Services. Until the earlier of (A) the cessation or termination of the applicable Services, or (B) the end of the applicable lease term, Supplier will comply with the duties imposed on Health Net by the leases for such equipment that have been disclosed to Supplier.

11.4 Health Net Third Party Service Contracts

(a) “Health Net Third Party Service Contracts” means third party service contracts of Health Net (or a Health Net Affiliate) that are to be made available to Supplier for use in providing the Services. The Health Net Third Party Service Contracts are listed in Schedule I (Health Net Third Party Service Contracts).

(b) Health Net grants to Supplier, without assignment of such contract, but subject to the Parties obtaining any Required Consents pursuant to Section 11.9, the right to use the services provided to Health Net under the other Health Net Third Party Service Contracts listed or described in Schedule I (Health Net Third Party Service Contracts) during the applicable contract term solely as necessary to perform the Services. Supplier will comply with the duties imposed on Health Net by the Health Net Third Party Contracts that have been disclosed to Supplier.

(c) When Health Net Third Party Service Contracts are no longer required for performance of the Services, and in any event upon the earlier of (A) the cessation or termination of the applicable Services, or (B) the end of the applicable contract term, Supplier will cease use of such Health Net Third Party Service Contracts.

11.5 Health Net Owned Software

(a) “Health Net Owned Software” means Software owned (i.e., in which the copyright is owned) by Health Net (or a Health Net Affiliate) that is either (i) to be made available to Supplier for use in providing the Services (“Health Net Owned Service Delivery Software”), which is listed in Exhibit J-1 to Schedule J (Software), or (ii) In-Scope Applications (“Health Net Owned In-Scope Applications”); or (iii) Associated Tools and Software, which are listed in Exhibit J-3 to Schedule J (Software) (“Health Net Owned Associated Tools and Software”).

(b) Health Net (and each of its Affiliates) retains all of its right, title and interest in and to the Health Net Owned Software. As of the Effective Date, Health Net grants to Supplier a fully paid-up, nonexclusive license during the Term to Use the Health Net Owned

Terms and Conditions 23 Health Net / Cognizant Confidential

Final Execution Version

Software solely to perform the Services. The Health Net Owned Software will be made available to Supplier in object code form (and, at Health Net’s election, Source Code form) in an agreed format, together with available documentation and other related materials. Supplier is not permitted to Use Health Net Owned Software for the benefit of any entity other than Health Net (and other Service Recipients under this Agreement) without the prior written consent of Health Net, which may be withheld in Health Net’s discretion.

(c) When Health Net Owned Software is no longer required for performance of the Services, or in any event upon the earlier of (i) the cessation or termination of the applicable Services, or (ii) the expiration of the Term, Supplier will return such Software to Health Net in an agreed format or, at Health Net’s election, destroy it and certify the destruction of all copies in Supplier’s (or any of its Subcontractor’s) possession or control.

11.6 Health Net Licensed Software

(a) “Health Net Licensed Software” means Software owned (i.e., in which the copyright is owned) by a party other than Health Net (or a Health Net Affiliate) that is either (i) licensed by Health Net (or a Health Net Affiliate) and is to be made available by Health Net to Supplier for use in providing the Services (“Health Net Licensed Service Delivery Software”), which is listed in Exhibit J-2 to Schedule J (Software), or (ii) In-Scope Applications (“Health Net Licensed In-Scope Applications”), or (iii) Associated Tools and Software, which are listed in Exhibit J-3 to Schedule J (Software) (“Health Net Licensed Associated Tools and Software”).

(b) Subject to the Parties having obtained any Required Consents pursuant to Section 11.9 (Required Consents), as of the Effective Date, Health Net grants to Supplier, without assignment of the license, such rights during the Term (or the applicable license term, if shorter) as Health Net has (or later obtains) to Use the Health Net Licensed Software solely to perform the Services. The Health Net Licensed Software will be made available to Supplier in object code form (and, at Health Net’s election, Source Code form) in an agreed format, together with available documentation and other related materials. Supplier will comply with the duties, including use and non-disclosure restrictions, imposed on Health Net (or its Affiliate) by the licenses for the Health Net Licensed Software that have been disclosed to Supplier and any other reasonable restrictions required by Health Net and provided by Health Net with respect to such Software. Supplier will not seek to modify or otherwise revoke such terms.

(c) When Health Net Licensed Software is no longer required for performance of the Services, or in any event upon the earlier of (i) the cessation or termination of the applicable Services, or (ii) the expiration of the Term, Supplier will return such Software to Health Net in an agreed format or, at Health Net’s election, destroy it and certify the destruction of all copies in Supplier’s (or any of its Subcontractor’s) possession or control.

(d) In addition, if Health Net assigns its license to any Software to Supplier under this Agreement, then if requested by Health Net upon termination or expiration of this Agreement, Supplier shall assign such Software back to Health Net effective as of the date Supplier ceases to provide Services using such license.

Terms and Conditions 24 Health Net / Cognizant Confidential

Final Execution Version

11.7 Health Net Facilities

(a) “Health Net Facilities” means facilities that are owned or leased by Health Net (or a Health Net Affiliate) that are to be made available to Supplier as hereafter described for use in providing the Services. Health Net Facilities are listed as such in Schedule F (Facilities). Health Net shall make Health Net Facilities available for (i) the Transitioned Employees and (ii) the number of Supplier Personnel set forth on Exhibit F-1, in accordance with the ramp-up plan set forth in Exhibit F-1. The specific Health Net Facility in which space will be made available is set forth on Schedule F.

(b) Subject to Health Net having obtained any Required Consents pursuant to Section 11.9, Health Net grants to Supplier the right to access the Health Net Facilities, to the extent permitted by applicable lease agreements, solely to perform the Services and as described in Sections 11.7(a) and 11.8 until the earlier of (i) the cessation or termination of the corresponding Service or (ii) the expiration of the Term. Supplier will comply with the duties imposed on Health Net (or its Affiliate) by each lease for the Health Net Facilities.

11.8 Terms Applicable to Health Net Facilities, Generally

(a) The following provisions are applicable with respect to the Health Net Facilities: Health Net retains responsibility for management and maintenance of the building and property electrical systems, water, sewer, lights, heating, ventilation and air conditioning (“HVAC”) systems, physical security services and general custodial/landscape services (including monitoring and maintaining the uninterruptible power supply (“UPS”) system, air handlers and water chillers that are primary support for the raised-floor environment in Health Net Facilities).

(b) Supplier is responsible for providing the other facilities and facilities-related support it needs to provide the Services.

(c) Health Net will inform Supplier of any plans or determination to relocate the Health Net Facilities so that Supplier will have a reasonable amount of time to prepare for and implement such relocation as it affects Supplier. Health Net agrees to reimburse Supplier for Supplier’s Out-of-Pocket expenses incurred in such relocation, subject to notice and prior approval by Health Net.

(d) Supplier may use Health Net Facilities for the sole and exclusive purpose of providing the Services. Any other uses are subject to the prior approval of Health Net in its discretion. The use of Health Net Facilities by Supplier does not constitute a leasehold or other property interest in favor of Supplier.

(e) Supplier will use the Health Net Facilities in an efficient manner and in a manner that is coordinated and does not interfere with Health Net’s business operations. Supplier is responsible for any damage to Health Net Facilities resulting from the negligence or intentional misconduct of Supplier (or its Subcontractors or other guests) or other failure to comply with its obligations under this Agreement respecting the Health Net Facilities.

(f) Supplier will keep the Health Net Facilities in good order, not commit or permit waste or damage to them or use them for any unlawful purpose or act. Supplier will comply with Health Net’s standard policies and procedures and with applicable leases made available to Supplier regarding access to and use of the Health Net Facilities, including procedures

Terms and Conditions 25 Health Net / Cognizant Confidential

Final Execution Version

for the physical security of the Health Net Facilities.

(g) Supplier will permit Health Net and its agents and representatives to enter any portions of the Health Net Facilities occupied by Supplier Personnel at any time.

(h) Supplier may not make improvements or changes involving structural, mechanical or electrical alterations to the Health Net Facilities without Health Net’s prior written approval. Any improvements to the Health Net Facilities will become the property of Health Net.

(i) When Health Net Facilities are no longer required for performance of the Services, or in any event upon expiration or termination of this Agreement (or the applicable lease term, if shorter), Supplier will return them to Health Net in substantially the same condition as when Supplier began use of them, subject to reasonable wear and tear.

11.9 Required Consents

(a) Health Net, with the cooperation of Supplier, is responsible for obtaining Required Consents under any of the leases, contracts or licenses referred to in this Section 11 (Transfer or Use of Resources). Health Net will work diligently to obtain such Required Consents as soon as practicable after the Effective Date. Health Net will pay any fees (such as transfer or upgrade fees) required to obtain a Required Consent. Unless and until any Required Consent has been obtained, Supplier will determine and adopt, subject to Health Net’s prior approval, such alternative approaches as are necessary and sufficient for Supplier to provide the Services without the Required Consent.

(b) If Health Net is not able to obtain any such Required Consent, or if Health Net elects not to obtain a Required Consent because of the cost or other terms required to obtain such Required Consent, Health Net reserves the right to remove from the scope of this Agreement any affected In-Scope Applications and in such event (i) the Production Support Charge will be reduced in accordance with Section 4.3 of Schedule C, (ii) the Minimum Commitment set forth in Section 7.10 of Schedule C shall be equitably adjusted, and (iii) Health Net shall have the right to rehire Transitioned Employees that are or will perform Services with respect to such In-Scope Applications. Health Net’s right to remove In-Scope Applications (and the corresponding adjustment to charges and minimums) shall include the right to remove In-Scope Applications that relate to an In-Scope Application for which a Required Consent is not obtained if in Health Net’s reasonable determination such other In-Scope Applications should be grouped together for operational, maintenance or other reasons.

11.10 Health Net Resources Provided to Supplier Personnel Working On-site

(a) “On-site Health Net Resources” means the reasonable office space, furniture, fixtures, desktop computers, software, telephones, office supplies, and other resources to be provided or made available by Health Net (or its Affiliates) to Supplier Personnel assigned by mutual agreement of the Parties to work on-site at facilities of Health Net (or its Affiliates).

(b) Except as otherwise provided in this Agreement, Health Net will provide to Supplier Personnel located and authorized to work on-site at Health Net Facilities the reasonable use of On-site Health Net Resources substantially equivalent to those made available by

Terms and Conditions 26 Health Net / Cognizant Confidential

Final Execution Version

Health Net (or its Affiliate) to its own personnel who perform similar functions; provided, however, that Health Net will not be responsible for providing any mobile or portable computing or communications devices to Supplier Personnel except as otherwise provided in this Agreement.

(c) Supplier shall comply and cause Supplier Personnel to comply with Health Net’s policies and procedures regarding access to and use of the On-site Health Net Resources that have been disclosed in writing, or otherwise made available, to Supplier, including procedures for the physical and logical security, and shall submit to periodic Health Net compliance inspections and security audits.

(d) Supplier will use the On-site Health Net Resources in an efficient manner and for the sole purpose of providing the Services. Supplier will be responsible for damage to the On-site Health Net Resources caused by the negligence or intentional misconduct of Supplier Personnel. When the On-site Health Net Resources are no longer required for performance of the Services, Supplier will return them to Health Net in substantially the same condition as they were in when Supplier began use of them, subject to reasonable wear and tear.

12 RESOURCE ACQUISITIONS DURING THE TERM

12.1 General Responsibility and Compatibility

(a) Except for any resources for which Health Net has Financial Responsibility pursuant to this Agreement, Supplier is solely responsible (and has Financial Responsibility) for providing all Equipment, Software, facilities, personnel, third party services and other resources required to perform and render the Services in accordance with this Agreement.

(b) Supplier shall provide the Services using tools and processes that are compatible with those used by Health Net and its other service providers to provide other information technology services within the Health Net environment. This includes implementing and maintaining interfaces with Heath Net and other service provider problem management, change control, and configuration management systems to the extent required to maintain such compatibility.

12.2 Equipment

Health Net shall retain Financial Responsibility for Equipment required within its (or its third party service provider’s) data centers to host Health Net Owned Software and Health Net Leased Software. ***

12.3 Software

In addition to Software provided by Health Net pursuant to Section 11.5(b) and 11.6(b), Health Net shall provide any additional software development tools that Health Net proposes that Supplier use to provide the Services, ***. With respect to any Software that will be more expensive for Health Net to provide to Supplier Personnel to utilize offshore than it would be to use onsite at Health Net Facilities, Health Net reserves the right to require Supplier to use any such Software onsite as requested by Health Net.

Terms and Conditions 27 Health Net / Cognizant Confidential

Final Execution Version

12.4 Network Connectivity

Supplier shall be *** for providing network connectivity between facilities necessary to provide the Services, including connectivity from Health Net Facilities or Health Net’s outsourcing vendor facilities to Supplier’s facilities, onshore and offshore. The Parties shall work together to determine the bandwidth, access, security and other requirements for such network connectivity. A diagram of the network is attached as Exhibit A-11 to Schedule A and the network connectivity is further described in Exhibit A-3 (Solution).

12.5 Health Net Rights to certain Software upon Termination/Expiration

(a) Supplier Proprietary Items. Supplier shall not, without Health Net’s prior written consent, use any Supplier-owned Software or Supplier Affiliate-owned Software, tools, methods, processes, templates or similar items (“Supplier Proprietary Items”) to create, maintain, modify, enhance or create derivative works of any Deliverable or In-Scope Application, ***

(b) Third Party Software. Supplier shall not utilize any third party owned Software to provide the Services that is not generally available commercial-off-the-shelf Software, without Health Net’s prior written approval, which approval Health Net may withhold in its discretion. Without limiting Health Net’s rights under this Section, as a condition to granting such consent, Health Net may require Supplier to obtain for Health Net, a perpetual, non-exclusive license for Health Net and its Affiliates (and their respective service providers) to Use such non-commercially available third party Software to provide services similar to the Services to Health Net and the service recipients, at no additional charge to Health Net. Such license shall be effective upon the expiration or termination of the Agreement, or portion thereof.

(c) Relationship to License in Section 15.2(b). Nothing set forth in this Section 12.5 shall limit Health Net’s rights under Section 15.2(b).

13 TRANSITION

13.1 “Transition” Defined

“Transition” means the process (and associated time period, starting on the Effective Date) of migrating performance of the Services from Health Net’s as-is operating environment to Supplier’s initial target environment, making the initial planned improvements to the infrastructure used to perform and deliver the Services, and causing any required knowledge transfer from Health Net personnel to Supplier Personnel.

13.2 Transition Plan

(a) The Transition shall be conducted in accordance with a written plan (the “Transition Plan”) which shall include: (i) a description of the operations being transitioned; (ii) a general description of the methods and procedures, personnel and organization Supplier will use to perform the Transition; (iii) a schedule of the Transition activities; (iv) a detailed description of the respective roles and responsibilities of Health Net and Supplier; (v) such other information and planning as are necessary to conduct the Transition in accordance with the other terms in this Agreement. A draft of the Transition Plan as of the Effective Date is attached to this Agreement as Exhibit A-2 and

Terms and Conditions 28 Health Net / Cognizant Confidential

Final Execution Version

Attachment A-2-1. References to the Transition Plan shall include their respective project plans. Supplier shall be responsible for revising and finalizing the Transition Plan, provided that: (A) Supplier shall cooperate and work closely with Health Net in finalizing the plans (including incorporating Health Net’s reasonable comments); and (B) all changes to the plans shall be subject to approval by Health Net.

(b) As part of the Transition, Supplier will also assume responsibility for completing the projects listed or described in Exhibit A-7 (In-Flight Projects), which are in progress as of the Effective Date and being performed by resources that are being transferred or made available to Supplier under this Agreement (the “In-Flight Projects”).

13.3 Conduct of the Transition

Beginning on the Effective Date, Supplier will carry out and complete the Transition in accordance with the Transition Plan, including its time schedule. Except as otherwise expressly provided in the Transition Plan, Supplier’s responsibilities with respect to the Transition include:

(a) performing and managing the Transition and In-Flight Projects and activities;

(b) establishing communications lines and network connections, and providing Equipment, Software, tapes, records and supplies, as made necessary by the Transition;

(c) performing the Services without interruption, and without disrupting Health Net’s business operations;

(d) ***; and

(e) otherwise performing such migration tasks as are necessary to enable Supplier to complete the Transition and provide the Services.

13.4 Health Net Cooperation and Support

Health Net will cooperate with Supplier in the conduct of the Transition and provide support as described in the Transition Plan.

13.5 Completion of Transition Projects

(a) Health Net reserves the right to monitor, test and otherwise observe and participate in the Transition. Supplier will notify Health Net without delay if any Health Net monitoring, testing or participation has caused (or Supplier expects it to cause) a problem or delay in the Transition and work with Health Net to prevent or circumvent the problem or delay.

(b) No functionality of Health Net’s as-is environment will be disabled until Supplier demonstrates to Health Net’s reasonable satisfaction that the affected processes and operations have been successfully migrated to Supplier’s target environment and are functioning properly in that environment. Health Net may require Supplier to stop proceeding with all or any part of the Transition if Health Net determines in good faith that such transition, or any part of such transition, poses a risk or hazard to Health Net’s business interests

(c) If any of the Transition projects are not completed on schedule and the delay is not due to

Terms and Conditions 29 Health Net / Cognizant Confidential

Final Execution Version

the fault of Health Net (or its Affiliates, customers or other suppliers), then for the period of delay:

(i) if Supplier’s charges to Health Net are greater than they would have been if the delayed Transition project had been completed on schedule, Health Net will receive a credit against Supplier’s monthly charges in an amount equal to the difference between Supplier’s actual charges and what Supplier’s charges would have been if the delayed Transition project had been completed on schedule; and

(ii) ***

14 DATA SECURITY AND PROTECTION

14.1 “Health Net Data” Defined

“Health Net Data” means all data and information in any form, whether or not Confidential Information, entered in Software or Equipment, directly or indirectly, by or on behalf of Health Net or another Service Recipient, including Derivative Works of such data and information produced by or on behalf of Supplier.

14.2 Health Net Data, Generally

As between the Parties, Health Net Data will be and remain the property of Health Net. Supplier may not use Health Net Data for any purpose other than to render the Services. No Health Net Data will be sold, assigned, leased or otherwise disposed of to third parties or commercially exploited by or on behalf of Supplier (or any of its Subcontractors). Neither Supplier nor any of its Subcontractors may possess or assert any lien or other right against or to Health Net Data. Without limiting the generality of the foregoing, Supplier may only use personal identifying information as strictly necessary to render the Services and must restrict access to such information to Supplier Personnel on a strict need-to-know basis.

14.3 Data Security

(a) The Parties’ respective responsibilities for data and systems security are as set forth in this Section 14 and in Schedule A (Services).

(b) When present at Health Net Facilities or accessing Health Net Data or Health Net systems, Supplier will observe and comply with Health Net’s security procedures that have been communicated to Supplier. Prior to performing Services from any new service location (i.e., any service location other than those set forth in Sections 3(a) and 4 of Schedule F (Facilities)), Supplier shall complete the security questionnaire attached hereto as Schedule T (Security Questionnaire).

(c) Supplier will establish and maintain safeguards against the destruction, loss or alteration of Health Net Data in the possession or control of Supplier (or any of its Subcontractors) which are no less rigorous than those maintained by Health Net as of the Effective Date and are no less rigorous than those maintained by Supplier for its own data of a similar nature. Health Net may keep backup Health Net Data in its possession if it chooses and establish backup security for Health Net Data. Supplier will document such safeguards in the Procedures Manual.

Terms and Conditions 30 Health Net / Cognizant Confidential

Final Execution Version

(d) Without limiting the generality of the foregoing:

(i) Supplier will use Commercially Reasonable Efforts, including through systems security measures, to guard against the unauthorized access, alteration or destruction of Software and Health Net Data. Such measures will include the installation of Software that: (A) requires all users to enter a user identification and password prior to gaining access to the information systems; (B) controls and tracks the addition and deletion of users; (C) controls and tracks user access to areas and features of the information systems, and (D) encrypts Health Net Data and Confidential Information that is stored on or sent from Supplier Personnel personal computers.

(ii) Supplier Personnel will not attempt to access, or allow access to, any Health Net Data that they are not permitted to access under this Agreement. If such access is attained, Supplier will immediately report such incident to Health Net, describing in detail the accessed Health Net Data, and take all necessary measures to stop the access, prevent recurrences, and return to Health Net any copied or removed Health Net Data.

14.4 Compliance with Data Privacy and Data Protection Laws, Regulations and Policies

(a) In carrying out its activities under this Agreement, each Party will observe and comply with all applicable data privacy and data protection Laws. In addition, when accessing or handling any Health Net Data that contains personal identifying information, Supplier will comply with Health Net’s policies that have been disclosed to Supplier relating to the use and disclosure of such information.

(b) The Parties hereby agree to the terms of the Business Associate Addendum attached hereto as Schedule K (Business Associate Addendum), which is hereby incorporated by reference. In the event of any conflict between the terms of Section 21 (Confidentiality) and the terms and conditions of the Business Associate Addendum, the terms and conditions that are more protective of the individually identifiable health information (as such term is defined in HIPAA) shall govern to the extent of that conflict.

14.5 Import/Export Controls

(a) The Parties acknowledge that certain software and technical data exchanged pursuant to this Agreement may be subject to import/export controls under the Laws of the United States and other countries. Neither Party will import, export or re-export any such items, any direct product of those items, or any technical data in violation of applicable import/export control Laws.

(b) Each Party will be responsible for compliance with import/export control Laws with respect to any items it is deemed under such Laws to have imported or exported, including responsibility for preparing and filing all required documentation and obtaining all licenses, permits and authorizations required for compliance. Each Party will cooperate with the other Party in that Party’s efforts to comply with applicable import/export control Laws.

(c) Supplier will include with copies of all Software provided to Supplier by Health Net’s U.S.-based personnel that Supplier will use outside of the United States documentation

Terms and Conditions 31 Health Net / Cognizant Confidential

Final Execution Version

stating that “These commodities, technology or software were exported from the United States in accordance with Export Administration Regulations. Diversion or re-export contrary to U.S. law is prohibited.”

14.6 Compliance with Gramm-Leach-Bliley (“GLB Act”)

(a) “GLB Act” shall mean the Gramm-Leach-Bliley Act, 15 USC §6801 et. seq., and the implementing regulations and regulatory interpretations thereto, as amended from time to time. Supplier acknowledges that Health Net is subject to Title V of the GLB Act, pursuant to which Health Net is required to obtain certain undertakings from Supplier with regard to the privacy, use and protection of nonpublic personal financial information of Health Net’s customers or prospective customers (“Health Net Non-public Data”). Therefore, notwithstanding anything to the contrary contained in this Agreement and in addition to (and not in substitution for) Supplier’s other obligations hereunder, Supplier agrees that:

(i) it will not disclose or use any Health Net Non-public Data except to the extent necessary to carry out its obligations under this Agreement and for no other purpose;

(ii) it will not disclose Health Net Non-public Data to any third party, including, without limitation, its third party service providers without the prior consent of Health Net and an agreement in writing from the third party to use or disclose such Health Net Non-public Data only to the extent necessary to carry out Supplier obligations under this Agreement and for no other purposes; and

(iii) it will maintain, and will require all third parties approved under Section 7.7 to maintain, effective information security measures to protect Health Net Non-public Data from unauthorized disclosure or use; and it will provide Health Net with information regarding such security measures upon the reasonable request of Health Net and promptly provide Health Net with information regarding any failure of such security measures or any security breach related to Health Net Non-public Data.

(b) The obligations set forth in this Section 14.6 will survive termination or expiration of this Agreement. For purposes of this Agreement, Health Net Non-public Data includes the nonpublic personal information (as defined in 15 USC §6809(4)) received by Supplier in connection with the performance of its obligations hereunder, including (i) an individual’s name, address, e-mail address, IP address, telephone number and/or social security number; (ii) the fact that an individual has a relationship with Health Net; and (iii) an individual’s account information. For the avoidance of doubt, Health Net Non-public Data does not include (A) information collected from Health Net employees (in their capacity as employees, and not as Health Net’s customers) by Supplier for the purpose of administering and providing the Services, and (B) nonpublic information collected from a source other than Health Net that has been obtained on a non-confidential basis and which is not subject to the GLB Act.

15 INTELLECTUAL PROPERTY RIGHTS

This Section 15 sets forth the Parties’ respective rights in Work Product and other materials provided or created pursuant to this Agreement. As between the Parties, the rights apply as set forth in this Section 15

Terms and Conditions 32 Health Net / Cognizant Confidential

Final Execution Version

whether the work in question is performed solely by Supplier Personnel or by Supplier Personnel working jointly with others.

15.1 Defined Terms

(a) “Intellectual Property Rights” means all intellectual and industrial property rights recognized in any jurisdiction, including copyrights, mask work rights, moral rights, trade secrets, patent rights, rights in inventions, trademarks, trade names and service marks (including applications for, and registrations, extensions, renewals, and re-issuances of, the foregoing).

(b) “Independent IP” of a party (including a third party) means any Software, documents, materials, processes and other works of authorship that either (i) were created by or for the party prior to the Effective Date, or (ii) are subsequently created by or for the party outside the scope of and independent from this Agreement; and thereby have not been created specifically for Health Net hereunder.

(c) “Work Product” means any Deliverables, Software, documents, materials, processes, business processes, business models, business rules, business logic, methods, reports, documents, templates, studies, strategies, operating models, technical architecture, design ware, Software objects, Software programs and programming, program listings, programming tools, interfaces, source code, object code, specifications, design documents and analyses, abstracts and summaries, software configurations, test plans, scenarios, scripts, work and process flows, test results, inventions, and other items specifically produced by Supplier Personnel for Health Net, whether developed solely or jointly, in the course of performing the Services. A Work Product is either a “New Work” – i.e., one that is not based upon any preexisting works – or a “Derivative Work” – i.e., one that is based upon one or more preexisting works.

15.2 Independent IP

(a) Except as otherwise expressly provided in this Agreement, including in Section 15.2(b):

(i) as between the Parties, each Party will have and retain all of its right, title and interest, including Intellectual Property Rights, in and to its Independent IP and any Derivative Works of its Independent IP, and will be entitled to seek Intellectual Property Rights protection for its Independent IP as it deems appropriate;

(ii) a Party will not submit patent applications or otherwise seek to file for or obtain Intellectual Property Rights protection with respect to or based upon the other Party’s Independent IP without the other Party’s prior written consent, which may be withheld at the other Party’s sole discretion;

(iii) a Party will not be permitted to use the other Party’s Independent IP; and

(iv) EXCEPT AS PROVIDED IN SECTION 19.8, ANY RIGHTS OF USE OF A PARTY’S INDEPENDENT IP GRANTED BY THIS AGREEMENT ARE GRANTED ON AN ‘AS-IS, WHERE-IS’ BASIS WITHOUT EXPRESS OR IMPLIED WARRANTIES OF ANY KIND.

Terms and Conditions 33 Health Net / Cognizant Confidential

Final Execution Version

(b) If Supplier Personnel incorporates any Independent IP of Supplier or a third party into a Work Product or deliver it to Health Net without first notifying Health Net of its nature and entering into with Health Net, or procuring for Health Net, a license to Use the Independent IP on terms that are acceptable to Health Net, then (i) in the case of Supplier Independent IP, Supplier hereby grants to Health Net and its Affiliates, and (ii) in the case of third party Independent IP, Supplier shall procure for Health Net and its Affiliates, a perpetual, irrevocable, non-exclusive, worldwide, paid-up right and license to Use such Independent IP as part of the Work Product (including ***, programmer interfaces, available documentation, manuals, and other materials necessary for the use thereof), and any Derivative Works of the Work Product, in their businesses and to authorize others to do the same on their behalf***. Any representations, warranties, and covenants of Supplier, and any rights of Health Net under this Agreement, that are applicable to a Deliverable or Work Product shall apply equally to any Independent IP of Supplier or a third party incorporated into the Deliverable or Work Product.

(c) If Health Net provides any of its Independent IP to Supplier for use in rendering the Services, Health Net grants to Supplier a fully paid-up, nonexclusive license during the Term to Use such Independent IP solely as necessary to perform the Services, and to sublicense Approved Subcontractors to do the same on Supplier’s behalf. Supplier may not Use Health Net’s Independent IP for the benefit of any entities other than Health Net (and its Service Recipients under this Agreement) without the prior written consent of Health Net, which may be withheld at Health Net’s discretion.

15.3 Copyright in Work Product

As between the Parties, Health Net will be the sole and exclusive owner of the copyright in each Work Product from the moment of its creation. Work Product will be deemed to be a ‘work made for hire’ under the copyright Laws. Supplier hereby irrevocably conveys and assigns to Health Net, without further consideration, all of Supplier’s right, title, and interest in and to the copyright in Work Product, whether or not the Work Product constitutes a work made for hire under applicable copyright Laws. Health Net and its assigns will have the right to register and hold in their own name the copyright in and to such Work Product. Health Net grants to Supplier a fully paid-up, nonexclusive license during the Term to Use such Work Product solely as necessary to perform the Services, and to sublicense Approved Subcontractors to do the same on Supplier’s behalf.

15.4 Intellectual Property Rights Other than Copyright

Health Net will be the sole and exclusive owner of all Intellectual Property Rights (other than copyright, which is addressed in Section 15.3 above) in and to any Work Product, including the following:

(a) All Deliverables that are New Works;

(b) All newly developed portions of Deliverables that are Derivative Works of Independent IP owned or licensed by Health Net or Supplier (or their respective Affiliates); and

(c) All other Work Product, including Derivative Works of Independent IP owned or licensed by Health Net or Supplier (or their respective Affiliates).

Terms and Conditions 34 Health Net / Cognizant Confidential

Final Execution Version

15.5 Other Developed Items.

(a) Subject to the rights of any third parties in their Independent IP and Derivative Works of their Independent IP and subject to Section Error! Reference source not found. below, Supplier shall be the sole and exclusive owner of all Intellectual Property Rights in any item produced by Supplier under this Agreement that is not Work Product (“Other Developed Items”).

(b) *** “Health Net Competitor” means any payer of claims for medical services operating in any of the following states: Arizona, California, Connecticut, New Jersey, New York, Oregon.

(c) ***

15.6 Intellectual Property Rights Agreements with Supplier Personnel

Supplier is responsible for having in place with all Supplier Personnel (either directly or indirectly through their respective employers) such agreements respecting Intellectual Property Rights as are necessary for Supplier to fulfill its obligations under this Section 15 (Intellectual Property Rights).

15.7 Other Obligations and Rights Regarding Work Product

(a) Following the creation of any Work Product with respect to which any Intellectual Property Rights will be owned by Health Net, Supplier will promptly disclose the Work Product in writing to Health Net.

(b) Each Party will remain free to develop, commercialize, use, publish and distribute materials that may be similar to or competitive with Work Product provided such activities are effected without breach of the Party’s obligations under this Agreement and do not infringe or constitute a misappropriation of any Intellectual Property Rights of the other Party.

(c) All licenses and rights of Use granted under or pursuant to this Agreement shall be deemed to be, for the purposes of Section 365(n) of the United States Bankruptcy Code (the “Bankruptcy Code”), licenses to rights in “intellectual property” as defined under the Bankruptcy Code. Accordingly, the licensee of such rights shall retain and may fully exercise all of its rights and elections under the Bankruptcy Code. Upon the commencement of bankruptcy proceedings by or against either Party under the Bankruptcy Code, the other Party shall be entitled to retain all of its license rights and Use rights granted under this Agreement.

15.8 Mental Impressions

(a) “Mental Impressions” means general ideas, concepts, know-how and techniques relating to data processing and computer programming that are learned and retained in the unaided memory of a Party’s and or any of its Affiliates’ personnel involved in performance of this Agreement who have had access to Confidential Information or materials of the other Party and its Affiliates without deliberately memorizing them for purposes of reuse.

Terms and Conditions 35 Health Net / Cognizant Confidential

Final Execution Version

(b) Each Party and its Affiliates may use the Mental Impressions of their personnel in their business activities provided that in doing so they do not disclose Confidential Information of the other Party in violation of Section 21 (Confidentiality) or misappropriate or infringe the Intellectual Property Rights of the other Party, its Affiliates, or third parties who have licensed or provided materials to the other Party or its Affiliates.

16 TERMINATION

16.1 Termination By Health Net

(a) Termination for Cause. If Supplier commits (i) a material breach of this Agreement and fails to cure such breach within *** after receiving notice of the breach from Health Net; or (ii) multiple breaches of this Agreement, whether material or non-material, that collectively constitute a material breach of this Agreement, then Health Net may, by giving notice to Supplier, terminate the Agreement, in whole or in part, without charge, as of a date specified in the notice of termination. Any termination by Health Net shall not constitute an election of remedies and shall be without prejudice as to Health Net’s other rights and remedies.

(b) Termination for Convenience. Health Net may terminate this Agreement, in whole or in part, at any time for convenience (i.e., for any reason or no reason) by giving Supplier at least three (3) months prior written notice specifying the terminated Services and designating the termination date and paying to Supplier on the effective date of termination any applicable termination charges set forth in Section 9 of Schedule C (Charges). If a termination under this paragraph is a termination in part, the termination charges payable by Health Net in respect of the termination will be equitably prorated to reflect the portion of the Services being terminated. If a purported termination for cause by Health Net under Section 16.1(a) is found by a competent authority not to be a proper termination for cause, then such termination will be deemed to be a termination for convenience by Health Net under this paragraph. Health Net may elect to discontinue the performance of the Services, in whole or in part, at a particular Health Net Facility and such discontinuation will not constitute a termination for convenience, provided that Health Net continues to receive the Services at other Health Net Facilities, unless such discontinuation has the effect of discontinuing the Supplier’s performance of the Services as a whole or of a major category of the Services as described in Schedule A (Services).

(c) Termination for certain Service Level Failures. If (1) Supplier fails to meet a Critical Service Level more than *** times in any rolling *** month period, or (2) the amount of Service Level Credits that Supplier is obligated to credit to Health Net equals *** of the monthly charges (i.e., the maximum amount of Service Level Credits for which Supplier is liable in a month), for *** or more months in any rolling *** month period, then Health Net may, by giving notice to Supplier, terminate the Agreement, in whole or in part, without charge, as of a date specified in the notice of termination. The foregoing right to terminate shall not be construed as precluding Health Net from claiming that some other combination of failures to meet Service Levels is a material breach of this Agreement and to exercise any available remedies in connection with such material breach.

(d) Termination Following a Change of Control of Health Net. “Change of Control of Health Net” means an announcement by Health Net (i) that any other entity, person or “group” (as such term is used in Section 13(d) of the Securities Exchange Act of 1934, as

Terms and Conditions 36 Health Net / Cognizant Confidential

Final Execution Version

amended) will acquire Control, of all or substantially all of the assets, of Health Net (or any parent company of Health Net), whether directly or indirectly, in a single transaction or series of related transactions, or (ii) that Health Net (or any parent company of Health Net) will consolidate with, or be merged with or into, another entity, or will sell, assign, convey, transfer, lease or otherwise dispose of all or substantially all of its assets to another person(s) or entity(ies). At any time within one year after the effective date of the circumstances described in (i) or (ii) above, Health Net may terminate this Agreement, in whole or in part by giving Supplier at least ninety (90) days prior written notice specifying the terminated Services and designating the termination date. Such termination shall be *** that Health Net shall pay any outstanding Charges for all Services completed through to the effective date of termination (including for work in progress).

(e) Termination Following a Change of Control of Supplier. “Change of Control of Supplier” means an announcement by Supplier (i) that any other entity, person or “group” (as such term is used in Section 13(d) of the Securities Exchange Act of 1934, as amended) will acquire Control, of all or substantially all of the assets, of Supplier (or any parent company of Supplier), whether directly or indirectly, in a single transaction or series of related transactions, or (ii) that Supplier (or any parent company of Supplier) will consolidate with, or be merged with or into, another entity, or will sell, assign, convey, transfer, lease or otherwise dispose of all or substantially all of its assets to another person(s) or entity(ies). At any time within *** after the effective date of the circumstances described in (i) or (ii) above, Health Net may terminate this Agreement, in whole or in part by giving Supplier at least ninety (90) days prior written notice specifying the terminated Services and designating the termination date. Such termination shall be *** that Health Net shall pay any outstanding Charges for all Services completed through to the effective date of termination (including for work in progress).

(f) Termination in the Event of a Force Majeure. Health Net may terminate this Agreement, in whole or in part, as provided in Section 24.3 (Force Majeure).

(g) Termination Due to Regulatory Change. Health Net may terminate this Agreement, in whole or in part, by giving Supplier at least ninety (90) days prior written notice specifying the terminated Services and designating the termination date if a Law enacted after the Effective Date (i) precludes or substantially restricts Health Net from using or receiving Services or (ii) substantially increases Health Net’s cost of using or receiving Services. Such termination shall be *** that Health Net shall pay any outstanding charges for all Services completed through to the effective date of termination (including for work in progress).

(h) Termination Due To Adverse Changes in Supplier’s Financial Circumstances. If:

(i) Supplier (i) files a petition in bankruptcy; (ii) has an involuntary petition in bankruptcy filed against it which is not challenged within twenty (20) days and dismissed within sixty (60) days; (iii) becomes insolvent, (iv) makes a general assignment for the benefit of creditors; (v) admits in writing its inability to pay its debts as they mature; (vi) has a receiver appointed for its assets; (vii) has any significant portion of its assets attached; or (viii) experiences a material negative change in its net assets (i.e., total assets minus total liabilities); or

Terms and Conditions 37 Health Net / Cognizant Confidential

Final Execution Version

(ii) either Moody’s Investors Service, Standard & Poors, or Dun & Bradstreet lower Supplier’s credit rating from the rating as of the Effective Date by more than two (2) steps;

then Health Net may by giving written notice to Supplier, terminate this Agreement in whole or in part and *** as of the date specified in such notice of termination. Supplier shall notify Health Net as soon as possible if one of the circumstances in Sections 16.1(h)(i) or 16.1(h)(ii) occurs or is likely to occur. Supplier shall (1) endeavor to certify to Health Net at least annually, and (2) otherwise certify within ten (10) days of a request by Health Net, that none of the circumstances in Sections 16.1(h)(i) or 16.1(h)(ii) have occurred as of the date of certification or, to the best of Supplier’s knowledge, are likely to occur within twenty (24) months after the date of certification.

16.2 Termination By Supplier

(a) If Health Net fails to pay Supplier when due material undisputed charges totaling at least *** Charges under this Agreement, and fails to make such payment within *** days after the date Health Net receives notice of non-payment from Supplier, then Supplier may terminate this Agreement by sending written notice to Health Net, in which event the Agreement shall terminate as of the date specified in the notice of termination.

(b) If Health Net (i) commits a material breach of its obligations *** and fails to cure such breach within *** days after receiving notice of such breach from Supplier, ***, then Supplier may terminate this Agreement by sending written notice to Health Net, in which event the Agreement shall terminate as of the date specified in the notice of termination.

16.3 Extension of Termination/Expiration Date

Health Net may extend the effective date of termination/expiration one or more times as it elects in its discretion. However, the total of all such extensions may not exceed one hundred eighty (180) following the effective date of termination/expiration in place immediately prior to the initial extension under this Section 16.3. If any extension notice provided to Supplier within thirty (30) days of the then-scheduled date of termination/expiration would cause Supplier to incur significant Out-of-Pocket Expenses, Supplier may so notify Health Net. In that case, the extension of this Agreement’s Term pursuant to the notice will be subject to Health Net agreeing to reimburse Supplier for its additional Out-of-Pocket Expenses incurred as a result of the extension notice being provided within thirty (30) days of the then-scheduled date of termination/expiration.

16.4 Partial Termination

If this Agreement is terminated in part pursuant to this Agreement, the portions of this Agreement not terminated will continue in force according to the terms of this Agreement. If this Agreement does not otherwise specify the basis for determining Supplier’s charges for the continuing Services that are not terminated, the charges payable under this Agreement will be equitably adjusted to reflect the Services that have been terminated.

16.5 Disengagement Assistance

(a) General. Commencing *** months prior to expiration of this Agreement or on such earlier date as Health Net may request, or commencing upon a notice of termination

Terms and Conditions 38 Health Net / Cognizant Confidential

Final Execution Version

(including notice based upon default by Health Net) or of non-renewal of this Agreement, and continuing (as requested by Health Net) for up to *** months following the effective date of expiration or, if applicable, of termination of this Agreement (as such effective date may be extended pursuant to Section 16.3), or a portion thereof, Supplier shall provide Disengagement Assistance to Health Net, or at Health Net’s request to Health Net’s designee. Health Net’s request may be in the context of its reduction or removal *** of the Services in accordance this Agreement (including a withdrawal by Health Net of any In-Scope Applications), although this Agreement is not itself being terminated. Supplier shall also provide Disengagement Assistance in the event of any partial termination of this Agreement, such assistance to commence upon notice of termination. Disengagement Assistance shall include the assistance described in Schedule L and the following:

(i) Health Net or Health Net’s designee shall be permitted to undertake, without interference from Supplier, ***.

(ii) As requested by Health Net, any or all of the Services provided by Supplier prior to the effective date of termination/expiration. Actions by Supplier under this Section 16.5(a)(ii) shall be subject to the other provisions of this Agreement.

(b) Charges for Disengagement Assistance. Charges for Disengagement Services shall be as follows:

(i) For Disengagement Assistance for which there is a predetermined charge in Schedule C (e.g., for continuation of the business processing Services after the expiration or termination of this Agreement), such pre-determined charge in Schedule C shall apply. Supplier shall use Commercially Reasonable Efforts to provide Disengagement Assistance utilizing Supplier Personnel then being regularly utilized in performing the Services.

(ii) For Disengagement Assistance for which there is no predetermined charges in Schedule C (i.e., for assistance that is not part of the routine Services), such assistance will be chargeable at the time and material rates set forth in Schedule C to the extent performed by Supplier Personnel not otherwise performing Services for Health Net prior to the effective date of termination or expiration of this Agreement.

(iii) If Supplier terminates for non-payment by Health Net under Section 16.2, Supplier shall have the right to request payment of the charges for the Disengagement Assistance monthly, in advance.

16.6 Survival

Any provision of this Agreement that contemplates or governs performance or observance subsequent to termination or expiration of this Agreement will survive the expiration or termination of this Agreement for any reason, including the following Sections:

(a) Section 2 (Definitions);

(b) Section 12.5 (Health Net Rights to Certain Software Upon Termination/ Expiration);

Terms and Conditions 39 Health Net / Cognizant Confidential

Final Execution Version

(c) Section 15 (Intellectual Property Rights);

(d) Section 16.5 (Disengagement Assistance);

(e) Section 18.4(b) (Records Retention);

(f) Section 19.5 (Deliverables);

(g) Section 19.8 (Non-Infringement);

(h) Section 19.10 (Disabling Code);

(i) Section 21 (Confidentiality);

(j) Section 23 (Indemnification);

(k) Section 24 (Liability); and

(l) Section 25 (Rules of Construction).

16.7 Bid Assistance

(a) In the process of deciding whether to undertake or allow any cessation of Services, or any termination, expiration or renewal of this Agreement, in whole or in part, Health Net may consider or seek offers for performance of services similar to the Services. As and when reasonably requested by Health Net for use in any such process, Supplier will provide to Health Net such information and other cooperation regarding performance of the Services as would be reasonably necessary to enable Health Net to prepare a request for proposal relating to some or all of such services, and for a third party to conduct due diligence and prepare an informed, non-qualified offer for such services.

(b) Without limiting the generality of Section 16.7(a), the types of information and level of cooperation to be provided by Supplier pursuant to this Section 16.7 will be no less than those initially provided by Health Net to Supplier prior to the Effective Date, and shall include the following information which Health Net may distribute to third-party bidders in a request for proposal(s), request for information, specification, or any other solicitation relating to the Services and as necessary to support any related due diligence activities:

(i) General organization charts showing the overall structure of the IT organization supporting Health Net, and a description of the roles and responsibilities of the various functions described in such organization charts;

(ii) The number***;

(iii) Generic job descriptions of the functions and job classifications within the IT organization providing Services;

(iv) First-order descriptions of Health Net’s IT environment, including a listing of major infrastructure components and locations;

Terms and Conditions 40 Health Net / Cognizant Confidential

Final Execution Version

(v) Up-to-date Service Level performance histories, asset inventories (including Equipment and Software) with current book values, third-party contract lists, then-current work volumes and information relating to projects underway; and

(vi) Detailed network topographies.

17 GOVERNANCE AND MANAGEMENT

17.1 Governance Structure and Processes

Supplier acknowledges that it is a key business requirement of Health Net that Supplier provide the Services in a consistent, integrated manner. To meet that requirement, Supplier has organized its Health Net relationship and service delivery team as described below and in Schedule G (Governance).

(a) The Supplier organization responsible for Supplier’s relationship with Health Net and delivery of the Services will be led by a project executive (the “Client Partner”), whose counterpart will be Health Net’s Program Manager. The Client Partner will serve as the single point of accountability for Supplier for the Services and have day-to-day authority for undertaking to ensure Health Net satisfaction. The Client Partner will be located during the Term at Health Net’s Woodland Hills, California headquarters or such other locations as Health Net may designate.

(b) Health Net will provide annual performance appraisals for the Client Partner. Health Net’s appraisals will be used by Supplier as a significant component of the overall performance appraisals for such individual and as a factor in determining their compensation and eligibility for promotions.

(c) For each major project undertaken under this Agreement, Supplier will also designate a project manager who will be assigned full-time or part-time and who will have responsibility, working under the direction of the Client Partner, for the successful completion and delivery of the project.

(d) Schedule G (Governance) also contains a description of the committees and governance processes the Parties have formed and will use to govern their relationship and activities under this Agreement.

17.2 Meetings

Within sixty (60) days after the Effective Date, the Parties will determine an appropriate set of meetings to be held between their representatives, which will include at least a quarterly meeting of the Client Partner with Health Net’s Program Manager. Supplier will prepare and circulate an agenda sufficiently in advance of each meeting to give the participants an opportunity to prepare for the meeting. Supplier will make such changes to the agenda as Health Net may request. Health Net will chair all such meetings. At Health Net’s request, Supplier will prepare and circulate minutes promptly after each meeting. Minutes of the meetings will not be binding on either Party if they are in any way inconsistent with this Agreement. At any time during the Term, Health Net may reasonably request that the type, frequency, purpose or attendance at such designated meetings to be modified, and if it does, Supplier shall reasonably consent to such modifications.

Terms and Conditions 41 Health Net / Cognizant Confidential

Final Execution Version

17.3 Reports

(a) Within sixty (60) days after the Effective Date, the Parties will determine an appropriate set of periodic reports to be issued by Supplier to Health Net. Such reports will be no less comprehensive than the internal reporting of Health Net prior to the Effective Date and be issued at the frequency reasonably requested by Health Net. Initially, Supplier will provide to Health Net the reports described in Schedule P (Reports), which include reports that were generated by the resources that have been transferred or made available to Supplier, or displaced as a result of this Agreement.

(b) As one such report, Supplier will provide a monthly performance report describing Supplier’s performance of the Services in the preceding month and containing the information described in Schedule B (Service Levels) (the “Monthly Performance Report”). The Monthly Performance Report will be delivered to Health Net not later than the fifteenth (15th) day of each month. Each Monthly Performance Report will (i) separately address Supplier’s performance under each Service Level; (ii) assess the degree to which Supplier has attained or failed to attain the pertinent objectives for that month, including measurements with respect to the Service Levels and other metrics specified by Health Net; (iii) describe the status of each project, each ongoing problem resolution effort and any other initiative; (iv) explain deviations from the Service Levels and include for each deviation a plan for corrective action; (v) set forth a record of the Equipment, Services, Software, personnel changes and any other changes made during the reporting period that affect, or could affect, the Services and describe the planned changes during the upcoming month that may affect the Services; (vi) describe any changes in the status of, or changes made to, the Health Net Facilities or the Health Net Resources; (vii) set forth utilization of each Supplier resource (e.g., hour, FTE, etc.) for which a charge is made under this Agreement; (viii) include all documentation and other information that Health Net requests to verify compliance with this Agreement; and (ix) provide Health Net with a month financial projection of Supplier’s charges for the following month.

17.4 Procedures Manual

(a) The “Procedures Manual” is a document (or set of documents) to be prepared by Supplier describing how Supplier will perform and deliver the Services under this Agreement, the Equipment and Software used, and the documentation (e.g., operations manuals, user guides, specifications) that provide further details of the activities. The Procedures Manual will describe the activities Supplier shall undertake in order to provide the Services, including those direction, supervision, monitoring, staffing, reporting, planning and oversight activities normally undertaken to provide services of the type Supplier is to provide under this Agreement. The Procedures Manual also will include descriptions of the acceptance testing procedures approved by Health Net, Supplier’s problem management and escalation procedures, and the other standards and procedures of Supplier pertinent to Health Net’s interactions with Supplier in obtaining the Services. The Procedures Manual must be suitable for use by Health Net to understand the Services.

(b) Working in consultation with Health Net, Supplier will deliver to Health Net for review and comment, a draft Procedures Manual describing the Services transitioned from Health Net to Supplier during each transition wave within ninety (90) days after the occurrence of each transition wave. Supplier will incorporate or address reasonable

Terms and Conditions 42 Health Net / Cognizant Confidential

Final Execution Version

comments or suggestions of Health Net and will finalize the Procedures Manual with respect to each wave, within one hundred fifty (150) days after the occurrence of such wave. The final Procedures Manual will be subject to the approval of Health Net.

(c) The Procedures Manual will be considered an operational document, which Supplier may revise with the written approval of Health Net’s Program Manager without the need to amend this Agreement. Supplier will periodically update the Procedures Manual to reflect changes in the operations or procedures described in it. Updates of the Procedures Manual will be provided to Health Net for review, comment and approval.

(d) Supplier will perform the Services in accordance with the most recent Health Net-approved version of the Procedures Manual. In the event of a conflict between the provisions of this Agreement and the Procedures Manual, the provisions of this Agreement will control.

(e) Notwithstanding anything to the contrary in Section 15 (Intellectual Property Rights), Health Net and its Affiliates may retain and Use the Procedures Manual in their businesses and for their benefit both during the Term and following the expiration or termination of this Agreement for any reason. Subject to appropriate non-disclosure agreements for the limited purpose of protecting any Independent IP of Supplier incorporated into the Procedures Manual, Health Net and its Affiliates may permit any of their other service providers to use the Procedures Manual during and after the Term, but solely in connection with their provision of services for Health Net and its Affiliates.

17.5 Change Control

(a) “Change” means any addition to, modification or removal of any aspect of the Services. “Change Control Process” means the written procedure set forth in Exhibit A-5 (Change Control Process) for considering, analyzing, approving and carrying out Changes designed to ensure that only desirable Changes are made and that Changes made by or on behalf of Supplier are carried out in a controlled manner with minimal disruption to the Services and Service Recipients’ business operations.

(b) Any changes to the Change Control Process set forth in Exhibit A-5 which are agreed to by the Parties shall be documented in the Procedures Manual.

(c) Except as otherwise expressly provided in Schedule A (Services), Health Net has retained responsibility for establishing the IT architecture, standards (including security standards) and strategic direction of Health Net (and its Affiliates). Supplier will conform to and support such architecture, standards, and strategic direction in rendering the Services. Any Equipment and Software provided by or on behalf of Supplier that connects to Health Net’s IT Infrastructure will comply with such architecture, standards, and strategic direction and will only be introduced into the IT Infrastructure in accordance with the Change Control Process.

(d) Supplier will not make any Changes, except in accordance with the Change Control Process and with Health Net’s approval, that may reasonably be expected to do or result in any of the following: (i) adversely affect the specifications, functionality, performance or resource efficiency of any Services or Deliverables; (ii) increase Health Net’s internal costs, Supplier’s charges to Health Net under this Agreement or charges by other Health Net suppliers to Health Net; (iii) disrupt or adversely affect any of Health Net’s or its

Terms and Conditions 43 Health Net / Cognizant Confidential

Final Execution Version

Affiliates’ business operations; or (iv) deployment of technology that is not consistent with Health Net’s IT architecture, standards and strategic direction, as communicated to Supplier.

(e) Health Net will not be obliged to approve any Change proposed by Supplier if implementation of the Change would increase Health Net’s internal costs or Supplier’s Charges to Health Net under this Agreement or charges by other Health Net suppliers to Health Net, or if it would otherwise adversely affect Health Net’s or its Affiliates’ business or operations. Supplier shall not implement any proposed Change that Health Net disapproves.

(f) If an approved Change would result in New Services or a change in these Terms and Conditions, the Change must be authorized via a contract amendment or modification made pursuant to Section 25.3 (Contract Amendments and Modifications).

17.6 Annual Technology Plan

Supplier will update Health Net’s annual technology plan in accordance with the provisions of this Section 17.6 (Annual Technology Plan) (the “Technology Plan”). Each Technology Plan updated by Supplier will include a review and assessment of the immediately preceding Technology Plan. The Technology Plan will consist of a three-year plan and an annual implementation plan as described below.

(a) Contents of the Technology Plan.

