MURIEL BOWSER
MAYOR
July 5, 2023
Honorable Phil Mendelson
Chairman
Council
of the District of Columbia
John
A. Wilson Building
1350 Pennsylvania Avenue, NW, Suite 504
Washington, DC 20004
Dear Chairman Mendelson:
Enclosed for consideration and enactment by the Council
of the District of Columbia is an
emergency bill, the "Contract No. DCHBX-E-2023-0002 with Norton Rose Fulbright, LLC
Approval and Payment Authorization Emergency Act of2023," and the accompanying emergency
declaration resolution.
The legislation will approve Contract No. DCHBX-E-2023-0001 between Norton Rose Fulbright,
LLC, and the District
of Columbia Health Benefit Exchange Authority, to provide legal
representation
by outside counsel specializing in cybersecurity and privacy compliance, with a
focus on complex cybersecurity attacks and data breach investigations. In addition, the legislation
will approve payment for services received and to be received under the contract.
My administration is available to discuss any questions you may have regarding this legislation.
In order to facilitate a response to any questions you may have, please have your staff contact
Kenneth Wallington, Contracting Officer, DC Health Benefit Exchange Authority, at (202) 679-
5952.
I urge the Council to take prompt and favorable action on the enclosed legislation. 1
2
3
4
5
6
7
8
9
10
11
12
13
14
A BILL
~~~~-
~hil Mendelson
at the request
of the Mayor
IN THE COUNCIL OF THE DISTRICT OF COLUMBIA
15 To approve, on an emergency basis, Contract No. DCHBX-E-2023-0002 between the
16 District of Columbia Health Benefit Exchange Authority and Norton Rose
17 Fulbright, LLC (Norton Rose), in the aggregate not to exceed amount of $2.6
18 million, and to authorize payment to Norton Rose for representation and litigation
19 services received and to be received under the contract.
20
21 BE IT ENACTED BY THE COUNCIL OF THE DISTRICT OF COLUMBIA,
22 That this act may be cited
as the "Contract No. DCHBX-E-2023-0002 with Norton Rose
23 Fulbright, LLC Approval and Payment Authorization Emergency Act of 2023".
24 Sec.
2. Pursuant to section 451 of the District of Columbia Home Rule Act,
25 approved December 24, 1973 (87 Stat. 803; D.C. Official Code§ 1-204.51), and
26 notwithstanding the requirements
of section 202 of the Procurement Practices Reform
27 Act
of 2010, effective April 8, 2011 (D.C. Law 18-371; D.C. Official Code§ 2-352.02),
28 the Council approves DCHBX-E-2023-0002 between the District
of Columbia Health
29 Benefit Exchange Authority and Norton Rose Fulbright, LLC, and authorizes payment in
30 the not-to-exceed amount
of $2.6 million for the goods and services received and to be
31 received under the contract.
32 Sec.
3. Fiscal impact statement. 33 The Council adopts the fiscal statement of the Chief Financial Officer as the fiscal
34 impact statement required by section 4(a)
of the General Legislative Procedures Act of
35 1975, approved October 16, 2006 (120 Stat. 2038; D.C. Official Code§ 1-301.47(a)).
36 Sec.
4. Effective date.
3 7 This act shall take effect following approval by the Mayor ( or
in the event of veto
38 by the Mayor, action by the Council to override the veto), and shall remain
in effect for
39 no longer than 90 days,
as provided for emergency acts of the Council of the District of
40 Columbia in section 412(a) of the District of Columbia Home Rule Act, approved
41 December 24, 1973 (87 Stat. 788; D.C. Official Code§ 1-204.12(a)).
2 GOVERNMENT OF THE DISTRICT OF COLUMBIA
Office
of Contracting and Procurement
* * *
-
Pursuant to section 202(c-1) of the Procurement Practices Reform Act of 2010, as amended, D.C.
Official
Code§ 2-352.02(c-1), the following contract summary is provided:
COUNCIL CONTRACT SUMMARY
(Retroactive)
(A) Contract Number: DCHBX-2023-E-0002
Proposed Contractor:
Contract Amount: Norton Rose Fulbright US LLP
Not-to-Exceed (NTE) $2,600,000.
00
Unit and Method of Compensation: Hourly Rate
Term of Contract: March 11, 2023 through March 10, 2024
Type of Contract: Labor Hour w ith Cost Reimbursement Component
Source Selection Method: Exempt from Competition
(B) For a contract containing option periods, the contract amount for the base period and for
each option period.
If the contract amount for one or more of the option periods differs from
the amount for the base period, provide
an explanation of the reason for the difference:
Base Period Amount:
$2,600,000.00 (NTE)
Option Period 1 Amount: $2,000,000. 00
Explanation of difference from base period (if applicable): Services regarding the initial incident
r
esponse will not be required.
Option Period 2 Amount: $2,000,000.00
Explanation of difference from base period (if applicable): Services regarding the initial incident
response will not be required.
Option Period 3 Amount: $2,000,000. 00
Explanation of difference from base period (if applicable): Services regarding the initial
incident r
esponse will not be required.
1 Option Period 4 Amount: $2,000,000.00
Explanation of difference from base period (if applicable): Services regarding the initial incident
response will not be required.
(C) The goods or services to be provided, the methods of delivering goods or services, and any
significant program changes reflected in the proposed contract:
The contractor shall provide legal services and advice to HBX, including litigation services.
(D) The selection process, including the number of offerors, the evaluation criteria, and the
evaluation results, including price, technical or quality, and past performance components:
The selection process was exempt from competition as authorized by DC Official Code§§ 3 l-
3 l 71.04(a)(5) and 2-35 l.05(c)(22) and in accordance with DC Health Benefit Exchange Authority
Contracting and Procurement Policies and Procedures, Section III A(4)(i)(c) -Exemption from
Competitive Procurement Requirements.
(E) A description of any bid protest related to the award of the contract, including whether the
protest was resolved through litigation, withdrawal
of the protest by the protestor, or
voluntary corrective action by the District. Include the identity
of the protestor, the grounds
alleged in the protest, and any deficiencies identified
by the District as a result of the protest:
There were no protests.
(F) The background and qualifications of the proposed contractor, including its organization,
financial stability, personnel, and performance on past or current government or private
sector contracts with requirements similar
to those of the proposed contract:
Norton Rose Fulbright (NRF) is a global law firm with over 3000 lawyers and legal staff in over 50
cities worldwide. Norton Rose Fulbright US LLP
is a limited liability partnership organized under
the laws
of Texas. They are a financially stable company as demonstrated through their Dun &
Bradstreet supplier qualifier report. They have excellent past performance records in both the
government and private sectors with requirements similar to those
of HBX's contract. The past
performance elements include quality
of services, timeliness of performance, cost control, business
relations, and customer satisfaction.
(G) The period of performance associated with the proposed change, including date as of which
the proposed change is
to be made effective:
March 11, 2023, through March 10, 2024. The date the proposed change is to be made effective is
the date of Council approval for this contract through March 10, 2024.
(H) The value of any work or services performed pursuant to a proposed change for which the
Council has not provided approval, disaggregated by each proposed change
if more than one
proposed change has been aggregated for Council review:
2 The work or services performed pursuant to an agreement that does not, on its own, require Council
review,
is $847,237.
(I)
The aggregate dollar value of the proposed changes as compared with the amount of the
contract
as awarded:
The aggregate dollar amount of the proposed changes is $2,170,651. The original contract amount
is $420,000.
(J) The date on which the contracting officer was notified of the proposed change:
April 3, 2023
(K) The reason why the proposed change was sent to Council for approval after it is intended to
take effect:
On March 6, 2023, HBX received notice that some DC Health Link customers' data had been
exposed on a data breach public forum. The very next day, HBX contacted the Office
of the
Attorney General's Civil Litigation Division to request representation in this matter. OAG referred
HBX to an outside law firm that had represented. One day after speaking with that firm, the firm
advised
HBX that they had a conflict that would prevent them from representing HBX. HBX then
sought other referrals and received one from the cybersecurity forensics company that was already
analyzing HBX's breach. HBX met with that firm, Norton Rose Fulbright on Friday, March 10,
2023, and engaged them to assist HBX.
An initial class action complaint was filed in US District Court on Friday, March 17, 2023, alleging
that HBX failed to properly secure and safeguard
plaintiffs personally identifiable information.
HBX required the counsel
of NRF in response to the lawsuit. Since the initial class action filing,
there have been four additional lawsuits that were filed that will also require the legal services
of
NRF.
Upon becoming aware
of the data breach and the associated legal implications, HBX required
immediate services
of a law firm specializing in data breach litigation. However, due to the ongoing
requirements for legal services under this contract, expenditures will exceed
$1 million.
(L) The reason for the proposed change:
To provide additional legal services for representation, including the breach response, notifications,
and any subsequent litigation.
(M) The legal, regulatory, or contractual authority for the proposed change:
DC Official Code§ 31-3 l 71.04(a)(5) and§ 2-352.02
(N) A summary of the subcontracting plan required under section 2346 of the Small, Local, and
Disadvantaged Business Enterprise Development and Assistance Act
of 2005, as amended,
3 D.C. Official Code§ 2-218.01 et seq. ("Act"), including a certification that the subcontracting
plan meets the minimum requirements
of the Act and the dollar volume of the portion of the
contract to be subcontracted, expressed both in total dollars and as a percentage
of the total
contract amount:
A subcontracting plan was not required for this competition-exempt procurement.