(i) The Technology Plan will include a comprehensive assessment and strategic analysis of Health Net’s then-current In-Scope Applications for the next three (3) years, including an assessment of the appropriate direction for the systems and services used in or comprising the In-Scope Applications in light of Health Net’s business priorities and strategies and competitive market forces (to the extent such business information is available or provided to Supplier). The Technology Plan will include a specific identification of proposed Software and Equipment strategies and direction, a cost projection, a costs-vs.-benefits analysis of any proposed Changes, a description of the types of personnel skills and abilities needed to respond to any recommended Changes or upgrades in technology, a general plan and a projected time schedule for developing and achieving the recommendations made, and references to appropriate operating platforms that support Service Level requirements, exploit industry trends in production capabilities and provide potential price-performance improvement opportunities.

(ii) As necessary to support the overall objectives and directions of the three (3)-year plan, the annual implementation plan will provide specific guidance as to the information services requirements, projects and plans for the upcoming year, including details on operations, maintenance backlog and development activities. The annual implementation plan will include a summary review of Supplier’s performance of the Services in the year then concluding, and will provide updates and revisions of the long-term plan as appropriate. Supplier will prepare an annual implementation plan for each year of the Term.

(b) Process for Developing the Technology Plan.

Terms and Conditions 44 Health Net / Cognizant Confidential

Final Execution Version

(i) As part of the process of preparing the annual implementation plan, (A) Health Net will inform Supplier of its strategic direction, (B) the Parties will mutually agree on the content of the Technology Plan, and (C) the Parties will review the overall operation of this Agreement to ensure that the Services continue to be aligned with Health Net’s strategic business and IT requirements.

(ii) Supplier will submit for Health Net’s review and approval a draft Technology Plan that reflects the content agreed to pursuant to Section 17.6(b)(i). Supplier will submit the final Technology Plan to Health Net within fifteen (15) days after receiving Health Net’s comments on the draft. Supplier will submit the draft of the Technology Plan within nine (9) months after the Effective Date.

(iii) The schedule for developing and delivering each Technology Plan will be coordinated to support Health Net’s annual business planning cycle. Supplier will update the Technology Plan during the year as necessary to reflect changes to Health Net’s and its Affiliates’ businesses that materially affect the validity of the then-current Technology Plan. Supplier will recommend modifications to the Technology Plan as it deems appropriate, and will revise the Technology Plan as requested or approved by Health Net.

18 AUDITS AND RECORDS

18.1 Audit Rights

(a) Health Net and its agents, auditors (internal and external), regulators and other representatives as Health Net may designate (collectively, “Auditors”) will have the right to reasonably inspect, examine and audit those portions of the systems, records, facilities, data, practices and procedures of Supplier and its Subcontractors that are used in rendering the Services or pertain to the Services (collectively, “Audits”) for any of the following purposes:

(i) to verify the accuracy of Supplier’s invoices;

(ii) to verify the integrity of those elements of Health Net’s corporate control processes that are performed by Supplier, in order to permit Health Net’s management and independent auditors to make certifications required by the securities or other Laws of any country;

(iii) to verify the integrity of Health Net Data and Supplier’s compliance with the data privacy, data protection, confidentiality and security requirements of this Agreement;

(iv) to verify Supplier’s compliance with any other provisions of this Agreement; and

(v) to satisfy the requirements of the Health Net audit committee and regulatory requirements that are provided or made available to Supplier.

(b) Audits will be conducted during business hours and upon reasonable advance notice to Supplier except in the case of Audits by regulators, emergency or security Audits and Audits investigating claims of illegal behavior. Health Net and its Auditors will comply with Supplier’s reasonable security and confidentiality requirements, guidelines and other

Terms and Conditions 45 Health Net / Cognizant Confidential

Final Execution Version

policies of Supplier when accessing facilities or other resources owned or controlled by Supplier with respect to the Audit. Use of any third party auditor that is a Supplier Competitor, shall be subject to Supplier’s prior written approval, such approval not to be unreasonably withheld or delayed. Supplier will cooperate fully with Health Net, its regulators and its and their Auditors in conducting Audits and provide such assistance as they reasonably require to carry out the Audits, including installing and operating audit software. Furthermore, Supplier will comply with Health Net’s internal audit methodology, as it is made know to Supplier by Health Net.

18.2 Audit Follow-up

(a) Following an Audit or examination, Health Net may conduct, or request its external Auditors or examiners to conduct, an exit conference with Supplier to obtain factual concurrence with issues identified in the review. Supplier will make available promptly to Health Net the results of any review or audit conducted by Supplier and Supplier’s Affiliates (including by internal audit staff or external auditors), or by inspectors, regulators or other representatives, relating to Supplier’s operating practices and procedures to the extent relevant to the Services or Health Net. Supplier shall comply with Health Net’s internal audit methodology as Health Net makes it known to Supplier in order resolve any issues that arise from the audit.

(b) At Health Net’s request, Supplier will meet with Health Net to review each audit report promptly after the issuance thereof and to mutually agree upon the appropriate manner, if any, in which to respond to the changes suggested by the audit report. Supplier and Health Net agree to develop operating procedures for the sharing of audit and regulatory findings and reports related to Supplier’s operating practices and procedures produced by auditors or regulators of either Party. Supplier shall comply with Health Net’s internal audit methodology as Health Net makes it known to Supplier.

18.3 Confidentiality of Audits

All Audit results and disclosed records will be treated as Supplier Confidential Information (except to the extent they contain Health Net Confidential Information or fall within an exception in Section 21.1(b)) and shall not be used for any purpose except to verify Supplier’s compliance with its obligations under this Agreement and except that such results and records may be disclosed to regulators in accordance with Section 21.2(d).

18.4 Records Retention

(a) In support of Health Net’s Audit rights, Supplier will keep and maintain (i) financial records relating to this Agreement in accordance with generally accepted accounting principles applied on a consistent basis, (ii) records substantiating Supplier’s invoices, (iii) records pertaining to Supplier’s compliance with the Service Levels, including root cause analyses, and (iv) such other operational records pertaining to performance of the Services as Supplier keeps in the ordinary course of its business.

(b) Supplier will retain such records and provide access to them upon request for Audits until the last to occur of the following: (i) three (3) years after expiration or termination of this Agreement; (ii) all pending matters relating to this Agreement (including disputes) are closed; and (iii) the information is no longer required to meet Health Net’s records retention policy as disclosed to Supplier, as such policy may be revised from time to

Terms and Conditions 46 Health Net / Cognizant Confidential

Final Execution Version

time. Before destroying or otherwise disposing of such records, Supplier will provide Health Net with sixty (60) days prior notice and offer Health Net the opportunity to recover the records or to request Supplier to deliver the records to Health Net, with Health Net paying Supplier’s Out-of-Pocket Expenses.

18.5 Supplier Audits

Supplier will conduct its own audits pertaining to the Services consistent with the audit practices of well-managed companies that perform services similar to the Services. Each year of the Term, Supplier will perform at each Supplier Facility and obtain the appropriate compliance certification: (i) a security audit; and (ii) a SAS *** audit (or in the future if a SAS *** report is no longer available, a comparably detailed audit). Additionally or as part of the SAS *** audit, Supplier shall perform an audit in order to verify compliance with the provisions of the Sarbanes-Oxley Act of 2002, as such Act may be amended from time to time. Supplier will provide Health Net with a summary of the results of all Supplier audits relating to the Services. If a Supplier audit indicates an adverse impact to Health Net Data, or to Health Net or other Service Recipients, or any violation of this Agreement, Supplier will immediately notify Health Net, providing pertinent details so that Health Net can take steps to avoid or minimize the adverse impacts. Supplier will also correct the errors or problems as soon as reasonably possible.

18.6 Financial Reports

At Health Net’s request, Supplier will provide to Health Net copies of all publicly-available audited and unaudited financial statements of Supplier and its Controlling Affiliates.

18.7 Overcharges

(a) If as a result of an audit or otherwise it is determined that Supplier has overcharged Health Net, Supplier shall credit Health Net’s account (or, at Health Net’s option, pay Health Net directly) an amount equal to the overcharge plus interest at *** calculated from the date the overcharge was paid by Health Net.

(b) If an audit of the charges discloses that Supplier’s overcharges exceeded *** of the audited charges during the period audited, Supplier shall also***.

19 REPRESENTATIONS, WARRANTIES AND COVENANTS OF SUPPLIER

19.1 Work Standards

Supplier represents, warrants and covenants that the Services will be rendered with promptness and diligence and be executed in a professional and workmanlike manner in accordance with the practices and standards observed by the leading companies in Supplier’s industry when performing similar services. Supplier warrants and covenants that it will use adequate numbers of qualified Supplier Personnel with suitable training, education, experience and skill to perform the Services in accordance with timing and other requirements of this Agreement.

19.2 Maintenance

Supplier represents, warrants and covenants that it will maintain the Equipment and Software so they operate in accordance with their specifications, including (i) maintaining Equipment in good operating condition, subject to normal wear and tear; (ii) undertaking repairs and preventive

Terms and Conditions 47 Health Net / Cognizant Confidential

Final Execution Version

maintenance on Equipment in accordance with the applicable Equipment manufacturer’s recommendations; and (iii) performing Software maintenance in accordance with the applicable Software vendor’s documentation and recommendations.

19.3 Efficiency and Cost-Effectiveness

Supplier represents, warrants and covenants that it will use Commercially Reasonable Efforts to use efficiently the resources or services necessary to provide the Services. Supplier warrants and covenants that it will use Commercially Reasonable Efforts to perform the Services in the most cost-effective manner consistent with the required level of quality and performance.

19.4 Technology

Supplier represents, warrants and covenants that it will provide the Services using, consistent with the Change Control Process, proven, current technology that will enable Health Net to take advantage of technological advancements applicable to its and its Affiliates’ businesses and support Health Net’s efforts to maintain competitiveness in the markets in which it competes.

19.5 Deliverables

Supplier represents, warrants and covenants that each Deliverable produced by Supplier under this Agreement will not, during the Warranty Period, deviate in any material respect from the specifications and requirements for such Deliverable set forth or referred to in this Agreement (including its Schedules and Exhibits or a statement of work, work order, project plan or similar document developed pursuant to this Agreement). If Health Net notifies Supplier of a breach of the foregoing warranty within the Warranty Period, Supplier will promptly correct and redeliver the affected Deliverables at no additional charge to Health Net without delay. “No additional charge” as used in the prior sentence shall mean that Productive Hours incurred shall not count against the Baseline AD Hours or otherwise be considered chargeable Application Development Services. “Warranty Period” means the period of time commencing ***.

19.6 Documentation

Supplier represents, warrants and covenants that any Software Documentation developed for Health Net by or on behalf of Supplier will (a) accurately and with reasonable comprehensiveness describe the operation, functionality and use of the Software or system, and (b) accurately describe in terms understandable to a typical End User the functions and features of the Software or system and the procedures for exercising such functions and features.

19.7 Compatibility

Supplier represents, warrants and covenants that, during the Warranty Period, any Deliverables and other components of the Services that exist at the time such Deliverables are developed and that are intended to interact or otherwise work together as part of a functioning system will be compatible and will properly inter-operate and work together as components of an integrated system.

19.8 Non-Infringement

(a) Subject to Section 19.8(b), Supplier represents, warrants and covenants as follows:

Terms and Conditions 48 Health Net / Cognizant Confidential

Final Execution Version

(i) that Supplier and Supplier Personnel will perform their responsibilities under this Agreement in a manner that does not infringe or constitute an infringement or misappropriation of any Intellectual Property Rights of any third party;

(ii) that Supplier has all rights and licenses necessary to convey to Health Net (and to its Affiliates, where applicable) the ownership of (or license rights, as applicable), all Software, Work Products, Independent IP, Deliverables and other items provided by or on behalf of Supplier;

(iii) that no Software, Work Product, Independent IP, Deliverable or other item provided by or on behalf of Supplier, nor their use by Health Net or other Service Recipients, will infringe or constitute an infringement or misappropriation of any Intellectual Property Right of any third party; and

(iv) that Supplier shall not incorporate any Open Source Code into any Deliverable or Work Product unless approved in writing by Health Net in advance. “Open Source Code” means any Software that requires as a condition of its use, modification or distribution that it be disclosed or distributed in source code form or made available at no charge. Open Source Code includes software licensed under the GNU General Public License (GPL) or the GNU Lesser/Library GPL.

(b) Supplier will not be considered in breach of the representation, warranty and covenant set forth in Section 19.8(a) to the extent (but only to the extent) any claimed infringement or misappropriation is attributable to either of the following:

(i) Health Net’s modification of an item provided by or on behalf of Supplier unless the modification was authorized, approved or made by Supplier; or

(ii) Health Net’s combination, operation or use of an item provided by or on behalf of Supplier with other specific items not furnished by, through or at the specification of Supplier or its Subcontractors; provided, however, that this exception will not be deemed to apply to the combination, operation or use of an item with other commercially available products that could reasonably have been anticipated to be used in combination with the item provided by or on behalf of Supplier (e.g., the combination, operation or use of Application Software provided by Supplier with a commercially available computer and System Software not provided by Supplier).

19.9 Viruses

“Virus” means (i) program code or programming instruction(s) or set(s) of instructions intentionally designed to disrupt, disable, harm, interfere with or otherwise adversely affect computer programs, data files or operations; or (ii) other code typically described as a virus, Trojan horse, worm, back door or other type of harmful code. Supplier represents, warrants and covenants that Supplier Personnel will not knowingly introduce a Virus or allow a Virus to be introduced into Health Net’s or any other Service Recipient’s system or any system used to provide the Services. In addition, Supplier will use Commercially Reasonable Efforts to prevent Supplier Personnel from unknowingly introducing a Virus or allowing a Virus to be introduced into Health Net’s or any other Service Recipient’s system or any system used to provide the Services. If a Virus is found to have been introduced into Health Net’s or other Service Recipients’ systems or the systems used to provide the Services as a result of a breach of the

Terms and Conditions 49 Health Net / Cognizant Confidential

Final Execution Version

foregoing representation, warranty and covenant, Supplier will use Commercially Reasonable Efforts at no additional charge to assist Health Net in eradicating the Virus and reversing its effects and, if the Virus causes a loss of data or operational efficiency, to assist Health Net in mitigating and reversing such losses.

19.10 Disabling Code

Supplier represents, warrants and covenants that in the course of providing the Services it will not insert into Software or any systems used to provide the Services any code that would have the effect of disabling or otherwise shutting down all or any portion of the Services. With respect to any disabling code that was already part of Software or systems used to provide the Services, Supplier represents, warrants and covenants that it will not invoke such disabling code or knowingly permit it to be invoked at any time without Health Net’s prior written consent. For purposes of this warranty and covenant, programming errors will not be deemed disabling code to the extent Supplier can demonstrate that such errors were not made with the intention of disabling or otherwise shutting down all or any portion of Health Net’s or any other Service Recipient’s systems or any system used to provide the Services.

19.11 Compliance with Health Net Policies and Procedures

Supplier represents, warrants and covenants to Health Net that Supplier will perform its obligations in a manner that complies with all Health Net policies and procedures applicable to the performance and delivery of the Services, as such policies and procedures are made known to Supplier and are amended from time to time.

19.12 Compliance with Laws; Export Control

Supplier represents, warrants and covenants to Health Net that Supplier will perform its obligations in a manner that complies with all Laws applicable to its business, including Laws of any country or jurisdiction from which Supplier provides the Services; including identifying and procuring any required permits, certificates, approvals and inspections. Supplier represents, warrants and covenants to Health Net that if a charge of non-compliance with such Laws occurs, Supplier will promptly notify Health Net in writing and will indemnify Health Net from all Losses resulting from such non-compliance.

19.13 Date and Currency Compliance

Supplier represents, warrants and covenants to Health Net that the Services and any Deliverables provided by Supplier do and will, operate in a manner which prevents ambiguous or erroneous output with respect to all (a) date-related data and functions and (b) currency-related data and functions.

19.14 Corporate Social Responsibility

Supplier represents, warrants and covenants to Health Net that Supplier and Supplier Facilities comply, and during the Term will comply, with the following:

(a) Supplier will not use forced or compulsory labor in any form, including prison, indentured, political, bonded or otherwise.

(b) Supplier will not follow policies promoting or resulting in unacceptable worker treatment

Terms and Conditions 50 Health Net / Cognizant Confidential

Final Execution Version

such as the exploitation of children, physical punishment, female abuse, involuntary servitude, or other forms of abuse.

(c) Supplier will not discriminate based on race, creed, gender, marital or maternity status, class or caste status, religious or political beliefs, age or sexual orientation. Supplier’s decisions related to hiring, salary, benefits, advancement, termination or retirement will be based solely on the ability of an individual to do the job, Supplier’s business and technical requirements, and those of Supplier’s customers.

(d) Supplier’s management practices will recognize the dignity of the individual employee and the right to a work place free of harassment, abuse or corporal punishment, and will respect Supplier’s employees’ voluntary freedom of association.

(e) Supplier will comply with all applicable Laws concerning the conditions of employment of its employees, including those relating to pay, benefits, and working conditions.

(f) Supplier will maintain on file all documentation needed to demonstrate compliance with these standards and shall make these documents available for Health Net and its auditors with or without prior notice. Supplier will publicize to its employees and enforce a non-retaliation policy that permits Supplier’s employees to speak with Health Net and Health Net’s auditors without fear of retaliation by Supplier or Supplier’s management.

19.15 Subcontractor Confidentiality and Assignment

Supplier represents, warrants and covenants to Health Net that each of Supplier’s Subcontractors performing the Services will, prior to performing any Services, have executed an agreement satisfying the confidentiality and data protection obligations provided in this Agreement.

19.16 No Improper Inducements

Supplier represents, warrants and covenants to Health Net that it has not violated any applicable Laws or any Health Net policies of which Supplier has been given notice regarding the offering of unlawful or improper inducements in connection with this Agreement. If at any time during the Term, Health Net determines that the foregoing representation, warranty and covenant is inaccurate, then, in addition to any other rights Health Net may have at law or in equity, Health Net may terminate this Agreement for cause without affording Supplier an opportunity to cure.

20 MUTUAL REPRESENTATIONS AND WARRANTIES; DISCLAIMER

20.1 Mutual Representations and Warranties

Each Party represents, warrants and covenants to the other that:

(a) It has the requisite corporate power and authority to enter into this Agreement and to carry out the transactions and activities contemplated by this Agreement;

(b) The execution, delivery and performance of this Agreement and the consummation of the transactions contemplated by this Agreement have been duly authorized by the requisite corporate action on the part of such Party, are a valid and binding obligation of such Party, and do not constitute a violation of any existing judgment, order or decree;

Terms and Conditions 51 Health Net / Cognizant Confidential

Final Execution Version

(c) The execution, delivery and performance of this Agreement and the consummation of the transactions contemplated by this Agreement do not constitute a material default under any existing material contract by which it or any of its material assets is bound, or an event that would, with notice or lapse of time or both, constitute such a default; and

(d) There is no proceeding pending or, to the knowledge of the Party, threatened that challenges or could reasonably be expected to have a material adverse affect on this Agreement or the ability of the Party to perform and fulfill its obligations under this Agreement.

20.2 Disclaimer

OTHER THAN AS PROVIDED IN THIS AGREEMENT, THERE ARE NO EXPRESS WARRANTIES AND THERE ARE NO IMPLIED WARRANTIES, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

21 CONFIDENTIALITY

21.1 “Confidential Information” Defined

(a) “Confidential Information” of a Party means any non-public, commercially sensitive information (or materials) belonging to, concerning or in the possession or control of the Party or any of its Affiliates (the “Furnishing Party”) that is furnished, disclosed or otherwise made available (directly or indirectly) to the other Party (the “Receiving Party”) (or entities or persons acting on the other Party’s behalf) in connection with this Agreement and which is either marked or identified in writing as confidential, proprietary, secret or with another designation sufficient to give notice of its sensitive nature, or is of a type that a reasonable person would recognize it to be confidential. In the case of Health Net, “Confidential Information” includes any information to which Supplier has access in Health Net Facilities or Health Net systems, all Work Product and information pertaining to it, Health Net Data, Health Net Owned Software, Health Net Leased Software, systems access codes and information concerning Health Net’s and/or its Affiliates’ products, marketing strategies, financial affairs, employees, customers (including protected health information) or suppliers, regardless of whether or how it is marked. Any notes, memoranda, compilations, derivative works, data files or other materials prepared by or on behalf of the Receiving Party that contain or otherwise reflect or refer to Confidential Information of the Furnishing Party will also be considered Confidential Information of the Furnishing Party.

(b) “Confidential Information” does not include any particular information (other than protected health information) that the Receiving Party can demonstrate: (i) was rightfully in the possession of, or was rightfully known by, the Receiving Party without an obligation to maintain its confidentiality prior to receipt from the Furnishing Party; (ii) was or has become generally known to the public other than as a result of breach of this Agreement or a wrongful disclosure by the Receiving Party or any of its agents; (iii) after disclosure to the Receiving Party, was received from a third party who, to the Receiving Party’s knowledge, had a lawful right to disclose such information to the Receiving Party without any obligation to restrict its further use or disclosure; or (iv) was independently developed by the Receiving Party without use of or reference to any Confidential Information of the Furnishing Party.

Terms and Conditions 52 Health Net / Cognizant Confidential

Final Execution Version

21.2 Obligations of Confidentiality

(a) Each Party acknowledges that it may be furnished, receive or otherwise have access to Confidential Information of the other Party in connection with this Agreement.

(b) The Receiving Party will not reproduce Confidential Information of the Furnishing Party except as reasonably required to accomplish the purposes and objectives of this Agreement. The Receiving Party will not disclose the Confidential Information of the Furnishing Party to any person or appropriate it for the Receiving Party’s own use, or for any other person’s use or benefit, except as specifically permitted by this Agreement or approved in writing by the Furnishing Party.

(c) The Receiving Party will keep the Confidential Information of the Furnishing Party confidential and secure and will protect it from unauthorized use or disclosure by using at least the same degree of care as the Receiving Party employs to avoid unauthorized use or disclosure of its own Confidential Information, but in no event less than reasonable care.

(d) As necessary to accomplish the purposes of this Agreement, the Receiving Party may disclose Confidential Information of the Furnishing Party to any employee, officer, director, contractor, Service Recipient, agent or representative of the Receiving Party who has a legitimate “need to know” the information in question and who is bound to the Receiving Party to protect the confidentiality of the information in a manner substantially equivalent to that required of the Receiving Party under this Agreement. Health Net may also provide Confidential Information of Supplier to contractors (including outsourcing suppliers that may replace Supplier under this Agreement) who have a legitimate “need to know” the Confidential Information in question in order to provide services to Health Net, provided any such contractor and outsourcing supplier (i) is bound to Health Net to use such Confidential Information for the sole purpose of providing services to Health Net that relate to Deliverables, In-Scope Applications, or the Services, and (ii) shall, prior to receipt of any Confidential Information, execute a non-disclosure agreement with Supplier substantially in the form set forth in Schedule S (the “Non-Disclosure Agreement”), provided further that (A) Supplier has the right to make reasonable modifications to the form of Non-Disclosure Agreement, and (B) Supplier shall consider in good faith any changes to the form Non-Disclosure Agreement reasonably requested by a contractor or outsourcing supplier and shall not unreasonably withhold agreement to any such changes. The Receiving Party may also disclose Confidential Information of the Furnishing Party to the Receiving Party’s Auditors provided they are made aware of the Receiving Party’s obligations of confidentiality with respect to the Furnishing Party’s Confidential Information. Health Net and its Affiliates may also disclose Supplier Confidential Information, including this Agreement and the transactions contemplated by this Agreement, in any periodic reports filed or required to be filed with the Securities and Exchange Commission (“SEC”) pursuant to the rules and regulations promulgated by the SEC, as well as to the New York Stock Exchange and any other regulatory agency or body charged with the administration, oversight or enforcement of regulations applicable to any business conducted by Health Net or any of its Affiliates.

(e) If any unauthorized disclosure, loss of, or inability to account for any Confidential Information of the Furnishing Party occurs, the Receiving Party will promptly so notify the Furnishing Party and will cooperate with the Furnishing Party and take such actions as may be necessary or reasonably requested by the Furnishing Party to minimize the

Terms and Conditions 53 Health Net / Cognizant Confidential

Final Execution Version

violation and any damage resulting from it.

21.3 No Implied Rights

Each Party’s Confidential Information will remain the property of that Party. Nothing contained in this Section 21 (Confidentiality) will be construed as obligating a Party to disclose its Confidential Information to the other Party, or as granting to or conferring on a Party, expressly or by implication, any rights or license to the Confidential Information of the other Party. Any such obligation or grant will only be as provided by other provisions of this Agreement.

21.4 Compelled Disclosure

If the Receiving Party becomes legally compelled to disclose any Confidential Information of the Furnishing Party in a manner not otherwise permitted by this Agreement, the Receiving Party will provide the Furnishing Party with prompt notice of the request so that the Furnishing Party may seek a protective order or other appropriate remedy. If a protective order or similar order is not obtained by the date by which the Receiving Party must comply with the request, the Receiving Party may furnish that portion of the Confidential Information that it determines it is legally required to furnish. The Receiving Party will exercise reasonable efforts to obtain assurances that confidential treatment will be accorded to the Confidential Information so disclosed.

21.5 Confidential Treatment of this Agreement

Each Party may disclose the existence and general nature of this Agreement as permitted by Section 27.8 (Public Disclosures), but otherwise the terms and conditions of this Agreement will be considered the Confidential Information of each Party; provided however, that the terms and conditions may be disclosed by either Party in connection with an actual or good-faith proposed merger, acquisition, or similar transaction, so long as such receiving entity first agrees in writing to obligations substantially similar to those described in this Section 21.

21.6 Disclosure of Information Concerning Tax Treatment

Notwithstanding anything to the contrary in this Section 21 (Confidentiality), each Party (and its Affiliates), and any person acting on their behalf, may disclose to any person or entity the “tax structure” and “tax treatment” (as such terms are defined in the U.S. Internal Revenue Code and regulations under it) of the transactions effected by this Agreement and any materials provided to that Party (or its Affiliates) describing or relating to such tax structure and tax treatment; provided, however, that this disclosure authorization will not be interpreted to permit disclosure of (i) any materials or portions of materials that are not related to the transaction’s tax structure or tax treatment, or (ii) any materials or information that the Party (or its Affiliate(s)) must refrain from disclosing to comply with applicable securities Laws.

21.7 Return or Destruction

As requested by the Furnishing Party during the Term, the Receiving Party will return or provide the Furnishing Party a copy of any designated Confidential Information of the Furnishing Party. When Confidential Information of the Furnishing Party is no longer required for the Receiving Party’s performance under this Agreement, or in any event upon expiration or termination of this Agreement, the Receiving Party will return all materials in any medium that contain, refer to, or relate to Confidential Information of the Furnishing Party or, at the Furnishing Party’s election, destroy them. The Receiving Party may, however, keep (a) any Confidential Information of the

Terms and Conditions 54 Health Net / Cognizant Confidential

Final Execution Version

Furnishing Party that the Receiving Party has a license to continue using, (b) in the files of its legal department or outside counsel, for record purposes only, one copy of any material requested to be returned or destroyed, and (c) archival copies as may be necessary to comply with document retention laws and regulations applicable to such Party’s business operations. Additionally, a Party shall have no obligation to destroy any Confidential Information that is subject to a claim, dispute, lawsuit, or subpoena or in any other circumstances in which such Party reasonably believes that destruction of such Confidential Information would be unethical or unlawful. At the Furnishing Party’s request, the Receiving Party will certify in writing that it has returned or destroyed all copies of the Furnishing Party’s Confidential Information in the possession or control of the Receiving Party’s or any of its Affiliates or contractors.

21.8 Duration of Confidentiality Obligations

The Receiving Party’s obligations under this Section 21 (Confidentiality) apply to Confidential Information of the Furnishing Party disclosed to the Receiving Party before or after the Effective Date and will continue during the Term and survive the expiration or termination of this Agreement as follows:

(a) The Receiving Party’s obligations under Section 21.7 (Return or Destruction) will continue in effect until fully performed;

(b) As to any portion of the Furnishing Party’s Confidential Information that constitutes a trade secret under applicable Law, the obligations will continue for as long as the information continues to constitute a trade secret;

(c) As to all other Confidential Information of the Furnishing Party, the obligations will survive for two (2) years after the Receiving Party’s fulfillment of its obligations under Section 21.7 (Return or Destruction) with respect to the Confidential Information in question; and

(d) With respect to protected health information, the obligations shall survive indefinitely.

22 INSURANCE

Supplier represents that it has, as of the Effective Date, and agrees to maintain in force throughout the Term at least the types and amounts of insurance coverage specified in Schedule H (Supplier Insurance Coverage).

23 INDEMNIFICATION

23.1 “Claim” and “Losses” Defined

“Claim” means any demand, or any civil, criminal, administrative, or investigative claim, action, or proceeding (including arbitration) commenced or threatened against an entity or person. “Losses” means all losses, liabilities, damages, liens, and claims, and all related costs, expenses, and other charges suffered or incurred as a result of or in connection with a Claim, including reasonable attorneys’ fees and disbursements, costs of investigation, litigation, settlement, and judgment, and any taxes, interest, penalties, and fines with respect to any of the foregoing.

Terms and Conditions 55 Health Net / Cognizant Confidential

Final Execution Version

23.2 Indemnification By Supplier

Supplier will at its expense indemnify, defend and hold harmless Health Net and its Affiliates, and their respective officers, directors, customers, employees, agents, representatives, successors and assigns (collectively, “Health Net Indemnitees”) from and against any and all Losses suffered or incurred by any of them arising from, in connection with, or based on any of the following, whenever made:***

23.3 Infringement Claims

If any item used by Supplier to provide the Services or any Work Product becomes, or in Supplier’s reasonable opinion is likely to become, the subject of an infringement or misappropriation Claim, Supplier will, in addition to indemnifying Health Net Indemnitees as provided in this Section 23 (Indemnification) and to the other rights Health Net may have under this Agreement, and at law or equity, ***: (i) promptly *** secure the right to continue using the item or Work Product, or (ii) if this cannot be accomplished with Commercially Reasonable Efforts, then ***, replace or modify the item or Work Product to make it non-infringing or without misappropriation, while not degrading performance, functionality, or quality, increasing Health Net costs, or disrupting Health Net’s business operations, or (iii) if neither of the foregoing can be accomplished by Supplier with Commercially Reasonable Efforts, and only in such event, then upon at least one hundred eighty (180) days’ prior written notice to Health Net, (A) with respect to non-Work Product items, Supplier may remove the item from use in performing the Services, in which case Supplier’s Charges will be equitably adjusted to reflect such removal, and (B) in the case of Work Product, Supplier may recall the Work Product and shall refund to Health Net all Charges and fees paid by Health Net relating to such Work Product. If removal of the item from use in performing Services or recall of a Work Product causes the loss or degradation of the Services or any portion of the Services that is material to Health Net or has a material impact on Health Net, such loss, degradation or material impact will constitute a material breach of this Agreement by Supplier in respect of which Health Net may exercise its termination and other rights and remedies under this Agreement.

23.4 Indemnification By Health Net

Health Net will at its expense indemnify, defend and hold harmless Supplier, and its officers, directors, employees, agents, representatives, successors and assigns (collectively, “Supplier Indemnitees”) from and against any and all Losses suffered or incurred by any of them arising from, in connection with or based on any of the following, whenever made:

(a) Any Claim by, on behalf of or relating to any of the Transitioned Employees with respect to matters occurring prior to the Transfer Date, excluding Claims for which Supplier is required to indemnify under Section Error! Reference source not found.;

(b) Any Claim by, on behalf of or relating to any Supplier Personnel who are Transitioned Employee and which arises out of Health Net’s employee selection, communications, recruitment or hiring process relating to Health Net’s rehiring of such Transitioned Employees pursuant to the terms of this Agreement, except to the extent caused by the misrepresentation or wrongful actions by Supplier;

(c) Any Claim relating to Health Net’s failure to observe or perform any duties or obligations to be observed or performed prior to the Effective Date by Health Net under any of the Health Net contracts referenced or identified in Section 11 (Transfer or Use of

Terms and Conditions 56 Health Net / Cognizant Confidential

Final Execution Version

Resources) that are assigned to Supplier or for which Supplier has assumed financial, administrative or operational responsibility;

(d) Any Claim relating to an alleged breach of Health Net’s obligations under Section 21 (Confidentiality) or the Business Associate Agreement;

(e) Any Claim relating to an alleged breach of Health Net’s obligations under Section 27.6 (Legal Compliance);

(f) Any Claim of infringement or misappropriation of any patent, trade secret, copyright or other proprietary rights, alleged to have occurred because of systems or other items provided to Supplier by Health Net; and

(g) Any Claim for death or bodily injury, or the damage, loss or destruction of real or tangible personal property of any third party (including employees of Health Net or Supplier or their respective subcontractors) brought against a Supplier Indemnitee alleged to have been caused by the tortious acts or omissions of Health Net, Health Net personnel or anyone else for whose acts Health Net is responsible. However, Health Net will have a right of contribution from Supplier with respect to the Claim to the extent Supplier’s comparative negligence is responsible for causing the alleged injury or damage, loss or destruction.

23.5 Indemnification Procedures

The following procedures will apply to Claims for which a Party seeks to be indemnified pursuant this Agreement:

(a) Notice. Promptly after an indemnitee receives notice of any Claim for which it will seek indemnification pursuant to this Agreement, the indemnitee will notify the indemnitor of the Claim in writing. No failure to so notify the indemnitor will abrogate or diminish the indemnitor’s obligations under this Section 23 (Indemnification) if the indemnitor has or receives knowledge of the Claim by other means or if the failure to notify does not materially prejudice its ability to defend the Claim. Within fifteen (15) days after receiving an indemnitee’s notice of a Claim, but no later than ten (10) days before the date on which any formal response to the Claim is due, the indemnitor will notify the indemnitee in writing as to whether the indemnitor acknowledges its indemnification obligation and elects to assume control of the defense and settlement of the Claim (a “Notice of Election”).

(b) Procedure Following Notice of Election. If the indemnitor timely delivers a Notice of Election to the address set forth in Section 27.4 acknowledging its indemnification obligation and electing to assume control of the defense and settlement of the Claim, it will be entitled to have sole control over the defense and settlement of the Claim. After delivering a timely Notice of Election acknowledging its indemnification obligation and electing to assume control of the defense and settlement of the Claim, the indemnitor will not be liable to the indemnitee for any legal expenses subsequently incurred by the indemnitee in defending or settling the Claim. In addition, the indemnitor will not be required to reimburse the indemnitee for any amount paid or payable by the indemnitee in settlement of the Claim if the settlement was agreed to without the written consent of the indemnitor.

Terms and Conditions 57 Health Net / Cognizant Confidential

Final Execution Version

(c) Procedure Where No Notice of Election Is Delivered. If the indemnitor does not deliver a timely Notice of Election for a Claim acknowledging its indemnification obligation and electing to assume control of the defense and settlement of the Claim, the indemnitee may defend and/or settle the Claim in such manner as it may deem appropriate, at the cost and expense of the indemnitor, including payment of any settlement, judgment or award and the costs of defending or settling the Claim. The indemnitor will promptly reimburse the indemnitee upon demand for all Losses suffered or incurred by the indemnitee as a result of or in connection the Claim.

23.6 Subrogation

Upon fulfilling all of its obligations under this Section 23 (Indemnification) with respect to a Claim, including making payment in full of all amounts due pursuant to its indemnification obligations, the indemnitor will be subrogated to the rights of the indemnitee(s) with respect to that Claim.

24 LIABILITY

24.1 General Intent

Subject to the specific provisions of this Section 24 (Liability), it is the intent of the Parties that if a Party fails to perform its obligations in the manner required by this Agreement, that Party will be liable to the other Party for any actual damages suffered or incurred by the other Party as a result.

24.2 Limitations of Liability

(a) Except as provided in Section 24.2(c), in no event, whether in contract or in tort (including breach of warranty, negligence and strict liability in tort or otherwise), will a Party be liable to the other Party for indirect, incidental or consequential, exemplary, punitive or special damages of any kind or nature whatsoever (including, without limitation, lost revenues, profits, savings or business), even if such Party has been advised in advance of the possibility of such damages or such damages could have been reasonably foreseen by such Party.

(b) Except as provided in Section 24.2(c), each Party’s total liability to the other, whether in contract or in tort (including breach of warranty, negligence and strict liability in tort) will be limited, in the aggregate, to an amount equal to ***. The limitations specified in this Section will survive and apply even if any limited remedy specified in this Agreement is found to have failed of its essential purpose. For purposes of this Section, fees shall be deemed payable when accrued to the benefit of and legally collectable by Supplier.

(c) The limitations and exclusions of liability set forth in this Section 24.2 (Limitations of Liability) will not apply to any of the following: ***.

(d) Without limiting (1) each Party’s responsibility for direct damages under the Agreement, and (2) each Party’s right to claim other direct damages, the following shall be considered direct damages and shall not be considered consequential damages to the extent they result from a Party’s failure to fulfill its obligations in accordance with this Agreement:

Terms and Conditions 58 Health Net / Cognizant Confidential

Final Execution Version

(i) ***

(ii) ***

(iii) ***

(iv) ***

(v) ***

(vi) ***

(vii) ***

(viii) ***

(e) Each Party has a duty to mitigate the damages suffered by it for which the other Party is or may be liable.

24.3 Force Majeure

(a) No Party will be liable for any default or delay in the performance of its obligations under this Agreement (i) if and to the extent such default or delay is caused, directly or indirectly, by fire, flood, pestilence, earthquake, elements of nature or acts of God, riots, or civil disorders, (ii) provided the non-performing Party is without fault in causing such default or delay, and such default or delay could not have been prevented by reasonable precautions and could not reasonably be circumvented by the non-performing Party through the use of alternate sources, workaround plans or other means (including with respect to Supplier by Supplier meeting its obligations for performing disaster recovery and business continuity services as described in this Agreement) (each such event a “Force Majeure Event”).

(b) In such event the non-performing Party will be excused from further performance or observance of the obligations so affected for as long as such circumstances prevail and such Party continues to use Commercially Reasonable Efforts to recommence performance or observance without delay. Any Party so delayed in its performance will immediately notify the Party to whom performance is due by telephone (to be confirmed in writing within twenty-four (24) hours of the inception of such delay) and describe at a reasonable level of detail the circumstances causing such delay. To the extent the provision of the Services or any part thereof is prevented or materially affected by a Force Majeure Event, Health Net’s obligation to pay Charges hereunder shall accordingly be reduced by an equitable amount (which in the case of total suspension of the Services would be an amount equal to the total charges hereunder for the period of suspension).

(c) If any event under Section 24.3(a) substantially prevents, hinders or delays performance of the Services, then Supplier shall use Commercially Reasonable Efforts to identify another Supplier location from which it might provide the Services without interference from such event, and if Health Net requests, Supplier shall assist Health Net in identifying an alternate source that may be able to provide the Services to Health Net during the time of such Force Majeure Event. If any event under Section 24.3(a) substantially prevents, hinders or delays performance of the Services necessary for the

Terms and Conditions 59 Health Net / Cognizant Confidential

Final Execution Version

performance of functions reasonably identified by Health Net as critical for more than *** consecutive business days, then at Health Net’s option: (i) Health Net may procure such Services from an alternate source, ***; (ii) Health Net may terminate any portion of this Agreement so affected ***; or (iii) Health Net may terminate this Agreement, ***, as of a date specified by Health Net in a written notice of termination to Supplier. Supplier will not have the right to any additional payments from Health Net for costs or expenses incurred by Supplier as a result of any Force Majeure Event.

(d) A force majeure event will not relieve Supplier of its obligations to implement successfully all of the Services relating to disaster recovery services that are included in this Agreement within the time period described in this Agreement.

24.4 Disaster Recovery and Business Continuity

(a) Supplier will at all times maintain disaster recovery and business continuity plans, procedures and capabilities with respect to each Supplier Facility that meets all reasonable Health Net and applicable regulatory requirements. With respect to disaster recovery Supplier will, at a minimum:

(i) Perform functions in accordance with internationally accepted IT recovery planning standards and procedures agreed upon by Supplier and Health Net, which standards and procedures will provide fully integrated cross-functional recovery, as specified in the Procedures Manual and which will be no less stringent than the standards and procedures used at well-managed operations providing functions similar to the Services.

(ii) Perform backups as specified in the Procedures Manual or as otherwise reasonably necessary to maximize availability of the Services during problems, such as disaster/business recovery functions for all Health Net Data, Equipment, Services, and Software.

(iii) Maintain backup telecommunications services that will allow Health Net to dial-in to the hot site or any other remote facility used by Supplier during a disaster.

(iv) Provide technology change and upgrade capability to ensure that contingency facilities stay current with the technology levels of the production systems.

(v) Develop and maintain a plan for the transition back from the disaster recovery site to Supplier Facilities of the affected services and restoration of Services at the affected site upon cessation of the disaster.

(vi) Upon cessation of the disaster, promptly implement the plan to restore the affected Services at the affected sites.

(vii) Update and test not less often than annually Supplier’s disaster recovery and business continuity plans, procedures and capabilities with respect to each Supplier Facility and those related to or affecting the Services.

(viii) Interface Supplier’s disaster recovery and business continuity plans, procedures and capabilities with, and provide support and assistance to Health Net in connection with Health Net’s semi-annual testing of, Health Net’s disaster

Terms and Conditions 60 Health Net / Cognizant Confidential

Final Execution Version

recovery plans, processes and procedures.

(b) Health Net will retain authority for developing policies and business requirements regarding contingency planning, disaster recovery and business continuity applicable to the Services and Health Net. Supplier will comply with the Health Net disaster recovery plan and all other Health Net disaster recovery policies and business requirements provided to Supplier, including any regulatory requirements relative to financial institutions, to the extent such plans, policies, requirements and regulations apply to the Services or to any Supplier Maintained Application. Supplier will develop and execute contingency planning and disaster recovery practices consistent with such policies, business requirements, and regulations. Health Net will, from time to time, review and modify the policies and business requirements and such modifications will be implemented by Supplier. Health Net may from time to time request, and Supplier shall provide to Health Net upon such request, copies of Supplier’s then-current disaster recovery and business continuity plans, procedures and capabilities and the results of any tests thereof.

25 RULES OF CONSTRUCTION

25.1 Entire Agreement

(a) Subject to Section 25.1(b), this Agreement – consisting of the signature page, these Terms and Conditions and the attached Schedules and Exhibits – constitutes the entire agreement between the Parties with respect to its subject matter and merges, integrates and supersedes all prior and contemporaneous agreements and understandings between the Parties, whether written or oral, concerning its subject matter.

(b) Notwithstanding the foregoing, the Parties intend that the Staff Augmentation Agreement shall continue to remain in effect unless and until such Staff Augmentation Agreement expires or is terminated pursuant to the terms of such Staff Augmentation Agreement. In addition, for the avoidance of doubt, no volume discounts or other terms set forth in the Staff Augmentation Agreement are applicable to this Agreement unless expressly so referenced in this Agreement.

25.2 Contracting Parties; No Third Party Beneficiaries

This Agreement is entered into solely between, and may be enforced only by, Health Net and Supplier. This Agreement does not create any legally enforceable rights in third parties, including suppliers, subcontractors and customers of a Party, except as provided in this paragraph and Section 23 (Indemnification).

25.3 Contract Amendments and Modifications

Any terms and conditions varying from this Agreement on any order or written notification from either Party will not be effective or binding on the other Party. This Agreement may be amended or modified solely in a writing signed by an authorized representative of each Party.

25.4 Governing Law

This Agreement and performance under it shall be governed by and construed in accordance with the laws of the state of New York without regard to its choice of law principles.

Terms and Conditions 61 Health Net / Cognizant Confidential

Final Execution Version

25.5 Relationship of the Parties

Supplier, in furnishing the Services, is acting as an independent contractor. Supplier has the sole right and obligation to supervise, manage, contract, direct, procure, perform or cause to be performed, all work to be performed by Supplier under this Agreement. Supplier is not an agent or partner of Health Net and has no authority to represent or bind Health Net as to any matters, except as expressly authorized in this Agreement. This Agreement establishes a nonexclusive relationship between the Parties.

25.6 Consents and Approvals

Where approval, acceptance, consent or similar action by either Party is required under this Agreement, such action will not be unreasonably delayed, conditioned or withheld unless this Agreement expressly provides that it is in the discretion of the Party. No approval or consent given by a Party under this Agreement will relieve the other Party from responsibility for complying with the requirements of this Agreement, nor will it be construed as a waiver of any rights under this Agreement (except to the extent, if any, expressly provided in such approval or consent). Each Party will, at the request of the other Party, perform those actions, including executing additional documents and instruments, reasonably necessary to give full effect to this Agreement.

25.7 Waiver

No failure or delay by a Party in exercising any right, power or remedy will operate as a waiver of that right, power or remedy, and no waiver will be effective unless it is in writing and signed by an authorized representative of the waiving Party. If a Party waives any right, power or remedy, the waiver will not waive any successive or other right, power or remedy that Party may have.

25.8 Remedies Cumulative

Except as otherwise expressly provided in this Agreement, all remedies provided in this Agreement are cumulative and in addition to and not in lieu of any other remedies available to a Party under this Agreement, at law, or in equity.

25.9 References

(a) The section headings and the table of contents used in this Agreement are for convenience of reference only and will not enter into the interpretation of this Agreement.

(b) Unless otherwise indicated, section references are to sections of the document in which the reference is contained. For example, section references in these Terms and Conditions are to sections of the Terms and Conditions and, likewise, section references in a Schedule to this Agreement are to sections of that Schedule.

(c) References to numbered (or lettered) sections of this Agreement also refer to and include all subsections of the referenced section.

(d) Unless otherwise indicated, references to Schedules to this Agreement also refer to and include all Exhibits to the referenced Schedule.

Terms and Conditions 62 Health Net / Cognizant Confidential

Final Execution Version

25.10 Rules of Interpretation

(a) Unless the context requires otherwise, (i) “including” (and any of its derivative forms) means including but not limited to, (ii) “may” means has the right, but not the obligation to do something and “may not” means does not have the right to do something, (iii) “will” and “shall” are expressions of command, not merely expressions of future intent or expectation, (iv) “written” or “in writing” is used for emphasis in certain circumstances, but that will not derogate from the general application of the notice requirements set forth in Section 27.4 (Notices) in those and other circumstances, (v) use of the singular imports the plural and vice versa, and (vi) use of a specific gender imports the other gender(s).

(b) References in the Agreement to “hours”, “days”, or “years” that do not specifically refer to Business Hours, Business Days or Contract Years are references to clock hours, calendar days, or calendar years, respectively, unless otherwise provided.

25.11 Order of Precedence

If there is any conflict between this Agreement and any document incorporated by reference into this Agreement, the Parties shall attempt to read any such conflicting provisions consistently, however, in the event such a consistent reading cannot be accomplished, the order of precedence will be as follows: (a) the Terms and Conditions and any amendments thereto, (b) the Schedules, Exhibits and other attachments to this Agreement, and (c) other documents incorporated by reference.

25.12 Severability

If any provision of this Agreement conflicts with the Law under which this Agreement is to be construed or if any provision of this Agreement is held invalid, illegal, or otherwise unenforceable by a competent authority, such provision will, if possible, be deemed to be restated to reflect as nearly as possible the original intentions of the Parties in accordance with applicable Law. In any event, the remainder of this Agreement will remain in full force and effect.

25.13 Counterparts

This Agreement may be executed in several counterparts and by facsimile or PDF signature, all of which taken together constitute a single agreement between the Parties. Each signed counter-part, including a signed counterpart reproduced by reliable means (including facsimile and PDF), will be considered as legally effective as an original signature.

25.14 Reading Down

If a provision of this Agreement is reasonably capable of an interpretation which would make that provision valid, lawful and enforceable and an alternative interpretation that would make it unenforceable, illegal, invalid or void then, so far as is possible, that provision will be interpreted or construed to be limited and read down to the extent necessary to make it valid and enforceable.

26 DISPUTE RESOLUTION

Any dispute between the Parties arising out of or relating to this Agreement, including with respect to the interpretation of any provision of this Agreement or with respect to performance by Supplier or Health

Terms and Conditions 63 Health Net / Cognizant Confidential

Final Execution Version

Net, will be resolved as provided in this Section 26 (Dispute Resolution).

26.1 Informal Dispute Resolution

(a) Subject to Section 26.1(b), the Parties initially will attempt to resolve any dispute arising out of or relating to this Agreement informally in accordance with the following:

(i) Within ten (10) days after a Party receives notice of a dispute from the other Party (“Dispute Date”), it will designate a senior representative (i.e., a person whose rank within the company is superior to, in the case of Supplier, the Client Partner, and in the case of Health Net, the Health Net Program Manager) who does not devote substantially all of his time to performance under this Agreement, who will offer to meet with the designated senior representative of the other Party for the purpose of attempting to resolve the dispute amicably.

(ii) The appointed representatives will meet promptly to discuss the dispute and attempt to resolve it without the necessity of any formal proceeding. They will meet as often as the Parties deem necessary in order that each Party may be fully advised of the other’s position. During the course of discussion, all reasonable requests made by one Party to the other for non-privileged information reasonably related to the matters in dispute will be honored promptly.

(iii) The specific format for the discussions will be left to the discretion of the appointed representatives.

(b) Formal dispute resolution may be commenced by a Party upon the first to occur of any of the following:

(i) the appointed representatives conclude in good faith that amicable resolution of the dispute through continued negotiation does not appear likely;

(ii) thirty-five (35) days have passed from the Dispute Date (this period will be deemed to run notwithstanding any claim that the process described in this Section 26.1 (Informal Dispute Resolution) was not followed or completed); or

(iii) commencement of formal dispute resolution is deemed appropriate by a Party to avoid the expiration of an applicable limitations period or to preserve a superior position with respect to other creditors, or a Party makes a good faith determination, including as provided in Section 26.4 (Equitable Remedies), that a breach of this Agreement by the other Party is such that a temporary restraining order or other injunctive or conservatory relief is necessary.

26.2 Litigation

For all litigation which may arise with respect this Agreement, the Parties irrevocably and unconditionally submit (a) to the exclusive jurisdiction and venue (and waive any claim of forum non conveniens and any objections as to laying of venue) of the United States District Court for the Central District of California, or (b) if such court does not have subject matter jurisdiction, to the Superior Court of the State of California, Los Angeles County in connection with any action, suit or proceeding arising out of or relating to this Agreement. The Parties further consent to the jurisdiction of any state court located within a district that encompasses assets of a Party against

Terms and Conditions 64 Health Net / Cognizant Confidential

Final Execution Version

which a judgment has been rendered for the enforcement of such judgment or award against the assets of such Party.

26.3 Continued Performance

Each Party agrees (a) to continue performing its obligations under this Agreement while a dispute is being resolved except (and then only) to the extent performance is prevented by the other Party or the issue in dispute precludes performance, and (b) not to take any action that intentionally obstructs, delays, or reduces in any way the performance of such obligations. For the avoidance of doubt, a good faith dispute regarding invoiced charges and Health Net’s withholding payment of disputed charges as permitted under this Agreement will not be considered to prevent Supplier from performing the Services or preclude performance by Supplier, nor will this Section 26.3 be interpreted to limit either Party’s right to terminate this Agreement as provided in Section 16 (Termination).

26.4 Equitable Remedies

Each Party acknowledges that a breach of any of its obligations under the Sections of this Agreement listed below, or its infringement or misappropriation of any Intellectual Property Rights of the other Party, may irreparably harm the other Party in a way that could not be adequately compensated by money damages. In such a circumstance, the aggrieved Party may (in addition to all other remedies and rights) proceed directly to court notwithstanding the other provisions of this Section 26 (Dispute Resolution). If a court of competent jurisdiction should find that a Party has breached (or attempted or threatened to breach) any such obligations, such Party agrees that without posting bond or proving damages and without any additional findings of irreparable injury or other conditions to injunctive relief, it will not oppose the entry of an appropriate order compelling its performance of such obligations and restraining it from any further breaches (or attempted or threatened breaches) of such obligations. The following Sections are subject to this paragraph:

(a) Section 14 (Data Security and Protection);

(b) Section 15 (Intellectual Property Rights);

(c) Section 16 (Termination);

(d) Section 21 (Confidentiality); and

(e) Section 23 (Indemnification).

26.5 Waiver of Jury Trial

THE PARTIES HEREBY UNCONDITIONALLY WAIVE THEIR RESPECTIVE RIGHTS TO A JURY TRIAL OF ANY CLAIM OR CAUSE OF ACTION ARISING DIRECTLY OR INDIRECTLY OUT OF, RELATED TO, OR IN ANY WAY CONNECTED WITH, THE PERFORMANCE OR BREACH OF THIS AGREEMENT, OR THE RELATIONSHIP THAT IS BEING ESTABLISHED BETWEEN THEM. The scope of this waiver is intended to be all encompassing of any and all disputes that may be filed in any court or other tribunal (including, without limitation, contract claims, tort claims, breach of duty claims, and all other common law and statutory claims). THIS WAIVER IS IRREVOCABLE, MEANING THAT IT MAY NOT BE MODIFIED EITHER ORALLY OR IN WRITING, AND THE WAIVER SHALL APPLY

Terms and Conditions 65 Health Net / Cognizant Confidential

Final Execution Version

TO ANY SUBSEQUENT AMENDMENTS, RENEWALS, SUPPLEMENTS OR MODIFICATIONS TO THIS AGREEMENT, AND RELATED DOCUMENTS, OR TO ANY OTHER DOCUMENTS OR AGREEMENTS RELATING TO THIS TRANSACTION OR ANY RELATED TRANSACTION. In the event of litigation, this Agreement may be filed as a consent to a trial by the court.

26.6 Disclaimer of Uniform Computer Information Transactions Act

TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, THE PARTIES DISCLAIM AND NONE OF THIS AGREEMENT SHALL BE SUBJECT TO THE UNIFORM COMPUTER INFORMATION TRANSACTIONS ACT (“UCITA”) (PREPARED BY THE NATIONAL CONFERENCE OF COMMISSIONERS ON UNIFORM STATE LAWS) AS CURRENTLY ENACTED OR AS MAY BE ENACTED, CODIFIED OR AMENDED FROM TIME TO TIME BY ANY JURISDICTION. TO THE EXTANT THAT ANY ASPECT OF THIS AGREEMENT OR ANY LICENSE GRANTED UNDER THIS AGREEMENT IS UNCLEAR OR DISPUTED BY THE PARTIES AND UCITA, IF APPLIED, WOULD CLARIFY SUCH LICENSE OR RESOLVE SUCH DISPUTE, THE PARTIES AGREE TO CLARIFY SUCH LICENSE OR RESOLVE SUCH DISPUTE INDEPENDENTLY OF UCITA BY APPLYING THE INTENT OF THE PARTIES AT THE TIME THAT THEY ENTERED THIS AGREEMENT.

27 GENERAL

27.1 Binding Nature and Assignment

This Agreement is binding on the Parties and their respective successors and permitted assigns. Supplier acknowledges that the Services are personal in nature and that, as a result, Supplier may not assign this Agreement or delegate its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of Health Net. Health Net may not assign this Agreement or delegate its rights or obligations under this Agreement without the prior written consent of Supplier except to a Health Net Affiliate or to the successor in a merger or reorganization of Health Net or an entity that acquires Control of Health Net or acquires all or substantially all of Health Net’s business or assets. Any attempted assignment in violation of this Section 27.1 will be void and will constitute a material breach of this Agreement by the Party attempting the assignment. A Party assigning this Agreement or delegating its rights or obligations under this Agreement must provide prompt notice of the assignment or delegation to the other Party after its effective date.

27.2 Nondiscrimination

Neither Party shall discriminate against any Beneficiary in the provision of Services hereunder, whether on the basis of the Beneficiary’s coverage under a Benefit Program, age, sex, marital status, sexual orientation, race, color, religion, ancestry, national origin, disability, handicap, health status, source of payment, utilization of medical or mental health services or supplies, or other unlawful basis including, without limitation, the filing by such Beneficiary of any complaint, grievance or legal action against Supplier, Health Net, or a Health Net Affiliate. Supplier agrees to make reasonable accommodations for Beneficiaries with disabilities or handicaps, including but not limited to, providing auxiliary aids and services to Beneficiaries at Supplier’s expense, as required by law.

Terms and Conditions 66 Health Net / Cognizant Confidential

Final Execution Version

27.3 Beneficiary Hold Harmless

Supplier will (a) not hold any Beneficiary liable for fees that are the responsibility of Health Net or a Health Net Affiliate; and (b) ensure that Supplier’s subcontractors will not hold any Beneficiary liable for fees that are the responsibility of Health Net or a Health Net Affiliate.

27.4 Notices

(a) All notices, requests, demands and determinations under this Agreement (other than routine operational communications), shall be in writing and shall be deemed duly given (i) when delivered by hand, (ii) on the designated day of delivery after being timely given to an express overnight courier with a reliable system for tracking delivery, (iii) six (6) days after the day of mailing, when mailed by United States mail, registered or certified mail, return receipt requested and postage prepaid, and addressed as follows:

(i) In the case of Health Net:

Health Net, Inc.

21650 Oxnard Street

Woodland Hills, CA 91367

Attn: Chief Procurement Officer

With a copy to:

Health Net, Inc.

21650 Oxnard Street

Woodland Hills, CA 91367

Attn: General Counsel

(ii) In the case of Supplier:

Cognizant Technology Solutions US Corporation

500 Frank W. Burr Blvd.

Teaneck, New Jersey 07666

Attn: General Counsel

(b) A Party may from time to time change its address or designee for notification purposes by giving the other prior written notice of the new address or designee and the date upon which it will become effective.

27.5 Non-solicitation of Employees

(a) Subject to the provisions of Schedule E, Supplier will not solicit or seek to procure the employment of any Health Net personnel, either directly or indirectly (other than by general advertising not specifically targeted at Health Net’s employees) until twelve (12) months after the date on which any such Health Net personnel ceases to be employed by Health Net, without the prior written consent of Health Net.

(b) Subject to the provisions of Sections 16.5(a) and 11.9(b), Health Net will not *** the employment of any Supplier Personnel, either directly or indirectly (other than by general advertising not specifically targeted at Supplier’s employees) until *** after the date that any such Supplier Personnel has ceased performing Services under this Agreement, without the prior written consent of Supplier.

Terms and Conditions 67 Health Net / Cognizant Confidential

Final Execution Version

27.6 Legal Compliance

(a) Each Party agrees at its cost and expense to obtain all necessary regulatory approvals applicable to its business, to obtain any necessary licenses or permits for its business and to comply with all Laws applicable to its business (or that of any of its Affiliates) or the performance of any of its obligations under this Agreement.

(b) In addition, in the case of any Laws that are specifically applicable to the Services rendered by Supplier or to Supplier as a provider of the Services to Health Net and its Affiliates, Supplier shall perform its obligations under this Agreement in compliance with any associated Health Net standards, policies and requirements that have been disclosed to Supplier in writing. If a Party is charged with failing to comply with any such Laws, it shall promptly notify the other Party of the charges in writing.

(c) Each Party will bear the risk of and have Financial Responsibility for any change in Laws applicable to it or its Affiliates, or their respective businesses, or the performance of its obligations under this Agreement. If a change to any Law applicable to Health Net results in the need for a change to a Service or charges hereunder (the foregoing, a “Regulatory Change”), Supplier shall make that Regulatory Change as soon as reasonably possible. The Parties shall seek to agree to the details and cost of the Regulatory Change in accordance with the Change Control Process. If there is any disagreement between the Parties regarding any Regulatory Change or potential Regulatory Change, then: (i) Health Net shall have the right to determine: (A) whether a Regulatory Change is required; and (B) how Supplier should implement that Regulatory Change; and (ii) as and if approved by Health Net, Health Net shall pay Supplier’s reasonably incurred and properly evidenced labor and materials costs of implementing the Regulatory Change; provided that if the Regulatory Change is carried out for other customers of Supplier, Health Net shall only bear an equitable proportion of Supplier’s reasonably incurred and properly evidenced labor and materials costs.

27.7 Covenant of Good Faith

Each Party, in its respective dealings with the other Party under or in connection with this Agreement, will act reasonably and in good faith.

27.8 Public Disclosures

All media releases, public announcements and public disclosures by either Party relating to this Agreement or the subject matter of this Agreement, including pro-motional or marketing material, but not including announcements intended solely for internal distribution or disclosures to the extent required to meet legal or regulatory requirements beyond the reasonable control of the disclosing Party, will be coordinated with and approved by the other Party prior to release.

27.9 Service Marks

Supplier will not, without Health Net’s consent, use the name, service marks or trademarks of Health Net in any advertising or promotional materials prepared by or on behalf of Supplier.

Terms and Conditions 68 Health Net / Cognizant Confidential

Final Execution Version

27.10 Mutually Negotiated

No rule of construction will apply in the interpretation of this Agreement to the disadvantage of one Party on the basis that such Party put forward or drafted this Agreement or any provision of this Agreement.

IN WITNESS WHEREOF, Health Net and Supplier have each caused this Agreement to be signed and delivered by its duly authorized officer, all as of the date first set forth above.

Health Net, Inc.		Cognizant Technology Solutions U.S. Corporation
By:	/s/ James E. Woys	By:	/s/ Dana Gilbert
Print Name:	James E. Woys	Print Name:	Dana Gilbert
Title:	Chief Operating Officer	Title:	Vice President
Date:	September 30, 2008	Date:	September 30, 2008

Terms and Conditions 69 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE A

SCOPE OF SERVICES

Schedule A A-i Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE A

SCOPE OF SERVICES

Table of Contents

1.	INTRODUCTION		1
	1.1	General.	1
	1.2	Hours of Coverage.	2
	1.3	Definitions.	2
	1.4	Application Portfolio.	2
	1.5	Technical Solution.	3
2.	CROSS-FUNCTIONAL SERVICES		3
	2.1	Account Management.	3
	2.2	Account Planning and Analysis.	4
	2.3	Development Related Managed Third Party Contracts.	5
	2.4	Project Management.	7
	2.5	Continuous Process Improvement Services.	9
	2.6	Service Level Monitoring and Reporting.	9
	2.7	IT Continuity & Disaster Recovery Services.	10
	2.8	Training Services.	12
	2.9	Documentation.	15
	2.10	Change and Release Management; Software Distribution.	15
	2.11	Software Configuration Management.	18
	2.12	Availability Management.	20
	2.13	Security Management.	21
	2.14	Information Retention.	23
3.	APPLICATION SUPPORT SERVICES		23
	3.1	Application Maintenance Services.	23
	3.2	Operational Support Services.	27
	3.3	Service Request and Trouble Ticket Management.	41
	3.4	Minor Enhancement Services.	45
4.	Software Quality Assurance/TESTING SERVICES.		45
	4.2	Testing Center of Excellence (TCOE).	48
	4.3	General Management and Oversight of Testing Services.	50
	4.4	Execution of Tests.	51
	4.5	Integration and Testing.	53

Schedule A A-ii Health Net / Cognizant Confidential

Final Execution Version

5.	Section 5: Application Development Services Requirements		61
	5.1	Planning and Analysis	61
	5.2	Requirements Definition	63
	5.3	Design Specifications	64
	5.4	Programming/Development	66
	5.5	Unit Testing	67
	5.6	Health Net Project Development Process	70

Schedule A A-iii Health Net / Cognizant Confidential

Final Execution Version

List of Exhibits

Exhibit A-1:	Intentionally Blank
Exhibit A-2:	Transition Description
Attachment A-2-1:	Transition Plan
Exhibit A-3:	Solution Description
Exhibit A-4:	In-Scope Applications
Exhibit A-5:	Change Control Process
Exhibit A-6:	Project Framework
Attachment A-6-1:	Deliverable Acceptance Procedures
Exhibit A-7:	In-Flight Projects
Exhibit A-8:	Testing Center of Excellence
Exhibit A-9:	SAP Roles and Responsibilities Matrix
Exhibit A-10:	Intentionally Blank
Exhibit A-11:	Network Diagram

Schedule A A-iv Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE A

SCOPE OF SERVICES

1. INTRODUCTION

1.1 General.

(a) This Schedule A (Services) describes, among other things, the application development, testing, and maintenance and support Services to be performed and delivered by Supplier under this Agreement; the service delivery environments from which Supplier will perform and deliver the Services; and the solution that Supplier will implement or use in performing the Services. These Services are separated into sections within this Schedule A. These sections are related to Application Support Services, Software Quality/Assurance Testing Services, and Application Development Services. The Services that are primarily associated with each section can be found under the respective section. The separation of Services into the section is for organizational purposes only and is not intended to restrict that service only to the specific section within which such service is described.

(i) Cross-Functional Services:

(A) Account management and planning, including the development of strategy to meet the goals of the project, the initiative or the overall goals of Health Net.

(B) Project management, work authorization, training, security, and disaster recovery considerations; and

(C) Monitoring and performing all tasks and responsibilities for management documentation and management reporting in a form and format reasonably requested by Health Net.

(ii) Application Support Services: This is concerned with how the applications run in the technical and business environment. Tasks include: maintenance, performing all the items necessary to support Software, including technology planning, performance levels, availability levels, Software currency, operational support, End User assistance, Problem management, Incident management, security, disaster recovery, minor enhancements, and data and user management.

(iii) Software Quality Assurance/Testing: The progressive transition of Software and configurations from proof of concept through delivery into stable delivery to production.

(iv) Application Development Services: These Services include performing the construction of Software, proof of concept, management of Software, configuration of systems, parameter changes, related testing, and implementation of Software and Software tools used to provide the Services.

(b) The Services are required for Health Net’s business operations in the United States, including its territories.

(c) References to specific resources (e.g., tools, systems) in this Schedule A that are used by Supplier in performing the Services, shall be deemed to include successor or replacement resources where Supplier implements any such successor or replacement resources.

Schedule A A-1 Confidential

Final Execution Version

(d) Supplier shall manage and perform the Services in a tightly integrated manner (with appropriate consideration given at all times to the impact of change to all Services) without regard to technology platform. All changes to the In-Scope Applications should follow Application Development life cycle procedures.

(e) All Equipment, Software and Services shall meet the configuration, performance, information system security, and standardization requirements as defined by the Health Net IT architectural standards.

(f) Supplier shall provide such information as may be requested by Health Net from time to time to support Health Net’s investigation into potential violations of Health Net’s policies and procedures; and

(g) All communications and documentation will be in English.

1.2 Hours of Coverage.

The hours of coverage are set forth in Exhibit A-3 (Solution Description).

1.3 Definitions.

Capitalized terms not defined in this Schedule A shall have the meaning given them in Schedule Q (Glossary) or elsewhere in this Agreement.

(a) “Associated Tools and Software” means the tools and Software that are components of the applications listed in Exhibit A-4. The Associated Tools and Software are set forth in Exhibit J-3 to Schedule J, provided that Exhibit J-3 is not an exhaustive list of the third party tools and Software that are components of the In-Scope Applications, nor does it include any Health Net owned tools and Software that are components of the In-Scope Applications. Any such tools and Software that are not listed on Exhibit A-4 shall nonetheless be deemed part of the Associated Tools and Software for purposes of this Agreement.

(b) “Development Related Managed Third Parties” means the third party vendors under the Development Related Managed Third Party Contracts.

(c) “Development Related Managed Third Party Contracts” shall mean Health Net’s contracts for the following third party products: Unity, Macess, IVR, Value Tech, and iMANY.

(d) “In-Scope Applications” means collectively the applications set forth in Exhibit A-4, and their respective interfaces, data bases, data files, configurations, reports, tasks, job schedules, job documentation, disaster recovery processes, recovery processes, Source Code, development tools, screens and web pages.

(e) “Project” (whether or not capitalized) means an AD Project, Minor Enhancement, or other discrete non-recurring Service that has Deliverables and requires startup, planning, execution, and completion.

1.4 Application Portfolio.

Supplier shall perform the Services for all of the In-Scope Applications and, where applicable, the Associated Tools and Software.

Schedule A A-2 Health Net / Cognizant Confidential

Final Execution Version

1.5 Technical Solution.

Attached hereto as Exhibit A-3 is a draft, high level solution (the “Technical Solution”), describing how Supplier will be performing the Services and meeting Health Net’s business requirements as described in this Agreement (including this Schedule and the Exhibits attached hereto). Within sixty (60) days following the Effective Date, Supplier shall be responsible for revising, elaborating on, fully describing, and finalizing the Technical Solution. The Technical Solution may not modify or change the scope of Services to be provided under, or any other terms or conditions of, this Agreement, and shall be provided to Health Net for review, comment and approval. Such detailed Technical Solution, including reasonable comments or suggestions of Health Net, shall be incorporated into the Technology Plan described in Section 17.6 of the Terms and Conditions. Supplier shall perform the Services in accordance with the Technology Plan and the Technical Solution. The network diagram, which depicts the network portion of the Technical Solution is attached as Exhibit A-11 to this Schedule A.

2. CROSS-FUNCTIONAL SERVICES

Supplier shall provide the following cross-functional Services (the “Cross Functional Services”) as such Services relate to the Application Support Services, Application Development Services, Quality Assurance/Testing Services, and any other Services the Parties may add to the scope of this Agreement. In the event that Health Net terminates the provision of any part of the Services pursuant to this Agreement, Supplier shall continue to provide the Services set forth in this Section 2 as such Services relate to the remaining Services.

2.1 Account Management.

Account management Services are those Functions associated with the ongoing management of the Services environment. Supplier shall perform the account management Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 1. Account Management Roles and Responsibilities

Account Management Roles and Responsibilities		Supplier	Health Net
1.	Develop and document account management reporting procedures.	X
2.	Approve account management reporting procedures.		X
3.	Develop a user guide that defines Supplier’s Services (and how the End Users can use the Services) in a format that is easily understood by the End Users.	X
4.	Develop a service ordering process that clearly defines to the End User how to order, change or delete services.	X
5.	Develop and document criteria and formats for administrative, service activity and Service Level reporting.	X
6.	Approve a “user” guide, service ordering process and all reporting criteria and formats.		X

Schedule A A-3 Health Net / Cognizant Confidential

Final Execution Version

Account Management Roles and Responsibilities		Supplier	Health Net
7.	Develop and implement customer satisfaction program for tracking the quality of Service delivery to End Users across the Services.	X
8.	Approve customer satisfaction program and monitor results.		X
9.	Measure, analyze and report system and service performance relative to requirements.	X
10.	Prepare performance and other Service Level reports and provide as scheduled.	X
11.	Prepare and provide activities reports.	X
12.	Prepare reports on statistics and trends.	X
13.	Perform operations inspections and other Service-related inspections to verify quality and accuracy of the Services.	X

2.2 Account Planning and Analysis.

Account planning and analysis Services are the Functions associated with the research of new technical trends, products and services, such as Equipment, Software, business applications and business processes that offer opportunities to improve the efficiency and effectiveness of the Services, as well as enhance Health Net’s competitive business advantage. Supplier shall perform the planning and analysis Services across all areas of service, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 2. Planning and Analysis Roles and Responsibilities

Planning and Analysis Roles and Responsibilities		Supplier	Health Net
1.	Define Health Net business, functional, availability and service requirements at the enterprise level.		X
2.	Propose planning and analysis activities to improve the Services, including improvements for operational efficiencies and risk mitigation strategies.	X
3.	Review and approve services and standards for planning and analysis activities.		X
4.	Recommend policies and procedures to perform planning and analysis activities affecting all aspects of Services.	X

Schedule A A-4 Health Net / Cognizant Confidential

Final Execution Version

Planning and Analysis Roles and Responsibilities		Supplier	Health Net
5.	Review, authorize, and approve policies and procedures for the performance of planning and analysis activities.		X
6.	Continuously monitor technical trends through independent research; document and report on products and services with potential use for Health Net on a quarterly basis.	X
7.	Provide feasibility studies for the implementation of new technologies (including security-related technologies) that best meet Health Net business needs and cost, performance and quality objectives; present the findings of such feasibility studies to Health Net on a quarterly basis.	X
8.	Conduct annual technical and business planning sessions to establish standards, architecture and project initiatives.		X
9.	Participate in annual technical and business planning sessions to establish standards, architecture and project initiatives.	X
10.	Conduct planning for application currency (advantages of new versions of applications, upgrades, patches, end of maintenance etc.)	X
11.	Participate in planning for application currency.		X
12.	Conduct semiannual technical reviews.	X
13.	Conduct semiannual workshops on industry trends and best practices.	X
14.	Participate by collaborating with Health Net and other third parties as required, in application security planning.	X

2.3 Development Related Managed Third Party Contracts.

Supplier will manage Application Development Services and Application Support Services activities under the Development Related Managed Third Party contracts in accordance with the requirements of this Agreement. Heath Net shall have the right to add additional Development Related Managed Third Party Contracts by sending written notice to Supplier and through the Change Control Process. Based upon guidance and direction from Health Net, Supplier shall act in Health Net’s interests at all times with regard to this responsibility. Without limiting the generality of the foregoing, Supplier’s responsibility with respect to such Development Related Managed Third Party Contracts shall include:

Schedule A A-5 Health Net / Cognizant Confidential

Final Execution Version

(a) Services Solution. Supplier shall provide solution management services for the overall solution comprising the Services and related services provided to Health Net by Supplier and the Development Related Managed Third Parties (the “Services Solution”).

(b) Supplier Evaluation and Selection. At Health Net’s request, Supplier shall provide Services to assist in defining criteria and measuring the adequacy of Development Related Managed Third Parties products to meet Health Net’s needs. Such activities may entail request for proposals, evaluation of responses, participation in proof of concept demonstrations, functional analysis and financial analysis.

(c) Contract Management. Supplier shall have access to all the Development Related Managed Third Party Contracts. Supplier is responsible for managing, facilitating, and directing communications between and among Health Net, Supplier, the Development Related Managed Third Parties, and other third parties. This responsibility shall include, if requested by Health Net, being Health Net’s initial point of contact for all issues and communications with any Development Related Managed Third Party, including issues regarding problem management and resolution.

(d) Technology Management. Supplier shall maintain an up-to-date view of the services provided by Development Related Managed Third Parties pursuant to the Development Related Managed Third Party Contracts set forth in Schedule I in order to stay informed of current technology and costs for such technology and trends.

(e) Performance Management. Supplier shall assist in managing the performance of Development Related Managed Third Parties, including: (i) monitoring, overseeing and verifying that the Development Related Managed Third Parties are performing all of their services and complying with all of their obligations to Health Net that are being managed by Supplier, in the required manner and within required time frames; (ii) reasonably cooperating in reviewing and verifying the accuracy of, all invoices to be paid by Health Net to Development Related Managed Third Parties relating to such managed services; and (iii) overseeing any changes to services provided by Development Related Managed Third Parties, including verifying that such modifications are performed within required time frames and in accordance with the Development Related Managed Third Party’s obligations, and providing progress reports to Health Net at regular intervals.

(f) Reporting Services. Supplier shall report to Health Net regarding Development Related Managed Third Parties, on no less than a quarterly basis. Such reporting shall detail the status on the activities described in this Section 2.3, including:

(i) Recommending to Health Net alternative courses of action with regard to (A) particular Development Related Managed Third Parties, (B) any modification to the overall combination of services comprising the Services Solution, and (C) any additional services from Supplier or third parties from which the Services Solution could benefit; and

(ii) Assisting Health Net with a plan to exploit market changes for the benefit of Health Net.

(g) Contract Negotiation. At Health Net’s request, Supplier shall assist and provide information to Health Net in order that Health Net negotiate contracts with existing and potential Development Related Managed Third Parties.

(h) Project Initiation and Management. At Health Net’s request, Supplier shall work with the Development Related Managed Third Party to initiate and manage all projects which Health Net would

Schedule A A-6 Health Net / Cognizant Confidential

Final Execution Version

like the Development Related Managed Third Parties to perform, including creating modifications to such third party Software as may be necessary to keep them operational or create new functionality. Supplier shall support Health Net in conducting negotiations for projects with Development Related Managed Third Parties. Unless otherwise directed by Health Net, Supplier shall evaluate the project request issued by Health Net, provide assistance to Health Net in conducting all bids, drafting any necessary RFP’s or other paperwork, and drafting and complete all required documents in accordance with Health Net policy and procedures, this Agreement, or the applicable third party contract, as applicable.

(i) Partial Responsibility. For any particular (i) Development Related Managed Third Party or (ii) service provided by a Development Related Managed Third Party, Health Net may require that Supplier perform only a subset of the responsibilities required under this Section 2.3, as opposed to all of the responsibilities required hereunder.

(j) Health Net Obligations. Supplier shall know, and use Commercially Reasonable Efforts to inform Health Net, of the performance obligations of a member of Health Net under Development Related Managed Third Party Contracts.

2.4 Project Management

As part of the Services, Supplier shall manage and complete Health Net projects in accordance with Exhibit A-6 (Project Framework). Exhibit A-6 sets forth the process to be followed by the Parties (1) in establishing the cost and time frames of projects, and (2) authorizing, controlling and managing projects throughout their life cycle. Supplier shall propose, implement and utilize industry standard project management methodologies and processes for all projects (chargeable and non-chargeable) commensurate with the duration, scope and criticality of the project to successfully complete the project. The processes will be approved by Health Net, and will include developing and adhering to processes and documentation addressing the following:

(a) Planning projects, including:

(i) Forming project teams;

(ii) Defining the specific activities that must be performed to produce the various project deliverables;

(iii) Sequencing the activities and documenting dependencies, estimating the time needed to complete individual activities, and analyzing the activity sequences, activity durations, and resource requirements;

(iv) Performing risk management planning, identifying quantitative and qualitative risks, and documenting the characteristics of each;

(v) Using Planview or approved equivalent tool for reporting project updates and status;

(vi) Determining which resources (e.g., people, hardware, and materials) and which quantities of each should be used to perform project activities;

(vii) Assigning the human resources needed to work on the project;

(viii) Developing an estimate of the resource costs required to complete the project;

Schedule A A-7 Health Net / Cognizant Confidential

Final Execution Version

(ix) Identifying which quality standards are relevant to the project and how they can be satisfied;

(x) Identifying, documenting, and assigning project roles, responsibilities, and reporting relationships;

(xi) Determining the information and communications needs of the stakeholders;

(xii) Developing procedures and techniques to enhance opportunities and to reduce threats to the project;

(xiii) Providing inputs in support of any procurement needs of the In-Scope Applications; and

(xiv) Developing project plans by taking the results of the above and incorporating them into consistent, coherent documents that can be used to guide both project execution and project control. The project plans include planning inputs, historical information, organizational policies, constraints, and assumptions.

(b) Monitoring and controlling projects, including:

(i) Managing personnel assigned to projects;

(ii) Implementing appropriate project management methodology, including the use of approved project management tools;

(iii) Preparing performance, financial, utilization and status reports;

(iv) Providing appropriate access to information and project management templates;

(v) Coordinating changes across/within projects;

(vi) Controlling changes to project scope;

(vii) Controlling changes to project schedules;

(viii) Controlling changes to project budgets;

(ix) Determining if projects comply with relevant quality standards and identifying ways to eliminate unsatisfactory performance; and

(x) Tracking identified risks, monitoring residual risks, identifying new risks and executing risk plans and evaluating their effectiveness in reducing risk.

(c) Upon mutual agreement by the Parties, assist Health Net procure third party supplied items if Supplier can obtain third party supplier items upon more favorable terms than Health Net would be able to obtain such items; and

(d) Executing project plans by performing the activities therein, including:

(i) Delivering projects;

Schedule A A-8 Health Net / Cognizant Confidential

Final Execution Version

(ii) Evaluating overall project performance on a regular basis to confirm projects will satisfy the relevant quality standards;

(iii) Developing individual and group skills/competencies to enhance project performance;

(iv) Conducting acceptance activities (e.g., testing and quality assurance activities);

(v) Closing out projects and resolving any open items;

(vi) Providing administrative closure by generating, gathering, and disseminating information and formalizing phase or project completion, including evaluating projects and compiling lessons learned for use in planning future projects or phases; and

(vii) Providing summary report from each previous project meeting.

2.5 Continuous Process Improvement Services

Supplier will be responsible for establishing, implementing, managing and maintaining a set of processes and procedures with which it continually monitors and analyzes its service delivery methods and procedures using industry recognized best practices to identify weaknesses and opportunities for improvement in its service delivery methods and procedures and to systematically implement those improvements. Supplier will provide quarterly reports on its continuous process improvement activities, and where appropriate, allow Health Net to provide input into the process.

Table 3. Continuous Process Improvement

Planning and Analysis Roles and Responsibilities		Supplier	Health Net
1.	Recommend structure to have quarterly reports, including costs and benefits that will provide enhancements with significant benefits to Health Net.	X
2.	Review and approve design enhancements and standards for continuous process improvement.		X
3.	Perform business liaison function to Health Net business and operational units.		X
4.	Execute creation of project, policy modification, or procedure modifications for process improvement once approved by Health Net.	X

2.6 Service Level Monitoring and Reporting.

Service Level monitoring and reporting Services are those Functions associated with monitoring of service delivery with respect to Service Levels. Supplier shall report performance management information (e.g., performance metrics, and system level information) to the designated Health Net

Schedule A A-9 Health Net / Cognizant Confidential

Final Execution Version

representative in a format agreed to by Health Net. Supplier shall perform the Service Level monitoring and reporting Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 4. Service-Level Monitoring and Reporting Responsibilities

Service Level Monitoring Roles and Responsibilities		Supplier	Health Net
1.	Measure, analyze, and provide management reports on performance relative to Service Level requirements.	X
2.	Develop Service Level improvement plans.	X
3.	Review and approve improvement plans.		X
4.	Implement improvement plans.	X
5.	Report on Services performance improvement results.	X
6.	Coordinate Service Level monitoring for Managed Third Party contracts to the extent that the Service Levels agreements and monitoring information are made available to the Supplier.	X
7.	Review and approve SLA metrics and performance reports.		X

2.7 IT Continuity & Disaster Recovery Services.

(a) IT continuity and disaster recovery Services are the Functions associated with implementation, maintenance and testing of a mutually agreed-upon technology business continuity plan (the “TBCP”) and solution for the Services.

(b) Supplier will comply with Health Net’s disaster recovery policies and business requirements, including any applicable regulatory requirements, to the extent such plans, policies, requirements and regulations apply to the Services. Supplier shall also maintain and provide Health Net with disaster recovery plans for all of Supplier’s service components (such as the facilities, operating platforms, etc.) that are required to perform the Services, and implement such plans in the event of a disaster.

(c) Supplier shall follow the existing TBCP in effect immediately prior to the Effective Date. Supplier shall provide recommendations to update the TBCP pursuant to item (d), and otherwise as necessary and appropriate to remain current with the applications covered by the disaster recovery plan.

(d) Supplier shall review and revise, as necessary for the Services under this Agreement, the TBCP in the following manner:

(i) Within the first ninety (90) days after the Effective Date, Supplier and Health Net shall review Health Net’s existing TBCP. Based upon this joint review, Supplier will propose updates and revisions to the existing TBCP, for Health Net’s review and approval, to reflect the Services provided

Schedule A A-10 Health Net / Cognizant Confidential

Final Execution Version

and to respond appropriately to any new Health Net requirements. Health Net shall provide Supplier with comments to Supplier’s review of the existing TBCP.

(ii) Within thirty (30) days after receiving Health Net’s comments, Supplier shall provide Health Net for Health Net’s review, comment and approval, a proposed revised draft of the TBCP, based on Health Net’s review and Supplier’s proposed changes approved by Health Net.

(iii) Within thirty (30) days after receiving Health Net’s comments on the revised draft provided by Supplier pursuant to Section (ii) above, provide Health Net for Health Net’s approval the final proposed TBCP. The final revised TBCP shall not be implemented until Health Net has approved it.

(iv) With cooperation and approval from Health Net, review and update, if necessary, the TBCP on an annual basis or as otherwise warranted by business or technical changes (or both) to verify compatibility with Health Net’s overall business continuity plan. Supplier will receive business direction and requirements from Health Net and must receive authorization from Health Net to make significant changes to the strategic and/or tactical direction of the TBCP.

(e) The TBCP shall be maintained to reflect application changes and to enhance the effectiveness of Health Net’s existing technology business continuity/disaster recovery capabilities, including being used for business contingency protection in order for Health Net to continue to meet promised and contractually required Service Levels in the event of the full or partial loss of Health Net’s primary computing location. Among other things, the TBCP shall:

(i) Contain a brief description of processes and procedures used to recover the Services, and associated time frames for the recovery of such Services, including a prioritized listing of applications, subject to Health Net’s review and approval; and

(ii) Describe Supplier’s and Health Net respective recovery responsibilities.

(f) In the event of a disaster, Supplier shall provide technology business continuity Functions in accordance with the TBCP. Supplier’s Functions shall include the following:

(i) Providing a single point-of-contact for technology business continuity related communications and activities;

(ii) Paying all travel and living expenses incurred by Supplier Personnel in the performance of Supplier’s responsibilities described in this Section 2.7 for Supplier’s facilities offshore; and

(iii) Upon cessation of the disaster, promptly implement the plan to restore the affected Services at the affected sites.

(g) Supplier shall perform IT continuity, availability and disaster recovery Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Schedule A A-11 Health Net / Cognizant Confidential

Final Execution Version

Table 5. IT Continuity, Availability and Disaster Recovery Roles and Responsibilities

Disaster Recovery Roles and Responsibilities		Supplier	Health Net
1.	Define Health Net disaster recovery strategy, requirements, scenarios and establish RTO, RPOs and resiliency/redundancy requirements for IT Infrastructure and systems.		X
2.	Assist in developing detailed disaster recovery plan to achieve disaster recovery requirements.	X
3.	Conduct risk assessments, including based on availability management information and security management information.	X
4.	Conduct business impact analyses of potential faults in the applications.	X
5.	Propose updates to disaster recovery plans as needed to reflect changes in Health Net environment.	X
6.	Review and approve disaster recovery plan.		X
7.	Establish DR test requirements.		X
8.	Participate in disaster recovery tests that will enable Health Net to test compatibility of their applications with the recovery center environment.	X
9.	Review and approve disaster recovery testing results.		X
10.	Participate in Joint Steering Committee and test team meetings for DR test.	X
11.	Communicate proposed disaster recovery plan changes due to application modifications.	X
12.	Identify and inform Health Net of opportunities (if any) for improvement and efficiencies in disaster recovery functions.	X
13.	Review and approve opportunities for improvement and efficiencies in disaster recovery functions.		X
14.	Recommend disaster recovery goals and initiatives for the following year.	X
15.	In the event of an actual disaster, perform those responsibilities identified as Supplier responsibilities in the TBCP, including assisting Health Net in the recovery of lost data. Such assistance may include contacting third parties and notifying them that a data file will need to be made available, preparing any such files for uploading, coordinating with and assisting infrastructure team to have these files uploaded into the production environment.	X

2.8 Training Services.

Training Services are the Functions associated with the improvement of knowledge of the receipt of the Services for Health Net and the End Users and the delivery of Services for Supplier Personnel. Supplier shall provide the training Services, including the following activities:

(a) Ongoing Supplier Personnel Training. Ongoing Supplier Personnel training Services are the Functions associated with the improvement of Supplier personal skills through education and instruction for Supplier’s staff, including the Transitioned Employees. Supplier shall perform the ongoing Supplier Personnel training Services, including:

Schedule A A-12 Health Net / Cognizant Confidential

Final Execution Version

(i) developing and implementing knowledge transfer procedures that allow for more than one Supplier Personnel to understands key components of the business and technical environment;

(ii) developing, implementing and documenting training requirements that support the ongoing provision of Services, including providing refresher courses as needed and ongoing instruction on new functionality;

(iii) providing training classes to remain current with processes, Software, features and functions in order to improve Service performance skills (e.g. Health Net testing standards will change over time);

(iv) performing disaster recovery education, awareness and staff training;

(v) performing analysis of the Health Net environment to identify the appropriate sets of skills, training, and experience needed by Supplier Personnel; and

(vi) implementing such training to address those needs identified in the Health Net environment.

(b) Ongoing Health Net Service Recipient Training. Ongoing Health Net Service Recipient training Services are the Functions associated with the improvement of Health Net End Users receipt of the Services through education and instruction of the Health Net End Users. Supplier shall perform the ongoing Health Net Service Recipient training Services, including:

(i) instructing End Users on the provision of Supplier Services (e.g., rules of engagement, requesting Services, etc.);

(ii) developing, implementing and maintaining a knowledge database;

(iii) providing training to End Users (upon request by Health Net) for technological changes related to the Services that impact such End Users (e.g., new application functionality, etc.), including to facilitate Health Net’s full exploitation of all relevant functional features;

(iv) proposing training for Health Net personnel, including classroom style and computer-based training, to improve how-to-use skills related to IT service area systems and Software;

(v) Supplementing disaster recovery education and awareness training related to the TBCP;

(vi) Identifying opportunities for Health Net Intranet-based training; and

(vii) providing copies of training materials, Software manuals, online guides for reference and self-help and Software manuals on Health Net Intranet; update such training materials as necessary to keep them current based on changes in the technology and environments.

(c) Health Net Required Training. Supplier Personnel are required to take the following Health Net-provided training (administered online via Health Net’s HR link):

(i) HIPAA: An Overview;

(ii) Business Code of Conduct at Health Net (Ethics);

Schedule A A-13 Health Net / Cognizant Confidential

Final Execution Version

(iii) The Painful Price of Healthcare Fraud;

(iv) Getting the Records Straight;

(v) Health Net General Compliance;

(vi) Medicare Part D: Fraud, Waste and Abuse (for all associates whose job functions cover or may cover Medicare Part D);

(vii) Other training courses that Health Net requires its employees or contractors to take, as reasonably requested by Health Net; and

(viii) Project development customized by the Supplier.

(d) Each Supplier Personnel shall complete the above training within sixty (60) days after being assigned to the Health Net account, and annually thereafter.

(e) For the In-Scope Applications, Supplier shall also perform the following Functions as part of the training Services, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 6. Training Activities Roles and Responsibilities

Training Activities Roles and Responsibilities		Supplier	Health Net
1.	Develop training plan as a part of the project plan.	X
2.	Approve training plan.		X
3.	Provide technical training assistance to existing Health Net support personnel, during deployment as requested.	X
4.	After project delivery, create, update and provide to Health Net, training materials related to the technical and functional aspects of the application developed or modified.	X
5.	Provide training to functional training staff.	X
6.	Provide End-User content for Health Net Applications.		X
7.	Provide End-User training.		X
8.	Create and maintain Health Net training instances or clients as required by Health Net.	X
9.	Build/refresh training environment.	X

Schedule A A-14 Health Net / Cognizant Confidential

Final Execution Version

2.9 Documentation.

(a) Documentation Services means those Functions associated with developing, revising, maintaining, reproducing, and distributing Documentation in hard copy and/or electronic form. Supplier shall perform the Documentation Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below. Types of documents covered by the Documentation Services include:

(i) Documenting application requirements, risks, specifications and configurations, interfaces, designs, project status, and implementation plans;

(ii) Documenting application system security requirements and other Documentation;

(iii) Documenting operating procedures for applications (job scheduling prerequisites, backup, error handling etc.);

(iv) Documenting policies, procedures, application recovery procedures, production and maintenance schedules and job schedules; and

(v) Providing End User Documentation and self-help resources.

Table 7. Documentation Roles and Responsibilities

Documentation Roles and Responsibilities		Supplier	Health Net
1.	Recommend Documentation requirements, location, and formats.	X
2.	Conduct, at its option, regular reviews of the Documentation.		X
3.	Review and approve Documentation requirements, location and formats as appropriate.		X
4.	Develop and maintain Documentation in agreed format for support of activities throughout the life cycle of Services as appropriate (including for each of the document types listed above).	X
5.	Provide additional information as requested to support Health Net Documentation requirements and Health Net proposal efforts.	X

2.10 Change and Release Management; Software Distribution.

Change and release management Services include both change management Services and release management Services, which are inter-related and complementary.

(a) Change Management Services (“Change Management” or “CM”) are those Functions associated with utilizing standardized methods and procedures for efficient and prompt handling of all changes, in order to minimize the impact of change upon service quality and consequently to improve the day-to-day operations of the organization. CM covers all aspects of managing the introduction and implementation of changes, including their impacts on IT system(s), and the management processes,

Schedule A A-15 Health Net / Cognizant Confidential

Final Execution Version

tools, and methodologies designed and utilized to support the IT systems. CM includes the following process steps:

(i) Request process;

(ii) Recording/tracking process;

(iii) Prioritization process;

(iv) Scheduling process;

(v) Responsibility assignment process;

(vi) Impact assessment process;

(vii) Review / approval process;

(viii) Implementation process;

(ix) Verification (test) process;

(x) Release process; and

(xi) Closure process.

(b) Release Management Services (“RM”) are those Functions associated with taking a holistic view of a change to an IT service and considering all aspects of a release, both technical and non-technical together. RM includes the planning for and oversight of the successful rollout of Software, and designing and implementation of efficient procedures for distribution and installation of changes. As part of performing the Release Management Services, Supplier should perform those Functions necessary so that (1) changes are traceable, secure and that only authorized and tested versions are installed, (2) changes are implemented in a controlled manner and that approved configuration processes are utilized, (3) exact execution and back-out plans are understood and executed as needed, and 4) that master copies of new versions are secured in the definitive Software library and configuration databases are updated.

(i) Release Management Services also include the generation of the control and distribution of the application Software, associated job Documentation, production scheduling, prerequisites, report distribution, and error-handling instructions, which is usually achieved with a bundle of information called the “Release Package”.

(ii) Release Package activities are the activities associated with the packaging of Software changes into suitable releases to support application development projects as approved by Health Net. Software version control, both electronic and manual, is included.

(iii) Regularity of releases will be proposed by Supplier and approved by Health Net (in its sole discretion), it being agreed that the regularity of such releases could vary depending upon size and urgency of individual changes having regard to risk mitigation. Supplier shall develop an ongoing process for the implementation of a twelve (12) month rolling application release timetable (with associated variation mechanism). The ongoing process and the initial twelve (12) month rolling timetable for each application are to be approved by Health Net.

Schedule A A-16 Health Net / Cognizant Confidential

Final Execution Version

(c) Health Net Software distribution management Services includes the control and distribution of application Software into the Health Net application environments, including test, SIT, UAT, and production.

(d) Supplier shall perform the Change Management and Release Management and Software distribution Services, including those Functions listed in the roles and responsibilities tables below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 8. Change and Release Management Roles and Responsibilities

Change and Release Management Roles and Responsibilities		Supplier	Health Net
1.	Recommend Change Management and Release Management policies, and procedures including operational turnover procedures, back out plans, training requirements etc.	X
2.	Establish change classifications (impact, priority, risk) and change authorization process.		X
3.	Approve change and release management procedures and policies.		X
4.	Document and classify proposed changes to the environment, analyze cost and risk impact of those changes and establish Release Management plans for major changes and submit such Documentation to Health Net for approval.	X
5.	Develop and maintain a schedule of approved changes and provide a plan to track success, impact of change and provide to Health Net for review.	X
6.	Schedule and conduct Change Management meetings to include a review of proposed changes, plan to track success, and the impact of implemented change; provide agenda to Health Net prior to the meeting outlining which specific changes should be discussed.	X
7.	Authorize and approve changes and the change schedule.		X
8.	Review release management details and alter as appropriate to meet the needs of Health Net (back out plan, go/no go decision).		X
9.	Notify affected End Users of the timing and impact and impact of changes.		X
10.	Implement changes and adhere to detailed release plans.	X
11.	Modify configuration items, asset management items to reflect changes.	X
12.	Execute operational turn-over procedures.	X
13.	Verify that the implemented changes meet objectives and do not have negative impacts on the service delivery environment or on Health Net’s business.	X
14.	Monitor changes and report results of changes to Health Net.	X
15.	Conduct user acceptance tests as required.		X
16.	Perform quality control processes.	X

Schedule A A-17 Health Net / Cognizant Confidential

Final Execution Version

Table 9. Software Deployment/Management Roles and Responsibilities

Software Deployment/Management Roles and Responsibilities		Supplier	Health Net
1.	Review and propose Software deployment/management tools, policies and procedures.	X
2.	Review and approve Software deployment/ management policies and procedures and tools.		X
3.	Supply and configure the tools that run and support the modules/applications. (e.g. SCLM, MKS).		X
4.	Identify code that will be modified (checking out and creation of new modules) in the Library tool, and performing the modifications of the code modules themselves.	X
5.	Maintain and confirm compliance with agreed-upon Software deployment/management policies and procedures.	X
6.	Manage deployment efforts using formal project management tools and methodologies.	X
7.	Create the Release Package that identifies the components and the prerequisites that must exist in the operational environment (e.g. desktop, middleware or server Software levels and environments) the operational scheduling of the modules, the report distribution, and the error condition handling and procedures.	X
8.	Migrate the Release Package from the Unit Test environment up through the UAT environments.	X
9.	Validate that the implementation plan contains the creation of the infrastructure change packages needed to modify the operational infrastructure environment to support application release.	X
10.	Approve special access needed to support the migration of the Release Package into the production environment.		X
11.	Migrate the Release Package into the production environment.		X
12.	Secure the maintenance of the history of the code operating in the production environment.		X
13.	Conduct development reviews and provide results to Health Net.	X
14.	Support testing and deployment through the Software distribution facility.	X

2.11 Software Configuration Management

(a) Software configuration management includes the identification and maintenance of system components and the relationships and dependencies among them. It is broken into the following three areas:

(i) Technical Configuration: Services related to the capture, maintenance and storage of application-to-component and component-to-component relationships, including historical relationships and transformations required to appropriately manage and document configuration changes affecting the application and its processing environment.

Schedule A A-18 Health Net / Cognizant Confidential

Final Execution Version

(ii) Application Configuration: Services related to application system settings that are usually selected by the programming staff to control performance, or features that are to be used in the Software.

(iii) Functional settings: Services related to configuration or value settings that may be set by the programming staff but usually are being entered or configured by the End Users. Who performs this Function is dependent on the stability of the system, the magnitude of the change, and the preference of the End Users. These choices reside in the policies manual for the system.

(b) Supplier shall perform the configuration management Services, including those Functions listed in the roles and responsibilities tables below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 10. Software Configuration Management Roles and Responsibilities

Software Configuration Management Activities Roles and Responsibilities		Supplier	Health Net
1.	Gather/document business/functional requirements.		X
2.	Present best practices and/or Health Net business specifics.	X
3.	Determine if the requirements can be met with programming, technical configuration, application configuration, or functional settings.	X
4.	Support analysis and answer questions regarding how to configure the system to achieve desired result.	X
5.	Analyze the configuration impacts to other business/functional areas within the application and interfaces surrounding systems.	X
6.	Analyze and document security roles analysis (SOX Audit).	X
7.	Identify any hardware/server configuration changes due to functional Changes.	X
8.	Complete and propose high-level design to translate the business requirements to configuration changes and modules impacted.	X
9.	Approve meeting the requirements with programming, technical configuration, application configuration, or functional settings.		X
10.	Approve high level design including defining who is responsible.		X
11.	Approve security roles analysis (SOX Audit).		X
12.	Set up meetings with impacted business groups to explain the configuration changes and specific/overall impact to the business and their areas.		X
13.	Participate in getting approval, or sign off from the business owners on the changes.	X
14.	Get the approval/sign off from the business owners of the changes and the impact to their areas including security (SOX Audit).		X
15.	Assist in coordinating that all the changes get made. This includes moving through the promotion of configuration changes via the configuration transport line.	X

Schedule A A-19 Health Net / Cognizant Confidential

Final Execution Version

Software Configuration Management Activities Roles and Responsibilities		Supplier	Health Net
16.	Validate completion of the change, including communication to interested parties.		X
17.	Identify updates to ITG/Supplier policy and procedures. Include assisting in the system development life cycle for systems which have changes in the Documentation that has to be approved by both internal and external Auditors.	X
18.	Update the ITG/Supplier policy and procedures. Include updates to the system development life cycle – for a system which has any changes in the Documentation that has to be approved by both internal and external Auditors.		X
19.	Assist in the completion of documenting changes required for internal audits.	X
20.	Compile appropriate documentation of changes required for internal audits.		X

2.12 Availability Management.

The purpose of the “Availability Management” process is to consider the design, implementation, measurement and management of those aspects of the Services and other business process may impact availability so that business requirements for availability are consistently met. Supplier’s responsibilities for Availability Management will be to work with Health Net (and Health Net’s infrastructure provider(s)) and include the following activities:

(i) determining availability requirements by collecting input from the Service Level management organization;

(ii) determining vital business Functions by collecting input from the business continuity management organization;

(iii) analyzing the impact on the business (where the relevant business information is available) of potential increases and decreases in availability of the business process;

(iv) defining availability objectives (other than Service Levels);

(v) monitoring availability (where permitted and technically feasible) and conducting trend analysis;

(vi) reviewing and auditing scheduled downtime and unscheduled downtime;

(vii) conducting root cause analysis of low availability in conjunction with the Problem management organization;

(viii) developing and maintaining an “Availability Plan”;

(ix) supporting planning and implementation of the applicable TBCP; and

Schedule A A-20 Health Net / Cognizant Confidential

Final Execution Version

(x) working closely with Health Net’s processing platforms partner(s) to ensure the on-going availability of the In-Scope Applications and suitability of all the environments.

2.13 Security Management.

(a) Security management Services mean the Functions necessary to define and implement overall security plans and roles to manage the integrity of the In-Scope Applications. Security management Services will be done in accordance with the Health Net policies and procedures. Security management Services will include assistance with Health Net internal, external and Sarbannes-Oxley (SOX) audits.

(b) As part of the security management Services, Supplier shall execute the tasks required to maintain the integrity of the In-Scope Applications in accordance with Section 2.13(a), including by:

(i) Developing and maintaining In-Scope Application security roles;

(ii) Providing a method to test the security of In-Scope Applications; and

(iii) Establishing procedures to verify compliance with Health Net security standards.

(c) Supplier shall follow application security standards based on industry best practices including:

(i) Enforcing input and parameter validation and restriction where possible;

(ii) Utilizing Health Net’s single sign-on authentication mechanism unless otherwise authorized by Health Net in writing;

(iii) Applying individual and least privileged role based access;

(iv) Employing secure methods of session management;

(v) Facilitating individual user logging of transactions; and

(vi) Implementing encrypted communication over open networks.

(d) Supplier shall review Health Net application security standards and assist Health Net in revising its application security standards in order to comply with industry best practices;

(e) Supplier shall not use live production data in the development and test environments, except with prior approval from Health Net;

(f) Supplier shall not download any information (including Health Net Confidential Information) to hard drives on desktops or laptops or to any other devices (e.g., thumb drives, etc);

(g) A “Security Incident” is defined as:

(i) Any real or suspected adverse event in relation to the security of Health Net applications, systems, data or computer networks;

(ii) Network or host activity that potentially threatens the security of Health Net systems;

Schedule A A-21 Health Net / Cognizant Confidential

Final Execution Version

(iii) The act of violating an explicit or implied security policy;

(iv) Attempts (either failed or successful) to gain unauthorized access to a system or its data; or

(v) The unauthorized use of a system for the processing or storage of data.

(h) Supplier shall perform the security management Services within those environments under the Supplier’s control, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 11.Security Roles and Responsibilities

Security Roles and Responsibilities		Supplier	Health Net
1.	Define security requirements and policies, answer questions and interface to Supplier.		X
2.	Propose security standards, and procedures based on industry security best practices and that comply with Health Net policies and procedures.	X
3.	Implement security plans consistent with Health Net security policies.	X
4.	Comply with Health Net processes and procedures for access to Health Net systems.	X
5.	Maintain security and privacy of Health Net Software code or data.	X
6.	Supplier shall perform the physical security obligations in their offsite environments.	X
7.	Yearly review of compliance with Health Net information security standards.		X
8.	Review and approve security design methodology of In-Scope Applications.		X
9.	Define Security Incident reporting requirements and procedures.		X
10.	Provide a monthly report on Security Incidents.	X
11.	Resolve security violations.	X
12.	Define and implement corrective safeguards to eliminate or prevent future Security Incidents (e.g., through the modification of In-Scope Applications to prevent future Security Incidents).	X
13.	Communication with Health Net business units, business partners, vendors, law enforcement, media, or other external parties regarding Security Incidents.		X
14.	Establish application security architecture.		X
15.	Provide standards, procedures and policies regarding application security.		X
16.	Perform application security planning.	X
17.	Perform environment (infrastructure) application security planning and installation planning.		X
18.	Identify Health Net business and technical resources.		X

Schedule A A-22 Health Net / Cognizant Confidential

Final Execution Version

Security Roles and Responsibilities		Supplier	Health Net
19.	Design security features in compliance with Health Net security policies, including external and Health Net role based security models.	X
20.	Approve security features in compliance with Health Net security policies, including external and Health Net role based security models.		X

2.14 Information Retention.

Supplier shall support Health Net legal and comply with operational policies surrounding the retention and the ability to retain information, complying with laws, legal obligations, disaster recovery, and the determination of processes executed in the creation/manipulation of Health Net Data and systems.

3. APPLICATION SUPPORT SERVICES

Supplier shall perform “Application Support Services”, which means those Functions associated with running the application environment, operations, user support, and repairing defects for the In-Scope Applications, including:

(a) those Functions described in this Section 3,

(b) the Cross Functional Services, as the Cross Functional Services relate to the Functions described in this Section 3, and

(c) coordinating with Managed Third Parties in performing the Services described in Sections 3(a) and 3(b) above.

The Parties agree that Supplier’s obligations with respect to certain of the Associated Tools and Software may not require Supplier to perform all of the Services described in clauses (i) and (ii) Therefore, within 60 days after the Transition Date set forth in Exhibit E-3 for the In-Scope Application associated with a specific tool or Software listed in Exhibit J-3 to Schedule J, the Parties agree to evaluate such obligations with respect to the Associated Tools and Software to determine whether Supplier should perform Services on a more limited basis than described in clauses (i) and (ii). Any agreements by the Parties for Supplier to provide less than all of the Services described in clauses (i) and (ii) with respect to certain Associated Tools and Software shall be documented pursuant , the Change Control Process, or by an Amendment to this Agreement.

3.1 Application Maintenance Services

“Application Maintenance Services” are those Functions associated with the maintenance and repair of Software, including performing break-and-fix activities, implementing commercial product patches, bug fix, service pack, and performing application Software upgrades.