(0) Performance standards and the expected outcome of the proposed contract:
NRF will provide quality specialized legal services including representation, notifications, and
litigation.
(P) The amount and date of any expenditure of funds by the District pursuant to the contract
prior
to its submission to the Council for approval:
There has been no expenditure of funds.
(Q) A certification that the proposed contract is within the appropriated budget authority for the
agency for the fiscal year and
is consistent with the financial plan and budget adopted in
accordance with D.C. Official Code
§§ 47-392.01 and 47-392.02:
The Agency Chief Financial Officer has provided a certification of the availability of funding for
the proposed contract (Attachment A).
(R) A certification that the contract is legally sufficient, including whether the proposed
contractor has any pending legal claims against the District:
The contract has been reviewed for legal sufficiency and deemed legally sufficient (Attachment B).
(S) A certification that Citywide Clean Hands database indicates that the proposed contractor is
current with its District taxes.
If the Citywide Clean Hands Database indicates that the
proposed contractor
is not current with its District taxes, either: (1) a certification that the
contractor has worked out and is current with a payment schedule approved by the District;
or (2) a certification that the contractor will be current with its District taxes after the District
recovers any outstanding debt as provided under D.C. Official
Code§ 2-353.0l(b):
NRF is in compliance with DC taxes per their Clean Hands report dated April 1, 2023 (Attachment
C).
(T) A certification from the proposed contractor that it is current with its federal taxes, or has
worked out and
is current with a payment schedule approved by the federal government:
NRF is current with its federal taxes as indicated by the System of Award Management (SAM)
record results (Attachment D).
4 (U) The status of the proposed contractor as a certified local, small, or disadvantaged business
enterprise as defined in the Small, Local, and Disadvantaged Business Enterprise
Development and Assistance Act of 2005, as amended, D.C. Official Code § 2-218.01 et seq.:
NRF is not a certified local, small, or disadvantaged business enterprise as defined in the Small,
Local, and Disadvantaged Business Enterprise Development and Assistance Act
of 2005.
(V) Other aspects of the proposed contract that the Chief Procurement Officer considers
significant:
None
(W) A statement indicating whether the proposed contractor is currently debarred from providing
services
or goods to the District or federal government, the dates of the debarment, and the
reasons for
debarment:
NRF has no record of debarment or suspension actions on the federal and District excluded parties
lists (Attachment E).
(X) Any determination and findings issues relating to the contract's formation, including any
determination
and findings made under D.C. Official Code § 2-352.05 (privatization
contracts):
No determination and findings issues.
(Y) Where the contract, and any amendments or modifications, if executed, will be made
available online:
www.hbx.de.gov
(Z)
Where the original solicitation, and any amendments or modifications, will be made available
online:
www.hbx.de.gov
5 * * * Government of the District of Columbia
Office
of the Chief Financial Officer
Office
of Tax and Revenue
Date of Notice: Apri I 1, 2023
NORTON ROSE FULBRIGHT US LLP
1301 MCKINNEY ST STE 5100
HOUSTON TX 77010-3095
1101 4
th
Street, SW
Washington, DC 20024
Notice Numb er: L0009476361
FEIN:
**-***1087
Case ID: 1466465
CERTIFICATE OF CLEAN HANDS
As reported in the Clean Hands system, the above referenced individual/entity has no outstanding
liabi
lity with the District of Columbia Office of Tax and Revenue or the Department of Employment
Services. As
of the date above, the individual/entity has complied with DC Code§ 47-2862, therefore
this Certificate of Clean Hands
is issued.
TITLE 47. TAXATION, LICENSING, PERMITS, ASSESSMENTS, AND FEES
CHAPTER 28 GENERAL LICENSE
SUBCHAPTER II. CLEAN HANDS BEFORE RECEIVING A LICENSE OR PERMIT
D.C.
CODE§ 47-2862 (2006)
§ 47-2862
PROHIBITION AGAINST ISSUANCE OF LICENSE OR PERMIT
Authorized By Melinda Jenkins
Branch Chief, Collection and Enforcement Administration
To validate this certificate, please visit MyTax
.DC.gov. On the MyTax DC homepage, click the
"Validate a Certificate
of Clean Hands" hyperlink under the Clean Hands section.
1101 4th Street SW, Suite W270, Washington, DC 20024/Phon e: (202) 724-5045/MyTax.DC.gov GOVERNMENT OF THE DISTRICT OF COLUMBIA
DC Health Benefit Exchange Authority
Office
of the Chief Financial Officer
MEMORANDUM
TO: Kenneth Wallington
Contracting Officer
*** --
DC Health Benefit Exchange Authority
FROM: Marjorie V. Edmonds
Agency Chief Financial Officer
DC Health Benefit Exchange Authority
Marjorie V.
Edmonds
THRU:
Delicia V. Moore
Digitally signed by Delicia V.
Associate Chief FinluelidiOfttcmoore moore
Digitally signed by
Marjorie V. Edmonds
Dat
e: 2023.06.14
16:26:21 -04'00'
H S
.
S tCl t Date:2023.06.1417:11: 42-04'00'
uman erv1ces uppor us er
DATE: June 14, 2023
SUBJECT: Certification
of Funding Availability -Norton Rose Fulbright, Contract #DCHBX-2023-E-0002
The Office
of the Chief Financial Officer hereby certifies that the sum of $2,600,000 is included in the
DC Health Benefit Exchange Authority's Enterprise Fund budget for Fiscal Year 2023 and Fiscal Year
2024
to fund the costs associated with the Agency's contract with Norton Rose Fulbright ("NRF" or
"Contractor")
to provide legal counsel and representation with respect to a data security breach incident
that was discovered on March
6, 2023. The Contractor shall provide legal services and advice to the DC
Health Benefit Authority (HBX), including litigation services. This certification supports the Norton Rose
Fulbright contract during the period from March
11, 2023, to March 10, 2024. The fund allocation is as
follows:
Vendor: Norton Rose Fulbright Contract#: DCHBX-2023-E-0002
Fiscal Year 2023 Funding Period:
03/09/2023 to 09/30/2023 (Non-PAT EO)
FY Agency Fund Program Cost Account Amount
Code Center
2023
HIO 8362003 100080 70119 7132001 $1,804,237
FY 2023 Contract Total: $1,804,237
1225 I Street, N.W ., Washington, D.C. 20005 (202) 715-7576 FAX (202)730-1658 Fiscal Year 2024 Funding: October 1, 2023, through March 10, 2024
FY Agency Fund Program Cost Account Amount
Code Center
2024
HIO 8362003 100080 70119 7132001 $795,763
FY 2024 Contract Total: $795,763
There is no fiscal impact associated with the contract.
Should you have any questions, please contact me at 202-503-5272.
1225 I Street, N.W., Washington, D.C. 20005 (202) 715-7576 FAX (202)730-1658 TO:
FROM:
GOVERNMENT OF THE DISTRICT OF COLUMBIA
HBX
DC Health Benefit
Exchange Authority
LEGAL SUFFICIENCY MEMORANDUM
Tommy Wells
Director
Office
of Policy and Legislative Affairs
Executive Office
of the Mayor
Brian
K. Flowers
General Counsel
DATE: June 6, 2023
SUBJECT: Legal Sufficiency Review of Draft Bill "Contract No. DCHBX-E-2023-0002 with
Norton Rose Fulbright, LLC Approval and Payment Authorization Emergency
Act
of 2023", and the accompanying Emergency Declaration Resolution.
I have reviewed the draft bill entitled "Contract
No. DCHBX-E-2023-0002 with Norton Rose
Fulbright, LLC Approval and Payment Authorization Emergency Act
of 2023", and the
accompanying Emergency Declaration Resolution (Legislation).
Pursuant to section 451
of the District of Columbia Home Rule Act, approved December 24, 1973
(87 Stat. 803; D.C. Official Code § 1-204.51) and notwithstanding the requirements
of section 202
of the Procurement Practices Reform Act of 2010, effective April 8, 2011 (D.C. Law 18-371; D. C.
Official Code § 2-352.02), the Legislation would approve on an emergency basis, Contract No.
DCHBX-E-2023-0002 between the District of Columbia Health Benefit Exchange Authority and
Norton Rose Fulbright, LLC, in the not-to-exceed amount
of $2.6 million for representation and
litigation services received and to be received under the contract. The contract is needed to provide
representation and litigation services related to a data breach.
If you have any questions, please do not hesitate to contact me at (202)812 .8444.
I have reviewed the proposed Legislation and certify that it is legally sufficient.
Brian
K. Flowers March 10, 2023
Via email pu rvee. kem pf@dc.gov
brian.flowers@dc.gov
Purvee Parekh Kempf
Deputy Executive Director
DC Health Benefit Exchange Authority (HBX)
Washington,
DC
Brian K. Flower
General Counsel
D.C. Health Benefit Exchange Authority (HBX)
Washington,
DC
A
NORTON ROSE FULBRIGHT
Norton Rose Fulbright US LLP
799 9th Street NW
Suite 1000
Washington,
DC 20001-4501
United States
Direct line +1 202
662 4691
chris.cwalina@nortonrosefulbright.com
Tel
+1 202 662 0200
Fax +1 202 662 4643
nortonrosefulbright.com
Re: Legal Representation by Norton Rose Fulbright US LLP
Terms of engagement
This Letter of Engagement and the attached Norton Rose Fulbright Standard Terms of
Engagement ("Standard Terms") set out the terms that govern the relationship between
DC
Health Benefit Exchange Authority (HBX) (Client, or you) and Norton Rose Fulbright US LLP in
connection with the Matter as defined below. Our representation of you is effective as of the date
of this letter.