(a) Corrective and Emergency Maintenance. Corrective and emergency maintenance Services mean the Functions associated with the repair of defects in in-scope Software. Corrective and emergency maintenance Services enable applications which are in production, to provide the required functionality. Full recovery of the application(s) is to be completed unless otherwise approved by Health Net. For corrective and emergency maintenance Services, Supplier shall perform the following:

Schedule A A-23 Health Net / Cognizant Confidential

Final Execution Version

(i) Resolving abnormal terminations and correcting errors or invalid data, including rescuing production systems and performing such Functions as are necessary to resume functionality to clients (e.g., re-running jobs);

(ii) Performing permanent fixes so that Incidents and/or Problems do not recur;

(iii) Correcting Software defects or Problems that require Software or operational modification and tracking and retaining responsibility for such issues until they are resolved;

(iv) Maintaining all In-Scope Applications in accordance with this Section 3 so that at all times the In-Scope Applications remain supported by the applicable third party vendors, and in no event shall any In-Scope Application Software version be older than N-2 (where “N” is the most current version of the Software), unless otherwise specified by Health Net. Supplier shall notify Health Net not less than 180 days in advance prior to the date that an In-Scope Application would need to be upgraded in order to meet the foregoing requirement. The Parties shall review and confirm in writing the current Software versions for each of the In-Scope Applications within sixty (60) days after the Transition Date set forth in Exhibit E-3 for each of the In-Scope Applications, after which Supplier will maintain the Software currency as described above.

(v) Assisting clients in the development of new operational procedures when affected by Software modifications, patches and fixes;

(vi) Re-formatting printed reports and statements as necessary to meet business requirements;

(vii) Providing appropriate back-out procedures if changes are not successfully completed;

(viii) Repairing contaminated data and performing data recovery and back-outs if necessary;

(ix) Scheduling the installation of the changes into production;

(x) Determining the applicability of developer patches and fixes to Software, including assessing the impact on existing functionality, customizations, interfaces, other software, and production operations;

(xi) Obtaining notices of patches and fixes for Software, as issued by developers;

(xii) Developing and publishing testing schedules.

(b) Preventive Maintenance. Supplier shall perform preventive maintenance, which includes resolution of issues which, if not addressed proactively, could impact applications in production, including:

(i) Changing business volumes;

(ii) Staying on the most current release or as directed by Health Net;

(iii) Proactive performance tuning;

(iv) Proactive archiving;

Schedule A A-24 Health Net / Cognizant Confidential

Final Execution Version

(v) Pre-production execution simulation;

(vi) Manual production checklist for critical weekend, month-end and year-end production, including resetting counters or accumulators; and

(vii) Special testing for events, such as:

Public holidays;

End of financial year;

End of calendar year;

Daylight savings time;

Leap Year; and

Last day of the month fall on the last day of the month for ODW.

(c) Adaptive Maintenance. Supplier shall perform adaptive maintenance, which includes ensuring that application performance is not affected by changes to interfacing applications, changes in the infrastructure that affect the In-Scope Applications, new applications or packages and technical environment changes, which, if not addressed proactively, could impact applications in production, including:

(i) Upgrades of operating Software;

(ii) New/changed Equipment;

(iii) New/changed Software;

(iv) New/changed network Equipment (network and servers);

(v) New/changed policies;

(vi) Interface changes;

(vii) Infrastructure changes that affect In-Scope Applications, Associated Tools and Software, or the Services generally;

(viii) Compliance to regulatory items; and

(ix) Inputs and assistance with any litigation-based reviews, regulatory reviews, audits, compliance assessments and data-gathering exercises.

(d) Perfective Maintenance. Supplier shall perform perfective maintenance, which includes performing Software tuning, code restructuring, and other efforts to improve the efficiency and reliability of Software thereby minimizing on-going maintenance and operational requirements. Perfective maintenance includes ensuring that applications operate at peak efficiency with particular focus on areas such as:

(i) System CPU hours;

Schedule A A-25 Health Net / Cognizant Confidential

Final Execution Version

(ii) General performance tuning;

(iii) Storage space;

(iv) Response time;

(v) Archiving;

(vi) Maintainability;

(vii) Availability;

(viii) Program performance tuning; and

(ix) Code complexity.

(e) Supplier shall perform activities to optimize the operational aspects of the In-Scope Applications (“Application Optimization”). At all times, Supplier will seek and implement actions to improve Application availability, performance and response times. Supplier’s responsibilities for Application Optimization include the following activities:

(i) continuous reviews of available and emerging technologies for potential usage in respect of the In-Scope Applications;

(ii) gathering and analyzing availability and other performance data;

(iii) conducting regular reviews of the In-Scope Applications and the In-Scope Application architecture seeking opportunities to consolidate systems and infrastructure; and

(iv) evaluating and recommending opportunities for software substitution where such substitutions may be better suited for Health Net’s requirements.

(f) Supplier shall perform the Application Maintenance Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 12. Maintenance Roles and Responsibilities

Maintenance Roles and Responsibilities		Supplier	Health Net
1.	Recommend maintenance and repair policies and procedures.	X
2.	Review and approve maintenance and repair policies and procedures.		X
3.	Install Software maintenance releases and Software upgrades, unless otherwise mutually agreed by the Parties.		X
4.	Support Software distribution and version control, both electronic and manual.	X
5.	Perform routine application management, including application tuning, bug fixes, answer inquiries into functions and tools.	X

Schedule A A-26 Health Net / Cognizant Confidential

Final Execution Version

Maintenance Roles and Responsibilities		Supplier	Health Net
6.	Coordinate with Managed Third Parties to perform Application Maintenance Services, including application tuning, bug fixes, and answer inquiries into functions and tools.,	X
7.	Manage availability and performance of Application Software.	X
8.	Provide critical procedures and scheduling choices during crisis times caused by abnormal conditions.	X
9.	On a timely basis, proactively notify Health Net of changes and upgrades to Software.	X
10.	Perform (a) corrective and emergency maintenance (b) preventive maintenance, (c) adaptive maintenance and (d) perfective maintenance.	X

3.2 Operational Support Services

“Operational Support Services” are the Functions associated with providing an IT environment that effectively and efficiently performs the functional and operation procedures associated with the In-Scope Applications. Supplier shall perform the Operational Support Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 13. Operations Roles and Responsibilities

Operations Roles and Responsibilities		Supplier	Health Net
1.	Recommend operations policies and procedures, operational Documentation requirements.	X
2.	Utilize Health Net’s enterprise system management tools and processes that monitor the IT environment and workload and manage work through these systems.	X
3.	Manage Software, and Services to meet the Service Levels and other performance requirements and minimize Health Net resource requirements.	X
4.	Provide scheduling rules for managing/automating job execution, job workflow processes, file exchange functions and print management.	X
5.	Propose operations policies and procedures and operational Documentation requirements.	X
6.	Review and approve operations policies and procedures and operational Documentation requirements.		X
7.	Support production activities in accordance with Health Net’s operational and production control policies and procedures. This includes special file handling that comes due to client, vendor, regulator or supplier needs.	X
8.	Develop operational Documentation in compliance with operational Documentation requirements approved by Health Net.	X

Schedule A A - 27 Health Net / Cognizant Confidential

Final Execution Version

Operations Roles and Responsibilities		Supplier	Health Net
9.	Enable and prepare data migration (load) from existing systems to new systems, by electronic methods to the extent deemed to be included as Minor Enhancements Services.	X
10.	Perform routine tasks, verifications, file transfers, special requests that conform to processes and procedures that are supporting business operations.	X
11.	Coordinate with Health Net infrastructure to perform those Functions necessary to promote code from non-production environments to production environments and, as requested by Health Net on an ad hoc basis, to other non-production environments, including by coordinating with Health Net infrastructure, application maintenance and development teams as necessary.	X
12.	Provide support of the code/configuration management tools (recommending roles, controls, configuration, and associated processes).	X

(a) Capacity Management.

Capacity management Services are those Functions related to ensuring that the capacity of the information technology Services matches the evolving demands of the business in the most cost-effective and timely manner. Capacity management Services involve providing advanced notification of application changes (e.g. new or modified applications) consuming resources on CPU, memory, and disk hardware as well as telecommunication networks.

(b) User Administration.

(i) User administration Services are those Functions related to managing and maintaining user accounts. Supplier shall perform the user administration Services, including coordinating as necessary with Health Net’s IT infrastructure department when performing Application Development Services.

(ii) In the Supplier controlled environments such as application development, application test, and the offshore environments, Supplier must maintain diligence to remove unused accounts and maintain access rights for users who have transferred to other areas, in compliance with Health Net policies; and

(iii) Supplier shall perform the user administration Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 14. User Administration Services Roles and Responsibilities

User Administration Services Roles and Responsibilities		Supplier	Health Net
1.	Request access to Health Net technology environment.	X
2.	Approve requests to access Health Net technology environment and issue an ID that will be used by Supplier Personnel.		X

Schedule A A-28 Health Net / Cognizant Confidential

Final Execution Version

User Administration Services Roles and Responsibilities		Supplier	Health Net
3.	Develop applications in compliance with Health Net standards, for the production environment with security roles that can be documented for and administrated by Health Net Access Administration.	X
4.	Manage user access in the application development and test environments in accordance with Health Net’s security policies.	X

(c) Technical End-User Support. Technical support Services are the activities associated with technical support of In-Scope Applications and applications-related tools (e.g., development tools) that are available to certain of the End Users or other Health Net third parties (e.g., power users). Such tools such as SAS, FOCUS, MS Access, Excel may result in inquiries and request for assistance. Supplier shall make an effort to resolve these inquiries, where the toolset is common within the Application portfolio.

Table 15 Technical and End-user Support Roles and Responsibilities

Production and Maintenance Support Roles and Responsibilities		Supplier	Health Net
1.	Develop and recommend policies and procedures to implement technical End User support.	X
2.	Approve policies and procedures.		X
3.	Document and implement the technical End User support policy and procedures.	X

(d) Production Control and Scheduling. Supplier’s responsibilities for “Production Control and Scheduling” will be to work with Health Net (and Health Net’s infrastructure provider(s)) and include the following activities:

(i) supporting the 24x7 (except during scheduled maintenance hours) production-processing schedule as required;

(ii) monitoring and managing production schedules on an exception basis (e.g., during new product implementations, critical job stream executions); and

(iii) coordinating with production staff for scheduling.

(e) Application Operations Support. Supplier’s responsibilities for “Applications Operations Support” include the following activities:

(i) monitoring business processes as defined by Health Net;

(ii) updating the system change request status;

(iii) supporting Health Net (and Health Net’s infrastructure provider(s)) in scheduling, back-out recovery, job balancing, and production output monitoring for completion and correctness, and monitoring exception logs;

Schedule A A-29 Health Net / Cognizant Confidential

Final Execution Version

(iv) supporting Health Net (and Health Net’s infrastructure provider(s)) in adapting operational processes and procedures; and

(v) following Health Net’s instructions in the prioritization of business process operations in the event of a disaster.

(f) Database Administration. Database administration support Services are those Functions associated with the maintenance and support of existing and future databases (e.g. MS SQL server, Oracle, DB2, etc.). Supplier’s responsibilities in this regard include:

(i) Performing logical database design for Supplier-developed applications;

(ii) Performing physical database design for development and test databases;

(iii) Performing database tuning for test and development environments;

(iv) Performing SQL tuning;

(v) Managing and cleaning the database audit trail and archive logs in development and test environments;

(vi) Performing database monitoring for development and test environments;

(vii) Performing database security administration for development and test environments, including managing role and user database permissions in accordance with Health Net policies;

(viii) Ensuring data integrity and implementing corrections;

(ix) Performing database support activities for development and test environments, including:

(A) Managing database availability and resources;

(B) Managing database space (allocated and used);

(C) Performing day-to-day operational database capacity planning and performance tuning;

(D) Performing physical database maintenance (including running of appropriate utilities, jobs, and working problems/updates to existing jobs as required);

(E) Performing data loads and unloads as required;

(F) Monitoring the size of physical database objects;

(G) Performing database reorganization, including to improve performance and reclaim space; and

(H) Performing grants, revokes, synonyms and aliases.

Schedule A A-30 Health Net / Cognizant Confidential

Final Execution Version

(x) Providing physical DBMS support for development and test application databases;

(xi) Executing and completing imports for data restores in development and test environments;

(xii) Creating new databases and objects in development and test environments;

(xiii) Performing schema changes in development and test environments (e.g. creation, alteration, and deletion of tables and indices, compilation and dropping of stored procedures and triggers);

(xiv) Establishing and maintaining database configuration and system parameters in a consistent manner across like database development and test environments;

(xv) Executing processes for the proper maintenance and functioning of development and test databases, e.g. updating table/index statistics, dropping and rebuilding tables/indices, etc.;

(xvi) Determining development and test database reorganization requirements, schedule and run reorganizations;

(xvii) Maintaining development and test operational database documentation and the physical DBA support process and desk-side procedure documentation;

(xviii) Ensuring recoverability of development and test databases based on Health Net requirements;

(xix) Ensuring performance of development and test databases based on Health Net requirements;

(xx) Ensuring availability of development and test databases based on Health Net requirements;

(xxi) Ensuring security of development and test databases based on Health Net requirements;

(xxii) Providing DBMS expertise and guidance to development staff; and

(xxiii) Performing development and test database administration Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities.

Table 16. (DBA) Planning and Analysis Roles and Responsibilities

Planning and Analysis Roles and Responsibilities		Supplier	Health Net
1.	Provide infrastructure specification, planning and analysis requirements for new applications.	X
2.	Provide estimates to support technical planning for capacity and performance.	X
3.	Monitor management reports for utilization trend analysis and provide growth forecasts.	X

Schedule A A-31 Health Net / Cognizant Confidential

Final Execution Version

Planning and Analysis Roles and Responsibilities		Supplier	Health Net
4.	Recommend Health Net data backup and retention policies and requirements.	X
5.	Implement infrastructure, and maintain approved backup and retention policies.		X
6.	Approve infrastructure, Health Net data backup and retention policies and requirements plan.		X

Table 17. (DBA) Technical Infrastructure Engineering/Development Roles and Responsibilities

Technical Infrastructure Engineering/Development Roles and Responsibilities		Supplier	Health Net
1.	Support developing recommendations of partitioned resources and/or server domains for application performance/processing.	X
2.	Recommend partitioned resources and/or server domains for application performance/processing.		X
3.	Approve partitioned resources and/or server domains.		X
4.	Implement and maintain partitioned resources and/or server domains.		X

Table 18 (DBA) Integration and Testing Roles and Responsibilities

Integration and Testing Roles and Responsibilities		Supplier	Health Net
1.	Maintain DBMS (Data Base Management System) Software release matrix across development, integration QA, for all operating system, database, and application releases and patches.	X
2.	Maintain DBMS Software release matrix across UAT, and production systems for all operating system, database, and application releases and patches.		X
3.	Manage Health Net’s development and integration test application DBMS environments.	X
4.	Manage Health Net’s production and UAT DBMS environments.		X
5.	Recommend DBMS Software release matrix across all environments for all operating system, database, and application releases and patches. Manage DBMS requirements for Health Net’s data center development, system, and integration test environments.	X
6.	Recommend DBMS Software release matrix across UAT and production systems for all operating system, database, and application releases and patches. Manage DBMS requirements for UAT and production environments.	X
7.	Prepare de-identified/scrubbed data to support test scenarios within modified system.	X
8.	Execute system and integration batch jobs on appropriate servers as defined by Health Net schedules.	X

Schedule A A-32 Health Net / Cognizant Confidential

Final Execution Version

Integration and Testing Roles and Responsibilities		Supplier	Health Net
9.	Notify Health Net of job completion results.	X
10.	Prepare de-identified/scrubbed data to support test scenarios within modified system.	X

Table 19. (DBA) Implementation and Migration Roles and Responsibilities

Implementation and Migration Roles and Responsibilities		Supplier	Health Net
1.	Installing and upgrading server DBMS, operating systems.		X
2.	Installing and upgrading middleware and server utilities.		X
3.	Installing infrastructure as required (e.g., servers and storage devices).		X
4.	Supporting and recommending check-out of infrastructure changes.	X
5.	Approving infrastructure changes.		X
6.	Supporting testing of infrastructure changes as required.	X

Table 20. (DBA) Operations and Administration Roles and Responsibilities

Operations and Administration Roles and Responsibilities		Supplier	Health Net
1.	Identify, track, and resolve Problems including: hardware failure, data center facilities, system Software, network, support systems and batch.		X
2.	Identify and track application problems discovered by the Supplier	X
3.	Escalate unresolved problems identified by Supplier to appropriate Health Net personnel in accordance with established procedures.	X
4.	Coordinate DBMS issues with third party vendors.	X
5.	Coordinate DBMS issues with third party vendors in production in UAT environment.		X
6.	Maintain a tape library, tape management system, and transport tapes to production area and offsite locations as required.		X
7.	Provide audit capabilities and reporting for all change management tasks.		X
8.	Recommend test and batch scheduling requirements.	X
9.	Prepare test and batch jobs for execution.	X
10.	Execute test and batch jobs on appropriate servers.		X
11.	Propose job scheduling requirements, interdependencies, Health Net contacts, and rerun requirements for all production jobs.	X
12.	Approve or define job scheduling requirements, interdependencies, Health Net contacts, and rerun requirements for all production jobs.		X

Schedule A A-33 Health Net / Cognizant Confidential

Final Execution Version

Operations and Administration Roles and Responsibilities		Supplier	Health Net
13.	Maintain database of job scheduling, contact, rerun and interdependencies.	X
14.	Propose job run parameters for DBMS system.	X
15.	Execute production batch jobs on appropriate servers as defined by Health Net schedules.		X
16.	Notify Health Net of job completion results.		X
17.	Validate job results per Health Net instructions as requested.	X

Table 21. (DBA) Database Administration Roles and Responsibilities

Database Administration Roles and Responsibilities		Supplier	Health Net
1.	Define authorization policy for users, roles, schemas, etc. and approve change requests.		X
2.	Execute authorization change requests.		X
3.	Propose database authorization requirements for users, roles, schemas, etc., including database creation, upgrade and refresh, and DBMS system level changes, generate Change requests for approval per the Change Control Process.	X
4.	Propose security standards, backup schedules, retention periods, levels and maintenance procedures.	X
5.	Approve database creation, upgrade, refresh requirements, database definition and manipulation requirements for applications and developer schemas. Approve database security standards and maintenance procedures. Approve database backup schedules.		X
6.	Execute database data definitions, creation, upgrade, system level changes (initialization parameters), schema changes, processes (MAC for tables, triggers, attributes, etc.) and refresh requirements for application development up to integration.	X
7.	Execute database definition, creation, upgrade, system level changes (initialization parameters), schema changes, processes (MAC for tables, triggers, attributes, etc.). and refresh requirements for UAT and production environments.		X
8.	Maintain documentation for all database instance parameters and system settings.		X
9.	Maintain consistency of non-sizing and non-platform specific database parameters and system settings across all like instances; consistency must be maintained according to established standards for development through integration testing UAT.	X
10.	Maintain consistency of non-sizing and non-platform specific database parameters and system settings across all like instances; consistency must be maintained according to established for UAT through production.		X

Schedule A A-34 Health Net / Cognizant Confidential

Final Execution Version

Database Administration Roles and Responsibilities		Supplier	Health Net
11.	Execute database data definitions for custom applications and developer schemas.	X
12.	Recommend and execute database performance and tuning scripts and keep database running at optimal performance for Health Net’s workload.		X
13.	Implement and administer appropriate database management tools across all database instances. Performance metrics and historical data must be available for trending and reporting over a minimum of six (6) months.		X
14.	Identify locking conflicts, latch contention, rollback requirements, etc. for production and UAT database instances.		X
15.	Resolve locking conflicts, latch contention, rollback requirements, etc. for all database instances with Infrastructure support.	X
16.	Provide technical assistance and subject matter expertise to Health Net applications developers and third-party vendor support.	X
17.	Provide data dictionary expertise, End User data assistance, metadata definition, data mapping functions and creation of data cubes.	X
18.	Provide second-level help desk support for Problems.	X
19.	Open, track, and manage to resolution all database Problems with the appropriate database OEM support organization.		X
20.	Document vendor tracking codes in Health Net Problem tracking system.		X
21.	Storage management.		X
22.	Execute Health Net’s database backup and recovery policies.		X

(g) SAP/Basis Administration.

(i) SAP Support Services. SAP support Services mean those Functions associated with the maintenance and support of Health Net’s SAP environments, databases and applications/ modules, and other systems that support SAP (collectively, the “SAP Components”). Without limiting Supplier’s general obligations set forth elsewhere in this Schedule A and this Agreement (including with respect to the Production Support Services as they apply to SAP applications and modules), Supplier shall perform the SAP support Services, including by monitoring, managing and supporting the SAP Components. Supplier’s responsibilities shall include those Functions described in Exhibit A-9, as well as the following:

(ii) SAP Operations.

Supplier’s responsibilities with respect to the SAP server environment include:

(A) Monitoring designated servers that support all of Health Net’s SAP systems including CPU, disk ,database and memory activities;

Schedule A A-35 Health Net / Cognizant Confidential

Final Execution Version

(B) Monitoring the database and its components (e.g., tables, tablespaces, indexes);

(C) Monitoring of operation related activities (e.g. print spools, system logs, RFC connectivity, outbound email and fax transmissions);

(D) Monitoring the SAP system, including for failed updates, locked items detection, match codes, availability (both with respect to database and application servers), and SAP events;

(E) Monitor the background processing, including for change of operation modes, job completion/failure, and exception processing (e.g., for long-running jobs); and

(F) Maintaining responsibility for startup/shutdown of servers that support Health Net’s SAP systems.

(iii) SAP Backup/Restore Management.

Supplier’s responsibilities with respect to the backup and restoration of the SAP system include:

(A) Developing overall backup/restore strategy (media, schedule, etc.) for the entire SAP system and its components (e.g., the operating system backup / restore, database system backup / restore, and SAP Software backup / restore);

(B) Performing database backups and monitoring the execution of those backups and notifying Health Net if a backup has failed;

(C) Preparing the system for the restoration process and requesting the necessary media; restoring the database to a point in time; performing a database check after restore; validating integrity and consistency of restored information; monitoring restoration process and notifying Health Net when restoration is complete; and

(D) Testing backup procedures periodically.

(iv) SAP Database Management.

Supplier’s responsibilities with respect to the database support and management for the SAP systems include:

(A) Developing and maintaining a database management strategy striving for speed and efficiency;

(B) Managing the SAP databases, including by performing database reorganizations by scheduling reorganizations with Health Net, creating and scheduling table/table space reorganization jobs, monitoring of the process and the correction of failures, collecting data and reviewing the database structure and fragmentation, applying database patches, performing database upgrades, performing database imports and exports, and creating missing or additional indices:

Schedule A A-36 Health Net / Cognizant Confidential

Final Execution Version

(C) Providing Health Net with client copies and refreshing the databases across all SAP systems and environments (e.g., sandbox, development, test/QA and production); and

(D) Resolving Problems associated with the database (including DB2/SAP Problems, DB2 Administration related Problems) in accordance with the Problem Management process described in Section 3.3.

(v) SAP Administration.

Supplier shall be responsible for the administration of the SAP systems, including:

(A) Accessing SAP Online Support Service (“OSS”) usage to search SAP’s help desk for OSS notes to resolve SAP Basis-related Problems, including Problems relating to the operating systems and database on which SAP is operated;

(B) With Health Net’s approval, receiving, logging and performing SAP code migration and applying a non-Source Code solution according to OSS notes or other Software release notes, both in accordance with the Procedures Manual;

(C) Logging new Basis problems and tracking resolution, and with Health Net’s approval, releasing OSS problem notification to SAP;

(D) With Health Net’s approval, request developer and object keys from SAP for SAP development activities;

(E) Upon approval by Health Net’s VP of Information Technology or Health Net’s Chief Operations Office, or their approved designee, moving changes to any third party standard Source Code from the test/QA environment to production in accordance with the Change Control Process;

(F) Monitoring the availability of correction packages, patches and new releases; installing, testing, applying and implementing Health Net-approved correction packages, patches and new releases; notifying appropriate parties of the contents of correction packages and patches and new releases;

(G) Tracking and maintaining the SAP Profile parameters, including by maintaining an audited history for any changes to the profile parameters;

(H) Defining and maintaining the SAP operation modes; ensuring correct combination of work processes to accommodate the expected workload;

(I) Investigating the reason for any locked entries and, with the cooperation of the owner, releasing such locked entries;

Schedule A A-37 Health Net / Cognizant Confidential

Final Execution Version

(J) Reprocessing and deleting failed updates (in cooperation with the owner) and performing a root cause analysis for failed update tasks (by looking at the OSS, etc.);

(K) Switching operation modes, if required; defining and maintaining the scheduling of SAP housekeeping jobs and of the SAP data dictionary;

(L) With Health Net’s approval, receiving and logging code migration requests; executing migration processes (puts, imports); executing R3Trans processes (table copies, etc.); addressing migration problems; documenting and maintaining migration execution procedures; and cleaning up the SAP environment (temp programs, stale corrections, old change requests);

(M) With Health Net’s approval, design and configure SAP clients, perform client copies within one instance; perform external client removes, copies and refreshes (R3Trans); perform client exports/imports between SAP instances and administering client copy schedules; investigating and resolving functional errors (application, database tables/fields, etc.); and submitting client operations requests; and

(N) Resolving SAP administration-related Problems in accordance with the Problem Management process described in Section 3.3 and handling questions, complaints and remarks related to SAP administration.

(vi) SAP Print Management.

Supplier shall be responsible for performing SAP print management functions, including the following:

(A) Setting up and maintaining connections to check printers;

(B) Defining Health Net-approved print requirements; setting spool system parameters; setting and maintaining a location for spool data; creating and maintaining UNIX print queues; creating and maintaining printer definitions in SAP; monitoring the impact to Application servers; managing the SAP spool processes and Unix print queues; and investigate and resolving SAP print problems; and

(C) Configuring network printers; determining network printer specifications; monitoring and detecting network printer problems; and resolving SAP-related issues with network printers.

(vii) SAP Security.

Supplier shall be responsible for the security of the SAP system in accordance with Health Net policies and procedures, including the following:

(A) With Health Net’s approval, setting up password control parameters;

(B) Upon Health Net’s request, canceling user sessions;

Schedule A A-38 Health Net / Cognizant Confidential

Final Execution Version

(C) Switching a user session into debug mode;

(D) Upon Health Net’s request, terminating programs;

(E) With Health Net’s approval, maintaining the user ids (SAP*, DDIC), user groups, passwords and access privileges for the database system, and operating system; maintaining such ids, groups, passwords and access privileges in confidence;

(F) With Health Net’s approval, maintain user accounts and access assignments in SAP environments with the exception of production environments administered by Access Administration;

(G) With Health Net’s approval, assigning and maintaining IP host addresses ACCESS NETWORK and SERVER NETWORK class-c and maintaining OSS access (includes SAP router, support connection); and

(H) With Health Net’s approval, implement, configure, maintain, monitor and resolve problems with authorization concepts (e.g. roles, BI authorizations, authorizations, security parameters, secure custom objects, interfaces) in SAP in accordance with the Security Administration Guide and defined SOX controls.

(viii) SAP Performance and Capacity Management.

Supplier shall be responsible for the performance and capacity management of the SAP systems, including the following:

(A) Sizing, designing and configuring Health Net’s SAP systems using standard SAP sizing recommendations based on Health Nets capacity needs;

(B) Performing trend analysis to detect long term performance problems and to prevent performance degradation; using monitors and problem analyzers to identify the performance and capacity problems; determine the actions needed to be taken to resolve any performance or capacity problems (including by consolidating data, when necessary); creating and disseminating reports summarizing the performance and capacity utilization of the SAP systems;

(C) Tuning the SAP Application for performance; configuring and implementing tunable parameters; monitoring performance adjustments for their effectiveness; performing SAP or Database profile modifications as required; adjusting memory management services as needed ( ABAP short dumps, core dumps, etc.); managing workload balancing; controlling the work process environment; and making pro-active capacity recommendations (to prevent future bottlenecks); and

(D) Ensuring appropriate capacity to meet resource requirements the active capacity planning, including analyzing the workload (e.g., CPU usage, memory usage, disk usage, network, backup, facilities, reporting,

Schedule A A-39 Health Net / Cognizant Confidential

Final Execution Version

throughput), estimating resource requirements (e.g., for memory, disk I/O, CPU, throughput), and defining future workload profile (e.g., for CPU, memory, storage).

(ix) SAP System Configuration Services.

Supplier shall be responsible for updates and changes to the configuration of the SAP Basis systems, including the operating system and the databases, including the following:

(A) Defining Health Net requirements; estimating resource requirements; sizing and selecting the needed hardware, including by coordinating with third party hardware vendors; developing backup and recovery strategies tailored to Health Net’s requirements; designing the architecture and infrastructure of the SAP system;

(B) Performing installations and collaborate on hardware changes in accordance with the following phases: developing a project plan; setting up all instances, workload balancing, and workstation (if required); setting up RFC destinations; configuring the code migration process (e.g. correction and transport system (CTS), Java migration); testing the Basis Software; re-configuring and distributing data across increased disk storage as required; developing hardware and system software standards; receiving technical sign off by Health Net of the install; performing acceptance testing; performing problem management during the install process, include by acting as a liaison with SAP AG & HW suppliers;

(C) With Health Net’s approval, receiving, logging and performing SAP code migration and applying a non-source code solution according to OSS notes or other Software release notes, both in accordance with the Procedures Manual;

(D) Planning, testing and performing technical Software changes and upgrades; and

(E) Training Supplier’s staff on the SAP configurations.

(x) Background Processing.

Supplier shall be responsible for the background processing for the SAP systems, including the following:

(A) With Health Net’s approval, maintaining the SAP background calendar;

(B) Notification for new/change/delete background jobs;

(C) With coordination and approval of Health Net, the Supplier shall create and/or modify SAP background job definitions and ABAP variants (including creating variant variables and balancing the workload of background jobs) in accordance with the batch administration guide and defined SOX controls; and

Schedule A A-40 Health Net / Cognizant Confidential

Final Execution Version

(D) Performing those general production control and scheduling responsibilities described in Section 3.2(e).

(xi) Documentation.

In addition to Supplier’s Documentation responsibilities set forth in Section 2.9, Supplier shall develop, maintain and make available to Health Net the following SAP-related documents: (A) Systems Operation Guide; (B) System Backup/Recovery Guide; (C) Landscape Document; (D) Code Migration Work Instructions; (E) Code Migration Policies & Procedures; (F) Printer Policies & Procedures; (G) RFC Document; and (H) Start/Stop instructions (I) Security Administration Guide (J) Batch Job Administration Guide.

3.3 Service Request and Trouble Ticket Management.

(a) General. Supplier shall perform service request and trouble ticket management Services, which are those Functions associated with tracking and managing to resolution all inquires, service requests, Incidents and Problems, including escalation to second-level specialists (e.g., Supplier resources, Health Net resources, or other third parties) through a well-defined process, including restoring normal service operation in a manner that minimizes adverse impact on business operations as a result of Incidents and Problems (including Incidents and Problems caused by errors in the IT Infrastructure). Supplier shall also perform Incident and Problem management Services, which also include Functions associated with preventing the recurrence of Incidents, including by performing root cause analysis of Incidents and initiating actions to improve or correct the situation. Supplier shall coordinate with Managed Third Parties in performing service request and trouble ticket management Services and Incident and Problem management Services set forth in this Section 3.3.

(b) Root Cause Analysis. Supplier will develop, implement, and maintain a root cause analysis process and perform the activities required to diagnose, analyze, recommend, and take corrective measures to prevent recurring Incidents, Problems, inquiries or requests. Root cause analysis process exists to prevent recurring Problems/trends and continually improve the Services and operations at Health Net. Supplier’s root cause analysis responsibilities will include:

(i) Identifying the root cause of each Incident or Problem;

(ii) Developing action plans that permanently eliminate the recurring Problem or Incident;

(iii) Ensuring appropriate resources are assigned as may be necessary to identify and remedy the Problem or Incident, and track and report on any consequences of the Problem or Incident;

(iv) Providing root cause reports to Health Net that detail the cause of, the time-to-resolve, and the actions required to eliminate such Incidents or Problems;

(v) Substantiating to Health Net that all reasonable actions have been taken to prevent recurrence of such Problem or Incident; and

(vi) Identifying the root cause of such Incidents Problems or failures, where possible.

(c) The following table identifies the underlying roles and responsibilities associated with root cause analysis activities:

Schedule A A-41 Health Net / Cognizant Confidential

Final Execution Version

Table 22 Root Cause Analysis Roles and Responsibilities

Root Cause Analysis Roles and Responsibilities		Supplier	Health Net
1.	Perform root cause analysis for all Incidents and Problems identified by Health Net as requiring root cause analysis.	X
2.	Perform root cause analysis for all Priority Level 1 Incidents and Problems, and those Priority Level 2 Incidents and Problems identified by Health Net; recommend appropriate resolution action, where/whenever possible.	X
3.	Track and report on progress of all root cause analysis efforts to confirm that root cause analysis is performed and reported on (Incident reports / trouble tickets to remain open until root cause analysis report is completed and submitted) and report that all reasonable actions have been taken to prevent future reoccurrence.	X
4.	Provide Health Net with a written report detailing the cause of and procedure for correcting such failure; provide updates on a monthly basis until closure.	X
5.	Document to Health Net that all reasonable actions have been taken to prevent recurrence of such failure.	X
6.	Review and approve actions for resolution of Problems as reported in root cause analysis recommendations.		X

(d) Incident and Problem Management. Supplier will comply with Health Net’s service request and trouble ticket management processes and will perform all service request and trouble ticket management Functions, including those Functions listed in the roles and responsibilities tables below, other than those expressly identified as retained Health Net responsibilities:

Table 23. Incident and Problem Management Roles and Responsibilities.

Incident and Problem Management Roles and Responsibilities		Supplier	Health Net
1.	Recommend Incident and Problem management policies and procedures.	X
2.	Approve Incident and Problem management policies, procedures and operational turnover requirements.		X
3.	Establish operations and service management quality assurance and control programs.	X
4.	Approve operations and service management quality assurance and control programs.		X
5.	Perform quality assurance and control programs.	X
6.	Coordinate user support activities across all Services.	X
7.	Establish Incident/Problem workflow, escalation, communication and reporting processes, including for all levels of support.	X

Schedule A A-42 Health Net / Cognizant Confidential

Final Execution Version

Incident and Problem Management Roles and Responsibilities		Supplier	Health Net
8.	Review and approve Incident and Problem classification (and re-classify Incident and Problem Priority Levels in Health Net’s discretion), and workflow, communication, escalation and reporting processes.		X
9.	Utilize, and operate Health Net’s Incident and Problem management system; create a ticket for all Incidents and Problems in the Incident and Problem management system.	X
10.	Provide Health Net End Users and Health Net third party contractors with access to the Incident and Problem management tool.		X
11.	Respond to requests from the help desk and provide updates to the help desk on Incident and Problem resolution status.	X
12.	Manage Incident and Problem lifecycle including diagnosis, scoping, repair, and recovery. Confirm user requirements were met and End User satisfaction prior to closing an Incident or Problem. Provide Incident and Problem situation management, including on a 24 hours per day, 7 days per week, 52 weeks per year, basis as necessary to meet the Service Levels and other performance standards set forth in this Agreement.	X
13.	Manage efficient workflow of Incidents and Problems, including the involvement of third party providers.	X
14.	Periodically review the state of open Incidents and Problems and the progress being made in addressing such Incidents and Problems.		X
15.	Participate in Incident and Problem review sessions and provide status of Incidents and Problems categorized by Priority classification or other categorization as may be requested by Health Net (e.g., by Service Tower).	X
16.	Respond to system status notifications as required in escalation and workflow processes.	X
17.	Identify possible product enhancement opportunities for improved operational performance and potential cost savings.	X
18.	Monitor Problems until Problem resolution and confirmation.	X
19.	Work internally and with other Supplier’s operational and technical staffs, and Health Net, to identify solutions that minimize the need to call the help desk.	X
20.	Approve solutions that minimize the need to call the help desk.		X

Table 24. Service Request Roles and Responsibilities

Service Request and Trouble Ticket Management Roles and Responsibilities		Supplier	Health Net
1.	Identify and describe priorities, response and resolution targets for service calls and requests of differing impacts.		X

Schedule A A-43 Health Net / Cognizant Confidential

Final Execution Version

Service Request and Trouble Ticket Management Roles and Responsibilities		Supplier	Health Net
2.	Develop procedures to receive and respond calls for service according to defined prioritization and resolution targets.	X
3.	Update all inquires, and requests into Health Net’s Problem management system and categorize, and capture all relevant information in a consistent format.	X
4.	Review and approve procedures to receive and respond to Health Net calls.		X
5.	Monitor and respond to service request submitted through the trouble ticketing system.	X
6.	Provide point of contact for all service requests and Problem notifications.	X
7.	Provide reporting of statistics and performance.	X
8.	Document, and track the case activities, resolution in the Problem management system, including updating of knowledge base for future reoccurrences.	X
9.	Answer miscellaneous inquires to support business processes as required.	X

(e) Self Help. Self help Services means those Functions associated with the implementation, maintenance, modification, and support of Self Service and other tools that enable End Users to perform preliminary Problem diagnosis and troubleshooting, submit various service requests (e.g., update configuration tables) and minimize the need to call the help desk (collectively, “Self Help Tools”). Supplier shall perform the self-help Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 25. Self Help Services Roles and Responsibilities

Self Help Roles and Responsibilities		Supplier	Health Net
1.	Propose improvements to the Self Help Tools.	X
2.	Review and approve improvements to the Self Help Tools.		X
3.	Conduct Periodic reviews of the effectiveness of Self Help Tools’ capabilities and usage and provide ideas during planning and analysis session.	X

(f) Support to Health Net’s Help Desk. Supplier’s responsibilities for Support to the global service desk include the following activities:

(i) providing information and any supplementary training to Health Net’s help desk regarding In-Scope Applications of a sufficient level of detail to enable the help desk to triage Incidents and Problems and / or resolve Incidents or Problems for applications without requiring a transfer to a specialized resolver group; and

(ii) providing Health Net’s help desk with a continuously updated list of relevant support personnel including contact numbers as agreed in the Procedures Manual.

Schedule A A-44 Health Net / Cognizant Confidential

Final Execution Version

(g) Notifications to Business Users. Supplier’s responsibilities for notifications to End Users include the following activities:

(i) develop a communications plan with Health Net, which outlines in which scenarios communications to relevant users may be required; and

(ii) provide the relevant communication notifications to Health Net’s help desk to distribute them to the affected business users when warranted as per the developed plan.

3.4 Minor Enhancement Services

(a) Supplier shall perform Minor Enhancements, including:

(i) designing, developing and testing Minor Enhancements to In-Scope Applications, utilizing Software development processes and controls appropriate for such work; and

(ii) updating user, system, operations, and global service desk Documentation.

(b) In addition, Supplier shall provide warranty support for all Minor Enhancements in accordance with Section19.5 of the Terms and Conditions.

4. Software Quality Assurance/TESTING SERVICES.

Supplier shall perform the “Software Quality Assurance/Testing Services”, which means all Functions necessary to safely and reliably update the technical applications environments with resolution of defects and functional enhancements to the In-Scope Applications. Software Quality Assurance/Testing Services include (i) those Functions described in this Section 4 and (ii) the Cross Functional Services, as such Services relate to the Functions described in this Section 4. Such Services may include:

(a) Testing Center of Excellence

(i) Collaborating in developing the plan to create a Testing Center of Excellence (“TCOE”);

(ii) Implementing the plan to create a Testing Center of Excellence; and

(iii) Staffing and operating a TCOE to address ITG release, portfolio and production support testing efforts.

(b) General Management and Oversight of the Testing Services

(i) Configure and prepare test environment;

(ii) Performing audit and oversight to validate compliance to processes;

(iii) Performing test planning and scheduling Services;

(iv) Using testing and defect tracking tools;

(v) Consistently implementing testing procedures, processes, and standards, including the entry and exit criteria;

Schedule A A-45 Health Net / Cognizant Confidential

Final Execution Version

(vi) Implementing testing metrics as created by Health Net;

(vii) Providing testing infrastructure of personnel, processes, tools, and Equipment; and

(viii) Reporting of results and findings during testing.

(c) Code Management includes;

(i) Using Source Code control tools;

(ii) Performing technical reviews as required; and

(iii) Performing Software distribution services preparation and validation for delivery and control.

(d) Release Management includes;

(i) Performing implementation planning prerequisites, and co-requisites for a successful implementation;

(ii) Performing coordination of implementation and migration, to production;

(iii) Performing release packaging, including production documentation verification, standards adherence,

(iv) Performing the process to migrate infrastructure and configuration choices between environments;

(v) Performing validation of package for Software distribution services; and

(vi) Performing certification/approval the release is ready to move to production.

(e) Test Planning

(i) Providing scheduled reports on progress made on projects in test, including identifying projects in trouble, and those that are on track;

(ii) Creation of test cases

(iii) Identifying reuse opportunities;

(iv) Identifying testing interdependencies between test teams / applications;

(v) Calculate the effort and plan for the schedule/ resources;

(vi) Contribution to the test strategy;

(vii) Preparation of test plans;

(viii) Identification of new test scenarios/ cases /scripts;

Schedule A A-46 Health Net / Cognizant Confidential

Final Execution Version

(ix) Identification of existing regression test cases/ scripts for modification;

(x) Identification of business critical scenarios, and

(xi) Review & approval of test strategy/plan from Health Net SMEs.

(f) Test Case/ Script Generation

(i) Providing scheduled reports on progress made on projects in test, including identifying projects in trouble, and those that are on track;

(ii) Breakdown master test plan into individual work streams;

(iii) Create run plan based on scenarios created;

(iv) Establish key milestones and dependencies for the plans;

(v) Broken down resource plan and work stream structure with task allocation, and

(vi) Document environment and data requirements with critical dependencies.

(g) Test Execution

(i) Testing production support activities, including the testing of maintenance requests, production fixes, project enhancements and patch upgrades;

(ii) Providing scheduled reports on progress made on projects in test, including identifying projects in trouble, and those that are on track;

(iii) Performing validation that the Release Package and implementation plan support Health Net policies and procedures;

(iv) ..Execution of planned test cases/scripts;

(v) Defect management and issue tracking, and

(vi) Review/publish test results.

(h) Test Closure

(i) Post deployment evaluation;

(i) Consolidated defect count;

(ii) Determining / updating Application quality index;

(iii) Document best practices and recommendations to improve testing process (if any), and

(iv) Analyze the post production defects to understand defect leakage reasoning and prepare a post implementation defect report to eliminate similar defects for future releases.

Schedule A A-47 Health Net / Cognizant Confidential

Final Execution Version

4.2 Testing Center of Excellence (TCOE)

Supplier shall create a Testing Center of Excellence, which Services solution and structure diagrams are set forth in Exhibit A-8 (Testing Services). The TCOE will be the single point of contact for all items participating in the testing Services process, for the various testing phases such as:

(a) Developing and carrying out regression testing;

(b) Developing and carrying out system testing;

(c) Developing and carrying out functional testing;

(d) Developing and carrying out integration testing;

(e) Developing and carrying out package modification testing;

(f) Developing and carrying out stress/volume testing;

(g) Assist in developing and reviewing entry and exit test criteria;

(h) Implementing the entry and exit test criteria;

(i) Supporting user acceptance testing; and

(j) Developing and carrying out other related testing, as applicable, and subject to Health Net’ s review and approval, to demonstrate the capabilities and completeness of each project.

Supplier shall work with Health Net to finalize the plan to create the TCOE and shall implement such plan in accordance with the Transition Plan so that Supplier begins performing the Software Quality Assurance/Testing Services from such TCOE within the timeframe set forth in such Transition Plan. In addition, Supplier shall perform the Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 26. Roles and Responsibilities TCOE Testing services

Planning and Analysis Activities Analysis Roles and Responsibilities		Supplier	Health Net
1.	Work with Health Net to validate assumptions made for creating TCOE solution.	X
2.	Work with Health Net to define testing and stakeholder roles responsibilities and job titles / descriptions and other organizational structure duties.	X
3.	Review and approve testing and stakeholder roles and responsibilities and job titles / descriptions.		X
4.	Develop an enterprise testing methodology.	X

Schedule A A-48 Health Net / Cognizant Confidential

Final Execution Version

Planning and Analysis Activities Analysis Roles and Responsibilities		Supplier	Health Net
5.	Review and approve the enterprise testing methodology.		X
6.	Develop testing policies, processes and standards.	X
7.	Review and approve testing policies, processes and standards.		X
8.	Define and monitor entry and exit criteria to enable stage containment.	X
9.	Review and approve and entry and exit criteria to enable stage containment.		X
10.	Develop and execute the testing training & awareness plan.	X
11.	Review and approve the testing training & awareness plan.		X
12.	Establish, review, analyze and distribute test metrics and reports.	X
13.	Review and approve test metrics and related reports.		X
14.	Establish a process of continuous process improvement of metrics and reporting.	X
15.	Establish test estimation and demand management processes.	X
16.	Review and approve test estimation and demand management processes.		X
17.	Create TCOE transition plan.	X
18.	Review and approve TCOE transition plan.		X
19.	Work with the applications support Services staff to develop and implement appropriate processes for tracking and resolving defects.	X
20.	Design, develop and deploy automated test guidelines, scripts/suites.	X
21.	Maintain automated test guidelines, scripts/suites.	X
22.	Establish communication plan across multiple vendor and Health Net geographical locations.	X
23.	Review and approve communication plan across multiple vendor and Health Net geographical locations.		X
24.	Create a knowledge repository that reflects Supplier’s testing	X

Schedule A A-49 Health Net / Cognizant Confidential

Final Execution Version

Planning and Analysis Activities Analysis Roles and Responsibilities		Supplier	Health Net
	approach.
25.	Establish a process and implement tools for data masking and test data creation.	X
26.	Conduct Health Net specific semiannual technical reviews and workshops and present back to Health Net on new technologies, industry trends and best practices.	X
27.	Identify potential applications and Software tool enhancement opportunities for improved performance and potential cost savings.	X
28.	Establish and define additional test cycle/stage acceptance criteria.	X
29.	Define and set-up a TCOE organization to provide overall test management responsibility (execute, monitor, control).
30.	Manage TCOE resources, scope and requirements.	X
31.	Identify and document additional testing Service Level opportunities.	X

4.3 General Management and Oversight of Testing Services.

As part of the Software Quality Assurance/Testing Services Supplier shall provide Health Net management with appropriate visibility into the processes being used by the Application Development Services team and of the Software products being built. Supplier shall:

(a) Establish a reporting channel to Health Net and Supplier senior management that is independent of the Application Development Services project manager.

(b) For each project, participate in the preparation and review of such project’s Software development plan, standards, and procedures including the following activities:

(i) Validate compliance with organizational policy;

(ii) Validate compliance with imposed standards and requirements; and

(iii) Propose standards that are appropriate for use by the project, topics that should be addressed in the Software development plan, and other areas as assigned by the project.

(c) Prior to delivery to Health Net, review Software work products to verify compliance with Health Net requirements, including:

(i) Evaluating Software work products against the designated Software standards, procedures, and contractual requirements.

(ii) Identifying, documenting and tracking deviations to closure.

Schedule A A-50 Health Net / Cognizant Confidential

Final Execution Version

(iii) Verifying corrections.

(iv) Validate that controls are in place for checkpoints that comprise the development process. (e.g. requirements were accepted, design was approved, prerequisites for entering and exiting each phase of test were met. )

(v) Validate that the Documentation repository holds the planning of the solution, the modifications, the validation of technical solution, including the design of Software changes, configurations, prerequisite infrastructure, system settings, release packaging, testing and implementation.

(vi) Proactively notify Parties of the change entering the testing environment and schedule.

(vii) Establish the test environment readiness, and associated test data.

(viii) Documentation of the results of the change going through the change process, so continuous process improvement and regulatory oversight compliance can be achieved.

(ix) Technical oversight and verification of the change package.

(x) Validate compliance to Health Net policies and procedures, including as set forth in Exhibit A-8.

Table 27. General Planning of Quality Assurance Code Management and Release Oversight.

Technical Support Roles and Responsibilities		Supplier	Health Net
1.	Recommend policies and procedures to improve quality assurance, code management and release oversight function.	X
2.	Participate in defining and provide formal approve changes in policies and procedures.		X
3.	Update documented processes and procedures providing enhancements to the processes.	X
4.	Provide technical support and training for updates in the process.	X
5.	Approval of policies and procedures with the testing Services area.		X

4.4 Execution of Tests.

Execution of tests involves the actual performance of the testing, including both system and integration testing. Supplier shall perform the execution of test Services, which include the following based on the test phase or test plan:

(i) Preparing test environment for the test phase;

(ii) Defining business test cycles for each test phase (i.e., a logical grouping of test conditions defined with consideration for repeatability and reuse, as well as functional area);

(iii) Defining business test scripts for each test phase (i.e., a definition of the steps necessary to perform a given business function test), including identifying additional test scripts associated with the integration of various application group components, which may not have been

Schedule A A-51 Health Net / Cognizant Confidential

Final Execution Version

addressed by the individual teams and as applicable, combining test scripts for projects affecting multiple application groups;

(iv) Defining business test environment requirements for each test phase (i.e., a detailed description of the components and configurations needed for the business test environment);

(v) Defining system test scripts, including scripts used to test existing interfaces to business applications as well as scripts used to test new interfaces to applications (including as applicable for adaptive development work);

(vi) Delivering the test plan, test cases and test scripts to Health Net for review and approval;

(vii) Working out the detailed setup regarding coding components and test data to be tested with the test team during design;

(viii) Developing necessary test data based on test cases and business scenarios that are in accordance with Health Net’s standard methodologies (e.g., project development) as made available to Supplier, except where Supplier is only responsible for assisting Health Net in performing the testing, in which case Supplier will provide necessary inputs (e.g. information on table, fields, key fields, index fields, views etc.) to the Health Net project team to develop such test data;

(ix) Creating and managing all test data and the test data management process. Supplier will condition all test data and cases as needed to fulfill testing all requirements;

(x) Adequately conditioning test accounts so that such information may be accessed, as necessary, during the testing process;

(xi) Conducting each test phase other than UAT; coordinating and supporting Health Net in Health Net’s UAT efforts;

(xii) Leveraging technology to automate scripts to improve quality and throughput of testing;

(xiii) Completing test documents and certification for each test phase, including for the quality testing tollgates;

(xiv) Conducting a quality audit review (e.g., quality completeness) for each test phase;

(xv) Preparing and coordinating fail over testing for hardware, network and Software failures. Supplier will work with appropriate Health Net hardware and network subject matter experts to conduct and validate failure test cases and scripts, reporting on results and recommending modifications as required to insure reliability and performance in accordance with agreed upon specifications. For the avoidance of doubt, nothing in this Section shall require Supplier to be responsible for: (A) providing or maintaining hardware or networks, or (B) hardware or network failures, provided that Supplier fulfilled its obligations under this task order and did not cause such failure;

(xvi) Where applicable, conducting testing Services, including system testing and stress testing within the test environment;

Schedule A A-52 Health Net / Cognizant Confidential

Final Execution Version

(xvii) Resolving testing issues and validating test results. Supplier will perform root cause analysis on the defects identified in the testing and will implement appropriate measures to eliminate the reoccurrence of defects;

(xviii) Providing test results to Health Net for review and approval;

(xix) Completing certification review for the testing phase;

(xx) Providing an assessment and communicating the overall impact and potential risk to existing Software prior to implementing changes;

(xxi) Identifying adjustments to Health Net’s infrastructure as a result of changes to architectural standards, new applications or discovered security vulnerabilities;

(xxii) Executing job streams and various test processes required for testing; and

(xxiii) Validating data backup and recovery is occurring.

Table 28. Operations and Administration of Testing Roles and Responsibilities

Operations and Administration Roles and Responsibilities		Supplier	Health Net
1.	Provide testing operations center to monitor service delivery.	X
2.	Perform quality reviews of operations, polices and procedures for compliance and improvement.	X
3.	Propose planning of testing environments and appropriate reporting for testing environments.	X
4.	Perform day-to-day operations of test execution as defined above.	X
5.	Provide weekly reports on progress made on projects within TCOE, identifying projects in trouble, and those that are on track.	X
6.	Coordinate with Health Net and its vendors in the testing environment.	X
7.	Approve reporting and testing plans for testing environments.		X
8.	Create and populate the application testing environment where applicable.	X

4.5 Integration and Testing.

(a) Integration and testing Services are the activities associated with ensuring that all individual program components configured with or added to the In-Scope Applications work together properly as a single system performing all of the intended Functions. This includes application interfaces to other applications in production. Integration and testing Services include:

(i) System Testing;

(ii) Integration Testing;

(iii) User Acceptance Testing; and

(iv) Post Production Verification Testing.