Norton Rose Fulbright
US LLP has made no promises or guarantees to you about the outcome
of the representation or the Matter, and nothing in these terms of engagement shall be construed
as such a promise or guarantee. Any expressions
on our part concerning the outcome of the
Matter, or any other legal matters, are based
on our professional judgment and are not
guarantees. Such expressions, even when described as opinions, are necessarily limited by our
knowledge of the facts and are based
on our views of the state of the law at the time they are
expressed.
We recognize our obligation to preserve the confidentiality of attorney-client communications
as
well as Client's confidences, as required by the governing rules of professional responsibility. If
the Matter involves transactions, litigation or administrative proceedings or like proceedings
in
which we appear as counsel of record for you in publicly available records, we reserve the right
to inform others
of the fact of our representation of you in the Matter and (if likewise reflected of
record
in publicly available records) the results obtained, unless you specifically direct otherwise.
Client
We have been engaged by Client. Unless we agree otherwise in writing, and subject to
satisfactory conflict clearances, we are not representing any other related entities or individuals,
Norton Rose Fulbright US LLP is a limited liability partnership registered under the laws of Texas.
Norton Rose Fulbright US LLP, Norton Rose Fulbright L
LP, Norton Rose Fulbright Australia, Norton Rose Fulbright Cana da LLP a nd Norton Rose
Fulbright Sou
th Africa Inc are separate legal entities and a ll of them are members of Norton Rose Fulbright Verein, a Swiss verein. Norton Rose Fulbright
Vere
in helps coordinate the activities of the members b ut does not itself provide legal services to clients. Details of each entity, with ce rtain regulatory
information, are available at nortonrosefulbright.com. A
NORTON ROSE FULBRIGHT
Page 2
such as your shareholders, directors and officers, employees, partners, members, or any of your
parent, affiliated, or subsidiary corporations or other entities.
Scope of engagement
We confirm that we have been retained by you regarding a data security breach incident (Matter).
Except as expressly stated otherwi se, we will advise and act at all times in accordance wi th and
in respect of applicable US federal and state law only and are not responsible for advising you as
to the effect or enforceability of any documents or matters which may be subject to or governed
by the laws of any other jurisdiction. To the extent the laws of other jurisdictions are implicated,
subject
to Client's approval we will consult with Norton Rose Fulbright LLP lawyers from those
jurisdictions or engage with trusted qualified attorneys from another
firm in the required
jurisdiction.
Our representation is limited
as described above. To the extent you require additional legal
services, we will need to execute a separate engagement letter after determining that we are able
to undertake the additional representation.
Personnel
For matters relating to this engagement, please contact me. Other firm personnel, including
lawyers and paralegals, may also participate
in the engagement as required. Some personnel
may
be from outside the United States and you shall have the right to pre-approve any personnel.
Fees and other charges
Unless otherwise agreed, our fees for general cybersecurity and incident preparedness advice
will
be based on the time spent on the Matter at our hourly rates of:
Partners $715 to $1700
Senior Associates $550
to $1005
Senior Counsel $585
to $1350
Counsel $285
to $1005
Associates $485
to $995
Patent Aqents $350
to $655
Of Counsel $645 to $1385
Paralegals $165
to $510
Practice Support $90
to $425
For incident responses,
we will honor insurance carrier panel rates. Periods of less than 1 hour
will
be charged in increments of tenths of one hour. Our billi ng rates are generally revised
annually, effective November
1.
If we conclude that the services of another member firm in the Norton Rose Fulbright Verein are
reasonably required
in connection with the engagement, we will notify you and provide you a list
of the attorneys or solicitors of such member firm who would
be expected to work on the Matter
and the current hourly rates to
be charged for their services (subject to adjustment from time to A
NORTON ROSE FULBRIGHT
Page 3
time
in accordance with the customary practices of such member firm). In that event, with your
approval, our firm will engage such Norton Rose Fulbright Verein member firm
on your behalf to
represent you
in the Matter in conjunction with our firm, in accordance with the Standard Terms.
If additional personnel of such member firm are assigned to work
on the Matter, you will be
provided information as to their hourly rates. Incident to engagement of another Norton Rose
Fulbright Verein member firm
to represent you, it may be necessary that you agree to jurisdiction
specific Additional Terms of Engagement required
by that member firm, in which event we will
provide you those Additional Terms of Engagement for your review and approval. You agree
however that we are not responsible for the work and advice of such other member firm.
Invoicing and reporting
We will bill you at monthly intervals. Client will pay our bills within 30 days of receipt.
Conflicts of interest
Before accepting the Engagement, we have undertaken reasonable and customary efforts to
determine whether there are any potential conflicts of interest that would prevent us from
representing Client
in the Matter. We reviewed that issue in accordance with the rules of
professional responsibility adopted
in New York. You agree to the applicability of those rules in
regard to all matters relating to this engagement and that, in future matters involving you, potential
conflicts of interest will
be evaluated under the local rules of professional responsibility applicable
to the Norton Rose Fulbright office handling that future matter. Based
on the information available
to
us, we are not aware of any conflicts.
In addition to our representation of other companies and individuals, we also regularly represent
lawyers and law firms.
As a result, opposing counsel in the Matter may be a lawyer or law firm
that we may represent now or
in the future. Likewise, opposing counsel in the Matter may
represent our firm now or
in the future. Further, we have professional and personal relationships
with many other attorneys, often because of our participation
in bar associations and other
professional organizations. It
is our professional judgment that such relationships with other
attorneys do not adversely affect our ability 'to represent any client. The acceptance of these terms
of engagement represents an unqualified consent
to any such relationships between our firm and
other lawyers or law firms, even counsel who
is representing a party that is adverse to you in the
Matter that
is the subject of this engagement or in some other matter.
Applicable law
The laws of New York govern these terms of engagement, and the parties submit to the non
exclusive jurisdiction of the courts of New York. Each professional
is subject to the ethical and
professional conduct rules applicable to the jurisdiction
in which that lawyer is authorized to
practice.
Right to Arbitration
We advise you that, pursuant to Part 137 of the Rules of the Chief Administrator of the Courts of
the State of New York, you have the right to resolve through arbitration a possible future dispute
with us concerning our fees
in connection with our representation of you if the amount in dispute
is at least $1,000 but not more than $50,000. This notice is not an agreement by us to arbitrate
I A
NORTON ROSE FULBRIGHT
Page 4
all disputes that may arise between
us. Our obligation to arbitrate exists only to the extent
required by said Part 137.
Termination
At any time, you may, with or without cause, terminate the representation by notifying us of your
intention to do
so.
We are subject to the codes or rules of professional responsibility for the jurisdictions in which we
practice. There are several types of conduct or circumstances that could result
in our withdrawing
from representing a client, including, for example, the following: nonpayment of fees or charges;
misrepresentation of or failure to disclose material facts; fraudulent or criminal conduct; action
contrary
to our advice; and conflict of interest with another client. The right of Norton Rose
Fulbright
US LLP to withdraw in such circumstances is in addition to any rights created by statute
or recognized
by the governing rules of professional conduct. Further, a failure by you to meet
any obligations under these terms of engagement shall entitle us to terminate the representation.
We try to identify
in advance and discuss with our clients any situation that may lead to our
withdrawal.
Termination of the representation will not affect your obligation
to pay for legal services rendered
and expenses and charges incurred before termination,
as well as additional services and
charges incurred
in connection with an orderly transition of the Matter. Further, in the event of
termination of the representation, you will take all steps necessary
to release Norton Rose
Fulbright US LLP of any further obligations
in the representation in the Matter, including, without
limitation, the execution of any documents necessary
to effectuate our withdrawal from the
representation
in the Matter.
After termination or completion of the representation, changes may occur
in the applicable laws
or regulations that could affect your future rights and liabilities
in regard to the Matter. Unless we
are actually engaged after termination or completion of the representation to provide additional
advice
on such issues, the firm has no continuing obligation to give advice with respect to any
future legal developments that may pertain to the Matter.
Conclusion and acceptance
You can accept this agreement by signing and returning to us the enclosed copy of this letter.
This letter and the attached Standard Terms constitute the entire terms of the engagement of
Norton Rose Fulbright
US LLP in connection with the Matter. These written terms of engagement
are not subject to any oral agreements or understandings, and they
can be modified only by
further written agreement signed both
by you and Norton Rose Fulbright US LLP. Unless
expressly stated
in these terms of engagement, no obligation or undertaking shall be implied on
the part of either you or Norton Rose Fulbright US LLP. A
NORTON ROSE FULBRIGHT
Page 5
Very truly yours,
Chris Cwalina
DC Health Benefit Exchange Authority acknowledges and accepts the terms of engagement
set out in this letter and its attachments .
. 8~r~W-Q/44,.