Schedule A A-53 Health Net / Cognizant Confidential

Final Execution Version

(b) Supplier will perform all integration and testing Services Functions, including those Functions listed in the roles and responsibilities tables below, other than those expressly identified as retained Health Net responsibilities:

Table 29. System Testing Roles and Responsibilities

System Testing Activities Roles and Responsibilities		Supplier	Health Net
Within System testing:
1.	Provide system testing environment requirements needed for from unit testing to System testing.	X
2.	Environment Governance - how environment is used, who is using it, who gives business requirements for “architecture/content” of the environment.		X
3.	Building/supporting the system test environments (everything but DBA and hardware)- Who builds/creates the environment, designs the architecture based on the owner’s requirements, refreshes the environments, operationally manages access.	X
4.	Build and support the DBA environments (See separate DBA Roles and Responsibilities Tables 16 - 21.	X
5.	Build and support the hardware environments		X
6.	Defect resolution - environment.	X
7.	Defect resolution - application/configuration etc - everything tied to development.	X
8.	Defect resolution /correct infrastructure defects found as a result of testing efforts.		X
9.	Initiate, triage, track and report system testing defects in mutually agreed defect tracking system.	X
10.	Provide testing oversight.		X
11.	Requesting code promotions, jobs.	X
12.	Approving code promotions, jobs.	X
13.	Executing code promotions and coordinating and working with the release management and infrastructure teams as applicable	X
14.	Executing jobs, and other activities needed to be done in environment to support testing.	X

Schedule A A-54 Health Net / Cognizant Confidential

Final Execution Version

System Testing Activities Roles and Responsibilities		Supplier	Health Net
15.	Administration of the code/configuration management tools.	X
16.	Support of the code/configuration management tools (installing the tool, applying the patches).		X
17.	Authorizing access and authority levels to the code management Software.		X
18.	Code build for move to next staging environment.	X
19.	Recommend policies and procedures for environment management.	X
20.	Recommend policies and procedures for Infrastructure environment management.		X
21.	Approving policies and procedures for environment management.		X
22.	Create test cases and perform all appropriate system testing.	X
23.	Develop system test policies and procedures.	X
24.	Approve system testing policies and procedures.		X
25.	Support and monitor system testing environment (OS & hardware).		X
26.	Support and monitor system testing environment.	X
27.	Review and approve system test results for compliance with policies, procedures, plans, and test criteria and metrics (e.g. defect rates, progress against schedule, etc).		X
28.	Test new releases of supported hardware and Software to ensure conformance with Health Net specifications and Service Levels.	X
Transition from System Test environment to SIT (System Integration Test) environment:
29.	Implementation plan for move from system to SIT environment.	X
30.	Approve implementation plan for move from system to SIT environment.		X
31.	Stage new and upgraded Software or services to smoothly transition from Health Net system testing to SIT.		X
32.	Execute new and upgraded, Software or services to smoothly transition from Health Net system testing to SIT.	X

Schedule A A-55 Health Net / Cognizant Confidential

Final Execution Version

System Testing Activities Roles and Responsibilities		Supplier	Health Net
33.	Notify Supplier in the event Health Net notices a discrepancy between Health Net’s requirements and the requirements document or Supplier deliverables.		X
34.	Identify and document application test requirements.	X
35.	Review and approve application test requirements.		X
36.	Preparing de-identified/scrubbed data to support test scenarios within modified system.	X
37.	Define test data and environment requirements.	X
38.	Review and approve test data and environment requirements.		X
39.	Notify Supplier in the event Health Net notices a discrepancy between Health Net’s requirements and any deliverables.		X
40.	Coordinate with the environment and data support groups.	X
41.	Lead defect triage meetings.	X

Table 30. Integration Testing Roles and Responsibilities

Integration and Testing Activities Roles and Responsibilities		Supplier	HNT Apps.
Within Integration testing:
1.	Provide integration testing application criteria to move from system testing to SIT.		X
2.	Environment. Governance - how environment is used, who is using it, who gives business requirements for “architecture/content” of the environment.		X
3.	Building/supporting the SIT environments (everything but DBA and hardware). Builds/creates the environment, designs the architecture based on the owner’s requirements, refreshes the environments, and operationally manages access to environment.	X
4.	Build and support the DBA environments (See separate DBA Roles and Responsibilities in Tables 16-21).	X
5.	Build and support the hardware environments.		X

Schedule A A-56 Health Net / Cognizant Confidential

Final Execution Version

Integration and Testing Activities Roles and Responsibilities Within Integration testing:		Supplier	HNT Apps.
6.	Initiate, triage, track and report SIT defects in mutually agreed defect tracking system.	X
7.	Provide testing oversight.		X
8.	Provide shared access to the defect tracking system.	X
9.	Requesting code promotions, jobs, and configuration changes.	X
10.	Approving code promotions, jobs, and configuration changes.	X
11.	Executing code promotions, and configuration changes.	X
12.	Executing jobs, and other activities needed to be done in environment to support testing.	X
13.	Administration of the code/configuration management tools.	X
14.	Support of the code/configuration management tools (installing the tool, applying the patches).		X
15.	Authorizing access and authority levels to the code management Software.		X
16.	Code build for move to next staging environment.	X
17.	Package code for move to next staging environment.	X
18.	Recommend policies and procedures for environment management.	X
19.	Approving policies and procedures for environment management.		X
20.	Develop integration and testing policies and procedures.	X
21.	Approve integration and testing policies and procedures.		X
22.	Create test cases and perform all appropriate SIT.	X
23.	Conduct SIT.	X
24.	Review and approve SIT results for compliance with policies, procedures, plans, and test criteria and metrics (e.g. defect rates, progress against schedule, etc...).		X
25.	Test new releases of supported hardware and Software to ensure conformance with Health Net specifications and Service Levels.	X

Schedule A A-57 Health Net / Cognizant Confidential

Final Execution Version

Transition from SIT Environment to UAT		Supplier	HNT Apps.
26.	Create implementation plan for move from SIT to UAT environment.	X
27.	Approve implementation plan for move from system to SIT environment.		X
28.	Stage new and upgraded, Software or services to smoothly transition from Health Net SIT to UAT.	X
29.	Execute new and upgraded, Software or services to smoothly transition from Health Net SIT to UAT.	X
30.	Notify Supplier in the event Health Net notices a discrepancy between Health Net’s requirements and the requirements document or the Deliverables.		X
31.	Assist users in identifying, documenting and creating the application test requirements	X
32.	Review and approve user acceptance application test requirements/plans. Items to consider include size of environment, what is being tested, cycles being tested etc.	X
33.	Manage the relationship with all interfaced systems necessary to conduct testing.		X
34.	Preparing requested data, and if needed de-identified/scrubbed data to support test scenarios within modified system.	X
35.	Support users to progress through scenarios, simulating interfaces or working with integrated systems to conduct end-to-end tests.	X
36.	Notify Supplier in the event Health Net notices a discrepancy between Health Net’s requirements and any Deliverables.		X
37.	Coordinate with the environment and data support groups.	X
38.	Lead defect triage meetings.	X

Table 31. User Acceptance Testing Activities Roles and Responsibilities.

User Acceptance Testing Activities Roles and Responsibilities		Supplier	HNT Apps.
Within UAT:
1.	Develop UAT test plans (end-to-end).		X
2.	Supplier to provide review comments on UAT test plan.	X

Schedule A A-58 Health Net / Cognizant Confidential

Final Execution Version

User Acceptance Testing Activities Roles and Responsibilities Within UAT:		Supplier	HNT Apps.
3.	Review and approve UAT test plans (end-to-end).		X
4.	Provide UAT environment requirements needed from SIT to UAT.		X
5.	Provide Environment. Governance - how environment is used, who is using it, who gives business requirements for “architecture/content” of the environment.		X
6.	Building/supporting the UAT environments (everything but DBA and hardware). Who builds/creates the environment, designs the architecture based on the owner’s requirements, refreshes the environments, and operationally manages access to environment.	X
7.	Build and support the DBA environments (See separate DBA Roles and Responsibilities Tables 16 -21).	X
8.	Build and support the hardware environments.		X
9.	Initiate, triage, track and report UAT defects in mutually agreed defect tracking system.	X
10.	Provide testing oversight.		X
11.	Provide shared access to the defect tracking system.	X
12.	Requesting code promotions, jobs, and configuration changes from UAT to production.		X
13.	Approving code promotions, jobs, and configuration changes from UAT to production.		X
14.	Executing code promotions from UAT to production.		X
15.	Executing jobs, and other activities needed to be done in environment to support testing.	X
16.	Administration of the code/configuration management tools.	X
17.	Support of the code/configuration management tools (installing the tool, applying the patches).		X
18.	Authorizing access and authority levels to the code management Software.		X
19.	Manage the relationship with all interfaced systems necessary to conduct testing.		X

Schedule A A-59 Health Net / Cognizant Confidential

Final Execution Version

User Acceptance Testing Activities Roles and Responsibilities Within UAT:		Supplier	HNT Apps.
20.	Code build for move to next staging environment.	X
21.	Package code for move to next staging environment.	X
22.	Recommend policies and procedures for environment management.	X
23.	Approving policies and procedures for environment management.		X
24.	Develop UAT policies and procedures.		X
25.	Approve UAT policies and procedures.		X
26.	Create test cases, test data and perform all appropriate UAT.		X
27.	Conduct UAT.		X
28.	Lead defect triage meetings.	X
29.	Review and approve UAT results for compliance with policies, procedures, plans, and test criteria and metrics (e.g. defect rates, progress against schedule, etc).		X
Transition from UAT to Production Environment
30.	Implementation plan for move from UAT to production environment.	X
31.	Approve implementation plan for move from UAT to production environment.		X
32.	Stage new and upgraded, Software or services to smoothly transition from Health Net UAT to production environment.	X
33.	Execute new and upgraded, Software or services to smoothly transition from Health Net UAT to production environment.		X
34.	Manage the relationship with all interfaced systems necessary to conduct the implementation.		X
35.	Coordinate with the environment and data support groups.	X

Schedule A A-60 Health Net / Cognizant Confidential

Final Execution Version

Table 32. Post-Production Implementation Roles and Responsibilities

Post Production Activities Roles and Responsibilities		Supplier	HNT Apps.
Post Production implementation:
1.	Capture defects that occur postproduction via Problem resolution processes. May involve attending production implementation meetings.		X
2.	Resolve post production issues.	X
3.	Consolidate findings into root cause analysis, continuous process improvement, and performance reporting and present to Health Net.	X

5. Section 5: Application Development Services Requirements

“Application Development Services” are defined as all life-cycle activities associated with the provision of Services related to the development of new applications and system enhancements. Application Development Services include (i) those Functions described in this Section 5, and (ii) the Cross Functional Services related directly to Application Development Services as such Cross Functional Services relate to the Functions described in this Section 5. Application Development Services include:

1. Performing planning and overall analysis;

2. Performing application requirements definition;

3. Performing high level design;

4. Performing detailed/technical design;

5. Performing planning for infrastructure prerequisites, and co-requisites, including capacity planning;

6. Performing Software acquisition or third party support acquisition;

7. Performing programming and development;

8. Performing the Change Control Process;

9. Performing unit testing;

10. Performing production implementation and migration;

11. Providing Software configuration management;

12. Creating interfaces, performing data conversions, data scrubbing, and data translation associated with projects;

13. Performing production environment support - post implementation;

14. Creating and possibly providing training;

15. Performing defect resolution as discovered during testing phases;

16. Creating and providing Documentation; and

17. Monitoring, reporting and review.

5.1 Planning and Analysis

Planning and analysis Services are the activities associated with the research of new application development trends, products, and services that offer opportunities to improve the efficiency and effectiveness of the application environment, as well as for meeting business requirements. Supplier shall perform the planning and analysis Services, including those Functions listed in the roles and

Schedule A A-61 Health Net / Cognizant Confidential

Final Execution Version

responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 33. Applications Development Planning and Analysis Roles and Responsibilities Application Changes

Planning and Analysis Activities Analysis Roles and Responsibilities		Supplier	Health Net
1.	Approve services and standards for planning and analysis activities.		X
2.	Approve projects to implement applications enhancement opportunity.		X
3.	Establish application security architecture.		X
4.	Provide standards, procedures and policies regarding application security.		X
5.	Perform application security planning.	X
6.	Perform environment (infrastructure) application security planning and installation planning.		X
7.	Establish communication plan across multiple vendor and Health Net geographical locations.	X
8.	Review and approve communication plan across multiple vendor and Health Net geographical locations.		X
9.	Performing project estimation using industry standard methods to support the Health Net project brief assessment process.	X
10.	Investigating and documenting new products, techniques, tools and services that will improve efficiency and delivery.	X
11.	Assessing process re-engineering methodologies.	X
12.	Recommending overall systems development life cycle process improvements, including those for which Health Net retains responsibility.	X
13.	Performing an annual portfolio analysis to identify and recommend applications rationalization, consolidation, sun setting, etc.	X
14.	Conducting annual technical and business planning sessions to establish standards, architecture and project initiatives.	X

Schedule A A-62 Health Net / Cognizant Confidential

Final Execution Version

Planning and Analysis Activities Analysis Roles and Responsibilities		Supplier	Health Net
15.	Conducting operational planning for capacity and performance purposes.	X
16.	Conducting feasibility studies for the implementation of new technologies.	X
17.	Conducting semi-annual technical reviews and workshops on trends and best practices.	X
18.	Participating in the evaluation of potential project opportunities.	X
19.	Assisting in security planning.	X

5.2 Requirements Definition

Requirements definition Services are the activities associated with the capturing, collection and assessment of user requirements that are used to define the business area’s needs for an application. These requirements are used to determine the detailed application design which solves the requirements. The following table identifies some of the roles and responsibilities associated with requirements definition activities. Supplier shall perform the requirements definition Services, including those Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 34. Applications Development Requirements Definition Roles and Responsibilities

Applications Requirements Definition Roles and Responsibilities		Supplier	HNT Apps.
1.	Define and document requirements standards, documents, Deliverables, and test criteria.	X
2.	Approve requirements standards, documents, deliverables, and test criteria.		X
3.	Act as primary point of contact with the business to define, gather, refine, and prioritize business requirements.		X
4.	Initiate and conduct interviews, group workshops and surveys to determine user requirements.		X
5.	Participate in, as requested, interviews, group workshops and surveys to determine user requirements on approved project work.	X

Schedule A A-63 Health Net / Cognizant Confidential

Final Execution Version

Applications Requirements Definition Roles and Responsibilities		Supplier	HNT Apps.
6.	Identify need for Software upgrade conversion requirements to Health Net for Commercial Off-The-Shelf (COTS) hardware and Software and execute based upon a service request from Health Net.	X
7.	Approve Software upgrade conversion requirements for COTS hardware and Software.		X
8.	Define local adaptation/country-specific deployment criteria and delivery requirements (i.e. language, laws).		X
9.	Develop project test strategy (analysis)	X
10.	Review and approve test strategy (analysis)		X
11.	Establish traceability between test plans and requirements.	X
12.	Review and approve traceability between test plans and requirements.		X

5.3 Design Specifications

Supplier will perform the design specification services in compliance with Health Net technical architectural standards. Such specifications shall deliver the most cost-effective solution to the requirements. Supplier shall perform the design specification Functions listed in the roles and responsibilities tables below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 35. Applications Development High-Level Design Activities Roles and Responsibilities

High-Level Design Activities Roles and Responsibilities		Supplier	HNT
1.	Create the high-level design document from the business and functional requirements. Proposing development or COTS package solution recommendation.	X
2.	Approve the high-level design document from the business and functional requirements.		X
3.	Evaluate COTS package solutions.		X
4.	Conduct COTS application evaluations to demonstrate support of requirements.		X
5.	Participate and provide advice on COTS application evaluations and solutions.	X

Schedule A A-64 Health Net / Cognizant Confidential

Final Execution Version

High-Level Design Activities Roles and Responsibilities		Supplier	HNT
6.	Participate and provide advice on COTS application evaluations and solutions for within Health Net infrastructure environment.		X
7.	Validate how COTS application solutions will fit in the recommended infrastructure environment.		X
8.	Develop prototype application configuration settings to demonstrate support of requirements.	X
9.	Develop prototype application configuration settings within infrastructure to demonstrate support of requirements.		X
10.	Approve prototype application configuration settings that demonstrate support of requirements including providing application configuration instructions that support the prototype.		X
11.	Provide high level requirements/criteria for extending prototyped application configuration settings to the full complement of configuration settings required to satisfy the complete business process.		X
12.	Provide high-level logical data model.	X
13.	Provide technology plan to support application.	X
14.	Provide infrastructure plan to support application.		X
15.	Approve technology plan to support application.		X
16.	Provide application development and implementation cost and schedule estimates.	X
17.	Identify infrastructure levels, pre-requisite changes, and monitoring needs.	X
18.	Provide infrastructure cost and schedule estimates.		X
19.	Develop overall project cost and schedule estimate.	X
20.	Approve overall project cost and schedule estimate.		X
21.	Develop and recommend application test plan (e.g. functional, volume, end-to-end, integration, stress, regression, system, and user acceptance test if applicable).	X
22.	Approve application test plan (e.g. functional, volume, end-to-end, integration, stress, regression, system, and user acceptance test if applicable).		X

Schedule A A-65 Health Net / Cognizant Confidential

Final Execution Version

Table 36 Applications Development Detailed/Technical Design Activities Roles and Responsibilities

Detail Design Activities Roles and Responsibilities		Supplier	HNT Apps.
1.	Define design standards and documentation.	X
2.	Approve design standards and documentation.		X
3.	Create the detailed design document from the business and functional requirements and high-level design.	X
4.	Document and present implementation options evaluated as required by the requirements document.	X
5.	Review and approve detailed design documentation.		X
6.	Document technical requirements, logical and physical data models.	X
7.	Review and approve technical requirements and physical data models for consistency with documented requirements.		X
8.	Configure testing environments.	X
9.	Develop unit test plans.	X
10.	Review and approve unit test plans		X
11.	Develop system and performance test plans.	X
12.	Review and approve system and performance test plans.		X
13.	Develop integration test plans.	X
14.	Review and approve integration test plans.		X
15.	Define implementation and deployment policies, project schedules and staffing requirements to meet deployment and delivery requirements.	X
16.	Approve implementation, deployment policies, schedules and deployment staffing levels.		X

5.4 Programming/Development

Programming and/or development Services are the activities associated with the programming, development, scripting, configuring or customizing of application modules using the information from the previous Software development lifecycle phases as critical input. Supplier can accomplish programming and/or development through in-house custom development, customization of commercial off-the-shelf (COTS) products or implementation of COTS packages. Supplier shall make use of technologically

Schedule A A-66 Health Net / Cognizant Confidential

Final Execution Version

current development tools (e.g., code generators) and languages as appropriate to improve programmer productivity, code stability and reusability subject to Section 12.5(a) of the Terms and Conditions. The following table identifies some of the roles and responsibilities associated with programming and development activities.

Table 37 Applications Development Programming and Development Roles and Responsibilities

Programming and Development Activities Roles and Responsibilities		Supplier	HNT Apps.
1.	Review Health Net existing technical standards (e.g. naming, JCL, etc.).	X
2.	Recommend programming, tools, development, and technical documentation policies, procedures and standards.	X
3.	Approve programming, development and technical documentation policies, procedures, and standards.		X
4.	Review programming and development plans and procedures where there is an impact on other Health Net entities/facilities.		X
5.	Perform all necessary programming, configuring and customizing of application modules as required to develop and implement the design plans and specifications.	X
6.	Execute unit test plans.	X
7.	Manage all programming and development efforts using industry-standard project management tools and methodologies.	X
8.	Conduct predetermined development status reviews and provides written report on results to Health Net.	X
9.	Review results of Supplier development reviews at Health Net’s discretion.		X
10.	Resolve application defects as identified during testing phases.

5.5 Unit Testing

(a) Supplier shall conduct “Unit Testing” in which Supplier takes the smallest piece of testable Software in the application, isolates it from the remainder of the code, and determines whether it behaves exactly as expected. Each unit is tested separately before integrating them into modules to test the interfaces between modules. During the Unit Testing phase, Supplier shall include:

(i) System Requirements;

(ii) Design Specifications;

(iii) Programming standards;

Schedule A A-67 Health Net / Cognizant Confidential

Final Execution Version

(iv) Input and/or data validation;

(v) I/O correctness (database records created, updated and/or deleted);

(vi) Error handling;

(vii) Performance; and

(viii) Naming conventions (variable and control)

(b) In addition to the Unit Testing Functions listed in Section 5.5(a). Supplier shall perform the Unit Testing Functions listed in the roles and responsibilities table below, except for those Functions that are expressly identified as retained Health Net responsibilities in the roles and responsibilities table below.

Table 38 Unit Testing Roles and Responsibilities (part of Programming and Development)

Unit Testing Activities Roles and Responsibilities		Supplier	HNT Apps.
Within Unit testing:
1.	Provide environment requirements needed for unit testing.	X
2.	Provide environment Governance - how environment is used, users, who provides business requirements for “architecture/content” of the environment.		X
3.	Build and support the environments (everything but DBA and hardware):- Builds and creates the environment, designs the architecture based on the owner's requirements, refreshes the environments, operationally manages access to environment.	X
4.	Build and support the DBA environments (See separate DBA Roles and Responsibilities).	X
5.	Build and support the hardware environments.		X
6.	Defect resolution - environment.	X
7.	Defect resolution - application/configuration etc - everything tied to development.	X
8.	Testing oversight/defect triage/QA.	X
9.	Requesting code promotions, jobs.	X
10.	Approving code promotions, jobs.	X
11.	Executing code promotions.	X

Schedule A A-68 Health Net / Cognizant Confidential

Final Execution Version

Unit Testing Activities Roles and Responsibilities		Supplier	HNT Apps.
12.	Executing jobs and other activities needed to be done in environment to support testing.	X
13.	Administration of the code/configuration management tools.	X
14.	Support of the code/configuration/migration management tools (installing the tool, applying the patches).		X
15.	Authorizing access and authority levels to the code management Software.		X
16.	Implementation plan for move to next staging environment.	X
17.	Code build for move to next staging environment.	X
18.	Recommend policies and procedures for environment management.	X
19.	Recommend policies and procedures for infrastructure environment management.		X
20.	Approving policies and procedures for environment management.		X
21.	Develop unit policies and procedures for unit testing.	X
22.	Approve unit testing policies and procedures for unit testing.		X
23.	Review and approve unit testing results.		X
24.	Identify and document application test requirements.	X
25.	Review and approve application test requirements.		X
26.	Define test data and environment requirements.	X
27.	Review and approve test data and environment requirements.		X
28.	Notify Supplier in the event Health Net notices a discrepancy between Health Net’s requirements and any vendor Deliverables.		X
29.	Coordinate with the environment and data support groups.	X
30.	Lead defect triage meetings.	X

Schedule A A-69 Health Net / Cognizant Confidential

Final Execution Version

5.6 Health Net Project Development Process

Supplier is expected to adhere to the Health Net project development process and Quality Assurance Process.

Schedule A A-70 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE B

SERVICE LEVELS

Schedule B Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE B

SERVICE LEVELS

Table of Contents

1	Introduction	1
2	Definitions	1
	2.1     Certain Definitions	1
	2.2     Other Terms	2
3	Measurement, reporting and supporting information	2
	3.1     Measurement	2
	3.2     Measurement Tools	2
	3.3     Reports and Supporting Information	3
4	Service Level methodology	3
	4.1     General	3
	4.2     Service Level Codes	3
	4.3     Failure to Perform	4
	4.4     Excused Service Level Failures	5
	4.5     Service Level Credits	5
	4.6     Earnback Opportunities	6
5	MODIFICATIONS AND improvements to Service Levels.	6
	5.1     Deletions of Service Levels	6
	5.2     Additions of Service Levels	6
	5.3     Designation of Critical Service Levels and Weighting Factors	6
	5.4     Continuous Improvement	7
	5.5     Quarterly or Annual Meeting to adjust Service Levels	7
6	CUSTOMER SATISFACTION SURVEYS	7

Table of Exhibits

Exhibit B-1:	Service Level Metrics
Exhibit B-2:	Problem / Incident Severity Level Definitions
Exhibit B-3:	Service Request Completion Times

Schedule B B - i Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE B

SERVICE LEVELS

1 INTRODUCTION

This Schedule B sets forth the Service Levels that Supplier is required to meet or exceed in performing certain of the Services during the Term. This Schedule also describes (a) the methodology for calculating Service Level Credits that will be provided to Health Net by Supplier if Supplier fails to meet a Critical Service Level, and (b) the process the Parties will follow to add, modify or delete Service Levels during the Term.

2 DEFINITIONS

2.1 Certain Definitions

(a) “Amount at Risk” has the meaning given in Section 6.2 of the Terms and Conditions.

(b) “Business Days” mean Monday through Friday (except holidays on which the offices of Health Net, as applicable, are not open for regular business). Where this Schedule B provides for the addition or subtraction of a Business Day(s), the result will mean the same time of day as the time of an event on the original Business Day (i.e., a Problem that starts at 3:00 p.m. local time on Monday is resolved by the following Business Day if such Problem is resolved by 3:00 p.m. local time on Tuesday, provided that both Monday and Tuesday are Business Days).

(c) “Critical Service Level” means those Service Levels that are assigned a Weighting Factor and for which a Service Level Credit is payable in the event of a Critical Service Level Failure. Critical Service Levels are designated by Health Net in accordance with Section 5.3 of this Schedule B.

(d) “Critical Service Level Failure” means, with regard to any Critical Service Level, Supplier’s failure to perform at a level that meets the corresponding Critical Service Level during any particular Measurement Period.

(e) “Measurement Period” means, for any Service Level, the period of time during which Supplier’s actual performance of the relevant Services is to be measured against the corresponding Service Level. The Measurement Period for each Service Level is set forth on Exhibit B-1.

(f) “Pool Percentage Available for Allocation” means *** percentage points.

(g) “Service Levels” has the meaning given in Section 6.1 of the Terms and Conditions.

(h) “Service Level Credit” has the meaning provided in Section 4.3(b) of this Schedule B.

(i) “Service Level Failure” means, with regard to any Service Level, a failure by Supplier to either (i) perform at the level that meets the corresponding Service Level during any particular Measurement Period, or (ii) to (A) properly monitor or measure any Service Level, or (B) report on the performance for any Service Level in accordance with Section 3.3 below.

Schedule B B - 1 Health Net / Cognizant Confidential

Final Execution Version

(j) “Weighting Factor” means the portion of the Pool Percentage Available for Allocation that Health Net has allocated with respect to a Critical Service Level. The Weighting Factor for each of the Critical Service Levels as of the Effective Date are set forth in Exhibit B-1, and shall be subject to modification pursuant to Section 5 of this Schedule B.

2.2 Other Terms

Other terms used in this Schedule B (or any Exhibit or Attachment to this Schedule B) are either defined in the context in which they are used or are defined elsewhere in this Agreement, and in each case shall have the meanings there indicated.

3 MEASUREMENT, REPORTING AND SUPPORTING INFORMATION

3.1 Measurement

(a) Except as otherwise expressly provided for a particular Service Level in Exhibit B-1, the Measurement Period for each Service Level shall be each calendar month during the Term.

(b) Except as otherwise expressly indicated in this Schedule B, all references to time of day in this Schedule B shall refer to Pacific Time (“PT”), and any reference to “hour” or “hours” shall mean clock hours.

3.2 Measurement Tools

(a) Supplier shall measure its performance with respect to each Service Level using the corresponding measurement tools, processes and methodologies identified for such Service Level in Exhibit B-1, or as specified pursuant to Sections 3.2(c), and 5.2(c)(i) of this Schedule B.

(b) Supplier shall provide (except as expressly stated otherwise in this Agreement) and utilize the necessary measurement and monitoring tools and procedures required to measure and report Supplier's performance of the Services against the applicable Service Levels. Such measurement and monitoring shall permit reporting at a level of detail sufficient to verify compliance with the Service Levels, and will be subject to verification and review by Health Net. Supplier shall provide Health Net with information and access to such tools and procedures upon request, for purposes of verification.

(c) If, after the Effective Date, Supplier desires to use a different measurement tool, process or methodology for any Service Level, Supplier shall provide written notice to Health Net proposing:

(i) the alternative measurement tool, process or methodology; and

(ii) any reasonable adjustments to the Service Levels that are necessary to account for any increased or decreased sensitivity that will likely result from use of the alternative measurement tool, process or methodology.

Supplier may utilize such alternative measurement tool, process or methodology only to the extent such tool, and any associated Service Level adjustments, are approved in

Schedule B B - 2 Health Net / Cognizant Confidential

Final Execution Version

writing by Health Net.

3.3 Reports and Supporting Information

(a) Supplier shall deliver the Monthly Performance Report to Health Net in accordance with Section 17.3 of the Terms and Conditions.

(b) Upon Health Net’s request, Supplier shall provide to Health Net detailed supporting information (including raw performance data) relating to Supplier’s performance relative to the Service Levels. Such information shall at a minimum include all information that is necessary for Health Net to verify the accuracy of Service Level measurements and reporting, and any other supporting information requested by Health Net to the extent it is available to Supplier.

(c) Supplier shall make the reporting and supporting information described in this Section 3.3, available to Health Net both (i) in a form suitable for use on a personal computer; and (ii) via a secure website; provided, however, that if requested by Health Net, Supplier shall also provide to Health Net “real time” electronic access to performance data (i.e., access to performance data that reflects performance at the then-present time), to the extent that the agreed-upon measurement tools used to measure performance are capable of providing such access. To the extent that such tools are not capable of providing Health Net with such “real time” access, Supplier shall promptly provide access to timely data upon Health Net’s request.

4 SERVICE LEVEL METHODOLOGY

4.1 General

(a) Subject to Section 4.2 of this Schedule B, commencing on the Services Commencement Date Supplier shall meet or exceed each of the Service Levels. Service Levels constitute one means, but not the exclusive means, of measuring Supplier’s performance of its commitment under Section 5.4 of the Terms and Conditions. If a Service Level includes multiple conditions or components (e.g., components (a), (b) and(c)), then Supplier’s performance must satisfy each and every condition or component (i.e., components (a), (b) and (c)) to achieve the corresponding Service Level.

(b) If any portion of the Services are to be provided from a business continuity recovery environment, the Service Levels shall continue to apply; except to the extent a disaster occurring at a Health Net facility prevents Supplier from meeting such Service Levels.

4.2 Service Level Codes

For each of the Service Levels set forth in Exhibit B-1, a corresponding “Code” has been designated in the "Code" column of the applicable table. The Codes have the following meanings:

(a) “Code 1” – Code 1 has been assigned to Service Levels for which Health Net believes it has performance data showing that such Service Levels were achieved by Health Net prior to the Effective Date. Supplier shall meet or exceed each Code 1 Service Level beginning on the Service Commencement Date, subject to the following:

Schedule B B - 3 Health Net / Cognizant Confidential

Final Execution Version

(i) During Transition, Supplier shall have the opportunity to review such data. If the Parties agree that such data does not demonstrate a history of compliance with a particular Code 1 Service Level, they shall (A) first work in good faith to establish a Service Level that both Parties agree is supported by the applicable performance data; and (B) if they are unable to agree upon the Service Level, then they shall follow the baselining process set forth in Section 5.2(c) to establish the Service Level.

(ii) The process above shall be applied on an application-by-application basis for the Application Availability, Application Response Time, and On-Time Batch Processing Service Levels (i.e., Application Availability, Application Response Time, and On-Time Batch Processing for some but not all In-Scope Applications may need to be validated or baselined).

(b) “Code 2” – Code 2 has been assigned to Service Levels that the Parties agree should be established through the baselining process set forth in Section 5.2(c).

(c) “Code 3” – Code 3 has been assigned to the certain Service Levels for which a target has been set that Health Net has not consistently achieved prior to the Effective Date. The following applies to Code 3 Service Levels:

(i) Beginning on the Service Commencement Date, Supplier shall meet or exceed the levels of performance achieved by Health Net prior to the Effective Date; and

(ii) Within 60 days of the Service Commencement Date, Supplier shall provide Health Net with a plan for improving the Code 3 Service Levels to meet the target metrics set for such Service Levels. Upon approval from Health Net, Supplier shall implement the plan and begin meeting the Service Level on the date specified in the plan.

(d) “Code 4” – Code 4 has been assigned to Service Levels that the Parties agree do not require validation or baselining. Service Provider shall meet or exceed Code 4 Service Levels beginning on the Service Commencement Date.

4.3 Failure to Perform

(a) For each Service Level Failure, Supplier shall (i) investigate, assemble and preserve pertinent information with respect to, and report on the causes of, the problem, including performing a root cause analysis of the problem; (ii) advise Health Net, as and to the extent requested by Health Net, of the status of remedial efforts being undertaken with respect to such problem; (iii) minimize the impact of and correct the problem and begin meeting the Service Level; and (iv) take appropriate preventive measures so that the problem does not recur.

(b) Supplier recognizes that a Critical Service Level Failure may have a material adverse impact on the business and operations of Health Net and that the damage from such Critical Service Level Failure is not susceptible to precise determination. Accordingly, in the event of a Critical Service Level Failure for reasons other than ***. This Section 4.3(b) shall not limit Health Net's rights with respect to the events upon which Health Net may rely as a basis for Health Net's termination of this Agreement for cause.

Schedule B B - 4 Health Net / Cognizant Confidential

Final Execution Version

(c) Supplier shall not be relieved for any Service Level Failure caused by a Managed Third Party if such Service Level Failure arises from Supplier's failure to manage such Managed Third Parties in accordance with the terms and conditions of this Agreement.

4.4 Excused Service Level Failures

If Supplier fails to meet a Service Level and establishes within two months after such failure that: (a) Health Net’s failure to perform a retained responsibility was the root cause of Supplier’s failure to meet such Service Level (e.g., providing the required infrastructure to host In-Scope Applications); (b) Supplier would have achieved such Service Level but for such Health Net failure; (c) Supplier used Commercially Reasonable Efforts to perform and achieve the Service Level notwithstanding the presence and impact of such Health Net failure; and (d) Supplier is without fault in causing such Health Net failure, then no Service Level Credit shall be assessed against Supplier for any resulting Service Level Failure, and Supplier shall otherwise be excused from achieving such Service Level for as long as Health Net fails to perform such retained responsibility and Supplier continues to use Commercially Reasonable Efforts to prevent, overcome, or mitigate the adverse effects of such failure to the extent required to achieve the applicable Service Level. Supplier shall not be excused from a failure to achieve a Service Level other than under this Section 4.4 or as expressly provided in this Agreement.

4.5 Service Level Credits

(a) Calculation. For each Critical Service Level Failure, the applicable Service Level Credit referenced in Section 4.3(b) above shall be calculated in accordance with the following formula:

	Service Level Credit = A x B
Where:
	A = the applicable Weighting Factor; and
	B = the Amount at Risk for such calendar month.

(b) Notification. For each Critical Service Level Failure, Supplier shall report such failure to Health Net pursuant to Section 17.3(b) of the Terms and Conditions and Section 3.3 of this Schedule B. Such report will, at a minimum, (i) identify and describe as a “Critical Service Level Failure” such Critical Service Level Failure, and (ii) calculate the amount of the corresponding Service Level Credit, calculated pursuant to Section 4.5(a) of this Schedule B, that Health Net may elect pursuant to Section 4.3(b) of this Schedule B.

(c) Limitations.

(i) In no event shall the sum of the Weighting Factors for all Critical Service Levels exceed the Pool Percentage Available for Allocation.

(ii) In no event shall the total amount of Service Level Credits payable by Supplier for Critical Service Level Failures occurring during a calendar month exceed the Amount at Risk for such calendar month.

Schedule B B - 5 Health Net / Cognizant Confidential

Final Execution Version

4.6 Earnback Opportunities

(a) ***

(b) ***

(c) Eligible Service Levels means all Service Levels other than the following Service Levels: ***.

5 MODIFICATIONS AND IMPROVEMENTS TO SERVICE LEVELS.

5.1 Deletions of Service Levels

***.

5.2 Additions of Service Levels

***

(a) If Health Net adds a new Service Level for which there is at *** of historical data within the past *** and such data indicates performance that is acceptable to Health Net, then the Service Level metric shall be the arithmetic mean of the most recent *** of historical data. For example, ***. Such Service Level shall become effective ***, but no earlier than thirty (30) days after written notice from Health Net.

(b) If Health Net adds a new Service Level for which there is at least *** of historical data within the ***, but such data does not indicate performance that is acceptable to Health Net, then, upon Health Net’s written request, Supplier will perform an assessment of the root causes of the unacceptable level of historical performance within sixty (60) days.

(i) At the end of such *** period, if Health Net reasonably determines that Supplier’s performance is below an acceptable level (e.g., by reference to industry standards), then ***.

(ii) At the end of such *** period, if Health Net determines that Supplier’s performance is at an acceptable level, then the Service Level metric shall be determined in accordance with Section 5.2(a).

(c) If Health Net adds a new Service Level for which at least *** of historical data within the past *** does not exist, then such Service Level *** in accordance with the following:

(i) ***.

(ii) ***.

(iii) ***.

(iv) ***.

5.3 Designation of Critical Service Levels and Weighting Factors

(a) Critical Service Levels.

Schedule B B - 6 Health Net / Cognizant Confidential

Final Execution Version

(i) As of the Effective Date, the Critical Service Levels are designated by the letter “Y” appearing in the corresponding “Critical Service Level” column in Exhibit B-1.

(ii) ***.

(b) Weighting Factors. ***:

(i) ***; and

(ii) the sum of the Weighting Factors for all Critical Service Levels shall not exceed the Pool Percentage Available for Allocation.

5.4 Continuous Improvement

(a) In addition to any improvements in Service Levels resulting from application of the review processes described in Section 5.5, then (except as otherwise set forth in Exhibit B-1 (i,e., with respect to those Service Levels or components thereof that are not eligible for improvement)):

(i) ***

(ii) ***

(b) ***.

5.5 Quarterly or Annual Meeting to adjust Service Levels

(a) Health Net and Supplier will meet to review the Service Levels on a quarterly or annual basis to discuss the Service Levels ***.

(b) The Parties will also discuss in good faith revisions to Service Levels that may be appropriate as a result of material changes in the characteristics of Health Net’s In-Scope Application portfolio (e.g., re-engineering initiatives).

6 CUSTOMER SATISFACTION SURVEYS

(a) Within ninety (90) calendar days after the Effective Date or as otherwise mutually agreed by the Parties, Supplier shall develop and propose for the approval of the Parties a draft customer satisfaction questionnaire (“Satisfaction Survey”) designed to measure the satisfaction of End Users and other third parties who interact with Supplier with Supplier’s provision of the Services. Following Health Net’s review of the foregoing, Supplier shall incorporate reasonable comments or suggestions of Health Net and shall finalize the Satisfaction Survey and process within sixty (60) calendar days after receiving Health Net’s comments and suggestions. The final Satisfaction Survey and process shall be subject to the approval of both Parties. Supplier shall periodically update the Satisfaction to reflect New Services or changes to existing Services; provided, however, that updates of the Satisfaction Survey and process shall be provided to Health Net for review, comment, and approval.

(b) Periodically (but in no event less than annually), Health Net shall conduct a survey using the Satisfaction Survey and process described in and agreed upon pursuant to this

Schedule B B - 7 Health Net / Cognizant Confidential

Final Execution Version

Section. Health Net shall provide to Supplier the survey responses. Supplier shall tally the results of such survey and report to Health Net the results, and integrating the results with previous survey results (e.g., performing trend analysis). The Parties shall meet to identify the areas of dissatisfaction as such dissatisfaction relates to the Services. Supplier shall prepare a project plan, with Health Net’s input and subject to Health Net’s final approval, that specifically addresses the steps Supplier shall take to correct such dissatisfaction. The project plan will specify the specific remedial steps Supplier shall take to rectify deficiencies in satisfaction, and the time frames in which Supplier will implement those steps.

Schedule B B - 8 Health Net / Cognizant Confidential

Final Execution Copy

SCHEDULE C

CHARGES

Final Execution Version

SCHEDULE C

CHARGES

Table of Contents

1.      INTRODUCTION		1
	1.1     Overview of Charges	1
	1.2     General Terms	1
2.      DEFINITIONS		1
	2.1     Certain Definitions	1
	2.2     Other Terms	2
3.      SUPPLIER INVESTMENTS		2
4.      PRODUCTION SUPPORT		3
	4.1     Production Support Charge	3
	4.4     Minor Enhancements	4
	4.5     Offshore / Onshore Ratios	5
	4.6     Productivity Assumptions	6
	4.8     Supporting Skillset Rates	6
5.      APPLICATIONS DEVELOPMENT		6
	5.1     General Terms	7
	5.2     Adjustments to the Baseline AD Hours	8
	5.3     Charges for Productive Hours in Excess of the Baseline AD Hours	8
	5.4     Offshore / Onshore Ratios	8
	5.5     Productivity	9
	5.6     Transitioned Employees	9
6.      T&M RATES		9
7.      OTHER CHARGES, CREDITS AND TERMS		9
	7.1     Pass-Through Expenses	9
	7.2     Currency	9
	7.3     New Services	10
	7.4     Disaster Recovery	10
	7.5     Remedial Services	10
	7.6     Disengagement Services	10
	7.7     Taxes	10
	7.8     Minimum Commitment	11
8.      ADJUSTMENTS TO CHARGES		11
	8.1     Cost of Living Adjustment (COLA)	12
	8.2     Service Level Credits	12
	8.3     Benchmarking	12
9.      TERMINATION CHARGES		12
	9.1     Termination Charge	12
	9.2     Pro-ration of Termination Charges	12

Schedule C (Charges) C - i Health Net / Cognizant Confidential

Final Execution Version

Table of Exhibits

Exhibit C-1:	Production Support Charge
Exhibit C-2:	Individual Application Production Support Charges
Exhibit C-3:	Applications Development Charge
Exhibit C-4:	Baseline AD Hours
Exhibit C-5:	Transitioned Employees
Exhibit C-6:	T&M Rates
Exhibit C-7:	Skillset Mix and Supporting Skillset Rates

Schedule C (Charges) C - ii Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE C

CHARGES

1. INTRODUCTION

1.1 Overview of Charges

This Schedule C describes the methodology for calculating the charges for the Services provided by Supplier to Health Net under this Agreement. The charges consist of the following (collectively, the “Charges”):

(a) the Production Support Charge described in Section 4.1, as it may be adjusted under Sections 4.2, 4.3, 4.4, and 8;

(b) the Applications Development Charge described in Section 5.1, as it may be adjusted under Sections 5.2, 5.3, and 8;

(c) any Out-of-Pocket Expenses expressly payable under this Agreement; and

(d) any other charges or adjustments (including COLA under Section 8) expressly set forth in this Agreement.

1.2 General Terms

(a) There are no amounts other than the Charges defined in Section 1.1 payable by Health Net under this Agreement.

(b) If any service or offering that Supplier is obligated to provide under this Agreement is not measured by a specific Charge, the cost to Supplier of providing that service or offering is subsumed in the Charges hereunder and there shall be no separate charge for such service or offering.

(c) Supplier was given an opportunity to perform due diligence on the In-Scope Applications prior to the Effective Date. ***

2. DEFINITIONS

2.1 Certain Definitions

(a) “Applications Development Charge” or “AD Charge” has the meaning given in Section 5.1.

(b) “Applications Development Project” or “AD Project” means Applications Development Services requested by Health Net that do not constitute a Minor Enhancement.

(c) “Application Development Services” or “AD Services” has the meaning given in Section 5 of Schedule A

(d) “Charges” has the meaning given in Section 1.

(e) “Contract Year” means each 12 month period during the Term beginning January 1 and ending December 31, except Contract Year 1 shall commence on November 10, 2008 and continue until December 31, 2009.

(f) “FTE” means a full-time equivalent personnel within a particular T&M Rate category. One FTE = *** Productive Hours.

Schedule C (Charges) C - 1 Health Net / Cognizant Confidential

Final Execution Version

(g) “Individual Application Production Support Charges” has the meaning given in Section 4.1.

(h) “In-Scope Applications” has the meaning given in Section 1.3 of Schedule C.

(i) “Joint Capacity Planning Process” has the meaning given in Schedule G.

(j) “Minor Enhancement” means an enhancement or upgrade to In-Scope Applications requested by Health Net that is (i) estimated to require *** of Productive Work of Applications Development Services and (ii) not otherwise required to perform break-fix, operational support or other Production Support Services.

(k) “Offshore Personnel” has the meaning given in Section 4.5.

(l) “Onshore Personnel” has the meaning given in Section 4.5.

(m) “Production Support Charge” has the meaning given in Section 4.1.

(n) “Production Support Services” means all Services that are not Application Development Services, including Application Support Services and the Software Quality Assurance/Testing Services and Cross-Functional Services associated with Application Support Services.

(o) “Productive Work” means productive work performed specifically for Health Net, as appropriately recorded under a labor tracking system or other system acceptable to both Parties. ***.

(p) “Service Commencement Date” has the meaning given in Section 2.1 of the Terms and Conditions.

(q) “Steady-State” means, for each In-Scope Application, the later of (i) the Scheduled Steady-State Date and (ii) the date Supplier satisfies the applicable exit criteria in Exhibit A-2 and assumes full responsibility for Production Support Services for the In-Scope Application.

(r) “T&M Rates” means the hourly personnel rates for Onshore Personnel and Offshore Personnel for each In-Scope Application set forth in Exhibit C-6.

(s) “Transitioned Employees” has the meaning given in Schedule E.

2.2 Other Terms

Capitalized terms used in this Schedule C but not defined herein have the meanings given in the Glossary attached as Schedule R or elsewhere in this Agreement.

3. SUPPLIER INVESTMENTS

There are no charges or other amounts payable by Health Net for:

(a) ***

(b) ***

(c) ***

(d) ***

Schedule C (Charges) C - 2 Health Net / Cognizant Confidential

Final Execution Version

4. PRODUCTION SUPPORT

4.1 Production Support Charge

(a) Exhibit C-1 sets forth a monthly charge for Production Support Services (“Production Support Charge”). Subject to Sections 4.2 and 8, the Production Support Charge is a fixed amount payable for performance of all of the Production Support Services, except to the extent Supplier may count such Cross Functional Services against the Baseline AD Hours pursuant to Section 5.1(f).

(b) Exhibit C-2 sets forth the component of the Production Support Charge applicable to each In-Scope Application (“Individual Application Production Support Charges”). The Individual Application Production Support Charges shall be used solely to adjust the Production Support Charge when required pursuant to Sections 4.2 and 4.3.

(c) Subject to Sections 4.2 and 4.3, beginning in November 2008, Supplier shall invoice Health Net on a monthly basis in arrears for the applicable Production Support Charge set forth in Exhibit C-1 in accordance with Section 10.1 of the Terms and Conditions.

4.2 Adjustments of Production Support Charge Due to Transition Delays

The Production Support Charge in Exhibit C-1 assumes each In-Scope Application will be transitioned to Supplier (and reach Steady-State) by the corresponding transition completion date set forth in Exhibit E-3 (“Scheduled Steady-State Date”). If an In-Scope Application is not fully transitioned to Steady-State by the Scheduled Steady-State Date set forth in Exhibit E-3, then the Production Support Charge shall be reduced by an amount equal to the applicable Individual Application Production Support Charge until such In-Scope Application is fully transitioned to Steady-State (i.e., there are no charges payable for an In-Scope Application until it reaches Steady-State, except as provided in Section 4.7 with respect to Transitioned Employees). If any of the In-Scope Applications can be transitioned and reach Steady State prior to the applicable Scheduled Steady-State Date, the Parties shall discuss whether to commence Steady-State and the corresponding component of the Production Support Charge early. If the Parties agree to make any such adjustment, they shall document their agreement in advance and in writing.

4.3 Adjustments of Production Support Charge Due to Changes in the In-Scope Application Portfolio

(a) If Health Net adds a new In-Scope Application to this Agreement, then:

(i) Supplier shall propose a staffing plan showing the incremental Supplier Personnel required to support the new In-Scope Application. Upon request, Supplier shall provide Health Net with supporting detail from Supplier’s estimating tools to allow Health Net to understand and validate Supplier’s proposed staffing.

(ii) After the staffing is determined, the Parties shall:

(A) establish a new T&M Rate in Exhibit C-6 for Onshore Personnel and Offshore Personnel for the new In-Scope Application, which shall be a blended rate determined using the Supporting Skillset Rates set forth in Exhibit C-7; and

(B) equitably adjust the Production Support Charge to reflect the additional staffing, which adjustment shall not exceed an amount equal to the number of incremental FTEs in the revised staffing multiplied by the

Schedule C (Charges) C - 3 Health Net / Cognizant Confidential

Final Execution Version

new T&M Rates for the In-Scope Application established under Section 4.3(a)(ii)(A).

(b) If Health Net removes an existing In-Scope Application, then:

(i) Supplier shall propose a revised staffing plan showing the reduction in Supplier Personnel required to support the reduced workload. Upon request, Supplier shall provide Health Net with supporting detail from Supplier’s estimating tools to allow Health Net to understand and validate Supplier’s proposed revisions.

(ii) After the revised staffing is determined, the Parties shall equitably adjust the Production Support Charge to reflect the revised staffing, which adjustment shall equal the applicable Individual Application Production Support Charge for the In-Scope Application removed unless the Parties agree otherwise.

(c) The Production Support Charge assumes the MC400 In-Scope Applications will be sunset by December 31, 2010 and their functions migrated to ABS. For purposes of this Section, “sunset” means the date on which Health Net desires to cease receiving full Production Support Services and to receive the more limited support described below in Section 4.3(c)(iii). Health Net shall provide Supplier with reasonable notice (at least 30 days) if it desires to change the sunset date to a date other than December 31, 2010.

(i) If any of the MC400 In-Scope Applications are sunset prior to December 31, 2010, then the Production Support Charge shall be reduced by an amount equal to the Individual Application Production Support Charges for such MC400 In-Scope Applications during the period from (A) the sunset date, until (B) December 31, 2010.

(ii) If any of the MC400 In-Scope Applications require full Production Support Services after December 31, 2010, then the Production Support Charge shall be increased by an amount equal to the Individual Application Production Support Charges for such MC400 In-Scope Applications during the period from (A) December 31, 2010, until (B) the date Health Net no longer requires full Production Support Services for such MC400 In-Scope Applications.

(iii) The Parties anticipate that Health Net will require a reduced level of Production Support Services for the MC400 In-Scope Applications in the years following the sunset and migration to ABS. Prior to the sunset date, the Parties will agree upon the staffing required to provide such support, and calculate the charges for such support by multiplying the Supplier Personnel FTEs in such staffing plan by the applicable T&M Rates in Exhibit C-6.

4.4 Minor Enhancements

(a) The Production Support Charge includes a baseline of Productive Hours that Supplier shall perform each calendar quarter on Minor Enhancements requested by Health Net (“Baseline Minor Enhancement Hours”). Subject to Section 4.4(b), the Baseline Minor Enhancement Hours included in the Production Support Charge are as follows:

(i) There are no Baseline Minor Enhancement Hours in 2008.

(ii) In 2009, the Baseline Minor Enhancement Hours shall increase as follows each calendar quarter as In-Scope Applications are transitioned:

Schedule C (Charges) C - 4 Health Net / Cognizant Confidential

Final Execution Version

	Calendar Year 2009
	Q1 2009	Q2 2009	Q3 2009	Q4 2009
Baseline Minor Enhancement Hours	***	***	***	***

(iii) In 2010, and each Contract Year thereafter, the Baseline Minor Enhancement Hours shall equal *** per calendar quarter, unless adjusted pursuant to Section 4.4(b).

(b) The Baseline Minor Enhancement Hours shall be adjusted as follows:

(i) If Health Net retires or otherwise withdraws an In-Scope Application from Production Support Services under this Agreement, beginning in the month following such withdrawal, the Baseline Minor Enhancement Hours shall be ***.

(ii) If Health Net adds a new In-Scope Application, beginning in the month following such addition, the quarterly Baseline Minor Enhancement Hours shall be ***.

(iii) Upon request, Supplier shall provide Health Net with supporting detail to allow Health Net to understand and validate Supplier’s staffing numbers and proposed adjustments.

(c) Health Net and Supplier shall each use Commercially Reasonable Efforts to prioritize, manage and coordinate Minor Enhancement work to stay within the Baseline Minor Enhancement Hours allocation each quarter. Notwithstanding the foregoing, if Health Net requires a volume of Minor Enhancement hours above the Baseline Minor Enhancement Hours in a quarter, Supplier shall provide such hours using the Baseline AD Hours provided under Section 5.1.

4.5 Offshore / Onshore Ratios

The Parties have agreed on the following maximum ratios of Supplier Personnel based in India (“Offshore Personnel”) and Supplier Personnel based in the United States (“Onshore Personnel”) assigned to perform Production Support Services (“Maximum Offshore/Onshore Ratio”):

	Contract Year
	Year 1	Year 2	Year 3	Year 4	Year 5
Maximum Offshore / Onshore Ratio	***	***	***	***	***

(a) The Maximum Offshore/Onshore Ratios reflect the maximum number of Offshore Personnel Supplier may use to perform Production Support Services. These Maximum Offshore/Onshore Ratios reflect the average ratio of Offshore Personnel and Onshore Personnel during each Contract Year (i.e., the ratio of Offshore Personnel to Onshore Personnel may increase temporarily as long as the average ratio for the Contract Year does not exceed the applicable Maximum Offshore/Onshore Ratio). If Supplier believes it can increase this ratio while maintaining compliance with the Service Levels and other terms of this Agreement, Supplier shall propose a revised staffing plan ***.

(b) Supplier is responsible for performing all functions required to transition Services to Offshore Personnel (up to the permitted Maximum Offshore/Onshore Ratio) while maintaining compliance with the Service Levels and other terms of this Agreement. ***

(c) If Health Net directs Supplier to reduce the number of Offshore Personnel below the permitted Maximum Offshore/Onshore Ratio for reasons other than Supplier’s failure to meet Service

Schedule C (Charges) C - 5 Health Net / Cognizant Confidential

Final Execution Version

Levels or comply with other terms of this Agreement, then Supplier shall ***. Supplier shall obtain Health Net’s written consent prior to implementing the plan.

4.6 Productivity Assumptions

The Production Support Charge declines during the Term at a rate reflecting the percentages set forth in the table below (“Productivity Commitments”). Supplier shall be responsible for any costs associated with its failure to achieve the Productivity Commitments. If the Production Support Charge is revised pursuant to Section 4.2 in connection with the addition of a new In-Scope Application, the revised Production Support Charge shall, at a minimum, reflect the Productivity Commitments stated in the table below for each remaining year of the Term.

	Contract Years
	CY 1	CY 2	CY 3	CY 4	CY 5
Productivity Commitment	***	***	***	***	***

4.7 Transitioned Employees

(a) Supplier shall hire 76 Transitioned Employees in accordance with Schedule E as of the applicable Transfer Date defined in Schedule E. Of the 76 Transitioned Employees, 47 will be assigned to perform Production Support Services. Supplier shall be fully compensated for such 47 Transitioned Employees through the Production Support Charge.

(b) The Production Support Charge assumes the Transfer Date (defined in Schedule E) for all 47 Transitioned Employees shall be November 16, 2008. ***

(c) Without limiting any of Supplier’s obligations under this Agreement with respect to Supplier Personnel, Health Net shall have the right to assign and prioritize work for each Transitioned Employee during the period between the applicable Transfer Date and the Scheduled Steady-State Date for the In-Scope Application on which such Transitioned Employee is assigned to work.

4.8 Supporting Skillset Rates

Exhibit C-7 sets forth the skillset mix and individual supporting skillset rates that were used to determine the blended T&M Rates in Exhibit C-6 for each In-Scope Application (“Supporting Skillset Rates”). The Supporting Skillset Rates shall be used solely for (a) benchmarking, (b) to create new T&M Rates pursuant to Section 4.3(a), and (c) to adjust the T&M Rates for an In-Scope Application if Health Net requests a material change in the skillset mix for such In-Scope Application. If Health Net requests a material change under item (c) above, the Parties shall document the new skillset mix requested by Health Net in Exhibit C-7 and revise the blended T&M Rates in Exhibit C-6 to reflect the new skillset mix using the individual Supporting Skillset Rates in Exhibit C-7. For clarification, the adjustment in item (c) shall apply only if Health Net requests a change in skillset mix; it shall not apply if Supplier determines that it requires a different skillset mix in order to provide the Services described in this Agreement.

5. APPLICATIONS DEVELOPMENT

Exhibit A-6 (Project Framework) sets forth a framework and terms under which Health Net may authorize Supplier to perform Applications Development Projects. This Section 5 describes how the Charges for AD Projects shall be determined.

Schedule C (Charges) C - 6 Health Net / Cognizant Confidential

Final Execution Version

5.1 General Terms

(a) Exhibit C-3 sets forth a monthly charge for the volume of Applications Development Services authorized by Health Net as of the Effective Date (“Applications Development Charge” or “AD Charge”). The AD Charge consists of the following components for each In-Scope Application:

(i) The Onshore Personnel and Offshore Personnel components of the AD Charge for each In-Scope Application in Exhibit C-3 are determined by multiplying the volume of Productive Hours for Onshore Personnel (excluding Transitioned Employees) and Offshore Personnel set forth in Exhibit C-4 for each such In-Scope Application by the applicable T&M Rates in Exhibit C-6;

(ii) The Transitioned Employee component of the AD Charge is determined by multiplying the number of Transitioned Employees assigned solely to perform Applications Development Services for an In-Scope Application (as set forth in Exhibit C-5) by *** per month.

(b) The Applications Development Charge includes a pool of Productive Hours of Applications Development Services for each In-Scope Application (“Baseline AD Hours”). The Baseline AD Hours for each In-Scope Application shall equal:

(i) The volume of Productive Hours for Onshore Personnel (excluding Transitioned Employees) and Offshore Personnel for the In-Scope Application set forth in Exhibit C-4 for the applicable month, plus

(ii)*** Productive Hours per month for each Transitioned Employee assigned to perform Applications Development Services for the In-Scope Application (as set forth in Exhibit C-4), plus

(iii) Any additional Productive Hours within the *** described in Section 5.3.

(c) Beginning in November 2008, Supplier shall invoice Health Net on a monthly basis in arrears for the Baseline AD Hours, as they may be adjusted each month under Section 5.2, through the Applications Development Charge in accordance with Section 10.1 of the Terms and Conditions.

(d) Supplier will make available the Baseline AD Hours specified in Exhibit C-4, as they may be adjusted by Health Net on a monthly basis pursuant to Section 5.2(b). If Health Net does not request sufficient work to fully utilize Baseline AD Hours for a particular In-Scope Application in a month, then Supplier shall use reasonable efforts to redeploy the Supplier Personnel assigned to provide such Baseline AD Hours for such In-Scope Application to work on other In-Scope Applications that require similar skills (and such work shall not be considered Incremental AD Hours under Section 5.3(b)). For the avoidance of doubt, Health Net shall not be entitled to a credit or carry-over of Baseline AD Hours in a month that are unused due to Health Net’s failure to request sufficient work to utilize such Baseline AD Hours in the month.

(e) Health Net and Supplier shall each use Commercially Reasonable Efforts to prioritize, manage and coordinate Applications Development Projects to stay within the Baseline AD Hours allocation each month.

(f) Hours spent by Supplier in performing Cross Functional Services described in Schedule A shall not be counted as Productive Hours or applied against Baseline AD Hours except to the extent (i) they are spent performing activities described in Sections 2.3, 2.4, 2.8, 2.9 2.10, 2.11 and 2.13 of Schedule A directly relating to performing Application Development Projects, and (ii) they are not precluded from being chargeable under Exhibit A-6 (Project Framework).

Schedule C (Charges) C - 7 Health Net / Cognizant Confidential

Final Execution Version

5.2 Adjustments to the Baseline AD Hours

(a) In connection with the Joint Capacity Planning Process, the Parties shall work together to develop and maintain a rolling 12-month forecast of AD Projects and associated resource requirements (“AD Project Forecast”). Each month, and as otherwise requested by Health Net, the Parties shall meet to (i) update the AD Project Forecast as necessary to remain current with Health Net’s estimated AD Project demand and (ii) make any corresponding adjustments to the Baseline AD Hours in accordance with Section 5.2(b).

(b) On a monthly basis, Health Net may request a change in the upcoming volume or mix of Baseline AD Hours. In such event, Supplier shall make such change within 30 days after receiving such request and recalculate the Applications Development Charge for the remaining months in the applicable Contract Year using the formulas in Sections 5.1(a)(i) and 5.1(a)(ii).

5.3 Charges for Productive Hours in Excess of the Baseline AD Hours

The Parties shall adjust the Applications Development Charge on a monthly basis as provided in Section 5.2(b) to reflect changes in the Baseline AD Hours forecasted by Health Net. This Section 5.3 describes the incremental Charge Health Net shall pay if its actual usage of Productive Hours on Applications Development Services for a particular In-Scope Application in a calendar quarter exceeds the aggregate Baseline AD Hours for that In-Scope Application (as such Baseline AD Hours may be adjusted pursuant to Section 5.2(b)) for such calendar quarter.

(a) Not later than 30 days after the end of each calendar quarter, Supplier will report (i) the quantity of Productive Hours authorized by Health Net and performed by Supplier on Applications Development Services during the quarter for each In-Scope Application (“Actual AD Hours”) and (ii) any variance in Actual AD Hours above or below the Baseline AD Hours for the In-Scope Application in that quarter.

(b) ***

(i) ***

(ii) ***

Example 1: ***

Example 2: ***

(c) Supplier shall use all Commercially Reasonable Efforts to minimize Incremental AD Hours, including by cross-training Supplier Personnel so that they can work on multiple In-Scope Applications (e.g., if an individual is assigned to MC400 but not fully utilized performing AD Projects for MC400, Supplier shall assign AD Projects for other In-Scope Applications to such individual).

(d) Supplier shall include any additional charges payable under this Section 5.3 on the invoice for the month following the end of each calendar quarter.

5.4 Offshore / Onshore Ratios

As of the Effective Date, the Baseline AD Hours reflect what the Parties believe is the optimal mix of Offshore Personnel and Onshore Personnel. Health Net may alter this mix by adding or removing Baseline AD Hours performed by Offshore Personnel or Onshore Personnel through the process described in Section 5.2.

Schedule C (Charges) C - 8 Health Net / Cognizant Confidential

Final Execution Version

5.5 Productivity

(a) Productivity Commitment. Supplier shall achieve at least the annual productivity improvement set forth in the chart below for each Contract Year in providing Application Development Services (e.g., Health Net shall receive *** more Applications Development output by the end of Contract Year 2 than it received at the beginning of Contract Year 1 for the same number of chargeable Productive Hours):

	Contract Years
	CY 1	CY 2	CY 3	CY 4	CY 5
Productivity Commitment	***	***	***	***	***

(b) Measuring Productivity. Within 90 days after the Effective Date, Supplier shall propose a detailed methodology for measuring productivity within the Applications Development Services. The Parties shall then work together to refine the details of such methodology and agree on a plan and timeline for implementing it. Thereafter, Supplier shall report upon its performance against the productivity commitments in this Section 5.5 on a quarterly basis.

5.6 Transitioned Employees

Supplier shall hire certain Transitioned Employees in accordance with Schedule E as of the applicable Transfer Date defined in Schedule E. The charges for Transitioned Employees (and associated Baseline AD Hours) are included in the Applications Development Charge as explained in Section 5.1(a)(ii).

6. T&M RATES

(a) Exhibit C-6 contains the T&M Rates referenced in this Schedule C and elsewhere in this Agreement. Supplier may charge Health Net using the T&M Rates only where this Agreement expressly states that Supplier is permitted to charge Health Net, or make adjustments to Charges, “using the T&M Rates” or on a “time and materials” basis.

(b) ***

(c) ***

(d) ***

7. OTHER CHARGES, CREDITS AND TERMS

7.1 Pass-Through Expenses

(a) There are no Pass-Through Expenses as of the Effective Date. If the Parties agree to add Pass-Through Expenses after the Effective Date, they shall document them in an amendment to this Agreement.

(b) ***

7.2 Currency

All Charges in this Agreement are stated in U.S. Dollars, and shall be invoiced by Supplier and paid by Health Net in U.S. Dollars. ***

Schedule C (Charges) C - 9 Health Net / Cognizant Confidential

Final Execution Version

7.3 New Services

The Charges for any New Services performed by Supplier at Health Net’s request shall be calculated in accordance with Section 3.7 of the Terms and Conditions.

7.4 Disaster Recovery

The Charges for all disaster recovery Services described in this Agreement as of the Effective Date are included in the Production Support Charge and Applications Development Charge.

7.5 Remedial Services

Supplier shall not be entitled to charge Health Net for any rework or other Services required as a result of Supplier’s failure to perform in accordance with this Agreement.

7.6 Disengagement Services

Supplier shall invoice Health Net for Disengagement Services payable by Health Net as provided in Section 16.5(b) of the Terms and Conditions.

7.7 Taxes

Supplier shall invoice Health Net for taxes payable by Health Net as provided in Section 9.3 of the Terms and Conditions.

7.8 Minimum Commitment

(a) The chart in this Section 7.8 sets forth a minimum revenue commitment for each Contract Year of the Term (each a “Minimum Commitment”). To the extent the total Charges payable by Health Net under this Agreement in a Contract Year are less than (or reasonably likely to be less than) the applicable Minimum Commitment for that Contract Year as a result of Health Net’s decision to withdraw Services from this Agreement and either perform them itself or use a third party to perform them, then the Parties shall work in good faith to equitably adjust the Charges to reflect the reduced volume of Services. If after working in good faith the Parties are unable to agree on such an equitable adjustment, then Health Net, at its option, shall either (i) pay Supplier an additional amount equal to the difference between (A) the applicable Minimum Commitment for such Contract Year and (B) the total Charges paid by Health Net in such Contract Year, to the extent such difference results from Health Net’s decision to withdraw Services from this Agreement and either perform them itself or use a third party to perform them; or (ii) terminate this Agreement for convenience. The Minimum Commitment shall be prorated for partial Contract Years.

	Contract Year
	CY 1	CY 2	CY 3	CY 4	CY 5
Minimum Commitment	***	***	***	***	***

(b) If Health Net terminates Services in part pursuant to Section 16.1 of the Terms and Conditions, the Minimum Commitment for each Contract Year shall be reduced by an amount proportionate to the percentage of the Charges attributable to the terminated Services for each Contract Year as set forth as of the Effective Date.

Schedule C (Charges) C - 10 Health Net / Cognizant Confidential

Final Execution Version

7.9 Travel

(a) ***

(b) Health Net shall reimburse Supplier for actual expenses for travel requested by Health Net in connection with an Applications Development Product or Minor Enhancement; provided such expenses are (i) approved in advance by Health Net and documented in advance and in writing; and (ii) incurred in accordance with Health Net’s travel and expense policy.

8. ADJUSTMENTS TO CHARGES

8.1 Cost of Living Adjustment (COLA)

(a) On January 1 of each calendar year *** Supplier shall increase (i) the Production Support Charge, (ii) the Applications Development Charge, and (iii) the T&M Rates (collectively, the “Adjustable Charges”) by multiplying such Adjustable Charges by the applicable Inflation Factor defined below (each adjustment, a “COLA”). ***

(b) The “Onshore Inflation Factor” for each calendar year *** for the T&M Rates for Onshore Personnel (including the fee set forth in Section 5.6 for Transitioned Employees performing Applications Development Services) shall be determined by the change in the AHE, and shall be equal to the sum of (i) one (1) plus (ii) the quotient of (A) the AHE of the current calendar year less the AHE of the prior calendar year (the “Prior Year AHE”) over (B) the Prior Year AHE; provided the Onshore Inflation Factor shall not exceed *** in any calendar year. The AHE used for this calculation will be the index published in September of current year and September of immediately preceding year.

(c) The “Offshore Inflation Factor” for each calendar year *** for the T&M Rates for Offshore Personnel shall be determined by the change in the UNME, and shall be equal to the sum of (i) one (1) plus (ii) the quotient of (A) the UNME of the current calendar year less the UNME of the prior calendar year (the “Prior Year UNME”) over (B) the Prior Year UNME; provided the Offshore Inflation Factor shall not exceed *** in any calendar year. The UNME used for this calculation will be the index published in September of current year and September of immediately preceding year.

(d) ***

(e) Supplier shall give Health Net notice of the applicable COLA for each calendar year at least thirty (30) days prior to the beginning of such year, including detailed calculations and supporting documentation as to the determination of the Inflation Factor and the resulting changes to the Charges for such year.

(f) Under no circumstances, shall any of the Inflation Factors used be less than 1.

(g) “AHE” means Average Hourly Earnings of Production workers for Professional and business services as published by the Bureau of Labor Statistics of the Department of Labor. If the Bureau of Labor Statistics (or its successor agency) stops publishing the AHE or substantially changes its content and format, the Parties will substitute another comparable index published at least annually by a mutually agreeable source. “UNME” means Indian Consumer Price Index for Urban Non-Manual Employees as published by Ministry of Statistics and Programme Implementation, Government of India. If the Ministry of Statistics and Programme Implementation (or its successor agency) stops publishing the UNME or substantially changes its content and format, the Parties will substitute another comparable index published at least annually by a mutually agreeable source.

Schedule C (Charges) C - 11 Health Net / Cognizant Confidential

Final Execution Version

8.2 Service Level Credits

Supplier shall credit any Service Level Credits earned in a month against the subsequent month’s Charges.

8.3 Benchmarking

***

9. TERMINATION CHARGES

9.1 Termination Charge

The following are the termination charges referenced in Section 16.1(b) of the Terms and Conditions:

	Contract Years
	CY 1	CY 2	CY 3	CY 4	CY 5
Termination Charge	***	***	***	***	***

9.2 Pro-ration of Termination Charges

The termination charges set forth in Section 9.1 are the applicable amounts with respect to terminations that are effective in the first month of the relevant Contract Year and otherwise such amounts will be prorated according to the following formula:

  ; where

A = the termination charge applicable to the Contract Year in which the termination is effective;

B = the termination charge applicable to the Contract Year after the Contract Year in which the termination is effective; and

C = the number of whole calendar months after the effective date of termination that remain during the Contract Year in which termination is effective.

Schedule C (Charges) C - 12 Health Net / Cognizant Confidential

Exhibits C-1 through C-7

***

Exhibits C-1 through C-7 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE D

KEY SUPPLIER POSITIONS

Schedule D Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE D

KEY SUPPLIER POSITIONS

Key Cognizant Position	Description	Initially Approved Individual	Minimum Time Period of Tenure
Client Partner	The Client Partner manages the overall relationship between Supplier and Health Net. The Client Partner has complete authority and responsibility to deliver all Services provided by Supplier to Health Net.	***	See Note 1 below
Account Manager	The Account Manager shall have primary business operating performance responsibility for the account and shall assure that all delivery commitments and deliverables required under the Agreement are provided to Health Net.	***	See Note 1 below
Program/Transition Manager	The Program/Transition Manager has the overall responsibility for the successful transition of the Transitioned Employees to the Supplier account team while ensuring that Service Levels and Health Net satisfaction are maintained. This position is also responsible for the overall program management of the of the provision of the	See Note 2 below	Completion of Transition with an additional sixty (60) days of recall availability.

Schedule D D - 1 Health Net / Cognizant Confidential

Final Execution Version

	Services.
AO Engagement Manager (Three (3) Positions)	The AO Engagement Managers are owners for a group of applications (currently classified into 3 broad groups) for both Transition and the Steady State Services and shall have the primary responsibility to deliver the Services associated with their respective applications in each wave within the scope of the Agreement.	See Note 2 below	See Note 1 below

Note 1: Individuals occupying these Key Supplier Positions shall not be removed or replaced by Cognizant from such position for the following time periods: (1) For the individual who is initially appointed to such position, for *** months after completion of Transition, (2) for each individual who replaces the initially appointed individual, for ***months after each such individual is appointed to such position, and (3) no more than three (3) individuals occupying the Key Supplier Positions to which this Note 1 applies may be removed or replaced within any *** month period after the initial ***month period.

Note 2: Cognizant shall propose individuals to occupy these Key Supplier Positions for Health Net’s approval within thirty (30) days after the Effective Date, and the approved individuals shall be appointed to fill these Key Supplier Positions within sixty (60) days after the Effective Date.

Note 3: Health Net shall have the right to designate ***additional full time Key Supplier Positions to address Service quality concerns by giving written notice to Supplier.

Schedule D D - 2 Health Net / Cognizant Confidential

SCHEDULE E

TRANSITIONED EMPLOYEES

***

Exhibit E-3 E-3 - 1 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE F

FACILITIES

Schedule F F - 1 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE F

FACILITIES

1. INTRODUCTION

1.1 This Schedule F (Facilities) comprises the following three (3) lists of Facilities:

(a) a list of those Health Net Facilities at which Supplier Personnel will be performing the Services as of the Effective Date, and applicable Supplier space requirements;

(b) a list of Supplier facilities from which Supplier plans to provide the Services as of the Effective Date; and

(c) a list of Approved Subcontractor facilities from which Approved Subcontractors plan to provide the Services as of the Effective Date.

1.2 The Parties agree that the list attached hereto is subject to modification during the Term pursuant to the Change Control Process .

2. HEALTH NET FACILITIES

Site ID	General Facility Name	Facility Address	Supplier Space Requirements
	Off Site/VPN
CA030	Gold Point - Building A Hazel Data Center	12033 Foundation Place Rancho Cordova CA 95670	*** (in any of the 5 Rancho Cordova buildings)
CA134	International Drive	10834 International Drive Suite 200 Rancho Cordova CA 95670
CA258	Gold Point - Building C	11971 Foundation Place Bldg C Rancho Cordova CA 95670

Schedule F F - 2 Health Net / Cognizant Confidential

Final Execution Version

Site ID	General Facility Name	Facility Address	Supplier Space Requirements
CA259	Gold Pointe - Building D	11931 Foundation Place Bldg D Rancho Cordova CA 95670
CA260	LNR - Bldg B	21281 Burbank Blvd. Building B – Floors 1-5 Woodland Hills CA 91367	*** at peak (in any of the LNR B or C buildings) (to be offset by HN RIF)
CA261	LNR - Bldg C	21271 Burbank Blvd. Building C – Floors 2-5 Woodland Hills CA 91367
CA297	White Rock	10540 White Rock Road Rancho Cordova CA 95670
CT003	Shelton-FMC	1 Far Mill Crossing Shelton CT 06484	*** (in any of the 3 Shelton buildings)
CT006	Shelton-KCB	100 Beard Saw Mill Road 2nd - 6th Floors Shelton CT 06484
CT017	Shelton - Research Drive	4 Research Drive 5th floor Shelton CT 06484

3. SUPPLIER FACILITIES

(a) The Supplier shall handle the current scope of work from the following Facilities. The Primary facility would be from where the current scope of Services would be provided, the Secondary facility would be the Disaster Recovery (BCP Backup) facility.

COGNIZANT FACILITY NAME	COGNIZANT FACILITY ADDRESS	Classification
MEPZ	Cognizant Technology Solutions Pvt. Ltd. Plot no A15,16,17[part]B20,C10,C1 &D2 NH 45 ,Tambaram GST Road	Primary

Schedule F F - 3 Health Net / Cognizant Confidential

Final Execution Version

	Chennai -600045 India
GMR	Cognizant Technology Solutions Pvt. Ltd. Varalakshmi Tech Park 5/639, Old Mahabalipuram Road Kandanchavadi Chennai-600096 India	Primary
PKN	Cognizant Technology Solutions Pvt. Ltd. Cee Dee Yes Software Technology Park No 56/3a, 3b, 5a, 5b Pallikaranai village Thoraipakkam Pallvaram 200 Feet Road Chennai – 601302 India	Primary
TCO	Cognizant Technology Solutions Pvt. Ltd. Techno Complex 5/535, Old Mahabalipuram Road Thoraipakkam Okiyam Chennai - 600097 India	Primary
Mountain Mist Campus Cognizant Technology Solutions India Pvt Ltd.,	Mountain Mist Campus, Unit – 1, STPI – IT Park, No.363, KGISL Campus, Thudiyalur Road, Coimbatore – 641035 India	Secondary

(b) The Supplier shall use the below mentioned facilities if and when additional Services call for such usage, subject to receiving Health Net's prior written consent pursuant to Section 5.2 of the Terms and Conditions.

Schedule F F - 4 Health Net / Cognizant Confidential

Final Execution Version

COGNIZANT FACILITY NAME	COGNIZANT FACILITY ADDRESS	Classification
SRI	Cognizant Technology Solutions Pvt. Ltd. Sipcot IT Park Old Mahapalipuram Road Navalur Post, Siruseri Chennai - 603103 India	Additional
DLF	Cognizant Technology Solutions Pvt. Ltd. DLF-Infocity, Block 1-C,2nd-4th Floor 1/124 Sivaji Garden Mount Ponnalalee High Road Chennai - 600 089 India	Additional
WCB	Cognizant Technology Solutions Pvt. Ltd. 1-3 floors ,Whites Road Royapettah Chennai - 600014 India	Additional
ENT	Cognizant Technology Solutions Pvt. Ltd. Elnet Software City, 1st Floor, T.S. 140 Block 2&9 CPT Road, Taramani Chennai - 600113 India	Additional
TDL	Cognizant Technology Solutions Pvt. Ltd. 1, 4, 6, 8 & 12 Floor, Tidel Park, # 4, Canal Bank Road, Taramani, Chennai - 600113 India	Additional
ASV	Cognizant Technology Solutions Pvt. Ltd. ASV Suntech Park Old Mahabalipuram Road	Additional

Schedule F F - 5 Health Net / Cognizant Confidential

Final Execution Version

	Chennai – 600096 India
Mountain View Campus	Cognizant Technology Solutions Pvt. Ltd. Unit I, STPI IT Park Kumaraguru College of Technology Campus Saravanampatti Coimbatore – 641006 India	Additional
C2 Academy	Cognizant Technology Solutions Pvt. Ltd. Texcity Software Parks #14, Puliyakulam Road Coimbatore - 641037 India	Additional
Muthoot Technopolis	Cognizant Technology Solutions Pvt. Ltd. 3rd Floor, Muthoot Technopolis, Plot # 1 CSEZ, Kakkanad Cochin-682037 India	Additional
The Millenia Tower	Cognizant Technology Solutions Pvt. Ltd. The Millenia Tower B Level 8, 9 &10 Murphy Road, Ulsoor Bangalore - 560008 India	Additional
Silver Jubilee Block	Cognizant Technology Solutions Pvt. Ltd. 1/1 to 1/15 Silver Jubilee Block 3rd Cross Mission Road, Behind Unit Building Bangalore – 5600027 India	Additional
Golf View Campus	Cognizant Technology Solutions Pvt. Ltd. No 45, NAL Wind Tunnel Road, Murgesh Palya Bangalore – 5600017 India	Additional

Schedule F F - 6 Health Net / Cognizant Confidential

Final Execution Version

Bagmane Tech Park	Cognizant Technology Solutions Pvt. Ltd. 65/2, Adjacent To LRDE Byrasandra C.V.Ramanagar Post Bangalore – 5600013 India	Additional
Manyata Embassy Business Park	Cognizant Technology Solutions Pvt. Ltd. Outer Ring Road, Rachenahalli Village Nagavaraha, Bangalore -560045 India	Additional
Auriga (VBIT Park)	Cognizant Technology Solutions Pvt. Ltd. The ‘V’ park, Plot No 17, Building ‘H’ Auriga Block 2nd & 3rd Floor Software Units Layout, Madhapur Hyderabad - 500081 Andhra Pradesh India	Additional
Orion (VBIT Park)	Cognizant Technology Solutions Pvt. Ltd. The ‘V’ park Plot No 17, Building ‘J’ Orion Block 3rd Floor Software Units Layout Madhapur Hyderabad - 500081 Andhra Pradesh India	Additional
Capella (VBIT Park)	Cognizant Technology Solutions Pvt. Ltd. The ‘V’ park Plot No 17, Capella Block 6th Floor Software Units Layout Madhapur Hyderabad - 500081	Additional

Schedule F F - 7 Health Net / Cognizant Confidential

Final Execution Version

	Andhra Pradesh India
Pioneer Towers	Cognizant Technology Solutions Pvt. Ltd. Pioneer Towers Plot No 16, 1st - 4th Floors Software Units Layout Madhapur Hyderabad - 500081 Andhra Pradesh India	Additional
E Park	Cognizant Technology Solutions Pvt. Ltd. E-Park 9th & 10th Floors Plot No - 1 Jubilee Gardens Cyberabad Kondapur Hyderabad - 500081 Andhra Pradesh India	Additional
DLF	Cognizant Technology Solutions Pvt. Ltd. 14th Flor , DLF Building No .8 Tower C, DLF Cyber City ,Phase III Gurgaon Haryana -122 002 India	Additional
Signature towers	Cognizant Technology Solutions Pvt. Ltd. Signature Tower, 15th Floor ,Tower B South City – I Gurgaon	Additional

Schedule F F - 8 Health Net / Cognizant Confidential

Final Execution Version

	Haryana – 122 001 India
H1	Cognizant Technology Solutions Pvt. Ltd. Plot No. 26, Rajiv Gandhi Infotech Park MIDC, Hinjewadi, Pune-411057 Maharashtra India	Additional
H2	Cognizant Technology Solutions Pvt. Ltd. Plot No. 27 & 28, Rajiv Gandhi Infotech Park, MIDC, Hinjewadi, Pune-411057 Maharashtra India	Additional
ICC	Cognizant Technology Solutions Pvt. Ltd. ICC Trade Tower, Floor 7 & 8 City Survey No. 985 F.B.No. 403/A/2, Senapati Bapat Rd Pune -410016 Maharashtra India	Additional
SAI	Cognizant Technology Solutions Pvt. Ltd. P-1/1, Rajiv Gandhi Infotech Park MIDC, Hinjewadi Pune-411057 Maharashtra India	Additional
ISH Phase I Phase II	Cognizant Technology Solutions Pvt. Ltd. P-1/4, Rajiv Gandhi Infotech Park, A Wing MIDC, Hinjewadi, Pune-411057 Maharashtra India	Additional

Schedule F F - 9 Health Net / Cognizant Confidential

Final Execution Version

DLF	Cognizant Technology Solutions Pvt. Ltd. Block No. 2, Plot No. 28 DLF Akruti Info Parks (Pune) Limited Rajiv Gandhi Infotech Park MIDC, Phase-II, Hinjewadi Pune-411057 India	Additional
ICC TECH PARK	Cognizant Technology Solutions Pvt. Ltd. ICC Tech Park Tower B, Survey No 985, Senapati Bapat Road Pune - 411016 India	Additional
Fairmont	Cognizant Technology Solutions Pvt. Ltd. 401, 4th Floor, Fairmont Hiranandani Business Park Powai Mumbai – 400076 India	Additional
Winchester	Cognizant Technology Solutions Pvt. Ltd. 301, 3rd Floor, Winchester Hiranandani Business Park Powai Mumbai – 400076 India	Additional
Kensington	Cognizant Technology Solutions Pvt. Ltd. 12th and 13th Floor, Kensington Hiranandani Business Park Powai Mumbai – 400076 India	Additional
Techno complex	Cognizant Technology Solutions Pvt. Ltd. GN 34/3 (Ground to 6th floor), Sector V	Additional

Schedule F F - 10 Health Net / Cognizant Confidential

Final Execution Version

	Salt Lake Electronics Complex Kolkata-700091 India
Techno polis	Cognizant Technology Solutions Pvt. Ltd. BP-4 (7th to 11th floor), Sector V Salt Lake Electronics Complex Kolkata-700091 India	Additional
CIC	Cognizant Technology Solutions Pvt. Ltd. Block EP, Plot Y/1, CALINCAST Building (1st to 4th floor) Sector V, Salt Lake Electronics Complex Kolkata-700091 India	Additional
Techno India	Cognizant Technology Solutions Pvt. Ltd. EM 4/1 (4th floor), Sector V Salt Lake Electronics Complex Kolkata-700091 India	Additional
BIPL(Omega Building)	Cognizant Technology Solutions Pvt. Ltd. A2,M2,N2, Block EP&GP, Omega Building (6th to 9th floor) Sector V, Salt Lake Electronics Complex Kolkata-700091 India	Additional
Vishnu	Cognizant Technology Solutions Pvt. Ltd. Plot J4,Block EP & GP (Ground to 5th floor), Sector V Salt Lake Electronics Complex Kolkata-700091 India	Additional
Pekon	Cognizant Technology Solutions Pvt. Ltd. Plot J9,Block EP & GP (Ground to 2nd floor), Sector V Salt Lake Electronics Complex Kolkata-700091	Additional

Schedule F F - 11 Health Net / Cognizant Confidential

Final Execution Version

India

4. APPROVED SUBCONTRACTOR FACILITIES

SUBCONTRACTOR ENTITY	SUBCONTRACTOR facility address
INTENTIONALLY BLANK

Schedule F F - 12 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE G

GOVERNANCE

Schedule G Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE G

GOVERNANCE

1 INTRODUCTION

This Schedule G (Governance) sets forth an integrated set of business office processes, plans and tools (“Contract Governance”). The purpose of this Contract Governance is to monitor and control all aspects of the Services in order to promote smooth operation of the Services in accordance with the Agreement. This Schedule G describes the Contract Governance plan, Health Net’s and Supplier’s roles and responsibilities, the relationship management structure, and the decision making processes related to the Services. Conflicts between this Schedule G and the Terms and Conditions or other Schedules or Exhibits will be governed by the Terms and Conditions or other Schedules or Exhibits.

2 CONTRACT GOVERNANCE PLAN

2.1 Development of the Governance Plan

Health Net and Supplier will jointly develop, approve and implement the Contract Governance plan within one hundred twenty (120) days following the Effective Date. Such plan will:

(a) Specify the formal organizations, processes, and practices for managing Health Net’s and Supplier’s relationship under the Agreement;

(b) Establish organizational interfaces for management and operation of the Agreement including:

(i) the governance organization charts for Health Net and Supplier for inclusion in the Procedures Manual;

(ii) framework for reports and meetings calendars; and

(iii) operational authority and delegation.

(c) Provide a high level overview of the business office governance processes requiring Health Net’s involvement and identify the process interfaces;

(d) Establish a strategy for communicating and planning for major organization changes (i.e., people, processes, functions); and

(e) Enhance and facilitate effective operating protocols and resolution of certain disputes in accordance with Section 26 of the Terms and Conditions.

2.2 Contents of the Contract Governance Plan

(a) The Contract Governance plan initially consists of the following components to be supplemented and refined pursuant to Section 2.1 above: A roles and authorities matrix to identify Health Net and Supplier individual roles and authorization levels required to operate Contract Governance for inclusion in the Procedures Manual;

Schedule G G - 1 Health Net / Cognizant Confidential

Final Execution Version

(b) A meetings plan reflecting the schedule, and attendees, and subject matter for meetings between Health Net and Supplier and supports the management of such meetings, which meeting plan shall include:

(i) a weekly operations meeting to discuss daily performance, issues and planned or anticipated activities and Changes;

(ii) a monthly contract performance review of the monthly reports, Services utilization, charges, contract performance, Changes, Deliverables, Projects and other matters as appropriate;

(iii) a quarterly Joint Management Committee meeting to review appropriate contractual, business, planning, improvements or performance issues;

(iv) a daily operations meeting to discuss Priority 1 and other escalated issues;

(v) a semi-annual Joint Steering Committee meeting to discuss the evolving business agenda, review contract strategy and goals and assess performance against such goals; and

(vi) other meetings as set out in the Agreement or mutually agreed by the Parties.

(c) Unless otherwise agreed by the Parties, Supplier will publish an agenda for each meeting.

2.3 Business Office Governance Processes

Unless otherwise set forth in the Agreement, the following is an initial proposed series of business office governance processes for managing the Services. Supplier and Health Net shall meet and agree upon actual process within thirty (30) days after the Effective Date. These processes, set forth below and further defined in the Contract Governance plan, in addition to any additional processes included in the Contract Governance plan, apply to all the Services and will be implemented, as described in the Agreement:

(a) Change Control Process governance process to receive, log, assess and track proposed and agreed upon contract Changes;

(b) Deliverables governance process to identify Deliverables and track such Deliverables to completion;

(c) Customer satisfaction governance plan to assess Health Net’s priorities, set realistic expectations, measure Health Net’s satisfaction with the Services and to use such feedback to improve Health Net’s satisfaction with the Services;

(d) Formal correspondence governance process to establish and implement an agreed upon protocol for Health Net and Supplier formal communications;

(e) Program issues governance process to receive, qualify and manage issues that require the intervention of the Health Net Program Manager and/or Supplier PE or their respective management teams to facilitate resolution;

Schedule G G - 2 Health Net / Cognizant Confidential

Final Execution Version

(f) Capacity and resource planning governance process through which the Parties will jointly monitor and review the capacity of the Supplier Personnel to allow Health Net to prioritize and schedule the execution of Minor Enhancements and AD Projects (the “Joint Capacity Planning Process”);

(g) Request governance process for the submission, qualification and analysis of service requests (excluding the day-to-day operational service requests), development and delivery of proposals, as needed, for such services and logging and tracking to closure; and

(h) Service Level governance process to review, monitor and manage issues related to the Service Levels.

2.4 Responsibilities

(a) Supplier will:

(i) assign an individual to be the single point of contact to Health Net for the Contract Governance plan development and maintenance;

(ii) identify the Supplier attendees for the meetings reflected in the meetings plan and any updates as they occur;

(iii) draft the initial Contract Governance plan and provide to Health Net within ninety (90) days after the Effective Date;

(iv) review Health Net feedback and revise the draft Contract Governance plan and submit to Health Net for Health Net review and approval;

(v) identify process inhibitors, and propose process improvements to Health Net, as required;

(vi) jointly review the Contract Governance plan on an annual basis or more frequently as may be agreed by the Parties, and update / maintain the Contract Governance plan accordingly; and

(vii) provide appropriate Supplier employees access to the Contract Governance plan, as needed.

(b) Health Net will:

(i) assign an individual to be the single point of contact to Supplier for the Contract Governance plan development and maintenance;

(ii) provide, update and maintain the Health Net organization charts;

(iii) provide a list of Health Net attendees for the meetings reflected in the meetings plan and any updates as they occur;

Schedule G G - 3 Health Net / Cognizant Confidential

Final Execution Version

(iv) review and provide to Supplier, in writing, Health Net’s comments, questions and proposed changes to the draft plan within thirty (30) days following Health Net’s acknowledged receipt of the draft Contract Governance plan;

(v) acknowledge Health Net’s receipt and approval of the final version of the Contract Governance plan;

(vi) identify process inhibitors and propose process improvements to Supplier, as appropriate;

(vii) jointly review / update the Contract Governance plan on an annual basis or more frequently as may be agreed by the Parties; and

(viii) provide the Contract Governance plan to appropriate Health Net employees, as appropriate.

2.5 Relationship Management Structure

Within thirty (30) days after the Effective Date, Health Net and Supplier will identify the titles of the initial members of the committees set forth below and will agree upon a process for replacement of the committee members during the Term.

(a) Joint Steering Committee.

(i) Health Net and Supplier will jointly create a committee consisting of three management employees from Health Net and its Affiliates and three management employees from Supplier and its Affiliates who will focus on Health Net’s and Supplier’s long-term strategic plans as they relate to the Services (“Joint Steering Committee”).

(ii) The Joint Steering Committee will:

(A) meet at least semi-annually to discuss the evolving business agenda of Health Net and Supplier as it relates to the Services;

(B) facilitate the goals of the Agreement;

(C) review performance against goals and revise such goals, as appropriate;

(D) approve and/or propose Changes to the Agreement, as appropriate;

(E) identify major Health Net organization changes (i.e., people, processes, functions) or proposed changes affecting the Agreement;

(F) review industry / business trends and the impact of technology on the Services;

Schedule G G - 4 Health Net / Cognizant Confidential

Final Execution Version

(G) evaluate Supplier industry initiatives for potential applicability to the Services;

(H) review operating and strategic plans prepared by the Health Net Program Manager and/or the Supplier PE;

(I) Review and validate the agenda and scope of the Annual Account Planning meetings.

(J) upon Health Net's or Supplier’s request, assist in resolving issues arising under this Agreement; and

(K) participate in the dispute resolution process set forth in Section 26 of the Terms and Conditions, as necessary.

(b) Joint Management Committee.

(i) Health Net and Supplier will jointly create a committee consisting of three management employees from Health Net and its Affiliates and three management employees from Supplier and its Affiliates who will focus on management of the Health Net and Supplier relationship and delivery of the Services (“Joint Management Committee”).

(ii) The Joint Management Committee will:

(A) meet at least quarterly to promote effective relationship management and to validate progress under this Agreement;

(B) develop and implement plans to meet the goals of this Agreement;

(C) review performance against the established Service Levels and address contractual or management problems and issues, as appropriate;

(D) assess the quality of Health Net’s and Supplier’s working relationship and develop / implement action plans to strengthen such relationship, as appropriate;

(E) identify and address issues affecting performance of the Services;

(F) identify and manage impending change; and

(G) when appropriate, propose changes to the Joint Steering Committee regarding the Health Net and Supplier relationship, and/or the Agreement.

(c) Joint Operations Committee.

Schedule G G - 5 Health Net / Cognizant Confidential

Final Execution Version

(i) Within thirty (30) days after the Effective Date, Health Net and Supplier will jointly create one or more committees comprised of employees of Health Net and its Affiliates and employees of Supplier and its Affiliates (“Joint Operations Committee”) who will focus on the day-to-day operations and delivery of the Services.

(ii) Each Joint Operations Committee shall:

(A) meet at least monthly to review operational performance status and plans;

(B) conduct contract performance review meetings;

(C) review operational trends and analysis and take corrective action, as required;

(D) identify and address potential operational issues;

(E) identify and manage operational change; and

(F) make recommendations, as appropriate, to the Joint Management Committee.

2.6 Risk Management

Supplier shall follow a comprehensive risk management methodology as mutually agreed by the Parties.

2.7 Health Net ITG Office

(a) Subject to Section 2.8 below, if there are issues relating to:

(i) Managed Third Parties or Development Related Managed Third Parties that impact performance of the Services or meeting Service Levels; or

(ii) Any obligations of the Parties under this Schedule G required to be completed prior to the execution of the Governance Plan.

(b) The Parties shall utilize Health Net's ITG Project Delivery/Project management office to facilitate resolution of such issues.

2.8 Dispute Resolution and Escalation Procedure

If Health Net and Supplier have a dispute regarding the Services, Health Net and Supplier will follow the dispute resolution process described in Section 26 of the Terms and Conditions of the Agreement.

Schedule G G - 6 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE H

SUPPLIER INSURANCE

Schedule H Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE H

SUPPLIER INSURANCE

1. INTRODUCTION

With reference to Section 22 (INSURANCE) of the Terms and Conditions of the Agreement, this Schedule H sets forth the requirements for insurance to be maintained by Supplier and its Subcontractors in connection with the Agreement.

2. Types and amounts of coverage

Supplier represents that as of the Effective Date it will have, and agrees that during the Term it will maintain in force, at least the following types and amounts of insurance:

(a) Employer’s Liability Insurance and Worker’s Compensation Insurance, including coverage for occupational injury, illness and disease, and other similar social insurance in accordance with the laws of the country, state or territory exercising jurisdiction over the employee with minimum limits per employee and per event of $1,000,000 or the minimum limit required by law, whichever limit is greater.

(b) Comprehensive General Liability Insurance, including Products, Completed Operations, Premises Operations, Bodily Injury, Personal and Advertising Injury, Broad Form Contractual and Broad Form Property Damage liability coverages, on an occurrence basis, with a minimum combined single limit per occurrence of $1,000,000 and a minimum combined single aggregate limit of $2,000,000. This coverage will be endorsed to name Health Net and its Affiliates as additional insureds.

(c) Automotive Liability Insurance covering use of all owned, non-owned and hired automobiles for bodily injury, property damage liability with a minimum combined single limit per accident of $1,000,000 or the minimum limit required by law, whichever limit is greater. This coverage will be endorsed to name Health Net and its Affiliates as additional insureds.

(d) Professional Liability Insurance / Errors and Omissions Insurance covering liability of up to $1,000,000 per claim or $3,000,000 in the aggregate. This coverage shall be maintained for a minimum of two (2) years following termination or completion of Supplier’s work pursuant to the Agreement.

3. Terms of coverage

(a) The insurance coverages described above will be primary, and all coverage will be non-contributing with respect to any other insurance or self insurance that may be maintained by Health Net. Supplier will be responsible for all deductibles and retentions with regard to such insurance. All coverage described above will include a waiver of subrogation and a waiver of any insured-versus-insured exclusion regarding Health Net and its Affiliates. Indemnification by Supplier shall not be limited or reduced by any insurance coverage limitations. Supplier agrees that it shall work solely at Supplier’s risk. To the extent any coverage is written on a claims-made basis, it will have a retroactive date no earlier than the Effective Date and, notwithstanding the termination of the Agreement, either directly or through ‘tail’ coverage will allow for reporting of claims until the applicable limitation of actions period has expired.

Schedule H H - 2 Health Net / Cognizant Confidential

Final Execution Version

(b) Supplier will cause its insurers to issue certificates of insurance evidencing that the coverages and policy endorsements required under this Agreement are maintained in force and that not less than thirty (30) days written notice will be given to Health Net and submitted to the Health Net Strategic Sourcing representative prior to any cancellation of the policies. Health Net shall be endorsed as an additional insured on all policies (excluding Workers’ Compensation) and evidenced on the certificate of insurance. The insurers selected by Supplier will have an A.M. Best rating of A-, Size VIII or better, or, if such ratings are no longer available, with a comparable rating from a recognized insurance rating agency. Supplier will endeavor to ensure that all Approved Subcontractors, if any, maintain insurance coverages described above naming Supplier as an additional insured or loss payee where relevant.

(c) In the case of loss or damage or other event that requires notice or other action under the terms of any insurance coverage described above, Supplier will be solely responsible for taking such action. Supplier will provide Health Net with contemporaneous notice and with such other information as Health Net may request regarding the event.

(d) The Parties do not intend to shift all risk of loss to insurance. Supplier’s obligation to maintain insurance coverage in specified amounts will not act as a limitation on any other liability or obligation which Supplier would otherwise have under the Agreement. Similarly, the naming of Health Net and its Affiliates as additional insureds is not intended to be a limitation of Supplier’s liability under the Agreement and will in no event be deemed to, or serve to, limit Supplier’s liability to Health Net to available insurance coverage or to the policy limits specified in this Schedule H, nor to limit Health Net’s rights to exercise any and all remedies available to Health Net under the Agreement, at law or in equity.

Schedule H H - 3 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE I

THIRD PARTY CONTRACTS

Schedule I Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE I

THIRD PARTY CONTRACTS

The Health Net Third Party Service Contracts consist of the following:

A. The maintenance and other related contracts for the In-Scope Applications.

B. The maintenance and other related contracts for the Associated Tools and Software.

C. The maintenance and other related contracts for the Health Net Licensed Service Delivery Software.

Schedule I I - 1 Health Net / Cognizant Confidential

SCHEDULE J

SOFTWARE

Exhibit J-4 J-4 - 0 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE K

BUSINESS ASSOCIATE ADDENDUM

Schedule K Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE K

BUSINESS ASSOCIATE ADDENDUM

This Business Associate Addendum (“Addendum”) is entered into by and between Health Net, Inc., and/or one or more of its affiliates (“Health Net”) and Cognizant Technology Solutions U.S. Corporation (“Business Associate”).

A. Health Net and Business Associate are parties to or are entering into, that certain Master Services Agreement dated September 30, 2008 (the “Current Contract”) pursuant to which Business Associate provides a service to, or performs a function on behalf of, Health Net and, in connection therewith, uses or discloses Protected Health Information including Electronic Protected Information (“EPHI”) (collectively (“PHI”) , that is subject to protection under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and certain privacy and security regulations found at 45 CFR Parts 160 through 164 (“HIPAA Regulations”);

B. Any entity which creates or receives PHI from or on behalf of Health Net is a business associate, as defined in the HIPAA Regulations;

C. Pursuant to the HIPAA Regulations, all business associates of Health Net must agree in writing to certain mandatory provisions regarding the safeguarding, use and disclosure of PHI; and

D. The purpose of this Addendum is to satisfy the requirements of the HIPAA Regulations, including, but not limited to, business associate contract requirements set forth at 45 C.F.R. § 164.308(b)(1) and § 164.314(a) and § 164.504(e), as they may be amended from time to time.

NOW, THEREFORE, in consideration of the mutual promises and covenants contained herein, the parties agree as follows:

1. Definitions. Unless otherwise provided in this Addendum, capitalized terms have the same meaning as set forth in the HIPAA Regulations.

2. Scope of Safeguards, Use and Disclosure of Protected Health Information. Except as otherwise limited in this Business Associate Addendum, Business Associate shall safeguard, use and disclose PHI solely to provide the services, or perform the functions, described in the Current Contract, provided that such use or disclosure would not violate the HIPAA Regulations if so used or disclosed by Health Net. Business Associate, to the full extent applicable, shall ensure that its directors, officers, employees, contractors and agents shall:

(A) Not use or further disclose PHI other than as permitted or required by this Business Associate Addendum or as Required By Law;

(B) Implement all appropriate and reasonable administrative, physical and technical safeguards to protect the confidentiality and integrity of the PHI that it creates, receives, maintains or transmits and to prevent use or disclosure of PHI other than as provided by this Business Associate Addendum;

(C) Mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a safeguard, use or disclosure of PHI by Business Associate in violation of the requirements of this Business Associate Addendum;

Schedule K K - 2 Health Net / Cognizant Confidential

Final Execution Version

(D) Report promptly to Health Net’s designated Privacy Officer any use or disclosure of PHI not provided for by this Business Associate Addendum of which Business Associate becomes aware;

(E) Require contractors or agents to whom Business Associate provides PHI received from, or created or received by Business Associate on behalf of, Health Net, to agree to the same safeguards, restrictions and conditions that apply to Business Associate with respect to such PHI under this Business Associate Addendum;

(F) Provide to Health Net or, as directed by Health Net, to an Individual, in the time and manner designated by Health Net, any information necessary to allow Health Net to respond timely to a request by an Individual for a copy of the Individual’s PHI pursuant to 45 C.F.R. § 164.524.

(G) Maintain for a period of six (6) years all Designated Record Sets relating to PHI received from, or created or received by Business Associate on behalf of, Health Net.

(H) Maintain for a period of six (6) years records of all disclosures of PHI, other than for the purpose(s) set forth in this Business Associate Addendum, including the date, name of recipient, description of PHI disclosed and purpose of disclosure.

(I) Provide to Health Net or, as directed by Health Net, to an Individual, in the time and manner designated by Health Net, any necessary information collected in accordance with Section 2(H) of this Business Associate Addendum in order to allow Health Net to respond timely to a request by an Individual for an accounting of the disclosures of the Individual’s PHI pursuant to 45 C.F.R. § 164.528.

(J) Make any amendments to PHI that Health Net directs or agrees to pursuant to 45 C.F.R. § 164.526 at the request of Health Net or an Individual in the time and manner designated by Health Net;

(K) Make reasonable efforts to implement any restriction of the use or disclosure of PHI that Health Net has agreed to as described under Section 3.C of this Business Associate Addendum.

(L) As required by 45 CFR Part 164, Subpart C with respect to EPHI, implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the EPHI that Business Associate creates, receives, maintains, or transmits on behalf of Health Net.

(M) As required by 45 CFR Part 164, Subpart C with respect to EPHI, ensure that any agent, including a subcontractor, to whom Business Associate provides EPHI, agrees to implement reasonable and appropriate safeguards to protect the EPHI.

(N) As required by 45 CFR Part 164, Subpart C with respect to EPHI, report to Health Net any Security Incident of which Business Associate becomes aware.

(O) Make Business Associate’s internal practices, books, and records relating to the safeguards, use and disclosure of PHI received from, or created or received by Business Associate on behalf of, Health Net available to Health Net or, at the request of Health Net, to the Department of Health and Human Services (“DHHS”), in a time and manner

Schedule K K - 3 Health Net / Cognizant Confidential

Final Execution Version

designated by Health Net or DHHS, for purposes of determining Health Net’s compliance with the HIPAA Regulations; provided that, in all events, Business Associate shall immediately notify Health Net upon receipt by Business Associate of any request received from DHHS relating to Health Net’s compliance with the HIPAA Regulations and shall provide Health Net with copies of any materials provided to DHHS;

(P) Business Associate agrees that with respect to any and all PHI received from Health Net or created or received by Business Associate on behalf of Health Net that Business Associate maintains, or which is maintained by any contractor or agent of Business Associate, in any form (collectively for this Section referred to as "Health Net PHI") and is no longer needed to perform services under the Current Contract, or, at any time upon Health Net’s request and upon termination of the Current Agreement(s), Business Associate will return or destroy all Health Net PHI, and shall retain no copies of such Health Net PHI; provided that if such return or destruction is not feasible, in Health Net's reasonable discretion, Business Associate shall extend the protections of this Business Associate Addendum to the Health Net PHI and limit further uses and disclosures to those purposes that make the return or destruction of the Health Net PHI infeasible. A senior officer of Business Associate shall certify in writing to Health Net, within five (5) days after termination, that all PHI has been returned or destroyed as provided above and that Business Associate retains no copies of PHI in any form; and

(Q) Allow Health Net, upon reasonable notice and subject to any other audit terms and restrictions set forth in the Current Contract, to inspect Business Associate’s procedures and practices with respect to compliance with the terms of this Business Associate Addendum; provided, however, that Health Net has no duty to inspect and its decision not to inspect does not relieve Business Associate of its compliance responsibility.

3. Obligations of Health Net. To assist Business Associate in the proper use and disclosure of PHI, Health Net shall:

(A) Provide Business Associate with the notice of privacy practices that Health Net produces in accordance with 45 C.F.R. § 164.520, as well as any changes to such notice;

(B) Provide Business Associate with any changes in, or revocation of, permission by an Individual to use or disclose PHI, if such changes affect Business Associate’s permitted or required uses and disclosures;

(C) Notify Business Associate of any restriction on the use or disclosure of PHI that Health Net has agreed to in accordance with 45 C.F.R. § 164.522; and

(D) Not request Business Associate to use or disclose PHI in any manner that would not be permissible under the HIPAA Regulations if the PHI were to be so used or disclosed by Health Net.