Signed .............................................. . Title General Counsel
Company NORTON ROSE FULBRIGHT
STANDARD TERMS OF ENGAGEMENT
Norton Rose Fulbright Verein (the Verein) is a Swiss verein which does not itself engage in the
practice of law or other business. The member firms
in the Verein are Norton Rose Fulbright LLP,
Norton Rose Fulbright Australia, Norton Rose Fulbright Canada LLP, Norton Rose Fulbright South
Africa Inc and Norton Rose Fulbright US LLP (the
Members or, individually, a Member), who,
with their subsidiaries or associated entities, engage
in a coordinated international legal practice,
even though they are separate law firms each of which, absent specific contractual agreement
with a client
on an individual matter, is solely responsible for its own work and not for the work of
any other of them.
Each of the Members
is committed to providing its clients with the highest quality legal services
and to building a lasting relationship with its clients as a trusted adviser.
To that end, these Standard Terms of Engagement will apply to
all engagements between a
Member or its subsidiary or associated entity and a client unless otherwise agreed
in writing by
the client and
an authorized representative of such Member, subsidiary or associated entity.
These Standard Terms of Engagement are supplemented by additional standard provisions
and/or a letter or contract of engagement relevant to the jurisdiction of the Contracting Party (as
below defined).
1 Defined Terms
1.1 The followi ng documents will constitute the entire agreement relating to the engagement
of a Contracting Party by a client: (i) any letter or contract of engagement, (ii) any additional
standard provisions referred to above,
(iii) these Standard Terms, (iv) any other terms and
conditions agreed between the Contracting Party and the client, and (v) any amendments
or supplements to any of the foregoing agreed from time
to time. In the event of any
conf
lict between the terms of the foregoing, the documents shall be construed in the order
of priority
in which they are referred to above, but subject to any amendments as referred
to
in (v).
1.2
In the above-mentioned documents:
(a) Any individual entity that is a Member or subsidiary or associated entity of a
Member
is referred to as a Norton Rose Fulbright Entity. The Norton Rose
Fulbright Entity with which a client engages at any time
is referred to as the
Contracting Party.
(b) We, our and us refer to the Contracting Party together with any other Norton Rose
Fulbright Entity to which part or
all of your instructions have been referred; you and
your refer to the client Uointly, if more than one, and not individually} with which the
Contracting Party engages. Unless otherwise specifically agreed, you and your
do not refer to and no attorney/client or solicitor/client relationship will exist as to
persons or entities related to the client such
as parent companies, subsidiaries,
affiliates, employees, officers, directors, shareholders, partners, members,
commonly owned corporations or partnerships, or other such persons, entities or
affiliates.
- 1 - 2 Your relationship with us
2.1 When you instruct us on an individual matter, we will write to you to set out:
(a) which Norton Rose Fulbright Entity
is the Contracting Party;
(b) the scope of the work we have agreed to undertake and any assumptions
on which
it is based;
(c) who will
be the responsible partner or director and other key team members whom
we will try not to replace, although unforeseen circumstances may require that;
(d) the fees and invoicing arrangements;
(
e) any applicable limitation of liability; and
(f) the governing law applicable to the contractual relationship with
you and the choice
of jurisdiction for resolving any issues.
(g) Your contractual relationship for individual matters
is between you and the
Contracting Party, not any other Norton Rose Fulbright Entity nor any individual.
You understand that we do not make any promises or warranties
as to the outcome
of the representation.
(h)
If, with your agreement, the Contracting Party has referred all or part of your
instructions
on any individual matter to one or more other Norton Rose Fulbright
Entities, legal services provided
by other Norton Rose Fulbright Entities will be
governed by the terms of our engagement, which will apply as between you and
such Norton Rose Fulbright Entity or Entities, to the fullest extent permitted
by the
laws and professional regulations applicable
in the jurisdictions in which such other
Norton Rose Fulbright Entity or Entities operate
as regards such other Norton Rose
Fulbright Entity's or Entities' representation of you, as well
as by, if any are issued,
additional standard provisions and any letter or contract of engagement relevant
to the other Norton Rose Fulbright Entity or Entities.
3 Our fees
3.1 Our bills are payable on receipt and in the currency in which they are submitted. If you
ask us
to provide bills using an e-billing solution you understand that: (i) we will send your
information
to our and your third party supplier(s) to enable us to comply with your request
and the transfer
is at your risk; (ii) any costs arising out of use of your third party supplier
shall
be borne by you; and (iii) our compliance with your request shall not reduce the fee
otherwise chargeable by
us.
3.2 If you are required by law to deduct any amount when paying a bill, you will pay to us an
additional amount so as to ensure that we receive a net sum equal to the amount of the
bill.
3.3 We need to approve
in advance any proposal for any part of one of our bills to be paid by
a third party. Notwithstanding our approval, you agree that you will remain responsible for
paying the whole bill and any interest accrued
on it.
- 2 - 3.4 Unless otherwise agreed, any other Norton Rose Fulbright Entity or Entities to whom the
Contracting Party has referred instructions under paragraph 2.3 may provide statements
of their fees and charges to the Contracting Party, who will include such fees and charges
in its statements to you, which you will be obligated to pay in order that it can remit payment
to such other Norton Rose Fulbright Entity or Entities.
3.5 If a bill remains unpaid
30 days after delivery:
(a) you agree that we may
be entitled to charge interest, if any, on it at such rate and
under such arrangements allowable under the laws and professional regulations
applicable
to us or as may be provided for in applicable additional standard
provisions or
an agreement between us and you, and
(b)
on giving written notice to you, we may cease work on the matter to which the bill
relates and any of your other matters. You agree that we are not responsible for
any loss resulting from such inactivity. If the matter
is litigious, we may also remove
ourselves from the Court or tribunal record.
3.6 You agree that
we may exercise a li en over your files and documents until all bills due to
us from you have been paid in full, subject to the laws and professional regulations
applicable
to us.
3.7 If we are required by any governmental or regulatory body, or
by a service provider
appointed by you, to submit one of our bills to audit, to produce documents or provide
information
on any individual matter on which you have instructed us, we shall be entitled
to bill you for the work involved (and any disbursements incurred) at the rates agreed for
the relevant matter. If legal privilege attaches to any such documents, you will either waive
privilege or instruct us to review them
in your interests.
4 Disbursements and other charges
4.1 We may consider it to be in your interests to instruct counsel or engage correspondent
lawyers, experts or others
on your behalf and at your expense. We will consult you before
doing
so if such instructions or engagements wi ll result in significant fees becoming
payable.
4.2 We may also charge for photocopying, telephone calls, travel, searches, court fees,
hosti
ng on-line data or deal rooms and for other services at our or their standard rates
from time
to time and for other expenses. These charges will be included in our bills and
will not include any mark-up of expenses for which the precise cost can
be readily
determined but may vary from or exceed our or their direct cost for services for which the
precise cost cannot
be readily determined.
5 Money held on account for you
5.1 We will deposit any money we hold on your behalf with a regulated financial institution and
manage it
in accordance with the laws and professional regulations applicable to us. You
agree that we are not responsible for any loss of funds so deposited and managed.
5.2 If you deposit money with us
on account of our fees, the principal and interest accrued, if
any, will
be applied to your final bill, rendered when we complete your instructions. Unless
- 3 - you and we have agreed otherwise, we may also apply any part of the money in settlement
of any outstanding interim bills we submit to you.
6 Communicating with
us
6.1 When you seek and receive legal advice from us on your rights and obligations, legal
advice or attorney-client privilege will attach to our communications related
to that advice.
If we act for you
in contemplated or actual legal proceedings, litigation or attorney-client
privilege will attach to our communications related
to those proceedings.
6.2 You agree that we may communicate with you using electronic means, knowing that
certain risks (including, for example, interception, unauthorized access and risk of viruses)
are associated with such means.
7 Confidentiality, conflict of interests, and our relationships with other clients
7.1 We will keep all information obtained from you, which is not in the public domain,
confidential, and will only otherwise disclose it with your authority or if required to do so
by the laws and professional regulations applicable to us or if permitted under paragraph
9.3. Nevertheless, you agree that
we may disclose any relevant information in order to
protect and/or defend ourselves in any actual or threatened legal, civil or regulatory
proceeding and may also disclose any relevant information
in confidence to our insurers,
insurance brokers, auditors, bankers and other advisers if and to the extent such
disclosure may occur without waiving or losing any applicable legal privilege.
7.2 You will provide
us, and will instruct your other advisers and any co-venturer or other co
participants
to provide us, on any matter on which we are instructed, with all relevant
information and documents, all of which will have been properly obtained and
on which
we may rely without verification. You agree that, unless you instruct us otherwise, we may
disclose any relevant information
to your other professional advisers.
7.3 Norton Rose Fulbright
is a large coordinated international legal practice with multiple
offices around the world. Because of the size, geographic scope, breadth and diversity of
the practice,
it is inevitable that current and future clients of ours will come into contact
with you, and it
is important that we agree with you on certain matters in relation to conflicts
of interests to preserve our ability
to represent both you and other clients. You agree that
we may represent current or future clients (including any parties adverse to you
in this
Matter)
in any other matter (including in litigation, arbitration, or other dispute resolution
proceedings) that
is not substantially related to your Matter, even if their interests are
directly adverse
to you or your interests in that other matter. We agree, however, that we
will not represent another client
in a matter if we have obtained non-public proprietary or
other confidential information from you that could
be used by that other client to your
material disadvantage
in that matter. You agree and accept that you have access to
independent advice on the effect of this paragraph 7.3 and that your signature by way of
acceptance of the provisions of the engagement letter to which these Terms apply
is
confirmation that you understand the scope and application of this paragraph and that you
have
no questions or concerns in that respect.