4. Standard Transactions. To the extent Business Associate conducts Standard Transaction(s) on behalf of Health Net, Business Associate shall, without limitation, comply with the HIPAA Regulations, “Administrative Requirements for Transactions,” 45 C.F.R. § 162.100 et seq., and shall not: (a) Change the definition, data condition or use of a data element or segment in a standard; (b) Add any data elements or segments to the maximum defined data set; (c) Use any code or data elements that are either marked “not used” in the standard’s implementation

Schedule K K - 4 Health Net / Cognizant Confidential

Final Execution Version

specification or are not in the standard’s implementation specification(s); or (d) Change the meaning or intent of the standard’s implementation specifications.

5. Termination for Breach. Health Net shall have the right to terminate the Current Contract upon written notice if Health Net determines that Business Associate has breached a material term of the provisions of this Business Associate Addendum; provided that Health Net’s remedies under this Business Associate Addendum and the section(s) of the Current Contract related to termination, if any, shall be cumulative.

6. Survival of Terms. The obligations of Business Associate under Sections 2(F), 2(G), 2(H), 2(I) and 2(P) of this Business Associate Addendum shall survive the termination or expiration of the Current Contract.

7. Injunctive Relief. Business Associate agrees that the remedies at law for any breach by it of the terms of this Business Associate Addendum shall be inadequate and that monetary damages resulting from such breach are not readily measured. Accordingly, in the event of a breach or threatened breach by Business Associate of the terms of this Business Associate Addendum, Health Net shall be entitled to immediate injunctive relief. Nothing herein shall prohibit Health Net from pursuing any other remedies available to it for such breach, and Health Net's rights under this Business Associate Addendum and the sections of the Current Contract related to injunctive relief, if any, shall be cumulative.

8. Amendment of Addendum. In the event of a material change in the HIPAA Regulations or state law affecting safeguards or the use or disclosure of PHI, or amendments for new or changed Standard Transactions or Identifiers, Health Net may amend this Business Associate Addendum and the Current Contract as necessary to comply with the change in the law or regulation and such amendment shall become effective sixty (60) days after receipt by Business Associate. Health Net’s rights under this Addendum and the section(s) of the Current Contract related to amendments, if any, shall be cumulative.

9. Notice of Investigation or Lawsuit and Indemnification. Business Associate shall notify Health Net immediately upon receipt of notice of an investigation or of a lawsuit filed against Business Associate related to or arising from the use or disclosure of PHI by Business Associate pursuant to this Business Associate Addendum. ***

10. Confidentiality. Notwithstanding the foregoing, PHI shall not be included within the definition of “confidential information” in the section(s) of the Current Contract related to protection of confidential information, if any, as Business Associate’s obligations with respect to PHI are set forth in this Business Associate Addendum.

11. State Law Requirements. To the extent that state law is more stringent than the HIPAA Regulations, any safeguard, use or disclosure of PHI by Business Associate shall be made in accordance with state law.

12. Interpretation. Any ambiguity in this Business Associate Addendum shall be resolved in favor of a meaning that permits Health Net to comply with the HIPAA Regulations.

13. Effective Date. This Business Associate Addendum shall be effective on the effective date of the Current Contract.

* * * * *

Schedule K K - 5 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE L

DISENGAGEMENT ASSISTANCE

Schedule L Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE L

DISENGAGEMENT ASSISTANCE

Disengagement Assistance shall include the assistance described in this Schedule L and as described in Section 16.5 of the Terms and Conditions of the Agreement.

1 GENERAL

Supplier’s general responsibilities with respect to Disengagement Assistance shall include the following:

(a) Supplier shall provide to applicable personnel of Health Net and its successor provider training in the performance of the Services that are to be transferred, including training in the use as permitted under the Agreement of Supplier Software.

(b) Supplier shall provide Health Net and its successor provider with information regarding the Services to support Health Net or its successor provider in assuming responsibility for, and continuing the performance of, the Services in an orderly manner. Such information shall include identifying key support contacts (names and telephone numbers) of Supplier Personnel and third party providers.

(c) Disengagement Plan.

(i) Disengagement Assistance will be provided pursuant to a mutually agreed plan, which will include a plan and schedule for (i) migrating performance of the affected Services to Health Net and/or a third party service provider designated by Health Net (or winding down the affected Services, as applicable), (ii) to the extent requested by Health Net, the transfer of the Transitioned Employees as described in Section 16.5(a)(i) of the Terms and Conditions, (iii) the staff roll-off schedule for the Supplier Personnel performing the affected Services; and (iv) other information as set forth in this Schedule L (the “Disengagement Plan”). The Disengagement Plan will include Supplier’s plan for providing, to Health Net and/or its designee, reasonable training in the performance of the affected Services.

(ii) The Parties will develop the Disengagement Plan as described below promptly upon written request from Health Net to commence development of such Disengagement Plan.

(iii) The Disengagement Plan will focus on Supplier’s performance of the Disengagement Assistance Services described in this Schedule L and is intended to be a component of Health Net’s (and if applicable its designee’s) master plan for transferring responsibility for the Services to Health Net (or its designee). Supplier will prepare the proposed Disengagement Plan for Health Net’s review, comment and mutual agreement. Supplier shall provide other information regarding the affected Services or Supplier’s performance of Disengagement Assistance with respect to the affected Services that may be reasonably requested by Health Net in connection with Health Net’s review and comment on the Disengagement Plan. Supplier shall identify to Health Net (i) known risks associated with any Health Net proposed changes to the Disengagement Plan (including any potential disruption in the affected Services) and suggested means

Schedule L L - 1 Health Net / Cognizant Confidential

Final Execution Version

by which such risks may be mitigated, and (ii) operational constraints that may conflict with Health Net’s proposed changes to the Disengagement Plan.

(iv) Once the Disengagement Plan has been agreed upon, both Parties will comply with it, subject to Health Net’s right to extend the Disengagement Assistance Period as provided in this Agreement.

2 PRE-TRANSFER OBLIGATIONS

Supplier’s pre-transfer responsibilities with respect to Disengagement Assistance shall include the following:

(a) Reviewing the test and production Software libraries with Health Net’s or its successor provider’s operations staff.

(b) Assisting Health Net or its successor provider in the analysis of the space required for Software libraries.

(c) Providing the Source Code, object code, and related Documentation (including for In Scope Applications, Software, and Associated Tools and Software) in Supplier’s possession for Health Net Software and Work Product and, subject to Health Net’s and Supplier’s rights and obligations with respect to Supplier Software or Supplier third party software, providing such code and Documentation for any other Supplier Software or supplier third party software which Health Net is licensed or otherwise authorized to use subject to Section 12 and Section 15 of the Terms and Conditions.

(d) Assisting Health Net or its successor provider in transferring and/or establishing naming conventions, including, as requested by Health Net, providing Documentation regarding the naming conventions used by Supplier in providing the Services.

(e) Providing and coordinating assistance to Health Net or its successor provider in notifying relevant Suppliers of the procedures to be followed during the transfer.

(f) Providing all other Documentation related to the Services.

(g) Providing to Health Net:

(i) A list of Transitioned Employees in accordance with Section 6.1 of Schedule E; and

(ii) The following additional information relating to Supplier Personnel:

• The approximate number of current Supplier Personnel that are not Key Supplier Personnel, the estimated number of full-time equivalents represented by such group, and the number of heritage Health Net employees within such group; and

• A current account organizational chart that identifies all key subject matter experts and higher level Supplier Personnel, and summarizes their organizational relationship among one another, including the Key Supplier Personnel (e.g., solid-line versus dotted-line reporting from one person to another), and which specifically distinguishes the Key Supplier Personnel

Schedule L L - 2 Health Net / Cognizant Confidential

Final Execution Version

from other Supplier Personnel. For the Key Supplier Personnel, such chart shall include roles, responsibilities, and authority of such personnel.

(h) Allowing Health Net or its designee to undertake *** in accordance with Section 16.5(a)(i) of the Terms and Conditions.

(i) Providing to Health Net or its successor provider reasonable access to onshore key subject matter expert Supplier Personnel performing (or who were performing) the Services and to a Supplier representative familiar with the provision of the relevant Services, in order that these personnel may answer Health Net or its successor provider’s questions.

(j) Providing to Health Net or its successor provider copies of Documentation, including the Procedures Manual, that is used by Supplier in performing the Services (but excluding, in the case of a successor provider, documentation identified to Health Net in advance as proprietary to Supplier).

(k) Reviewing and explaining the Procedures Manual to Health Net’s or its successor provider’s operations staff (but excluding, in the case of a successor provider, Documentation identified to Health Net in advance as proprietary to Supplier).

(l) Providing for the orderly hand-off of ongoing projects as requested by Health Net.

(m) Providing to Health Net or its successor provider the end user profiles from the Help Desk and the requested problem management records, as these exist as of the effective date of the termination or expiration.

(n) Providing to Health Net or its successor provider the plans and status of current and pending projects.

(o) Cooperating with Health Net or its successor provider in the preparation for and conduct of migration testing.

(p) In conjunction with Health Net, conducting rehearsal(s) of the transfer prior to cutover at times reasonably designated by Health Net.

(q) Providing an inventory of the documentation and media stored off-site.

(r) Providing an inventory of telephone numbers being used by Supplier in conjunction with performing the Services.

(s) Explaining Supplier’s plan for transition of the Services to Health Net or its successor provider, and modifying the plan to incorporate reasonable suggestions by Health Net or its successor provider.

(t) Explaining the extent and nature of the impact of legal and regulatory requirements compliance, if any, on the Services.

(u) Providing in-depth review of Documentation.

(v) Completing current Minor Enhancement and AD Project milestones, as directed by Health Net.

Schedule L L - 3 Health Net / Cognizant Confidential

Final Execution Version

(w) Training on all Applications, including functionality, program code, data model and data base structure, access methods, and all development related processes.

(x) Assist in the transfer and implementation of tools into a Health Net specified environment.

(y) Reviewing all Application Software with Health Net or its successor provider.

3 TRANSFER OBLIGATIONS

Supplier’s transfer responsibilities with respect to Disengagement Assistance shall include the following:

(a) Reasonably cooperating with Health Net or its successor provider in the implementation of the successor provider’s plan for transition of the Services.

(b) In conjunction with Health Net or its successor provider, conducting the cutover of the Services and supporting Health Net’s or its successor provider’s commencement of the operations.

(c) Unloading requested Health Net Data from the systems used to provide the Services if there are any; returning to Health Net or providing to its successor provider Health Net Data.

(d) Delivering Health Net requested data files associated with the Services, including content listings and printouts of control file information to Health Net or its successor provider.

(e) Providing reasonable assistance to Health Net or its successor provider in loading the data files.

(f) Providing assistance to Health Net or its successor provider with the turnover of operational responsibility, including providing assistance and cooperation in the execution of parallel operation testing.

(g) Porting telephone numbers to Health Net or its successor provider.

(h) Maintaining the capability to cut back to Supplier in case of a service failure or service problem within sixty (60) days following the transition of Services to Health Net or its successor provider.

4 POST-TRANSFER SERVICES

Supplier’s post-transfer responsibilities with respect to Disengagement Assistance shall include the following:

(a) Providing additional assistance as reasonably requested by Health Net to assure continuity of operations.

(b) Returning to Health Net remaining property of Health Net in Supplier’s possession, including remaining reports, data and other Health Net Data (alternatively, as required by Health Net, Supplier shall destroy such property).

Schedule L L - 4 Health Net / Cognizant Confidential

Final Execution Version

(c) Certifying that Health Net Data has been removed from Supplier’s systems, premises and control and returned or destroyed.

(d) Vacating Health Net’s premises in an orderly manner.

(e) Providing to Health Net or its successor provider reasonable access to Supplier Personnel to address questions or issues with respect to Supplier’s prior performance and transfer of the Services.

5 OTHER TERMS REGARDING DISENGAGEMENT ASSISTANCE

5.1 Commercially Reasonable Efforts

The Disengagement Plan will provide for each Party to use Commercially Reasonable Efforts to assist the other Party in the orderly termination of the affected Services and the transfer of all Deliverables, work-in-progress, and other items and materials, as may be specified in this Agreement (including Sections 12 and 15 of the Terms and Conditions and applicable project plans or statements of work executed by the Parties under this Agreement) or as requested by Health Net to facilitate the orderly, non-disrupted business continuation of each Party.

5.2 Post-Disengagement Assistance Period

*** During the six (6) month period following the Disengagement Assistance Period, if Supplier has not already delivered to Health Net all Health Net-owned reports and Documentation in Supplier’s (or its Affiliates’ or subcontractors’) possession, it will do so.

5.3 Survival of Agreement

Disengagement Assistance will be deemed to be governed by the terms and conditions of this Agreement notwithstanding its earlier termination or expiration, other than any terms or conditions that do not reasonably apply to the Disengagement Assistance.

5.4 Compensation

Health Net shall compensate Supplier for performing the Disengagement Assistance Services in accordance with Section 16.5(b) of the Terms and Conditions.

Schedule L L - 5 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE M

HEALTH NET POLICIES AND PROCEDURES

Schedule M Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE M

HEALTH NET POLICIES AND PROCEDURES

In accordance with Section 5.4 of the Terms and Conditions of the Agreement, listed below are the Health Net polices and procedures which the Parties acknowledge have been disclosed to Supplier by Health Net prior to the Effective Date.

A. SECURITY POLICIES

SECURITY POLICIES

Area	Policy Name	Description	Category	Folder	Filename
Cross-Functional	SOX404 - IT Key Controls	System and process controls to reduce financial impacts and comply with SOX.	SOX Compliance	Auditing	SOX404 - IT Key Controls (2008).xls
Cross-Functional	SOX IT Controls	System and process controls to reduce financial impacts and comply with SOX. A more comprehensive list than the one above.	SOX Compliance	Auditing	All SOX IT Control 051308.xls
Data Center	Database Security Policies	Oracle and DB2 control and security policies pertaining to user access, rights, and DITSCAP restrictions.	Database Security	DBA	Database Security Policies.doc
Data Center	iSeries Team - Security Policies	documents the procedures related to security for the iSeries systems	Mainframe Security	iSeries	AS400 Security Policy & Procedures.doc
Data Center	AS-400 Security Policies & Procedures	Security Administration Policy & Procedures documents user security, system security, monitoring and reporting	Mainframe Security	iSeries	Security Procedures.doc
Data Center	RACF Backup & Restore Procedure	The following policy and procedure is used to describe the RACF database structure and weekly backup cycle	Database Security	zSeries	RACF Backup and Restore Procedure.doc
Data Center	RACF Extraordinary Access Request Procedure	The following procedure is used to validate and selectively grant requests for extraordinary access to RACF accounts.	User Accounts	zSeries	RACF Extraordinary Access Request Procedure.doc
Data Center	RACF FHP1 & HNP2 Password Standards	password standards	Password	zSeries	RACF FHP1 & HNP2 Password Standards.doc
Data Center	RACF Identification Naming Standards	All RACF logon identification names must conform to accepted naming convention and standards required for production processing.	User Accounts	zSeries	RACF Identification Naming Standard.doc

Schedule M M - 1 Health Net / Cognizant Confidential

Final Execution Version

Data Center	RACF RVARY Password Response Procedure	The following procedure is used to respond to RACF message ICH702A or ICH703A. These messages are issued to the S/390 system master console in response to a RACF RVARY command request.	Password	zSeries	RACF RVARY Password Response Procedure.doc
Data Center	Resetting Passwords for FTP Userids in RACF	The following procedure can be used when a password is changed for a RACF FTP userid at the request of a client	Password	zSeries	Resetting Passwords for FTP Userids in RACF.doc
Data Center	Setting the RACF RVARY Password for the S/390 System	The following procedure is used to set/change the RACF RVARY passwords.	Password	zSeries	Setting the RACF RVARY Password for the OS390.doc
Data Center	z_OS OFFSHORE Process	A new RACF group named OFFSHORE has been created exclusively for Medi-cal staff augmentation programmers located in India	User Accounts	zSeries	z_OS OFFSHORE Process.doc
Data Center	z_OS RACF Change Password Procedure	Procedure for user password changes	Password	zSeries	z_OS RACF Change Password procedures.doc
Data Center	z_OS Security Procedures	Security Administration Procedures for z/OS Security Server (RACF) documents user security, system security, monitoring and reporting	Mainframe Security	zSeries	z_OS Security Procedures version 3.doc
Data Center	Security Administration Procedures	Security Administration Procedures for Health Net Unix Systems documents user security, system security, monitoring and reporting	Midrange Security	Unix	Security Administration Procedures - OSG Unix V2.0.doc
Data Center	HIPAA Procedures	The purpose of this document is to provide guidance to all Information Technology Group (ITG) associates for protecting PHI in the course of completing their job duties and responsibilities.	HIPAA	VMS	HIPAA_Procedures.doc
Data Center	Corporate Information Security Standards & Guidelines	These standards and guidelines are intended to provide guidance to all Company users for protecting Company information in carrying out their job responsibilities.	Information Security	VMS	Information_Security _Standards.pdf
Data Center	Network Security Data Storage on Home PC’s Policy	The policy at Health Net to have a standard for using non-company owned PC’s when transferring confidential information.	Data Storage	ISS	eNS3001POL - Network Security Data Storage on Home PC’s.pdf
Data Center	Network Security Electronic Transfer of Data Policy	The purpose of this document is to define Health Net’s policy of prohibiting electronic file transfers unless specifically allowed per an approved EFT Request Form	Data Transfer	ISS	eNS3002POL - Network Security Electronic Transfer of Data.pdf
Data Center	Network Security Electronic File Transfer Request Procedure	The purpose of this document is to detail the procedure for Electronic File Transfer (EFT) requests.	Data Transfer	ISS	eNS3002PRa - Network Security Electronic File Transfer Request Procedure.pdf

Schedule M M - 2 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Electronic File Transfer (EFT) Request Form	Form used to request the following: 1. Electronic File Transfers (EFT) to be performed by the EFT Team as a scheduled job with external parties. 2. “Self-Service” File Transfers to be performed by the requesting entity (and not by the EFT Team) with external parties.	Data Transfer	ISS	eNS3002PRb - Network Security Electronic File Transfer (EFT) Request FORM.pdf
Data Center	Network Security Encryption of Data Networks Policy	The purpose of this document is to explain encryption standards required when transferring data through private Health Net, Inc. WAN links	Data Encryption	ISS	eNS4002POL - Network Security Encryption of Data Networks.pdf
Data Center	Network Security Encryption of VPN Connections Policy	The purpose of this document is to explain encryption standards required when transferring data through Virtual Private Networking (VPN) connections.	Data Encryption	ISS	eNS4003POL - Network Security Encryption of VPN Connections.pdf
Data Center	Network Security Remote Control Software Policy	The purpose of this policy is to document the reason why the Remote Control Software shall not be used in the Health Net, Inc. network without Corporate Information Security approval	Remote Control	ISS	eNS2001POL - Network Security Remote Control Software.pdf
Data Center	Network Security Approved Remote Control Software Usage	The purpose of this document is to provide a list of remote control software that has been approved by Client technology Services.	Remote Control	ISS	eNS2001PRa - Network Security Approved Remote Control Software Usage.pdf
Data Center	Network Security Remote Control Software on Workstations	The purpose of this document is to describe the process for obtaining approval for remote control software on a user workstation when deemed necessary for business needs.	Remote Control	ISS	eNS2001PRb - Network Security Remote Control Software on Workstations.pdf
Data Center	Network Security Secure RIB Configuration Procedure ????	The purpose of this document is to explain the security features that must be implemented for RIB access.	Remote Control	ISS	eNS2001PRc - Network Security Secure RIB Configuration.pdf
Data Center	Network Security Requesting a New SSL Certificate Procedure	The purpose of this document is to explain the procedure for processing NEW (not pre-existing renewals) for SSL Certificate requests.	SSL Certificates	ISS	eNS2003PRa - Network Security Requesting a New SSL Certificate.pdf
Data Center	Index of ISS Documents	A complete listing of all ISS Policy & Procedures documents	Cross-functional	ISS	Index of ISS Documents.xls
Data Center	Network Security Port Scanning Policy	The purpose of this document is to explain the policy of multiple IP address scans.	Scanning	ISS	eNS7003POL - Network Security Port Scanning.pdf
Data Center	Network Security Port Scanning Request Procedure	The purpose of this document is to explain the procedure for processing a Port Scan Request with the Network Infrastructure Security Services (NISS) team.	Scanning	ISS	eNS7003PRa - Network Security Port Scanning Request.pdf

Schedule M M - 3 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Network Security Use of ICMP Policy	The purpose of this document is to explain the use of ICMP.	ICMP	ISS	eNS7004POL - Network Security Use of ICMP.pdf
Data Center	Network Security Foreign Computers on HNI Core Network	The purpose of this document is to explain the corporate policy when foreign computers and or contractors are connecting to the Health Net, Inc. network	Foreign Computers	ISS	eNS1002POL - Network Security Foreign Computers on HNI Core Network.pdf
Data Center	Network Security - Use of Additional Communications Interfaces by Network Attached Devices Policy	This policy prohibits any device connected to the Health Net network from having more than one communication interface enabled at any given time. The purpose of this policy is to provide a standard for Health Net regarding communication interfaces		ISS	eNS1010POL - Network Security Use of Additional Communications Interfaces. PDF
Data Center	Network Security Enterprise Routing Policy	The purpose of this document is to describe the criteria for acceptable network traffic routing within the Health Net, Inc. Network.		ISS	eNS1021POL - Network Security Enterprise Routing. PDF
Data Center	Network Security Wireless Networking	The purpose of this document is to explain the corporate policy for wireless access to Health Net, Inc. networks, hosts, and services		ISS	eNS1022POL - Network Security Wireless Networking. PDF
Data Center	Network Security Internet Content Filtering	The purpose of this policy is to Provide defined use for content filtering within Health Net, Identify the oversight and administrative roles involved with content filtering operations, Provide the criteria for authorizing a request for a reporting of an associate’s Internet usage, Provide guidance on how to make changes to Internet content filtering.	Content Filtering	ISS	eNS1023POL - Network Security Internet Content Filtering. PDF
Data Center	Network Security Management Monitoring of Associate Internet Usage	The purpose of this policy is to provide definition for content filtering reporting within Health Net.	Content Filtering	ISS	eNS1024POL - Network Security Management Monitoring of Associate Internet Usage.pdf
Data Center	Remote Access Services Policy	This policy is being written to summarize all activities and support criteria associated with existing Dial Network and VPN Network policies and processes. There are several process/procedure documents and rules of thumb that have existed for Health Net for many years - but are now quite outdated and are to be superseded by this policy	Remote Access	ISS	eNS1025POL - Network Security RAX Services Policy.pdf

Schedule M M - 4 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Network Security SSL Certificate Policy	The purpose of this document is to explain the policy that will be used by the Network Infrastructure Security Service team (NISS) to generate, order, and track new Secure Sockets Layer - SSL Certificate	SSL Certificates	ISS	eNS2003POL - Network Security SSL Certificate.pdf
Data Center	Network Security Categories of Managed Network Devices	The purpose of this document is to provide a corporate definition for Health Net network attached end-user hosts, including workstations and laptops. The document will also provide guidance on how each category of host shall be supported		ISS	eNS2004POL - Network Security Categories of Managed Network Devices.pdf
Data Center	Network Security Encryption Standards Policy	The purpose of this document is to explain the Health Net encryption policy when transmitting Electronic Protected Health Information (EPHI) data over Internet or Dial-up lines		ISS	eNS4001POL - Network Security Minimum Encryption Standards.pdf
Data Center	Network Security Network Assessment Scanning	The purpose of this policy is to provide explicit permission and restrictions regarding network security scanning performed by the approved internal auditing entities within Health Net		ISS	eNS7005 - Network Security Network Assessment Scanning.pdf
Data Center	Network Security Small Site	The purpose of this document is to explain the Health Net Inc. policy of Small Site Security		ISS	iNS1017POL - Network Security Small Site Security.pdf
Data Center	Network Security Internet Only VLAN Implementation Policy	The purpose of this policy is to establish parameters in permitting temporary access for contractors and vendors to access Health Net, Inc. provided resources.		ISS	iNS1019POL - Network Security Internet Only VLAN Implementation.pdf
Data Center	Network Security Remote Access Security	The purpose of this document is to explain the attributes of perimeter access control devices.		ISS	NS1008POL - Network Security Remote Access Security.pdf
Data Center	Network Security Foreign Computers on HNI Network	The purpose of this document is to explain the procedure for processing an exception to policy eNS1002POL.	Procedures	ISS	eNS1002PRa - Network Security Foreign Computers on HNI Network.pdf
Data Center	Network Security Partner Connections	The purpose of this policy is to set a standard for all partner connections to meet all corporate and regulatory security standards		ISS	eNS1005POL - Network Security Partners Connection Policy.pdf

Schedule M M - 5 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Network Security Partner Audits	Vendors and/or contractors requiring remote access are deemed Partner Connections. Remote access includes, but may not be limited too, dedicated connections (e.g. Site –VPN, Site-Citrix, Frame-Relay, etc), Internet client connections (e.g. Client –VPN, Client-Citrix) and dial-up. Each Partner Connection must have an associated Partner Connection Form. This form is reviewed annually	Procedures	ISS	eNS1005PRb - Network Security Partners Connection Audit.pdf
Data Center	Network Security Third Party Remote Control of Systems	The purpose of this document is to explain the procedure for requesting remote control access for Partner Connections.	Procedures	ISS	eNS1005PRc - Network Security Partners Connection Remote Control.pdf
Data Center	Network Security Vendor Modem Security Checklist	Following is a checklist to assist teams in gathering the required information for requesting a Third Party Vendor connection.	Procedures	ISS	eNS1005PRd - Network Security Partners Connection Modem Checklist.pdf
Data Center	Network Security Perimeter Access Control Policy	The purpose of this document is to explain the attributes of perimeter access control devices		ISS	eNS1018POL Network Security Firewall Policy.pdf
Data Center	Network Security Firewall Access Requests	“Separation of Duties” requires a Network Security Auditor to examine and scrutinize requests for network traffic flow and IP device access to other environments. The audit process for analyzing access on the corporate firewalls is provided in this procedure	Procedures	ISS	eNS1018PRa Firewall Access Requests.pdf
Data Center	Request a Basic Internet Only VLAN Procedure	This document outlines the procedure for requesting access to the Basic Internet only-VLAN, and the services available.	Procedures	ISS	eNS1019PRb - Network Security Request a Basic Internet Only VLAN.pdf
Data Center	Network Security Wireless Access Procedure	The purpose of this document is to describe the specifics for connectivity to the wireless LAN at some Health Net, Inc. facilities by contractors, vendors, non-HNI associates as well as HNI associates.	Procedures	ISS	eNS1022PRa - Network Security Wireless Access.pdf
Data Center	Network Security Extranet VPN Security Policy	The purpose of this document is to explain the policy for securing Extranet VPN connections		ISS	iNS1009POL - Network Security Extranet Security VPN Security.pdf
Data Center	Network Security Modem Request Procedure	The purpose of this document is to explain the procedure for requesting an outside connectivity device.	Procedures	ISS	iNS1010PRa - Network Security Modem Request.pdf
Data Center	Network Security Analog Line Audit Procedure	This document will outline the process by which Health Net analog phone lines will be audited and reported.	Procedures	ISS	iNS1010PRb - Network Security Analog Line Audit.pdf

Schedule M M - 6 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Network Security Perimeter Security Scan Scheduling	The purpose of this document is to explain three basic types of Perimeter Security scans and when they are scheduled to be run.	Procedures	ISS	iNS1013PRa - Network Security Perimeter Security Scan Scheduling.pdf
Data Center	Network Security Internet Site Access Policy	The purpose of this document is to explain the policy that Health Net, Inc. associates must follow when accessing all electronic transmissions.		ISS	iNS1014POL - Network Security Internet Site Access.pdf
Data Center	Network Security Restricted Internet Site Access Procedure	The purpose of this document is to create a process when associates are accessing the Internet or any electronic transmissions and are requesting access to a blocked location.	Procedures	ISS	iNS1014PRa - Network Security Restricted Internet Site Access.pdf
Data Center	Network Security Unrestricted Internet Site Access Procedure	The purpose of this document is to explain the procedure for requesting unrestricted internet access.	Procedures	ISS	iNS1014PRb - Network Security Unrestricted Internet Site Access.pdf
Data Center	Network Security Third Party Vendor Access Policy	The purpose of this document is to provide a corporate policy of Third Party Vendor access to the Health Net Inc. Network.		ISS	iNS1016POL - Network Security Third Party Vendor Access.pdf
Data Center	Network Security Basic Internet Only VLAN Procedure	The purpose of this document is to explain the procedure for configuring a network connection to support foreign computers.	Procedures	ISS	iNS1019PRa - Network Security Basic Internet Only VLAN.pdf
Data Center	Network Security Support of Non-Policy IP Connections Procedure	This document defines the options for supporting a partner connection that does not meet Health Net’s minimum standard for fully supported partner connections as defined in Health Net Policy eNS1020POL - Partner IP Addressing	Procedures	ISS	iNS1020PRa - Network Security Support of Non-Policy IP Connections.pdf
Data Center	Network Security Remote Access Malicious Activity Response Procedure	The purpose of this document is to explain the procedure for addressing malicious activity from a device connected through remote access	Procedures	ISS	NS1008PRa - Network Security Remote Access Malicious Activity Response.pdf
Data Center	Network Security Policy Development	The purpose of this policy is intended to provide the Network Infrastructure and Security Services (NISS) team guidelines when creating Corporate Policies and Procedures	Policies	ISS	eNS0001POL - Network Security Policy Development.pdf
Data Center	Network Security Procedure Approval Procedure	The purpose of this procedure is to describe the process by which the Network Infrastructure Security Services (NISS) team will follow in having procedures and/or policies approved and implemented.	Procedures	ISS	eNS0001PRa - Network Security Policy Approval Procedure.pdf

Schedule M M - 7 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Network Security Policy Numbering System	The purpose of this document is to describe the method by which NISS Policies, Procedures, Risk Assessment, Standards and Guidelines are documented and cataloged for reference, storage and retrieval purposes in the Domino Doc Lotus Notes Database.		ISS	eNS0001PRb - Network Security Policy Numbering System.pdf
Data Center	Network Security Policy Approval	The purpose of this procedure is to describe the processes the Network Infrastructure Security Services (NISS) team will follow in having policies approved and implemented.		ISS	eNS0001PRg - Network Security Policy Approval Procedure.pdf
Data Center	Network Security HNI Security Environments Policy	The purpose of this document is to define the policy for the Network Infrastructure Security Services (NISS) team when conducting testing of any new products and/or services before implementation into production environments		ISS	eNS0002POL - Network Security HNI Security Environments.pdf
Data Center	Network Security Corporate Change v	The purpose of this document is to define the policies the ITG Network Infrastructure Security Services (NISS) team is to follow in regards to effecting changes in the Health Net Enterprise Network. These processes are located in the HNI Corporate Change Management Request policy. (Located in section “IV. Related Policies”).		ISS	eNS0003POL - Network Security Change Control Policy.pdf
Data Center	Network Security Change Management Request Procedure	The purpose of this document is to explain the procedure that the NISS team will follow when creating a routine Change Management Request (CMR).	Procedures	ISS	eNS0003PRa - Network Security Notification Only CMR.pdf
Data Center	Network Security CMR Meetings Agenda Procedure	Describes the tasks that contribute to a successful CMR meeting.		ISS	eNS0003PRd - Network Security CMR Meetings Agenda.pdf
Data Center	Network Security Spoofed Email Notification Policy	The purpose of this document is to explain that NISS shall respond to reports of spoofed email		ISS	eNS0004POL - Network Security Spoofed Email Notification.pdf
Data Center	Network Security Response to Spoofed Email Notification Procedure	The purpose of this document is to explain how NISS shall respond to reports of spoofed email		ISS	eNS0004PRa - Network Security Response to Spoofed Email Notification.pdf
Data Center	Network Security Logging Policy	The purpose of this document is to describe the importance regarding logging capabilities that must be enabled on equipment that collects and maintains system and user events		ISS	eNS0005POL - Network Security Logging Policy.pdf

Schedule M M - 8 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Network Security Password Maintenance Policy	The purpose of this document is to explain the corporate password policy for Network Infrastructure Security Services (NISS).		ISS	eNS0006POL - Network Security Password Maintenance Policy.pdf
Data Center	Network Security Administrative Password Procedure	The purpose of this document is to explain administrative password changes by Network Infrastructure Security Services (NISS) associates	Procedures	ISS	eNS0006PRa - Network Security Administrative Passwords.pdf
Data Center	Network Security Emailing New Administrative Password Procedure	The purpose of this document is to describe how to send the Enable Password Change email	Procedures	ISS	eNS0006PRb - Network Security Emailing New Admin Password.pdf
Data Center	Network Security Changing Cisco Passwords Procedure	The purpose of this document is to explain the process for changing Cisco passwords	Procedures	ISS	eNS0006PRc - Network Security Changing Cisco Passwords.pdf
Data Center	Network Security Document Creation Procedure	The purpose of this document is to explain in detail the procedure that the NISS Personnel must follow when creating and storing documents, particularly Policies, Procedures, Guidelines and Risk Assessments. This procedure does not address Standards, as those documents are the responsibility of INFOSEC.	Procedures	ISS	iNS0001PRc - Network Security Document Creation.pdf
Data Center	Network Security Document Revision Procedure	The purpose of this document is to define Minor and Material Document revisions and to explain the procedure for updating a document after a revision. This procedure will specifically apply to Network Security Policies, Procedures, Guidelines and Risk Assessments.		ISS	iNS0001PRd - Network Security Document Revision.pdf
Data Center	Network Security Domino Document Manager Storage and Revision Procedure	The purpose of this document is to explain in detail the procedure to add documents and revise existing documents in Domino Document Manager (DomDoc); this would include Policies, Procedures, Guidelines and Risk Assessments.		ISS	iNS0001PRe - Network Security Domino Document Manager Storage and Revion.pdf
Data Center	Network Security Firewall Change Requests	Describe the details involved in making a request to modify a firewall rule base	Procedures	ISS	iNS0003PRe - Network Security Firewall Change Request.pdf
Data Center	Network Security Firewall Audit	Describe the details involved in extracting open IP/port information from the Health Net Cisco PIX firewalls. The information is then compared and cross-referenced to existing audit documents for purposes of updates and maintenance	Procedures	ISS	iNS0003PRf - Network Security Firewall Audit.pdf

Schedule M M - 9 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Network Security Altiris Weekly Summary Report Policy	The purpose of the Altiris report is to document and track the number of unaccounted workstations for Health Net, Inc.		ISS	iNS0008POL - Network Security Altiris Weekly Summary Report Policy.pdf
Data Center	Network Security Altiris Weekly Summary Report Procedure	The purpose of this procedure is to describe the process by which the Network Infrastructure Security Services (NISS) team will follow in updating and running the Weekly Altiris Summary Report.	Procedures	ISS	iNS0008PRa - Network Security Altiris Weekly Summary Report Procedure.pdf
Help Desk	Convergence Phone Updating Your Personal Greeting	Voicemail greetings procedures	Procedures	Help Desk	Convergence Phone Personal Greeting Update Procedure.doc
Help Desk	Help Desk Password Reset Verification	The purpose of the Policy is to support compliance with Information Security regulations. Associates contacting the Help Desk requesting a password reset for ANY application, will be required to verify their identity including providing the last four digits of their Social Security number.	Password	Help Desk	Password reset verifications policy.doc
Help Desk	Privacy and Security Awareness Week Script Policy	The purpose to this policy is to outline why a Help Desk agent must input a special phone script on their personal greeting to greet a client via the Rockwell Convergence IVR during, Privacy and Security Awareness Week.		Help Desk	Privacy and Security Awareness Week Policy.doc
Help Desk	Privacy and Security Awareness Week Scripts	This purpose to this procedure is to outline the scripts the Help Desk will use to greet a client via the Rockwell Convergence IVR during, Privacy and Security Awareness Week	Procedures	Help Desk	Privacy and Security Awareness Week Procedure.doc
Help Desk	Novell Directory Services (NDS) and NT Domain Administration Guideline and Procedure	This guideline is intended to prevent abuse of administrative capabilities on NT and NetWare file servers and their associated directories (NDS, AD, LDAP). The assignment of NDS and NT Domain Access administrative rights is contingent upon acceptance of these terms, as represented by signature of this document		Help Desk	SS NDS-NT security guideline rev6.doc
Help Desk	Visitor Confidentiality Notification	Copy of notice to visitors to a Health Net secure facility	Site Visitors	Help Desk	Visitor Confidentiality Notification (Final).doc
Data Center	Client Technology Services Directory	List of all services provided by Client Technology Services	CTS Services	CTS	Client Technology Services Summary.xls
Data Center	Example Intrust & NetVision alerts	Samples of alerts	Alerts	CTS	Example Alert Data.doc

Schedule M M - 10 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Security Logging - Alerts and Reports	The purpose of this document is to provide a list of Alerts and Reports CTS generates from the security log data collected by the NetVision and Quest InTrust systems	Alerts	CTS	Security Logging - Alerts and Reports.pdf
Data Center	Security Logging Detailed Design	This document will provide a detailed architectural design of the Security logging that has been implemented on Client Technology Services (CTS) supported Microsoft Windows and Novell NetWare servers.	Security Logging	CTS	Security Logging - Detailed Design v1.5.pdf
Data Center	Security Administration Procedures for Microsoft Active Directory	Security responsibilities are conducted for the following Microsoft Active Directory Forest HEALTHNET.COM (Including Domains HNCORP, FS, and RMT) for Health Net, Inc.:	MS Active Directory	CTS	Security_Admini stration_Pro cedures_AD.doc
Data Center	Security Administration Procedures for Novell eDirectory	The above responsibilities are conducted for the following Novell eDirectory Trees Meta and FHC for Health Net, Inc.:	Novell eDirectory	CTS	Security_Admini stration_Pro cedures_eDir.doc
Cross-Functional	ITG Protecting Health Information	The purpose of this document is to provide guidance to all Information Technology Group (ITG) associates for protecting PHI in the course of completing their job duties and responsibilities	PHI	Logistics	HIPAA_ Procedures.doc
Cross-Functional	Corporate Information Security Standards & Guidelines	This document contains the corporate information security standards and guidelines for Health Net, Inc. and its subsidiaries and affiliates (the “Company”). These standards and guidelines are intended to provide guidance to all Company users for protecting Company information in carrying out their job responsibilities. In addition, these standards and guidelines help ensure Company personnel meet applicable laws and regulations regarding security and privacy of information protection including the Health Insurance Portability and Accountability Act of 1996 (HIPAA).	Information Security	InfoSec	Information_ Security_Stand ards.pdf
Cross-Functional	ARISC Form	Use this form to document acknowledgment of temporary noncompliance with a security control standard or of noncompliance on a permanent basis (reviewed annually).	Security Control Waiver	InfoSec	ARISC Form.doc

Schedule M M - 11 Health Net / Cognizant Confidential

Final Execution Version

Cross-Functional	Business Unit Security Review Program	Business Units have a duty to protect information assets from a variety of threats such as service interruption, error, fraud, embezzlement, sabotage, terrorism, extortion, industrial espionage, privacy violation and natural disaster		InfoSec	HNI Business Unit Security Review Program.doc
Cross-Functional	Business Unit Security Review Questionnaire	The Business Unit Security Review Questionnaire is intended to provide a process to meet the due diligence of evaluating a Health Net company entity’s (i.e., Business unit) information security compliance with the Health Net Inc’s corporate programs, policies, standards and appropriate state and federal security regulations or published security criteria.		InfoSec	HNI Business Unit Security Review Questionnaire.doc
Cross-Functional	Service Provider Security Assessment Questionnaire	The Service Provider Security Assessment Questionnaire is intended to provide a process to meet the due diligence of evaluating a non-company entity’s (i.e., service provider) information security compliance with the Health Net Inc’s corporate programs, policies, standards and appropriate state and federal security regulations or published security criteria		InfoSec	HNI Security Assessment Questionnaire.doc
Cross-Functional	HN Incident Report Form	Security breach incident report form		InfoSec	Incident Report Form.doc
Cross-Functional	Information Security Policy	All information used in the course of business is considered a Company asset. Toward this end, management and Users are responsible and accountable for its protection.		InfoSec	Information Security Policy.pdf
Cross-Functional	Acknowledgment of Reduced Information Security Control (A-RISC) Form Instructions	Due to unique or special business circumstances, a department may not be able to comply with a particular aspect of a Corporate Information Security policy or standard.	Security Control Waiver	InfoSec	INFOSEC A-RISC Instructions.ver1. 0.928905.final.doc
Cross-Functional	Security Self-Assessment Questionnaire Instructions	Security Self-Assessment Questionnaire Instructions. The Security Self-Assessment Questionnaire (“Questionnaire”) review is intended to help departments determine how well their security systems are in compliance with Company security policies and standards		InfoSec	Security Self-Assessment Questionnaire Instructions.pdf
Cross-Functional	Security Self-Assessment Questionnaire	Security Self-Assessment Questionnaire.		InfoSec	Security Self-Assessment Questionnaire.xls

Schedule M M - 12 Health Net / Cognizant Confidential

Final Execution Version

Cross-Functional	Security Administration Procedures Template Instructions	All security systems at Health Net, including physical security, network, operating system, application, and databases, need to have documented procedures that are used to administer their security	System Security	InfoSec	Security_ Administration_Pr ocedures_Template _Ins tructions.pdf
Cross-Functional	Security Administration Procedures Template	Security Administration Procedures template	System Security	InfoSec	Security_ Administration_Pr ocedures_ Template.doc
Cross-Functional	Security and Privacy Incident Response Plan	This document will provide the details of the Security and Privacy Incident Response Plan including the typical events that would invoke it and the definition of the roles and responsibilities of the Incident Response Management Team that will support it.	Incident Response	InfoSec	Security_and _Privacy_Incident_ Response_ Plan (September 2007 - website edition).doc
Cross-Functional	Vendor Product Security Assessment	As part of the process in evaluating vendor products with security functions, Health Net Inc. (HNI) requires potential vendors to elaborate on the security functions and controls that the product has in place to meet company information security standards. The answers to this assessment will be used by Health Net Inc. to gain an insight into the overall security capabilities of a potential vendor product	Vendor Products Security	InfoSec	Vendor Product Security Assessment.doc
Data Center	ABS PROD - DAccount Violation Policy	D Account Violation Policy	ABS	DCS	ABS D Account Violation Policy - Procedure.doc
Data Center	Alternate Approval List for Power and D Accounts	Alt Approver roster for Power and D Accounts	ABS	DCS	Alternate Approval List for Power and D Accounts.xls
Data Center	CICS TS Newcopy Procedures	This document describes how to do a CICS Newcopy and validate the Newcopy worked.	CICS	DCS	CICS TS Newcopy Procedures.doc
Data Center	Data Center Access Log Sheet	Data Center Access Log Sheet (Form)	Data Center	DCS	Data Center Access Log Sheet_ 2-3-08.xls
Data Center	SCLM Code Moves	Program Code Moves via SCLM utility	ZOS/390	DCS	IBM - SCLM Moves.doc
Data Center	MC400 Power Account Policy	Power Acct Enable/Disable guideline and SLA	AS400	DCS	MC400 Power Account Policy - Procedure.doc
Data Center	Programming Code Migration for MC400/HNNE	MC400 Code Migration - MKS	MC400	DCS	MKS Proccedure.doc
Data Center	MKS Rollback Procedure	MC400 Code Migration - MKS	MC400	DCS	MKS Rollback.doc
Data Center	Operations procedure for Data Center Vendor Access	Provides direction for Operations when Vendor access to the Data Center is requested.	Data Center	DCS	Operations Actions For Vendor Access.doc

Schedule M M - 13 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Code Move Access Audit - Quarterly	Quarterly audit of Computer Operations and Production Control access to move program code into Production.	Production Control	DCS	Pgm Code Move Access Audit.doc
Data Center	PRELUDE AS400 Procedure for enabling/disabling Power Accounts	Power Acct Enable/Disable - Prelude	AS400	DCS	Power account Procedure for PRELUDE.doc
Data Center	SYMPHONY AS400 Procedure for enabling/disabling Power Accounts	Power Acct Enable/Disable - Symphony	AS400	DCS	Power account Procedure for SYMPHONY.doc
Data Center	HNNE AS400 Procedure for enabling/disabling Power Accounts	Power Account Enable/Disable - MC400.	AS400	DCS	Procedures to enable-disable power accouts.doc
Data Center	Gold Pointe building “A” temporary and contractor badge issuance	This procedure will provide direction for security personnel when issuing access badges for the Health Net, Inc. data center Gold Pointe building “A” located at 12033 Foundation Place, Hazel Data Center (HDC). Only HDC is covered by this procedure.	Data Center	DCS	Revised Desk officer policy 10-31-07.doc
Data Center	SCLM Package Backout Process	SCLM Move Backout - explains the new function in SCLM	ZOS/390	DCS	SCLM Package Backout facility.doc
Data Center	SCLM Package Restore Procedure	SCLM Move Backout - is the procedures on backing out a package.	ZOS/390	DCS	SCLM Package Restore Procedure.doc
Data Center	Offsite & Onsite Tape Management	Vendor Dial-in Access	All Platforms	DCS	Vendor Access - Procedure.doc
Data Center	VMS BACKOUT MOVES ON ALPHA CLUSTER Procedures	ABS Move Backout	ABS	DCS	VMS BACKOUT MOVES ON APLHA CLUSTER.doc
Data Center	VMS PRD VMS MOVES ON ALPHA CLUSTER	ABS Moves	ABS	DCS	VMS PRD VMS MOVES ON APLHA CLUSTER.doc
Data Center	Plan to Ensure Continued Preservation of Electronically Stored Information (ESI)	Presentation on the need to maintain auditable records regarding Electronically Stored Information (ESI)	ESI	DCS SWS	Health Net ESI Preservation Roadshow - Privileged and Confidential - rev05.ppt
Data Center	ITLS Process Manual For Associate Document Requests	Process Manual For Associate Document Requests	General	DCS SWS	ITLS Process Manual.doc
Data Center	Intent to Archive Data System	Intent to Archive Data System form	Storage	DCS SWS	Sample Archive Documentation.doc
Data Center	Intent to Decommission or Transfer System	Intent to Decommission or Transfer System form	Storage	DCS SWS	Sample Decommission Transfer Documentation.doc
Cross-Functional	CODE OF BUSINESS CONDUCT AND ETHICS	Corporate Code of Business Conduct and Ethics	General	Privacy	business_conduct_code.pdf

Schedule M M - 14 Health Net / Cognizant Confidential

Final Execution Version

Cross-Functional	Notification of Access	Procedures for notification to requesters of accounts for new users and notification of modifications and additional system access for current users.	Access Admin	Access Admin	Access Administration Notification Policy 3-14-07.doc
Cross-Functional	Rules of Engagement	Policy stating the conditions under which the Access Administration (“AA”) Team will agree to perform the duties of Access Administration (account adds, modifies, & deletes), Periodic Review, and Supervision of Account Inactivity for a system/application.	Access Admin	Access Admin	Access Administration Project Implementation Rules.doc
Cross-Functional	Roles & Responsibilities	Policy stating the roles & responsibilities of the Access Administration Team, and the expected responsibilities of other teams with which they work.	Access Admin	Access Admin	Access Administration Roles & Responsibilities.doc
Cross-Functional	Security Roles & Responsibilities	Definition of the roles and responsibilities of a security administrator, security SME, and of the Access Admin team.	Access Admin	Access Admin	Access Administration Security Roles & Responsibilities.doc
Cross-Functional	Naming Standard – All New Accounts	Health Net naming standard for all new user id accounts	Access Admin	Access Admin	Company Naming Standard 10-4-05.doc
Cross-Functional	Contractor/Temporary Employee Policy	Access Admin policies and procedures pertaining to contract and temp employees.	Access Admin	Access Admin	Contractor - Temp Employee Policy.doc
Cross-Functional	Inactive/Disable/Delete Policy	P&P pertaining to inactive and disabled user accounts	Access Admin	Access Admin	Disable and Delete Policy 6-26-07.doc
Cross-Functional	Novell eDirectory & Microsoft Active Directory Security Policy	Agreement form relating to various policies and procedures surrounding Novell eDirectory and Microsoft Active Directory security	CTS	Access Admin	eDIR - AD Security Policy v14b.pdf
Cross-Functional	Executive Account Deletions	P&P relating to the deletion of userid accounts held by executive officers, such a CXO and SVPs.	Access Admin	Access Admin	Executive Accounts - Deletion 3-14-05.doc
Cross-Functional	Emergency Access Procedures	To provide a quick means for a person, such as an associate, , a vendor, or a contractor, to gain access to Health Net information and systems during an interruption of normal connectivity, when necessary to maintain Health Net business.	Access Admin	Access Admin	HNFS Emergency Access Procedures 6-1-04.doc
Cross-Functional	Disabled Account Policy	Older version of Disable and Delete Policy 6-26-07.doc above (This document should be deleted.)	Access Admin	Access Admin	Inactive Account Policy 4-17-07.doc
Cross-Functional	MC400 Power Accounts	(Duplicate of document above. This document should be deleted.)	Access Admin	Access Admin	MC400 Power Account Policy - Procedure.doc

Schedule M M - 15 Health Net / Cognizant Confidential

Final Execution Version

Cross-Functional	Notification of Account Ids and Passwords	Older version of Access Administration Notification Policy 3-14-07.doc above. (This document should be deleted.)	Access Admin	Access Admin	Notification of Account IDs and Passwords Procedure.doc
Cross-Functional	Novell eDirectory & Microsoft Active Directory Security Policy	(Duplicate of eDIR - AD Security Policy v14b.pdf above. One of these should be deleted.)	Access Admin	Access Admin	NT-HIPAA Domain Account Policy 2-25-03.pdf
Cross-Functional	OS390 Termination Policy	The purpose of this document is to describe the process to terminate/remove a RACF account from the IBM OS390 system when the associate/contractor has been terminated or inactive for greater than 60 days.	Access Admin	Access Admin	OS390 RACF Termination Policy.doc
Cross-Functional	OS390 Termination Policy	The purpose of this document is to describe the process to terminate/remove a RACF account from the IBM z-Series system when the associate/contractor has been terminated or inactive for greater than 60 days.	Access Admin	Access Admin	OS390 Termination Policy 7-27-04.doc
Cross-Functional	Role-Based Access in the MC400	P&P relating to the creation and maintenance of roles and the assignment of roles to users within the MC400 environment	MC400	Access Admin	Role Based Access MC400 P&P rev.04.28.04.doc
Cross-Functional	IS Request Processing – Temp to Perm	This document will state the policy on submitting an IS Request for the purpose of converting a temporary employee to a permanent one and vice versa. The policy aims to reduce the time spent by Access Administration in reviewing and processing the IS Requests for temp to perm and perm to temp conversion.	Access Admin	Access Admin	Temp to Perm Policy 3-22-07.doc
Cross-Functional	Associate/Contractor Termination Policy	This document will describe Associate/Contractor Termination Policy. The termination should be completed on or as close to the termination date as possible. The goal is to revoke access from all systems. In certain cases, the associate may need to maintain their access to the former position for a period of time. It is the responsibility of the supervisor/manager to notify OE that an associate or contractor will be terminated.	Access Admin	Access Admin	Termination Policy 20070706.doc
Cross-Functional	Training Accounts	The purpose of this document is to describe the process to establish and maintain training accounts within the guidelines of the Information Security Policy	Access Admin	Access Admin	Training Account Policy.doc

Schedule M M - 16 Health Net / Cognizant Confidential

Final Execution Version

Cross-Functional	Associate Transfer Process	P&P relating to the transfer of an associate from one department to another within HN. Includes P&Ps relating to the temporary “bridging” of an associate’s access across two departmental boundaries.	Access Admin	Access Admin	Transfer Policy and Procedure 6-6-07.doc
Cross-Functional	Associate Transfer - IS Request Processing	An older version of the Transfer Policy and Procedure 6-6-07.doc document listed above. (This document should be deleted.)	Access Admin	Access Admin	Transfer Policy.doc
Cross-Functional	ASSOCIATE GUIDELINES AND PROCEDURES ACKNOWLEDGMENT FORM	ASSOCIATE GUIDELINES AND PROCEDURES ACKNOWLEDGMENT FORM	Access Admin	Access Admin	Associate Acknowledgment Form-hard copy dist. version.doc
Cross-Functional	CONFIDENTIALITY STATEMENT - RESTRICTED GROUP ACCESS EMPLOYEE CLAIM, MEDICAL AUTHORIZATION AND ELIGIBILITY DATA	CONFIDENTIALITY STATEMENT - RESTRICTED GROUP ACCESS EMPLOYEE CLAIM, MEDICAL AUTHORIZATION AND ELIGIBILITY DATA	Access Admin	Access Admin	Confidentiality Agreement.doc
Cross-Functional	ASSOCIATE PROPRIETARY PASSWORD AGREEMENT	ASSOCIATE PROPRIETARY PASSWORD AGREEMENT	Access Admin	Access Admin	Password Agreement 2.01.doc
Cross-Functional	Novell Directory Services (NDS) and NT Domain Administration Guideline and Procedure	Older version of the eDIR - AD Security Policy v14b.pdf listed above. (This version should be deleted.)	Access Admin	Access Admin	SMS NDS-NT Security Guideline rev13.pdf
Data Network	Critical Security Incident Escalation Process	This purpose of this document is to provide guidelines for the Network Operations staff to notify Health Net the IT Utility of a critical security issue.	Security Escalation	NetOps	Critical Security Incident Escalation Process.doc
Data Network	Enterprise Networking Security Document Index	(Should be deleted).		NetOps	Enterprise Networking Security Document Index.doc
Data Center	System Password Documentation	System password documentation and update used by Computer Operations and Production Control	Data Center	DCS	99.Documentation Template.doc
Data Center	ABS PROD - DAccount Policy & (User’s) Procedures	Method and criteria for enable / disable of D Accounts	Data Center	DCS	Policy and Procedure for Activating D Accounts.doc
Data Center	Access Administraation Policy and Procedures	Policies and Procedures used by Access Administration staff to process requests for system accounts.	Access Admin	Access Admin	Access_Administration_Policy.pdf

B.