7.4 You agree that
we or any other Norton Rose Fulbright Entity may act for other clients in
transactions or disputes in which you or any affiliated entity of yours has an interest
provided that we or such other Norton Rose Fulbright Entity do not thereby breach our or
their duty of confidentiality to you.
- 4 - 7.5 You agree that we are under no duty to disclose to you or use on your behalf any
information
in respect of which we or any other Norton Rose Fulbright Entity owe a duty
of confidentiality to another client or any other person.
7.6 You agree that we may disclose our role as legal advisers
in any matter on which we are
instructed following its completion, for the purposes of publicity, unless you instruct
us
otherwise. You also agree that, unless you instruct us otherwise, we may publicize the
fact that we have a relationship with you.
8 Complaints
8.1 Any concerns or complaint about our work should be directed initially to the
partner/director responsible for carrying out your instructions or, if
you prefer, to the
relationship partner/director. We maintain internal procedures that
can be employed
should a concern require escalation beyond the responsible partner/ director. The laws
and professional regulations applicable to
us may also provide formal complaint
procedures.
8.2
In particular, you should raise any queri es regarding any of our bills wi th the partner or
director responsible for the matter
as soon as possible. If any part of one of our bills is
queried by you or the relevant payer, you agree to immediately pay, or procure payment
of, those parts not subject to query.
9 Data protection, exchange of information and storage of documents
9.1 We act
as a data controller in the provision of our legal services. We will process personal
data provided to
us by you or your employees or agents in relation to any instruction in
accordance with data protection standards required by applicable law and will implement
appropriate technical and organizational security measures
to protect against
unauthorized or unlawful processi
ng of that personal data and against accidental loss of,
or damage to, that personal data. Please see our Privacy notice for further information
on
our processing of personal data: http://www.nortonrosefulbright.com/privacy-notice/
9.2 Each party (you and we) will assist the other party
in complying with its respective
obligations under applicable data protection law and will ensure that the provision of
personal data to the other party
is fair and lawful. You agree that you will make our Privacy
notice available
to your employees or other individuals whose personal data you share
with
us where this provision of information is required by applicable data protection law.
We
in turn agree that we will promptly notify you either: (i) upon receipt of a request or
complaint from a regulatory authority or
an individual exercising a data subject right; or (ii)
in the event of loss, disclosure or unauthorized or unlawful processing of personal data
that you have provided
to us or that we have obtained on your behalf. We will cooperate
with you and provide all reasonable assistance
as may be required in either case.
9.3
In the course of providing our services to you, personal data (if any) with respect to
persons
in the European Economic Area (EEA) may be accessible to and used by other
Norton Rose Fulbright Entities and their contractors and/or agents, including those located
outside the EEA where data protection laws may not
be as comprehensive as in the EEA,
but as
to such personal data we will ensure compliance with the data protection standards
of the
EU General Data Protection Regulation 2016 or higher standards under other laws
applicable to such personal data.
- 5 - 9.4 We will also share your contact details, and those of your staff with whom we have contact,
with other Norton Rose Fulbright Entities
in order to provide you with information relevant
to your business, and to ensure your continuous access to publications, events and news
in areas of interest to you. Where your employees supply their contact details to us, we
will only use that personal data
in accordance with our Privacy notice referenced above
or
as otherwise consented to by them.
9.5 We will not exchange information that will result
in waiver or loss of any client privilege
with other Norton Rose Fulbright Entities. Otherwise, you agree that the Contracting Party
may exchange your information (including personal data) with other Norton Rose Fulbright
Entities, including for the purposes of conflict checking, compliance, financial planning,
billing, business development and matter management. Arrangements are
in place
among
all Norton Rose Fulbright Entities to protect the confidentiality of the information
exchanged.
9.6 We may outsource certain functions associated with servicing clients
to a service center
dedicated
to Norton Rose Fulbright located outside of the EEA or to other third party
providers. For example,
we may outsource information and document management,
office support, technology
and IT services, word processing, photocopying, and translation
services.
9.7 Some of your data may
be stored using cloud technology managed by a third party service
provider. We have agreements
in place with the third party service providers referred to
in paragraphs 9.6 and 9. 7 where applicable and also employ technical and organizational
measures to protect the confidentiality and security of any information shared with them.
9.8 We do not undertake to store or retain your files (whether paper or electronic) for any
particular period of time, but will do so for at least the minimum number of years required
by applicable laws and professional regulations or local business custom. Files may be
destroyed at any time after the expiry of such period, without notice, except those files you
ask
be delivered to you.
10 Copyright and intellectual property
10.1 We retain all copyright and other intellectual property rights in all material developed,
designed and created
by us in the course of a matter. You may only use and copy material
created
by us for you, or which we have developed independently of our work for you and
used
in the course of your matter, in accordance with our advice or specific license terms.
All material must
be kept confidential by you unless we agree otherwise.
10.2 We may use all material created and/or modified
by us in the course of any matter for legal
training, forms, service development (including
in the training of artificial intelligence
technologies
in which event the materials may be hosted on a third party system) and
research purposes, without reference
to you.
11 Our compliance with certain laws and regulations
11.1 We may require you to provide identifying documents and information concerning yourself
and individuals and/or entities associated with
you in order to comply with anti-money
laundering laws and regulations, and
to keep those documents and information up to date.
We may
be unable to carry out your instructions if we are unable to verify your identity or,
- 6 - in some instances, the identities of your directors, shareholders and eventual beneficial
owners.
11.2 We may
be required by law or regulation to report to a governmental or regulatory authority
our knowledge and/or suspicion that certain criminal offences have been committed,
regardless of whether such
an offence has been committed by a client of ours or by a third
party. We may not
be able to discuss such reports with you because of restrictions
imposed by those laws and regulations,
and we may have to cease acting for you in those
circumstances. You agree that
we are not responsible for any adverse consequences you
may suffer
as a result of our compliance with such laws and regulations.
12 Force majeure
Neither you nor we will be responsible for failure to perform our respective obligations
concerning your instructions (save for your responsibility
to pay our bills in full) if the
failures are due to causes outside, respectively, your or our control.
13 Amendments
From time to time, we may need to amend these terms of engagement. If this occurs, we
will notify you
of the changes by means of a notice in the Legal Notices section of our
website but they will not affect any matter
on which we are then currently instructed.
14 Limitations
If the validity or enforceability of any of these terms of engagement is in any way limited
by the laws and professional regulations applicable to us, those laws and professional
regulations will take precedence over these terms of engagement but they will
be valid
and enforceable
to the fullest extent permitted by such laws and professional regulations,
and such limitation shall not affect the validity or enforceability of any other term.
15 Integrity and ethics
Our policy is to act at all times in accordance with the highest professional, ethical and
business standards, and
we expect you to act in like manner in all your dealings with us
and your business counter-parties. We do not countenance bribery or corruption in any
form and you agree (i) not to expect or request any conduct from
us that might bring our
name into disrepute or compromise our integrity, (ii) that you and your employees and
agents will refrain from any practices involving bribery or any other corrupt activities, and
(iii) that you have taken or will take internal steps or procedures designed to ensure that
the risk of corruption and bribery during the course of our relationship
is eliminated.
16 Termination
16.1 Either you or we may terminate our engagement at any time by giving reasonable prior
notice
in writing, subject, in our case, to any applicable laws or regulations. We will only
stop acting for you if we believe we have a good reason to do
so, including in the
circumstances contemplated by paragraph 3.5 (b), but we retain sole discretion regarding
any such decision.
-7 - 16.2 If our engagement is terminated for any reason, you agree to pay in full our bills
representing fees, costs, disbursements and other charges
up to the time of the
engagement's termination.
16.3 A solicitor/client or attorney/client relationship exists between you and us only if, at the
relevant point
in time, we are working under instructions from you; we shall have no duty
to provide you advice at any other time concerning changes
in laws, rules or regulations
that might affect your rights. Further, if
we are not under instructions from you at a given
point in time, you agree that, unless prohibited
by applicable laws or regulations, we are
entitled
to accept at that time other instructions to act in respect of the subject matter of
your previous instructions although we will not disclose
to, or use to the benefit of, another
client any informati
on or documents in respect of which we owe you a duty of
confidentiality.
16.4 We and other Norton Rose Fulbright Entities may send you general information
on legal
developments without charge, or may include you
in general mailings, after our or their
engagement with you has been terminated.
This will not change the fact that our or their
engagement has been terminated.
-8 - I . Contract Number 2. Effective Date 3. Requisition/Purchase Request/Project No. Page 1 of 25
DCHBX-2023-E-0002 March 11, 2023
4. Name and Address of Contractor: 5. Delivery Address:
Norton Rose Fulbright US LLP DC Health Benefit Exchange Authority
1301 McKinney Street, Suite 5100 1225
"I" Street, NW, 4
th
Floor
Houston, TX 77010-3095 Washington, DC 20005
6. Contractor shall submit all invoices to:
Via electronic format through the DC Vendor Portal,
httl!s:/ /vendoq~ortal.dc.gov
7. Reserved for future use 8. Accounting and Appropriation Data
9A.
9B. Supplies/Services 9C. 9D. Unit 9E. Unit Price 9F. Total
Item Quantity
Legal services See Price See price NTE
Schedule Schedule $2,600,000
Contracting Officer will Complete Item 10 or
11 as Applicable: Item 10 is Applicable
(X) 10. CONTRACTOR'S NEGOTIATED ( ) 11. AW ARD (Contractor is not required to sign this
AGREEMENT document.)
(Contractor
is required to sign this document and
return copies
to issuing office.)
Contractor agrees
to furnish and deliver all items Your offer on Solicitation Number including the additions
or perform a
ll the services set forth or otherwise or changes made by you which additions or changes are set
identified above and on any continuation sheets forth in full above
is hereby accepted as to the items listed
for the consideration stated herein. The rights above and on any continuation sheets. This award
and obligations
of the parties to this contract consummates the contract which consists of the following
shall be subject
to and governed by the following documents:
documents: (a) this award/contract, (b) the (a) The Government's solicitation and your offer, and (b)
solicitation,
if any, and ( c) such provisions, this award/ contract. No further contractual document is
representations, certifications, and specifications, necessary.
as are attached or incorporated by reference
herein. (Attachments are listed herein.)
12A. Name and Title
of Signer (Type or print) 13A. Name of Contracting Officer
Chris Cwalina
Kenneth Wallington
12B. 12C. Date 13B. District
of Columbia 13C. Date
Yr
I
{_/'--
June 7, 2023
(Authorized Representative's
Signature) (Contracting Officer's Signature) ,
SECTION B: CONTRACT TYPE, SUPPLIES OR SERVICES AND PRICE/COST
B.1
The District of Columbia Health Benefit Exchange ("DCHBX"), seeks to award a contract to
Norton Rose Fulbright US LLP
("NRF" or "Contractor") to provide legal counsel and
representation with respect to a data security breach incident that was discovered
on March 6,
2023.
The Contractor shall provide legal services and advice to HBX, including litigation services
and comprehensive recommendations
on strengthening our IT systems and processes.
B.1.1 This contract is being awarded as authorized by DC Official Code 31-317 l.04(a)(5) and 2-
351.05( c )(22) and in accordance with
DC Health Benefit Exchange Authority Contracting and
Procurement Policies and Procedures, Section III A(4)(i)(c) -Exemption from Competitive
Procurement Requirements.
B.2 The District contemplates award of a labor hour contract.
B.2.1 Cost Reimbursement Component
The cost reimbursement component as described in Section D.5 shall not exceed $750,000 for the
base period and each option period.
B.2.2 The total value of this contract, including the cost reimbursement component, is not to exceed
$2,600,000 for the base period and $2,000,000 for each option period.
B.2.3 Insurance Panel Rates
NRF acknowledges that the data breach is covered by a policy of insurance. The District may
request the insurer to reimburse certain expenses
and pay other expenses, such as attorneys' fees,
directly to the NRF. In the event the insurer pays
NRF directly, NRF agrees that it shall accept the
insurer's hourly rates and that
HBX will pay the difference, if any, between the insurer's rates and
the 2023 AIG panel rates to
NRF. The agreed upon insurer hourly rates are:
• 2023 HBX insurer panel rates:
Incident response: $600 partners / $400 non-partners /$225 paraprofessionals
• Litigation: $695/partners/ $495 non-partners/ $225 paraprofessionals
• 2023 AIG panel rates:
$816 global lead partner/ $718 partners / $541 non-partners / $225 paraprofessionals
2 B.3 PRICE SCHEDULE-Labor Hour with Cost Reimbursement Component
B.3.1 Base Year
Contract Line Labor Category Hourly
Item No. (CLIN)
Labor
Rate*
0001 Global Lead Partner $816
0002 Partner $718
0003 Non-Partner $541
0004 Paraprofessional $225
0005 Cost Reimbursement -Not-to-Exceed $750,000
TOTAL NOT-TO-EXCEED $2,600,000
B.3.2 Option Year One (1)
Contract Line Labor Category Hourly
Item No. (CLIN)
Labor
Rate*
0001 Global Lead Partner $816
0002 Partner $718
0003 !Non-Partner $541
0004 Paraprofessional $225
0005 Cost Reimbursement-Not-to-Exceed $750,000
TOTAL NOT-TO-EXCEED $2,000,000
B.3.3 Option Year Two (2)
Contract Line Labor Category Hourly
Item No. (CLIN)
Labor
Rate*
0001 Global Lead Partner $816
0002 Partner $718
0003 Non-Partner $541
0004 Paraprofessional $225
0005 Cost Reimbursement-Not-to-Exceed $750,000
TOTAL NOT-TO-EXCEED $2,000,000
3 B.3.4 Option Year Three (3)
Contract Line Labor Category Hourly
Item No. (CLIN)
Labor
Rate*
0001 Global Lead Partner $816
0002 Partner $718
0003 Non-Partner $541
0004 Paraprofessional $225
0005 Cost Reimbursement-Not-to-Exceed $750,000
TOTAL NOT-TO-EXCEED $2,000,000
B.3.5 Option Year Four (4)
Contract Line Labor Category Hourly
Item No. (CLIN)
Labor
Rate*
0001 Global Lead Partner $816
0002 Partner $718
0003 Non-Partner $541
0004 Paraprofessional $225
0005 Cost Reimbursement-Not-to-Exceed $750,000
TOTAL NOT-TO-EXCEED $2,000,000
4 SECTION C: SPECIFICATIONS/STATEMENT OF WORK
C.1
C.1.1
C.2
C.3
1
2
SCOPE
The District of Columbia Health Benefit Exchange Authority ("DCHBX") seeks
to award a contract to Norton Rose Fulbright US LLP ("NRF" or "Contractor")
to provide legal counsel and representation with respect to a data security breach
incident that was discovered on March 6, 2023. The Contractor shall provide
legal services and advice
to the DC Health Benefit Authority (HBX), including
litigation services, and comprehensive recommendations on strengthening our IT
systems and processes.
DCHBX will retain sole authority at all times
to direct the investigation and
litigation in all respects, including but not limited to approval and/or rejection
of
settlements.
APPLICABLE LAWS AND DOCUMENTS
The following laws are applicable to this procurement:
Item No.
Document Title Date
Type
Letter Letter of Engagement and Standard Terms of 3/10/2023
Agreement
Engagement between DC Health Benefit Exchange
Authority) and Norton Rose Fulbright US LLP,
dated March 10, 2023.
Letter Letter
of Engagement and Standard Terms of 3/31/23
Agreement
Engagement between DC Health Benefit Exchange
Authority) and Norton Rose Fulbright US LLP,
dated March 31, 2023.
RESERVED
BACKGROUND
On March 6, the DC Health Benefit Exchange Authority ("DCHBX" or
"DC Health Link") received notice that data for some DC Health Link
customers had been published on a data breach forum. The DCHBX
immediately launched a comprehensive investigation, began working with
law enforcement, and engaged a third-party expert forensics firm to
investigate.
5 C.1.1
C.1.2
C.1.2.1
C.1.2.2
C.1.2.3
C.1.2.4
C.1.2.5
Due to the nature of the incident, DCHBX needed a law firm that was
experienced in this type
of practice, including investigations, class action
litigation, and the comprehensive review
of systems and processes to
strengthen the
HBX framework against future incidents. Norton Rose was
one
of three entities we met with. Norton Rose has a Data Protection,
Privacy and Cybersecurity practice, and was available to provide
representation immediately. To date,
we are aware of three putative class
action complaints that
have been filed arising out of the data breach --one
in the District
of Columbia Superior Court, Lawless v. DC Health Bene fit
Exchange Authority, and two in the U.S. District Court for the District of
Columbia, Suhr v. DC Health Benefit Exchange Authority and Meranda v.
DC Health Benefit Exchange Authority, et al.
REQUIREMENTS
Contractor shall perform legal services that include, but are not limited to the following:
Assist
DCHBX in responding to the data breach.
Contractor shall assist in all phases
of these investigations and
litigation, including:
a. Preparation, filing, and service of all offensive and responsive pleadings;
b. Mediation attendance and briefing;
c. Preparation and service of all offensive and defensive discovery;
d. Document review and management;
e. Taking depositions, defending depositions, preparing witnesses for depositions;
f. Identifying and managing experts needed to analyze, develop,
or defend the DCHBX's case;
g. Participation and conduct of representation of the DCHBX in court
hearings, oral arguments, trials, investigations and settlement
negotiations;
h. Coordination and conduct of any needed appeal.
1. Comprehensive review of the HBX IT systems and processed to identify steps to
strengthen our system.
REMOVED
Provide regular status reports to the Contract Administrator.
Provide legal services to
DCHBX for this matter in a manner consistent with
accepted standards
of practice in the legal profession. The DCHBX or Attorney
6 C.1.2.6
C.1.2.7
C.1.2.8
C.1.2.9
General for the District
of Columbia (the Attorney General) shall have final
authority over all aspects
of this litigation. The litigation may be commenced,
conducted, settled, approved, and ended only with the express written approval
of the DCHBX or the Attorney General.
Coordinate the provision
of legal services with the Attorney General or his or her
designated assistant, other personnel
of OAG, and such others as the DCHBX
may designate.
Submit all substantive pleadings, motions, briefs, and other material which may
be filed with a court
to DCHBX in draft form in a reasonable and timely manner
for review. All such material must be approved by the DCHBX or designee prior
to filing.
Communicate with the District's executive branch and agencies through
DCHBX unless authorized by DCHBX
to communicate directly with any of
them.