Schedule M M - 17 Health Net / Cognizant Confidential

Final Execution Version

OTHER HEALTH NET POLICIES AND PROCEDURES

OTHER HEALTH NET POLICIES

Tower	Policy Name	Description	Category	Notes
Help Desk	Remedy Incident Priority Category Definitions	Defines Incident Priority	Incident and Problem Management
Help Desk	Remedy Problem Priority Category Definitions	Defines Problem Priority	Incident and Problem Management
Help Desk	Remedy Problem Management Policy and User Guide	Remedy Problem Management Policy and User Guides.	Problem Management
Help Desk	Point of Contact Guide	Provides procedure for calls in to the Help Desk	Help Desk
Cross-Functional	Change Management User Guide	Remedy Change Management User Guide describes basic Change Management functions.	Change and Release Management
Cross-Functional	Change Management Policy-		Change and Release Management
Help Desk	Remedy User Guide		Change and Release Management
Cross-Functional	Change Management Quick Reference Guide		Change and Release Management
Cross-Functional	Oracle Naming Standards
Cross-Functional	Health Net Disaster Recovery Policies and Procedures Document	https://hnconnect.healthnet.com/business_units/itg/ policies_and_procedures/Disaster_Recovery/ DR_Critical_Applications_Policies__Procedures_Revised_July_2.pdf	IT Continuity & Disaster Recovery Services
Cross-Functional	Mission Critical Applications Policies and Procedures		IT Continuity & Disaster Recovery Services

Schedule M M - 18 Health Net / Cognizant Confidential

Final Execution Version

Cross-Functional	DR Account Management Procedure		IT Continuity & Disaster Recovery Services
Cross-Functional	2007 ITG Disaster Recovery Program Overview		IT Continuity & Disaster Recovery Services
Cross-Functional	Disaster Recovery Critical Path		IT Continuity & Disaster Recovery Services
Cross-Functional	Disaster Recovery Process Lifecycle		IT Continuity & Disaster Recovery Services
Cross-Functional	Plan to Ensure Continued Preservation of Electronically Stored Information (ESI)		Storage Management, Data Retention
Data Center	Internal Policies for ISeries	Describes the Health Net iSeries Policies
Cross-Functional	Outage Reporting Procedure	Describes how to report an outage	Help Desk
Cross-Functional	Tibco Posting Procedures	Details how to obtain Tibco support from Tibco website
Cross-Functional	Vendor Technical Support Message Posting Policies	Describes how to post messages regarding support of Middleware
Data Network	Network Engineering Charter	Provides functional roles for the Network Design and Engineering and Network Engineering Architecture and Converged Services	Engineering/Development
Data Network	Network Facilities design and engineering charter	Provides descriptions and responsibilities for design and engineering	Engineering/Development
Data Network	Network Production Support engineering charter	Provides functional roles for the Network Production Support Team	Engineering/Development
Cross-Functional	Tape Management Policy Procedures	Purpose of the document is provide Tape Management guidelines in order to comply with SOX	Storage Management, Data Retention
Voice Network	Voice Network Policies and Procedures	Documents are Corporate Telecom Functional Responsibilities (including Roles and Responsibilities and the Telecom Services Charter	Voice Network Operations and Administration

Schedule M M - 19 Health Net / Cognizant Confidential

Final Execution Version

Help Desk	Help Desk Internal Policies and Procedures	Service Desk Procedure database containing all policies and procedures that are used for the Help Desk	Help Desk General Policies and Procedures	Service Desk Policy & Procedures Lotus Notes database located on SACDOM50
Cross-Functional	Facilities Standards & Policies		Environment and Facilities Support
Data Center	Batch and Online Processing Policy	Guidelines for Batch and Online process and monitoring.	General Policies and Procedures for Ops and Prod Cntrl	Batch and Online Processing Policy - Procedure.doc
Data Center	Document and Archive Retention Policy	Archive and retention policy for Production documents.	General Policies and Procedures for Ops and Prod Cntrl	Document Archive Retention Policy - Procedure.doc
Data Center	Escalation and Notification Policy	Policy for escalation and notification of Priority 1 and 2 problems.	General Policies and Procedures for Ops and Prod Cntrl	Escalation and Notification Policy Procedure for Problem Pri 1 and 2 Oct 2006.doc
Data Center	Exceptions to Normal Processing Policy	Error handling measures for exceptions to normal processing.	General Policies and Procedures for Ops and Prod Cntrl	Exceptions to Normal Processing Policy - Procedure.doc
Data Center	File Transfer Validation Policy	Validation of file transfers / uploads.	General Policies and Procedures for Ops and Prod Cntrl	File Transfer Validation Policy - Procedure.doc
Data Center	Media Retention Policy and Procedure	Media retention and definition.	General Policies and Procedures for Ops and Prod Cntrl	Media Retention Policy - Procedure.doc
Data Center	Monitoring Batch Processing Policy	Monitor of batch process to ensure completion and accountability of exceptions.	General Policies and Procedures for Ops and Prod Cntrl	Monitoring Batch Processing Policy - Procedure.doc
Data Center	Output and Report Policy	Guideline for Operations to support output report issues normally addressed by remote sites.	General Policies and Procedures for Ops and Prod Cntrl	Output and Report Policy.doc
Data Center	Removable Labeling of Backup Media Policy	Guideline for Operations to ensure backup output media created outside of tape tracking software is being labeled.	General Policies and Procedures for Ops and Prod Cntrl	Removable labeling of backup media Policy - Procedure.doc
Data Center	Scheduling Policy - Procedure	Guideline for setting up required jobs in automated scheduler.	General Policies and Procedures for Ops and Prod Cntrl	Scheduling Policy - Procedure.doc

Schedule M M - 20 Health Net / Cognizant Confidential

Final Execution Version

Data Center	Spool File Retention Policy	Guideline to control amount of spool files currently being generated on system.	General Policies and Procedures for Ops and Prod Cntrl	Spool File Retention Policy - Procedure.doc
Cross Functional	ITG Technology Plan 2008	Provides the Technical Architecture for Health Net	Planning and Analysis;
Cross Functional	Preservation of Electronic Data	Preservation of Electronic Data	Data Retention
Data Center	Cumulative PTF Application Strategy	PTF Application Strategy
Data Center	AS400 System Software Maintenance Policy	AS400 System Software Maintenance
Cross Functional	Health Net Associate Policy	Provides the Health Net policies regarding its associates	Human Resources
Cross Functional	Health Net Signature Authority Policy	Provides the Health Net rules regarding Signature Authority	Cross Functional
Unity	Unity Environment Support Roles and Responsibilities	This with the Environment request forms controls the configuration of the Unity test environments
Unity	Unity-EDS Support Roles and Responsibilities	This along with the Production Support Guidelines, Unity Production Support-Portfolio Agreement, and workflow diagram help establish Roles in the support of Unity.
Application Development	ITG Development Standards	https://hnwiki/bin/view/CTOTeam/StdMain Provides Standards for Application Development.
Medi-Cal	Medi-Cal Application Development Standards	Provides Coding and Naming standards for COBOL program development support Medi-Cal area Applications.
Medi-Cal	Remdy Release Process and Procedure	Defines the process to use Remedy to relase packages through the Medi-Cal Testing area.

Schedule M M - 21 Health Net / Cognizant Confidential

Final Execution Version

Data Warehouse	Bus Objext Data Security
Data Warehouse	Database Design Guidelines for ODW and ADW
Data Warehouse	ODW Roler and Privileges
Data Warehouse	ODW Data Dictionary Guidelines
Hyperion	Hyperion End User Service Level Agreement	Lays out availability run times, and Base response times to Remedy tickets.
Cross-Functional	ME-ESB Procedures	ESB deployment request Procedures	Development
Cross-Functional	Middleware Workfflow	Web service deployment work flow	Development
Cross Functional	Middleware ESB Request	Form use to request web services moved from STG to PRD.	Development
Cross Functional	PDLC Framework Manual	Describes Health Net’s Project Development Life Cycle (PDLC) framework, including its processes, disciplines and concepts.	Development

Schedule M M - 22 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE N

EQUIPMENT

Schedule N Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE N

EQUIPMENT

As of the Effective Date, there is no Equipment to list in this Schedule N.

Schedule N N - 1 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE O

APPROVED SUBCONTRACTORS

Schedule O Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE O

APPROVED SUBCONTRACTORS

As of the Effective Date, there are no Approved Subcontractors.

Schedule O O - 1 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE P

REPORTS

Schedule P Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE P

REPORTS

Without limiting Supplier’s obligations and Health Net’s rights set forth elsewhere in the Agreement (including Section 17.3 of the General Terms and Conditions), this Schedule P lists certain reports that Supplier shall create and provide to Health Net as of the Effective Date. In addition to those reports listed in this Schedule P, as reasonably requested by Health Net, Supplier shall also provide Health Net with ad hoc reports.

The Reports formats will be defined in the Procedures Manual. The Reports may take the form of an Electronic and Printed Report.

Area	Report Title	Description of Report	Frequency	Current Report
Production Support	Missed Resolution Report	A report that includes for each Problem or Incident for which Supplier failed to meet the Problem/Incident Resolution Time, a summary of such Problem or Incident, the reason(s) why Supplier failed to meet the Problem/Incident Resolution Time, target resolution date, and the steps taken (and currently being taken) by Supplier during the resolution efforts.	Business Day	Written report in a form specified in the Procedures Manual.
Development	Development Resource / Project Summary Status	Every month, the Supplier will provide Health Net reports that include the following: Identify the number of projects and their respective milestones (critical and non-critical). . For each application development project, the number of personnel hours planned (for each month including forward months) and actual hours expended (by month). The Personnel Support Plan shall include the accurate accounting and reporting of planned and	Monthly	Written report in a form specified in the Procedures Manual

Schedule P P - 1 Health Net / Cognizant Confidential

Final Execution Version

		expended personnel hours or status on each milestone (critical and non-critical). The Personnel Support plan will include reporting by resources by location, allocation to phase of development (So Health Net can appropriately Capitalize work products) and skill set that are providing the Application Development Services.
Production Support	Production Support Resource / Project Summary Status	Every month, the Supplier will provide Health Net reports that include the following: Identify the number of Remedy Tickets by type and Priority, the number of Missed Resolution Dates, the time spent on Minor enhancements The Personnel Support Plan shall include the accurate accounting and reporting of planned and expended personnel hours on minor enhancements in each application. The Personnel Support plan will include reporting by resources by location and skill set that are providing the Application Production Support Services. Report should be provided in electronic format as well so it can tie to Project Estimating Summary report.	Weekly, Monthly, Quarterly, On-Demand	Written report in a form specified in the Procedures Manual
TCOE	TCOE Project Coming Soon Status	Every Quarter, the Supplier will provide Health Net reports that include the following: Identify the number of Projects scheduled for the TCOE in the next Quarter, as well as projects currently in the TCOE. The report shall include at a minimum; Name, status, the time spent on the Project, target dates for the testing, issues, and concerns as related to the Testing of the projects in the TCOE.	Quarterly	Written report in a form specified in the Procedures Manual

Schedule P P - 2 Health Net / Cognizant Confidential

Final Execution Version

TCOE	TCOE Resource Personnel Support Plan	The Personnel Support Plan shall include the accurate accounting and reporting of planned and expended personnel hours on each project by application, or TCOE Operations. The Personnel Support plan will include reporting by resources by location and skill set that are providing the Testing Support Services, as well as phase in the testing process.	Monthly	Written report in a form specified in the Procedures Manual.
TCOE	TCOE Readiness Checklist Summary	Projects expected to be in test should provide a status on Readiness checklist. The exception is minor enhancements of duration 40 hours or less or projects that enter and exit within the week (The exception will appear in the following week.)	Weekly, at beginning of week. Monday 7:00AM.	Written report in a form specified in the Procedures Manual.
TCOE	Project LOE Summary Report	Weekly, Defect Densities are based on Development effort; Each Project Due into the TCOE will need to report Development Days to drive metrics for Defect Density.	Weekly	Written report in a form specified in the Procedures Manual.
Account Management	Service Level Missed Report	Every month, the Supplier will provide Health Net reports that include, each service level performance, including trending data, and whether there was a miss. The service levels included will be critical or not critical service levels.	Monthly	Written report in a form specified in the Procedures Manual.
Account Planning	Quarterly Account Planning Report	This report provides information with respect to all business related activities identified for the Account Management and Account Planning and Analysis aspects of Schedule A chapter 2.1, 2.2 and 2.5	Quarterly	Written report in a form specified in the Procedures Manual
Account Planning	Quarterly Technical Planning Report	This report provides information with respect to all Technology activities identified for Account Planning aspects	Quarterly	Written report in a form specified in the Procedures Manual

Schedule P P - 3 Health Net / Cognizant Confidential

Final Execution Version

Account Planning	Annual summary of Innovation Center	The Quarterly Technical Planning Report will be augmented annually on the Contract anniversary to highlight the specific concepts and innovations that were provided to Health Net with the Supplier’s Innovation Center.	Annual	Written report in a form specified in the Procedures Manual
Project Status	Project Dashboard Summary	Identify the number of open projects and their respective milestones (critical and non-critical). Ahead of Schedule, behind schedule, and brief status (status, Changes, Risks, Issues), and current Development Effort expended (To affect Defect Density).	Weekly	Current Weekly Dashboard
Project Management	Project Estimating Summary	The report should be provided electronically and include Estimate amount, by status, and status for active projects. This report will tie to the Development Resource / Project Summary Status.	Monthly	Written report in a form specified in the Procedures Manual
Project Management	Project Inventory in initiation.	Identify the number of projects that were received to be estimated, their status and what is waiting estimation, or clarification as Project Briefs and BARRs.	Weekly	Written report in a form specified in the Procedures Manual
Security	Security report	Report on any identified security violations, including Security Incidents	Weekly, On Demand	Written report in a form specified in the Procedures Manual.
Production Support	Root Cause Analysis (RCA) report	This is a report regarding all RCAs performed (and those in progress) since the previous report for Priority 1 Problems and Incidents as well as those Priority 2 Problems and Incidents that have been promoted to a Priority. 1 by Supplier of Health Net including remediation efforts (if any). These will also be required to be entered into an electronic format.	Monthly or as RCAs occur	Written report in a form specified in the Procedures Manual
Project Management	Schedule Variance report	The schedule variance for a major enhancement or projects.	Monthly, On Demand	Written report in a form specified in

Schedule P P - 4 Health Net / Cognizant Confidential

Final Execution Version

				the Procedures Manual
Project Management	Financial Variance reporting	The financial variance for a Project shall not exceed ten percent (10%). This report applies only to Projects that are not priced on a fixed price basis or other basis with an agreed limitation on total price, such as time and materials with a cap.	Monthly, On Demand	Written report in a form specified in the Procedures Manual
Production Support	Software Currency Report	This report will track the Software in the environment, the levels relevant to current manufacturer level and if the version in the environment still has maintenance. This will help identify the In-Scope Applications and third party application software, This is an extension to the Software list maintained by infrastructure. .	Quarterly	Written report in a form specified in the Procedures Manual

Schedule P P - 5 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE Q

GLOSSARY

Schedule Q Q - 1 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE Q

GLOSSARY

The following capitalized terms, when used in the Agreement, will have the meanings given below unless the context requires otherwise. In the event of a conflict between the definitions in the body of the Terms and Conditions and this GLOSSARY, the provisions in the body of Terms and Conditions shall prevail.

Defined Term	Meaning	Primary Use Location
“Acceptance Criteria”	Has the meaning set forth in Section 1.2(b)(vi) of Exhibit A-6 to Schedule A of the Terms and Conditions	Exhibit A-6
“Acceptance Period”	Has the meaning set forth in Section 2 of Attachment A-6-1 to Exhibit A-6 to Schedule A of the Terms and Conditions	Attachment A-6-1
“Acceptance Tests”	Has the meaning set forth in Section 4(a) of Attachment A-6-1 to Exhibit A-6 to Schedule A of the Terms and Conditions	Attachment A-6-1
“Actual AD Hours”	Has the meaning set forth in Section 5.3(a)(i) of Schedule C to the Terms and Conditions	Schedule C
“Actual Uptime”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“AD Charge”	Has the meaning set forth in Section 2.1(a) of Schedule C to the Terms and Conditions	Schedule C
“***”	Has the meaning set forth in Section 5.3(b) of Schedule C to the Terms and Conditions	Schedule C
“AD Project”	Has the meaning set forth in Section 2.1(b) of Schedule C to the Terms and Conditions	Schedule C
“AD Project Forecast”	Has the meaning set forth in Section 5.2(a) of Schedule C to the Terms and Conditions	Schedule C
“AD Services”	Has the meaning set forth in Section 2.1(c) of Schedule C to the Terms and Conditions	Schedule C
“Addendum”	Has the meaning set forth in the introductory paragraph of Schedule K to the Terms and Conditions	Schedule K
“Adjustable Charges”	Has the meaning set forth in Section 8.1(a) of Schedule C to the Terms and Conditions	Schedule C
“Affected	Has the meaning set forth in Section 2(a) of Sched-	Schedule E

Schedule Q Q - 2 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
Employees”	ule E to the Terms and Conditions
“Affiliate”	Has the meaning set forth in Section 2.1(a) of the Terms and Conditions	Terms and Conditions
“Agreement”	Has the meaning set forth in Section 2.1(b) of the Terms and Conditions	Terms and Conditions
“AHE”	Has the meaning set forth in Section 8.1(g) of Schedule C to the Terms and Conditions	Schedule C
“Amount at Risk”	Has the meaning set forth in Section 6.2(a) of the Terms and Conditions	Terms and Conditions
“Application”	Has the meaning set forth in Section 2.1(c) of the Terms and Conditions	Terms and Conditions
“Application Availability”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Application Development Charge”	Has the meaning set forth in Section 2.1(a) of Schedule C to the Terms and Conditions	Schedule C
“Application Development Project”	Has the meaning set forth in Section 2.1(b) of Schedule C to the Terms and Conditions	Schedule C
“Application Development Services”	Has the meaning set forth in Section 5 of Schedule A to the Terms and Conditions	Schedule A
“Application Maintenance Services”	Has the meaning set forth in Section 3.1 of Schedule A to the Terms and Conditions	Schedule A
“Application Operation Support”	Has the meaning set forth in Section 3.2(e) of Schedule A to the Terms and Conditions	Schedule A
“Application Optimization”	Has the meaning set forth in Section 3.1(e) of Schedule A to the Terms and Conditions	Schedule A
“Application Response Time”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Application Software”	Has the meaning set forth in Section 2.1(c) of the Terms and Conditions	Terms and Conditions
“Application Support Services”	Has the meaning set forth in Section 3 of Schedule A to the Terms and Conditions	Schedule A

Schedule Q Q - 3 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Approved Leave”	Has the meaning set forth in Section 2(b) of Schedule E to the Terms and Conditions	Schedule E
“Approved Subcontractor”	Has the meaning set forth in Section 7.7(c) of the Terms and Conditions	Terms and Conditions
“Associated Tools and Software”	Has the meaning set forth in Section 1.3(a) of Schedule A to the Terms and Conditions	Schedule A
“Auditors”	Has the meaning set forth in Section 18.1(a) of the Terms and Conditions	Terms and Conditions
“Audits”	Has the meaning set forth in Section 18.1(a) of the Terms and Conditions	Terms and Conditions
“Available for Use”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Availability Management”	Has the meaning set forth in Section 2.12 of Schedule A to the Terms and Conditions	Schedule A
“Availability Plan”	Has the meaning set forth in Section 2.12(viii) of Schedule A to the Terms and Conditions	Schedule A
“Background Checks”	Has the meaning set forth in Section 7.2 of the Terms and Conditions	Terms and Conditions
“Bankruptcy Code”	Has the meaning set forth in Section 15.7(c) of the Terms and Conditions	Terms and Conditions
“Baseline AD Hours”	Has the meaning set forth in Section 5.1(b) of Schedule C to the Terms and Conditions	Schedule C
“Baseline Minor Enhancement Hours”	Has the meaning set forth in Section 4.4(a) of Schedule C to the Terms and Conditions	Schedule C
“Baselining Period”	Has the meaning set forth in Section 5.2(c)(ii) of Schedule B to the Terms and Conditions	Schedule B
“Batch Job Completion Time”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Batch Job Start Time”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Batch Window”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Benchmarker”	Has the meaning set forth in Section 9.4(b) of the Terms and Conditions	Terms and Conditions

Schedule Q Q - 4 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Beneficiary”	Has the meaning set forth in Section 2.1(d) of the Terms and Conditions	Terms and Conditions
“Benefit Program”	Has the meaning set forth in Section 2.1(e) of the Terms and Conditions	Terms and Conditions
“Blended Inflation Factor”	Has the meaning set forth in Section 8.1(d) of Schedule C to the Terms and Conditions	Schedule C
“Business Associate”	Has the meaning set forth in the introductory paragraph of Schedule K to the Terms and Conditions	Schedule K
“Business Days”	Has the meaning set forth in Section 2.1(b) of Schedule B to the Terms and Conditions	Schedule B
“Business Hour(s)”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Cause”	Has the meaning set forth in Section 2(c) of Schedule E to the Terms and Conditions	Schedule E
“Change”	Has the meaning set forth in Section 17.5(a) of the Terms and Conditions	Terms and Conditions
“Change Control Process”	Has the meaning set forth in Section 17.5(a) of the Terms and Conditions	Terms and Conditions
“Change of Control of Health Net”	Has the meaning set forth in Section 16.1(d) of the Terms and Conditions	Terms and Conditions
“Change of Control of Supplier”	Has the meaning set forth in Section 16.1(e) of the Terms and Conditions	Terms and Conditions
“Change Management” or “CM”	Has the meaning set forth in Section 2.10(a) of Schedule A.	Schedule A
“Change Notice” or “CN”	Has the meaning set forth in Section 2.1 of Exhibit A-5 to Schedule A to the Terms and Conditions	Exhibit A-5
“Charges”	Has the meaning set forth in Section 1 of Schedule C to the Terms and Conditions	Schedule C
“Claim	Has the meaning set forth in Section 23.1 of the Terms and Conditions	Terms and Conditions
“Client Partner”	Has the meaning set forth in Section 17.1(a) of the Terms and Conditions	Terms and Conditions

Schedule Q Q - 5 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Code”	Has the meaning set forth in Section 4.2 of Schedule B to the Terms and Conditions	Schedule B
“Code 1”	Has the meaning set forth in Section 4.2(a) of Schedule B to the Terms and Conditions	Schedule B
“Code 2”	Has the meaning set forth in Section 4.2(b) of Schedule B to the Terms and Conditions	Schedule B
“Code 3”	Has the meaning set forth in Section 4.2(c) of Schedule B to the Terms and Conditions	Schedule B
“Code 4”	Has the meaning set forth in Section 4.2(d) of Schedule B to the Terms and Conditions	Schedule B
“COLA”	Has the meaning set forth in Section 8.1(a) of Schedule C to the Terms and Conditions	Schedule C
“Combined Service Time”	Has the meaning set forth in Section 2(d) of Schedule E to the Terms and Conditions	Schedule E
“Commercially Reasonable Efforts	Has the meaning set forth in Section 2.1(f) of the Terms and Conditions	Terms and Conditions
“Confidential Information”	Has the meaning set forth in Section 21.1(a) of the Terms and Conditions	Terms and Conditions
“Contract Governance”	Has the meaning set forth in Section 1 of Schedule G to the Terms and Conditions	Schedule G
“Contract Year”	Has the meaning set forth in Section 2.1(e) of Schedule C to the Terms and Conditions	Schedule C
“Control” and its derivatives	Has the meaning set forth in Section 2.1(g) of the Terms and Conditions	Terms and Conditions
“Core Applications”	Has the meaning set forth in Section I of Exhibit B-2 to Schedule B to the Terms and Conditions	Exhibit B-2
“Core Supplier Personnel”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Critical Batch Job”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Critical Service Level”	Has the meaning set forth in Section 2.1(c) of Schedule B to the Terms and Conditions	Schedule B
“Critical Service Level Failure”	Has the meaning set forth in Section 2.1(d) of Schedule B to the Terms and Conditions	Schedule B

Schedule Q Q - 6 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Critical Test”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Cross Functional Services”	Has the meaning set forth in Section 2 of Schedule A to the Terms and Conditions	Schedule A
“Current Contract”	Has the meaning set forth in Section A of Schedule K to the Terms and Conditions	Schedule K
“days”	Has the meaning set forth in Section 25.10(b) of the Terms and Conditions	Terms and Conditions
“Defect”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Defect Density”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Deliverable”	Has the meaning set forth in Section 2.1(h) of the Terms and Conditions	Terms and Conditions
“Deliverable Defect”	Has the meaning set forth in Section 4(e) of Annex A-6-1 to Exhibit A-6 to Schedule A to the Terms and Conditions	Attachment A-6-1
“Dependents”	Has the meaning set forth in Section 4.1(f) of Schedule E to the Terms and Conditions	Schedule E
“Derivative Work”	Has the meaning set forth in Section 15.1(c) of the Terms and Conditions	Terms and Conditions
“Development Related Managed Third Parties”	Has the meaning set forth in Section 1.3(b) of Schedule A to the Terms and Conditions	Schedule A
“Development Related Managed Third Party Contracts”	Has the meaning set forth in Section 1.3(c) of Schedule A to the Terms and Conditions	Schedule A
“DHHS”	Has the meaning set forth in Section 2(O) of Schedule K to the Terms and Conditions	Schedule K
“Disengagement Assistance”	Has the meaning set forth in Section 2.1(i) of the Terms and Conditions	Terms and Conditions
“Disengagement Assistance Period”	Has the meaning set forth in Section 2.1(j) of the Terms and Conditions	Terms and Conditions
“Disengagement	Has the meaning set forth in Section 2(e) of Sched-	Schedule E

Schedule Q Q - 7 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
Event”	ule E to the Terms and Conditions
“Disengagement Plan”	Has the meaning set forth in Section 1(c)(i) of Schedule L to the Terms and Conditions	Schedule L
“Dispute Date”	Has the meaning set forth in Section 26.1(a)(i) of the Terms and Conditions	Terms and Conditions
“Documentation”	Has the meaning set forth in Section 2.1(k) of the Terms and Conditions	Terms and Conditions
“Earnback Methodology”	Has the meaning set forth in Section 4.6(a) of Schedule B to the Terms and Conditions	Schedule B
“Effective Date”	Has the meaning set forth in the preamble to the Terms and Conditions	Terms and Conditions
“End User”	Has the meaning set forth in Section 2.1(m) of the Terms and Conditions	Terms and Conditions
“EPHI”	Has the meaning set forth in Section A of Schedule K to the Terms and Conditions	Schedule K
“Equipment”	Has the meaning set forth in Section 2.1(n) of the Terms and Conditions	Terms and Conditions
“***”	Has the meaning set forth in Section 9.4(d) of the Terms and Conditions	Terms and Conditions
“Financial Responsibility”	Has the meaning set forth in Section 2.1(o) of Terms and Conditions	Terms and Conditions
“Force Majeure Event”	Has the meaning set forth in Section 24.3(a) of the Terms and Conditions	Terms and Conditions
“Former Health Net Affiliate”	Has the meaning set forth in Section 2.1(p) of the Terms and Conditions	Terms and Conditions
“Former Health Net Personnel”	Has the meaning set forth in Section 6.1(a) of Schedule E to the Terms and Conditions	Schedule E
“Former Health Net Personnel Information”	Has the meaning set forth in Section 6.1(a) of Schedule E to the Terms and Conditions	Schedule E
“FTE”	Has the meaning set forth in Section 2.1(f) of Schedule C to the Terms and Conditions	Schedule C
“Functions”	Has the meaning set forth in Section 3.1(a) of the Terms and Conditions	Terms and Conditions

Schedule Q Q - 8 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Furnishing Party”	Has the meaning set forth in Section 21.1(a) of the Terms and Conditions	Terms and Conditions
“GLB Act”	Has the meaning set forth in Section 14.6(a) of the Terms and Conditions	Terms and Conditions
“Health Net”	Has the meaning set forth in the preamble to the Terms and Conditions	Terms and Conditions
“Health Net 401(k) Savings Plan”	Has the meaning set forth in Section 2(h) of Schedule E to the Terms and Conditions	Schedule E
“Health Net Bonuses”	Has the meaning set forth in Section 3.8(b) of Schedule E to the Terms and Conditions	Schedule E
“Health Net Competitors”	Has the meaning set forth in Section 15.5(b) of the Terms and Conditions	Terms and Conditions
“Health Net Data”	Has the meaning set forth in Section 14.1 of the Terms and Conditions	Terms and Conditions
“Health Net Facility”	Has the meaning set forth in Section 2.1(q) of the Terms and Conditions	Terms and Conditions
“Health Net Indemnities”	Has the meaning set forth in Section 23.2 of the Terms and Conditions	Terms and Conditions
“Health Net Leased Equipment”	Has the meaning set forth in Section 11.3(a) of the Terms and Conditions	Terms and Conditions
“Health Net Licensed Associated Tools and Software”	Has the meaning set forth in Section 11.6(a) of the Terms and Conditions	Terms and Conditions
“Health Net Licensed In Scope Applications”	Has the meaning set forth in Section 11.6(a) of the Terms and Conditions	Terms and Conditions
“Health Net Licensed Service Delivery Software”	Has the meaning set forth in Section 11.6(a) of the Terms and Conditions	Terms and Conditions
“Health Net Licensed Software”	Has the meaning set forth in Section 11.6(a) of the Terms and Conditions	Terms and Conditions
“Health Net Non-public Data”	Has the meaning set forth in Section 14.6(a) of the Terms and Conditions	Terms and Conditions
“Health Net Owned Associated Tools and	Has the meaning set forth in Section 11.5(a) of the Terms and Conditions	Terms and Conditions

Schedule Q Q - 9 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
Software”
“Health Net Owned Equipment”	Has the meaning set forth in Section 11.2(a) of the Terms and Conditions	Terms and Conditions
“Health Net Owned In Scope Applications”	Has the meaning set forth in Section 11.5(a) of the Terms and Conditions	Terms and Conditions
“Health Net Owned Service Delivery Software”	Has the meaning set forth in Section 11.5(a) of the Terms and Conditions	Terms and Conditions
“Health Net Owned Software”	Has the meaning set forth in Section 11.5(a) of the Terms and Conditions	Terms and Conditions
“Health Net PHI”	Has the meaning set forth in Section 2(P) of Schedule K to the Terms and Conditions	Schedule K
“Health Net Third Party Service Contracts”	Has the meaning set forth in Section 11.4(a) of the Terms and Conditions	Terms and Conditions
“HIPAA”	Has the meaning set forth in Section A of Schedule K to the Terms and Conditions	Schedule K
“HIPAA Regulations”	Has the meaning set forth in Section A of Schedule K to the Terms and Conditions	Schedule K
“hour” or “hours”	Has the meaning set forth in Section 25.10(b) of the Terms and Conditions	Terms and Conditions
“HVAC”	Has the meaning set forth in Section 11.8(a) of the Terms and Conditions	Terms and Conditions
“Incident”	Has the meaning set forth in Section I of Exhibit B-2 to Schedule B to the Terms and Conditions	Exhibit B-2
“including” (and any of its derivative forms)	Has the meaning set forth in Section 25.10(a)(i) of the Terms and Conditions	Terms and Conditions
“Incremental AD Hours”	Has the meaning set forth in Section 5.3(b)(i) of Schedule C to the Terms and Conditions	Schedule C
“Independent IP”	Has the meaning set forth in Section 15.1(b) of the Terms and Conditions	Terms and Conditions
“Individual Application Production Support	Has the meaning set forth in Section 2.1(g) of Schedule C to the Terms and Conditions	Schedule C

Schedule Q Q - 10 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
Charges”
“In-Flight Projects”	Has the meaning set forth in Section 13.2(b) of the Terms and Conditions	Terms and Conditions
“In Scope Applications”	Has the meaning set forth in Section 1.3(d) of Schedule A to the Terms and Conditions	Schedule A
“Intellectual Property Rights”	Has the meaning set forth in Section 15.1(a) of the Terms and Conditions	Terms and Conditions
“in writing”	Has the meaning set forth in Section 25.10(a)(iv) of the Terms and Conditions	Terms and Conditions
“IT Infrastructure”	Has the meaning set forth in Section 2.1(s) of the Terms and Conditions	Terms and Conditions
“Joint Capacity Planning Process”	Has the meaning set forth in Section 2.3(k) of Schedule G to the Terms and Conditions	Schedule G
“Joint Management Committee”	Has the meaning set forth in Section 2.5(b)(i) of Schedule G to the Terms and Conditions	Schedule G
“Joint Operations Committee”	Has the meaning set forth in Section 2.5(c)(i) of Schedule G to the Terms and Conditions	Schedule G
“Joint Steering Committee”	Has the meaning set forth in Section 2.5(a)(i) of Schedule G to the Terms and Conditions	Schedule G
“Key Supplier Positions”	Has the meaning set forth in Section 7.4(a) of the Terms and Conditions	Terms and Conditions
“KT	Has the meaning set forth in Exhibit A-2 to Schedule A to the Terms and Conditions	Exhibit A-2
“Law”	Has the meaning set forth in Section 2.1(t) of the Terms and Conditions	Terms and Conditions
“Level of Effort (LOE) Estimate Deviation”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Losses”	Has the meaning set forth in Section 23.1 of the Terms and Conditions	Terms and Conditions
“Low”	Has the meaning set forth in Section I of Exhibit B-3 to Schedule B to the Terms and Conditions
“Managed Third Parties”	Has the meaning set forth in Section 7.8 of the Terms and Conditions	Terms and Conditions

Schedule Q Q - 11 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Maximum Offshore/Onshore Ratio”	Has the meaning set forth in Section 4.5 of Schedule C to the Terms and Conditions	Schedule C
“may”	Has the meaning set forth in Section 25.10(a)(ii) of the Terms and Conditions	Terms and Conditions
“may not”	Has the meaning set forth in Section 25.10(a)(ii) of the Terms and Conditions	Terms and Conditions
“Measurement Period”	Has the meaning set forth in Section 2.1(e) of Schedule B to the Terms and Conditions	Schedule B
“Mental Impressions”	Has the meaning set forth in Section 15.8(a) of the Terms and Conditions	Terms and Conditions
“Methodology Compliance Percentage”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Milestones”	Has the meaning set forth in Section 1.2(b)(iii) of Exhibit A-6 to Schedule A of the Terms and Conditions	Exhibit A-6
“Minimum Commitment”	Has the meaning set forth in Section 7.8(a) of Schedule C to the Terms and Conditions	Schedule C
“Minimum Retention Period”	Has the meaning set forth in Section 3.6(a) of Schedule E to the Terms and Conditions	Schedule E
“Minor Enhancements”	Has the meaning set forth in Section 2.1(j) of Schedule C to the Terms and Conditions	Schedule C
“Monthly Performance Report”	Has the meaning set forth in Section 17.3(b) of the Terms and Conditions	Terms and Conditions
“New Services”	Has the meaning set forth in Section 3.7(a) of the Terms and Conditions	Terms and Conditions
“New Work”	Has the meaning set forth in Section 15.1(c) of the Terms and Conditions	Terms and Conditions
“Non-Core Applications”	Has the meaning set forth in Section I of Exhibit B-2 to Schedule B to the Terms and Conditions	Exhibit B-2
“Non-Critical Batch Job”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1

Schedule Q Q - 12 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Non-Disclosure Agreement”	Has the meaning set forth in Section 11.2(d) of the Terms and Conditions	Terms and Conditions
“Non Impacting Service Levels”	Has the meaning set forth in Section 4.6(a) of Schedule B to the Terms and Conditions	Schedule B
“Notice of Election”	Has the meaning set forth in Section 23.5(a) of the Terms and Conditions	Terms and Conditions
“Offshore Inflation Factor”	Has the meaning set forth in Section 8.1(c)of Schedule C to the Terms and Conditions	Schedule C
“Offshore Personnel”	Has the meaning set forth in Section 2.1(k) of Schedule C to the Terms and Conditions	Schedule C
“Onshore Inflation Factor”	Has the meaning set forth in Section 8.1(b) of Schedule C to the Terms and Conditions	Schedule C
“Onshore Personnel”	Has the meaning set forth in Section 2.1(l) of Schedule C to the Terms and Conditions	Schedule C
“On-Site Health Net Resources”	Has the meaning set forth in Section 11.10(a) of the Terms and Conditions	Terms and Conditions
“Open Source Code”	Has the meaning set forth in Section 19.8(a)(iv) of the Terms and Conditions	Terms and Conditions
“Operational Deliverable”	Has the meaning set forth in Section 4(a) of Attachment A-6-1 to Exhibit A-6 to Schedule A of the Terms and Conditions	Attachment A-6-1
“Operational Support Services”	Has the meaning set forth in Section 3.2 of Schedule A to the Terms and Conditions	Schedule A
“OSS”	Has the meaning set forth in Section 3.2(g)(v)(A) of Schedule A to the Terms and Conditions	Schedule A
“Other Developed Items”	Has the meaning set forth in Section 15.5(a) of the Terms and Conditions	Terms and Conditions
“Out-of-Pocket Expenses”	Has the meaning set forth in Section 2.1(u) of the Terms and Conditions	Terms and Conditions
“Participant”	Has the meaning set forth in Section 2(j) of Schedule E to the Terms and Conditions	Schedule E
“Parties”	Has the meaning set forth in the preamble to the	Terms and Conditions

Schedule Q Q - 13 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
	Terms and Conditions
“Party”	Has the meaning set forth in the preamble to the Terms and Conditions	Terms and Conditions
“Pass Through Expenses”	Has the meaning set forth in Section 9.1(a) of the Terms and Conditions	Terms and Conditions
“PCR”	Has the meaning set forth in Section 2(b) of Exhibit A-6 to Schedule A of the Terms and Conditions	Exhibit A-6
“PHI”	Has the meaning set forth in Section A of Schedule K to the Terms and Conditions	Schedule K
“Pool Percentage Available for Allocation”	Has the meaning set forth in Section 2.1(f) of Schedule B to the Terms and Conditions	Schedule B
“Priority”	Has the meaning set forth in Sections I and II of Exhibit B-2 to Schedule B to the Terms and Conditions	Exhibit B-2
“Problem”	Has the meaning set forth in Section II of Exhibit B-2 to Schedule B to the Terms and Conditions	Exhibit B-2
“Problem/Incident Missed Resolution Report”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Problem/Incident Resolution Time”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Problem/Incident Response Time”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Procedures Manual”	Has the meaning set forth in Section 17.4(a) of the Terms and Conditions	Terms and Conditions
“Production Control and Scheduling”	Has the meaning set forth in Section 3.2(d) of Schedule A to the Terms and Conditions.	Schedule A
“Productivity Commitments”	Has the meaning set forth in Section 4.6 of Schedule C to the Terms and Conditions	Schedule C
“Program Manager”	Has the meaning set forth in Section 8.1(a) of the Terms and Conditions	Terms and Conditions
“Programmer Effectiveness Percentage”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1

Schedule Q Q - 14 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Programming Standard Defect”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Project”	Has the meaning set forth in Section 1.3(e) of Schedule A to the General Terms and Conditions	Schedule A
“Project Brief”	Has the meaning set forth in Section 1.1(a) of Exhibit A-6 to Schedule A of the Terms and Conditions	Exhibit A-6
“Project Estimate”	Has the meaning set forth in Section 1.1(b) of Exhibit A-6 to Schedule A of the Terms and Conditions	Exhibit A-6
“Production Support Charge”	Has the meaning set forth in Section 2.1(m) of Schedule C to the Terms and Conditions	Schedule C
“Production Support Services”	Has the meaning set forth in Section 2.1(m) of Schedule C to the Terms and Conditions	Schedule C
“Productive Work”	Has the meaning set forth in Section 2.1(o) of Schedule C to the Terms and Conditions	Schedule C
“Project Manager”	Has the meaning set forth in Section 1.2(b)(viii) of Exhibit A-6 to Schedule A to the Terms and Conditions	Exhibit A-6
“PTO”	Has the meaning set forth in Section 4.3 of Schedule E to the Terms and Conditions	Schedule E
“RCA Completion Time”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“RCO”	Has the meaning set forth in Exhibit A-3 to Schedule A to the Terms and Conditions	Exhibit A-3
“RPO”	Has the meaning set forth in Exhibit A-3 to Schedule A to the Terms and Conditions	Exhibit A-3
“RTO”	Has the meaning set forth in Exhibit A-3 to Schedule A to the Terms and Conditions	Exhibit A-3
“Receiving Party”	Has the meaning set forth in Section 21.1(a) of the Terms and Conditions	Terms and Conditions
“Regulatory Change”	Has the meaning set forth in Section 27.7(c) of the Terms and Conditions	Terms and Conditions
“Release Management” or	Has the meaning set forth in Section 2.10(b) of Schedule A to the Terms and Conditions	Schedule A

Schedule Q Q - 15 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“RM”
“Release Package”	Has the meaning set forth in Section 2.10(b)(i) of Schedule A to the Terms and Conditions	Schedule A
“Required Consents”	Has the meaning set forth in Section 2.1(v) of the Terms and Conditions	Terms and Conditions
“Requirements Coverage Percentage”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Re-Transfer”	Has the meaning set forth in Section2(k) of Schedule E to the Terms and Conditions	Schedule E
“Re-Transfer Date”	Has the meaning set forth in Section2(l) of Schedule E to the Terms and Conditions	Schedule E
“Re-Transfer Employee”	Has the meaning set forth in Section 2(m) of Schedule E to the Terms and Conditions	Schedule C
“SAP Components”	Has the meaning set forth in Section 3.2(g)(i) of Schedule A to the Terms and Conditions	Schedule A
“Satisfaction Survey”	Has the meaning set forth in Section 6(a) of Schedule B to the Terms and Conditions	Schedule B
“SEC”	Has the meaning set forth in Section 21.2(d) of the Terms and Conditions.	Terms and Conditions
“Scheduled Downtime”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Scheduled Steady-State Date”	Has the meaning set forth in Section 4.2 of Schedule C to the Terms and Conditions	Schedule C
“Scheduled Uptime”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Security Incident”	Has the meaning set forth in Section 2.13(g) of Schedule A to the Terms and Conditions	Schedule A
“Self Help Tools”	Has the meaning set forth in Section 3.3(e) of Schedule A to the Terms and Conditions	Schedule A
“Service Commencement Date”	Has the meaning set forth in Section 2.1(w) of the Terms and Conditions	Terms and Conditions
“Service Level	Has the meaning set forth in Section 2.1(h) of	Schedule B

Schedule Q Q - 16 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
Credit”	Schedule B to the Terms and Conditions
“Service Level Failure”	Has the meaning set forth in Section 2.1(i) of Schedule B to the Terms and Conditions	Schedule B
“Service Levels”	Has the meaning set forth in Section 6.1 of the Terms and Conditions	Terms and Conditions
“Service Recipient”	Has the meaning set forth in Section 3.4(a) of the Terms and Conditions	Terms and Conditions
“Services”	Has the meaning set forth in Section 3.1 of the Terms and Conditions	Terms and Conditions
“Services Solution”	Has the meaning set forth in Section 2.3(a) of Schedule A to the Terms and Conditions	Schedule A
“shall”	Has the meaning set forth in Section 25.10(a)(iii) of the Terms and Conditions	Terms and Conditions
“Software	Has the meaning set forth in Section 2.1(x) of the Terms and Conditions	Terms and Conditions
“Software Quality Assurance/Testing Services”	Has the meaning set forth in Section 4 of Schedule A to the Terms and Conditions	Schedule A
“Source Code”	Has the meaning set forth in Section 2.1(y) of the Terms and Conditions	Terms and Conditions
“Staff Augmentation Agreement”	Has the meaning set forth in Section 1.1(c) of the Terms and Conditions	Terms and Conditions
“Status Update Time”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Steady-State”	Has the meaning set forth in Section 2.1(p) of Schedule C to the Terms and Conditions	Schedule C
“Subcontractor”	Has the meaning set forth in Section 7.7 of the Terms and Conditions	Terms and Conditions
“Successor Supplier”	Has the meaning set forth in Section 2(n) of Schedule E to the Terms and Conditions	Schedule E
“Supplier”	Has the meaning set forth in the preamble to the Terms and Conditions	Terms and Conditions
“Supplier 401(k) Plan”	Has the meaning set forth in Section 2(o) of Schedule E to the Terms and Conditions	Schedule E

Schedule Q Q - 17 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
Supplier Competitor	Has the meaning set forth in Section 2.1(z) of the Terms and Conditions	Terms and Conditions
“Supplier Facilities”	Has the meaning set forth in Section 5.2 of the Terms and Conditions	Terms and Conditions
“Supplier Indemnities”	Has the meaning set forth in Section 23.4 of the Terms and Conditions	Terms and Conditions
“Supplier Personnel”	Has the meaning set forth in Section 2.1(bb) of the Terms and Conditions	Terms and Conditions
“Supplier Proprietary Items”	Has the meaning set forth in Section 12.5(a) of the Terms and Conditions	Terms and Conditions
“Supplier Software”	Has the meaning set forth in Section 2.1(ee) of the Terms and Conditions	Terms and Conditions
“Supporting Skillset Rates”	Has the meaning set forth in Section 4.8 of Schedule C to the Terms and Conditions	Schedule C
“Systems Software”	Has the meaning set forth in Section 2.1(aa) of the Terms and Conditions	Terms and Conditions
“T&M Rates”	Has the meaning set forth in Section 2.1(r) of Schedule C to the Terms and Conditions	Schedule C
“Target Problem Impact”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Target Problems”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“TBCP”	Has the meaning set forth in 2.7(a) of Schedule A to the Terms and Conditions	Schedule A
“TCOE”	Has the meaning set forth in Section 4(a)(i) of Schedule A to the Terms and Conditions	Schedule A
“Technical Solution”	Has the meaning set forth in Section 1.5 of Schedule A to the Terms and Conditions	Schedule A
“Technology Plan”	Has the meaning set forth in Section 17.6 of the Terms and Conditions	Terms and Conditions
“Term”	Has the meaning set forth in Section 4.1 of the Terms and Conditions	Terms and Conditions
“Terms and Conditions”	Has the meaning set forth in Section 1.3 of the Terms and Conditions	Terms and Conditions

Schedule Q Q - 18 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
“Test Case”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Testing Completeness Percentage”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Testing Failure Rate”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Transfer Date”	Has the meaning set forth in Section 2(p) of Schedule E to the Terms and Conditions	Schedule E
“Transition”	Has the meaning set forth in Section 13.1 of the Terms and Conditions	Terms and Conditions
“Transition Plan”	Has the meaning set forth in Section 13.2(a) of the Terms and Conditions	Terms and Conditions
“Transition Start Date”	Has the meaning set forth in Section (i) of Schedule E to the Terms and Conditions	Schedule E
“Transitioned Employee”	Has the meaning set forth in Section 2(q) of Schedule E to the Terms and Conditions	Schedule E
“Turnover Rate”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“UAT”	Has the meaning set forth in Section 2 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“Unit Testing”	Has the meaning set forth in Section 5.5(a) of Schedule A to the Terms and Conditions	Schedule A
“UNME	Has the meaning set forth in Section 8.1(g) of Schedule C to the Terms and Conditions	Schedule C
“Unscheduled Downtime”	Has the meaning set forth in Section 1 of Exhibit B-1 to Schedule B to the Terms and Conditions	Exhibit B-1
“UPS”	Has the meaning set forth in Section 11.8(a) of the Terms and Conditions	Terms and Conditions
“Use”	Has the meaning set forth in Section 2.1(cc) of the Terms and Conditions	Terms and Conditions
“Virus”	Has the meaning set forth in Section 19.9 of the Terms and Conditions	Terms and Conditions
“WARN”	Has the meaning set forth in Section 5.3 of Sched-	Schedule E

Schedule Q Q - 19 Health Net / Cognizant Confidential

Final Execution Version

Defined Term	Meaning	Primary Use Location
	ule E to the Terms and Conditions
“Warranty Period”	Has the meaning set forth in Section 19.5 of the Terms and Conditions	Terms and Conditions
“Wave 6 Affected Employee”	Has the meaning set forth in Section 2(r) of Schedule E to the Terms and Conditions	Schedule E
“Weighting Factor”	Has the meaning set forth in Section 2.1(j) of Schedule B to the Terms and Conditions	Schedule B
“will”	Has the meaning set forth in Section 25.10(a)(iii) of the Terms and Conditions	Terms and Conditions
“Work Order”	Has the meaning set forth in Section 1.2(a) of Exhibit A-6 to Schedule A of the Terms and Conditions	Exhibit A-6
“Work Product”	Has the meaning set forth in Section 15.1(c) of the Terms and Conditions	Terms and Conditions
“Working Paper Employee”	Has the meaning set forth in Section 2(s) of Schedule E to the Terms and Conditions	Schedule E
“Working Paper Employment Costs”	Has the meaning set forth in Section 5.2(c) of Schedule E to the Terms and Conditions	Schedule E
“written”	Has the meaning set forth in Section 25.10(a)(iv) of the Terms and Conditions	Terms and Conditions
“Written Deliverables”	Has the meaning set forth in Section 3(a) of Attachment A-6-1 to Exhibit A-6 to Schedule A of the Terms and Conditions	Attachment A-6-1
“years”	Has the meaning set forth in Section 25.10(b) of the Terms and Conditions	Terms and Conditions

Schedule Q Q - 20 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE R

SUPPLIER COMPETITORS

Schedule R Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE R

SUPPLIER COMPETITORS

The following is a complete list of Supplier Competitors as referenced in Section 18.1(b) of the Terms and Conditions. Supplier Competitors shall also include all Affiliates of any of the following:

***

Schedule R R - 1 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE S

FORM NON-DISCLOSURE AGREEMENT

***

Schedule S S - 1 Health Net / Cognizant Confidential

Final Execution Version

SCHEDULE T

SECURITY QUESTIONNAIRE

Schedule T Health Net / Cognizant Confidential

Final Execution Version

Health Net Inc.

Service Provider

Security Assessment

Questionnaire

Version 2.00

Corporate Information Security Department

(INFOSEC)

***

Schedule T T - 2 Health Net / Cognizant Confidential

EX-31.1

Exhibit 31.1

CERTIFICATIONS

I, Jay M. Gellert, certify that:

1. I have reviewed this quarterly report on Form 10-Q of Health Net, Inc.;

2. Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;

3. Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this report;

4. The registrant’s other certifying officer(s) and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for the registrant and have:

(a) Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;

(b) Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;

(c) Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and

(d) Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonably likely to materially affect, the registrant’s internal control over financial reporting; and

5. The registrant’s other certifying officer(s) and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of registrant’s board of directors (or persons performing the equivalent functions):

(a) All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize and report financial information; and

(b) Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.

Date: November 7, 2008	/S/    JAY M. GELLERT
	Jay M. Gellert
	President and Chief Executive Officer

EX-31.2

Exhibit 31.2

CERTIFICATIONS

I, Joseph C. Capezza, certify that:

1. I have reviewed this quarterly report on Form 10-Q of Health Net, Inc.;

2. Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;

3. Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this report;

4. The registrant’s other certifying officer(s) and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for the registrant and have:

(a) Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;

(b) Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;

(c) Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and

(d) Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonably likely to materially affect, the registrant’s internal control over financial reporting; and

5. The registrant’s other certifying officer(s) and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of registrant’s board of directors (or persons performing the equivalent functions):

(a) All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize and report financial information; and

(b) Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.

Date: November 7, 2008	/S/    JOSEPH C. CAPEZZA
	Joseph C. Capezza
	Chief Financial Officer

EX-32.1

Exhibit 32.1

Certification of CEO and CFO Pursuant to

18 U.S.C. Section 1350,

as Adopted Pursuant to

Section 906 of the Sarbanes-Oxley Act of 2002

In connection with the Quarterly Report on Form 10-Q of Health Net, Inc. (the “Company”) for the quarterly period ended September 30, 2008 as filed with the Securities and Exchange Commission on the date hereof (the “Report”), Jay M. Gellert, as Chief Executive Officer of the Company, and Joseph C. Capezza, as Chief Financial Officer of the Company, each hereby certifies, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, that, to the best of his knowledge:

(1) The Report fully complies with the requirements of Section 13(a) or 15(d) of the Securities Exchange Act of 1934; and

(2) The information contained in the Report fairly presents, in all material respects, the financial condition and results of operations of the Company.

/s/     JAY M. GELLERT        

Jay M. Gellert

Chief Executive Officer

November 7, 2008

/s/    JOSEPH C. CAPEZZA      

Joseph C. Capezza

Chief Financial Officer

November 7, 2008