Render services pursuant
to this Contract as an independent contractor. Neither
Contractor nor any employee
of Contractor shall be regarded as employed by, or
as
an employee of the DCHBX or the District of Columbia government.
7 SECTION D: PERIOD OF PERFORMANCE AND DELIVERABLES
D.1 TERM OF CONTRACT
The term of the contract sha ll be for a period of one ( 1) year from the date of the signed
letter
of engagement (March 11, 2023 ), also referred to as a letter contract, whereas the
letter contract shall merge with this definitized contract.
D.2 OPTION TO EXTEND THE TERM OF THE CONTRACT
D.2.1
The District may extend the term of this contract for a period of four ( 4) one-year option
periods, or successive fractions thereof, by written notice
to the Contractor before the
expiration
of the contract; provided that the DCHBX will give the Contractor preliminary
written notice
of its intent to extend at least thirty (30) days before the contract expires.
The preliminary notice does not commit the DCHBX
to an extension. The exercise of this
option
is subject to the availability of funds at the time of the exercise of this option. The
Contractor may waive the thirty (30) day preliminary notice requirement by providing a
written waiver
to the Contracting Officer prior to the expiration of the contract.
D.2.2 If the DCHBX exercises this option, the extended contract shall be considered to include
this option provision.
D.2.3 The price for the option period(s) shall be as specified in Section B of the contract.
D.2.4 The total duration of this contract, including the exercise of any options under this clause,
shall not exceed (5) years.
D.3 DELIVERABLES
The Contractor shall perform the activities required to successfully complete the District's
requirements and submit each deliverable
to the Contract Administrator identified m
section G.9 in accordance with the following:
CLIN Deliverable Quantity Format/Method of Due Date
Delivery
C.1.2.2 a. Preparation, TBD PDF /Electronic Ongoing, as requested
filing, and service
of all offensive
and responsive
pleadings
C. l .2.2b Mediation TBD Ongoing
attendance and
briefing
C.1
.2.2 C. Preparation and TBD PDF /Electronic Ongoing
service
of all
8 D.3.1
D.4
D.4.1
D.4.2
D.4.3
D.5
D.5.1
offensive and
defensive
discovery
C.1.2.2d Document TBD
PDF /Electronic Ongoing
Review
C.1.2.2
e. Depositions TBD PDF /Electronic Ongoing
C.1.2.2f Identifying TBD
PDF /Electronic Ongoing
experts
C.1.2.2g Legal TBD
PDF /Electronic Ongoing, as requested
representation
C.1.2.2h Appeals TBD
PDF /Electronic Ongoing, as requested
C.1.2.2.i Comprehensive TBD Electronic Ongoing
review
of the
systems and
processes
C.1.2.4 Status Reports TBD
PDF /Electronic Ongoing
C.1.2.7 Drafts
of TBD PDF /Electronic Ongoing
substantive
pleadings,
motions, briefs,
and other
material which
may be filed with
the court
Contractor shall
submit to the DCHBX, as a deliverable, the report described in section
F.6 which
is required by the 51 % District Residents New Hires Requirements and First
Source
Employment Agreement. If the Contractor does not submit the report as part of the
deliverables,
DCHBX shall not make final payment to the Contractor pursuant to section
E.5.2.
ORDERING CLAUSE
Any supplies and services to be furnished under this contract must be ordered by issuance
of delivery orders, task orders, or purchase orders by the CO. Such orders may be issued
during the term
of this contract.
All purchase orders are subject to the terms and conditions
of this contract. In the event of
a conflict between a purchase order and this contract, the contract shall control.
Orders
may be issued by facsimile or electronic commerce methods.
Cost Reimbursement
Cost Reimbursement Ceiling
9 D.5.2
a. Cost reimbursement ceiling for the contract for costs specified in D.5.2 is set forth
in Section B.2.1.
b. The Contractor agrees to use its best efforts to perform work specified in this
contract and to meet all obligations under the contract within the cost
reimbursement ceiling specified in Section D.5.2.
c. The Contractor must notify the Contract Administrator, in writing, whenever it has
reason to believe that the total cost for reimbursement will be either greater or
substantially less than the costs reimbursement ceiling ("Notification
of Cost
Differential").
d. As part
of the notification, the Contractor must provide the Contract Administrator
a revised estimate
of the total cost of reimbursement for the contract.
e. HBX is not obligated to reimburse the Contractor for cost incurred in excess of the
cost reimbursement ceiling specified in B.2.1 and the Contractor is not obligated
to incur costs in excess
of the cost reimbursement ceiling specified in
B.2.1 until a modification
is executed by the Contracting Officer that the estimated
cost has been increased and provides revised cost reimbursement ceilings for
perforn1ing the contract.
Unless otherwise specified, the District will reimburse the Contractor costs incurred by the
Contractor for expert IT and breach response consultation, however, the Contractor shall
not select any consultant or outside analysis without the Contract Administrator's approval.
Prior
to perfonning services under the cost reimbursement compone nt, the Contractor shall submit
to the Contract Administrator for approval, in writing, the services and associated costs. Any
accumulated expense over the cost reimbursement ceiling specified in B.2.1 shall require
approv
al of the Contract Administrator and Contracting Officer in advance of any cost being
incurred.
10 SECTION E: CONTRACT ADMINISTRATION
E.1
E.2
E.2.1
E.2.2
E.2.3
E.3
E.3.1
E.3.1.1
E.3.1.2
E.3.1.3
CONTRACTING OFFICER ("CO")
Contracts will be entered into and signed on behalf of DCHBX only by contracting
officers. The contact information for the Contracting Officer is:
Kenneth Wallington
Contracting Officer
DC Health Benefit Exchange Authority
1225
"I" Street, NW, Suite 400
Washington, DC 20005
Ph: (202) 679-5952
Email: Kenneth.wallington@dc.gov
AUTHORIZED CHANGES BY THE CONTRACTING OFFICER
The CO is the only person authorized to approve changes in any of the requirements of
this contract.
The Contractor shall not comply with any order, directive or request that changes or
modifies the requirements
of this contract, unless issued in writing and signed by the CO.
In the event the Contractor effects any change at the instruction or request
of any person
other than the CO, the change will be considered to have been made without authority
and no adjustment will be made in the contract price to cover any cost increase incurred
as a result thereof.
CONTRACT ADMINISTRATOR ("CA")
The CA is responsible for general administration of the contract and advising the CO as
to the Contractor's compliance or noncompliance with the contract. The CA has the
responsibility
of ensuring the work conforms to the requirements of the contract and such
other responsibilities and authorities as may be specified in the contract. These include:
Keeping the CO fully informed
of any technical or contractual difficulties
encountered during the performance period and advising the CO
of any potential problem
areas under the contract;
Coordinating site entry for Contractor personnel,
if applicable;
Reviewing invoices for completed work and recommending approval
by the CO if the
Contractor's costs are consistent with the negotiated amounts and progress is
satisfactory and commensurate with the rate
of expenditure;
11 E.3.1.4
E.3.1.5
E.3.2
E.3.3
E.3.4
E.4
E.4.1
E.4.2
E.4.3
1.
2.
3.
4.
5.
6.
Reviewing and approving invoices for deliverables to ensure receipt of goods and
services. This includes the timely processing
of invoices and vouchers in accordance with
the
DCHBX payment provisions; and
Maintaining a file that includes all contract correspondence, modifications, records
of
inspections (site, data, equipment) and invoice or vouchers.
The contact information
of the CA is:
Brian
K. Flowers
Contract Administrator
DC Health Benefit Exchange Authority
1225 I Street,
NW, Suite 400
Washington,
DC 20005
Email: brian.flowers@dc.gov
Ph: 202-812-8444
The
CA shall NOT have the authority to:
Award, agree to, or sign any contract, delivery order or task order. Only the CO shall
make contractual agreements, commitments
or modifications;
Grant deviations from
or waive any of the terms and conditions of the contract;
Increase the dollar limit
of the contract or authorize work beyond the dollar limit of the
contract,
Authorize the expenditure
of funds by the Contractor;
Change the period
of performance; or
Authorize the use
of District property, except as specified under the contract.
The Contractor shall be fully responsible for any changes not authorized in advance, in
writing, by the CO;
may be denied compensation or other relief for any additional work
performed that is not so authorized; and may also be required, at no additional cost to
DCHBX, to take all corrective action necessitated by reason of the unauthorized changes.
INVOICE SUBMITTALAND PAYMENT
The Contractor shall create and submit payment requests in an electronic format through
the DC
Vendor Portal, https: //vendorportal.dc.gov.
The Contractor shall submit proper invoice(s) on a monthly basis
or as otherwise specified
in the Contract
or task or delivery order.
To constitute a proper invoice, the Contractor shall enter all required information into the
DC Vendor Portal after selecting the applicable purchase order number listed on the
Contractor's profile.
12 E.4.4 HBX will make payments to the Contractor, upon the submission of proper invoices, at the
prices stipulated in the contract ( or task or delivery order), for supplies delivered and
accepted
or services performed and accepted, less any discounts, allowances, or
adjustments provided for in the Contract.
E.S FIRST SOURCE AGREEMENT REQUEST FOR FINAL PAYMENT
E.5.1
For contracts subject to the 51 % District Residents New Hires Requirements and First
Source Employment Agreement requirements, final request for payment must be
accompanied by the report
or a waiver of compliance discussed in section F.6.
E.5.2 The District shall not make final payment to the Contractor until the agency CFO has
received the
CO's final determination or approval of waiver of the Contractor's compliance
with
51 % District Residents New Hires Requirements and First Source Employment
Agreement requirements.
13 SECTION F: ATTACHMENTS AND OTHER TERMS AND CONDITIONS
F.1 APPLICABILITY OF STANDARD CONTRACT PROVISIONS
F.1.1
HBX Standard Contract Provisions 2016 (Attachment G. l) are incorporated in and made a
part
of this Contract in relevant part. Provisions in Attachment G. l that have been
superseded are stricken ( denoted using striketlumigk) and incorporated in current form in
relevant sections
of the Contract.
F.1.2 To obtain a copy of the HBXSCP 2016 go to http://hbx.dc.gov/publication/dcpolicies-and
procedures. Under the heading "Health Benefit Exchange Authority" click on "HBX
Standard Contract Provisions March 24, 2016."
F.1.3 FAMILIARIZATION WITH CONDITIONS
Contractor shall fully review this agreement and all attachments including the HBX
Standard Contract Provisions 2016 (See F.1.2),
becoming acquainted with all available
information regarding this contracting including the conditions under which the work
is to
be accomplished. Contractors will not be relieved from assuming all responsibility for
properly estimating the difficulties and the cost
of performing the services required herein
due to their failure to investigate the conditions or
to become acquainted with all
information, schedules and liability concerning the services to be performed.
F.2 HIRING OF DISTRICT RESIDENTS AS APPRENTICES AND TRAINEES
F.2.1
For all new employment resulting from this Contract or subcontracts hereto, as defined in
Mayor's Order 83-265 and implementing instructions, the Contractor shall use its best
efforts to comply with the following basic goal and objectives for utilization
of bona fide
residents
of the District of Columbia in each project's labor force:
F.2.2 At least fifty-one (51) percent of apprentices and trainees employed shall be residents of
the District of Columbia registered in programs approved by the District of Columbia
Apprenticeship Council.
F.2.3 The Contractor shall negotiate an Employment Agreement with the Department of
Employment Services (DOES) for jobs created as a result of this contract. The DOES shall
be the Contractor's first source
of referral for qualified apprentices and trainees in the
implementation
of employment goals contained in this clause.
F.3 DEPARTMENT OF LABOR WAGE DETERMINATIONS
The Contractor shall be bound by the Wage Determination No. 2015-4281, Revision 25
dated 12/27/2022,
issued by the U.S. Department of Labor in accordance with the Service
Contract Act,
41 U.S.C. § 351, et seq. The Contractor shall be bound by the wage rates for
the term
of the Contract subject to revision as stated herein. If an option is exercised, the
Contractor shall be bound by the applicable wage rates at the time
of the exercise of the
option.
If the option is exercised and the CO obtains a revised wage determination, the
revised wage determination is applicable for the option periods and the
14 Contractor may be entitled to an equitable adjustment.
F.4 PREGNANT WORKERS FAIRNESS
F.4.1
The Contractor shall comply with the Protecting Pregnant Workers Fairness Act of 2016,
D.C. Official
Code§ 32-1231.01, et seq. (PPWF Act).
F.4.2 The Contractor shall not:
(a) Refuse
to make reasonable accommodations to the known limitations related to pregnancy,
childbirth, related medical conditions, or breastfeeding for an employee, unless the
Contractor can demonstrate that the accommodation would impose an undue hardship;
(b) Take an adverse action against an employee who requests or uses a reasonable
accommodation in regard to the employee's conditions or privileges
of employment,
including failing to reinstate the employee when the need for reasonable accommodations
ceases to the employee's original
job or to an equivalent position with equivalent:
(1) Pay;
(2) Accumulated seniority and retirement;
(3) Benefits; and
( 4) Other applicable service credits;
( c) Deny employment opportunities
to an employee, or a job applicant, if the denial is based
on the need
of the employer to make reasonable accommodations to the known limitations
related to pregnancy, childbirth, related medical conditions, or breastfeeding;
(
d) Require an employee affected by pregnancy, childbirth, related medical conditions, or
breastfeeding to accept an accommodation that the employee chooses not to accept
if the
employee does not have a known limitation related to pregnancy, childbirth, related
medical conditions, or breastfeeding or the accommodation
is not necessary for the
employee to perfonn her duties;
(
e) Require an employee to take leave if a reasonable accommodation can be provided; or
(f) Take adverse action against an employee who has been absent from work as a result of a
pregnancy-related condition, including a pre-birth complication.
F.4.3 The Contractor shall post and maintain in a conspicuous place a notice of rights in both
English and Spanish and provide written notice
of an employee's right to a needed
reasonable accommodation related
to pregnancy, childbirth, related medical conditions, or
breastfeeding pursuant to the PPWF Act, to:
(a) New employees at the commencement
of employment;
(b) Existing employees; and
( c) An employee who notifies the employer
of her pregnancy, or other condition covered by
the PPWF Act, within 10 days of the notification.
F.4.4 The Contractor shall provide an accurate written translation of the notice of rights to any
non-English or non-Spanish speaking employee.
15 F.4.5 Violations of the PPWF Act shall be subject to civil penalties as described in the Act.
F.5 UNEMPLOYED ANTI-DISCRIMINATION
F.5.1
The Contractor shall comply with the Unemployed Anti-Discrimination Act of 2012,
D.C. Official
Code§ 32-1361, et seq.
F.5.2 The Contractor shall not:
(a) Fail or refuse to consider for employment, or fail or refuse to hire, an individual
as an
employee because
of the individual's status as unemployed; or
(b) Publish, in print, on the Internet, or in any other medium, an advertisement or
announcement for any vacancy in a
job for employment that includes:
(
1) Any provision stating or indicating that an individual's status as unemployed disqualifies
the individual for the
job; or
(2) Any provision stating or indicating that an employment agency will not consider or hire
an individual for employment based on that individual's status
as unemployed.
F.5.3 Violations of the Unemployed Anti-Discrimination Act shall be subject to civil penalties
as described in the Act.
F.6 51 % DISTRICT RESIDENTS NEW HIRES REQUIREMENTS AND FIRST
SOURCE EMPLOYMENT AGREEMENT
F.6.1
For contracts for services in the amount of $300,000 or more, the Contractor shall comply
with the First Source Employment Agreement Act
of 1984, as amended, D.C. Official
Code§ 2-219.01 et seq. (First Source Act).
F.6.2 The Contractor shall enter into and maintain during the term of the contract, a First Source
Employment Agreement (Employment Agreement) with the District
of Columbia
Department
of Employment Service's (DOES), in which the Contractor shall agree that:
(a) The first source for finding employees to fill all jobs created in order to perform the
contract shall be the First Source Register; and
(b) The first source for finding employees to fill any vacancy occurring in all jobs covered by
the Employment Agreement shall be the First Source Register.
F.6.3 The Contractor shall not begin performance of the contract until its Employment
Agreement has been accepted by DOES. Once approved, the Employment Agreement
shall not be amended except with the approval
of DOES.
F.6.4 The Contractor agrees that at least 51 % of the new employees hired to perform the
Contract shall be District residents.
F.6.5 The Contractor's hiring and reporting requirements under the First Source Act and any
rules promulgated thereunder shall continue for the term
of the Contract.
F.6.6 The CO may impose penalties, including monetary fines of 5% of the total amount of the
direct and indirect labor costs
of the Contract, for a willful breach of the Employment
Agreement, failure to submit the required hiring compliance reports, or deliberate
16 F.6.7
F.6.8
F.6.9
F.6.10
F.7
F.8
F.8.1
F.8.2
F.8.3
F.8.4
F.8.5
submission of falsified data.
If the Contractor does not receive a good faith waiver, the CO may also impose an
additional penalty equal
to 1/8 of 1 % of the total amount of the direct and indirect labor
costs
of the Contract for each percentage by which the Contractor fails to meet its hiring
requirements.
Any contractor which violates, more than once within a 10-year timeframe, the hiring or
reporting requirements
of the First Source Act shall be referred for debarment for not more
than five (5) years.
The contractor may appeal any decision
of the CO pursuant to this clause to the D.C.
Contract Appeals Board
as provided in Section 36 (Disputes) of HBX Standard Contract
Provisions 2016 (Attachment G. l).
The provisions
of the First Source Act do not apply to nonprofit organizations which
employ 50 employees
or less.
RESERVED
FAIR CRIMINAL RECORD SCREENING
The Contractor shall comply with the provisions of the Fair Criminal Record Screening
Amendment Act
of 2014, effective December 17, 2014 (D. C. Law 20-152) (the "Act" as
used in this Section F.8). This section applies to any employment, including employment
on a temporary or contractual basis, where the physical location
of the employment is in
whole or substantial part within the District
of Columbia.
Prior to making a conditional offer
of employment, the Contractor shall not require an
applicant for employment, or a person who has requested consideration for employment
by the Contractor, to reveal or disclose an arrest or criminal accusation that
is not then
pending or did not result in a criminal conviction.
After making a conditional offer
of employment, the Contractor may require an applicant
to disclose or reveal a criminal conviction.
The Contractor may only withdraw a conditional offer
of employment, or take adverse
action against an applicant, for a legitimate business reason
as described in the Act.
This section and the provisions
of the Act shall not apply:
(a) Where a federal or District law or regulation requires the consideration
of an applicant's
criminal history for the purposes
of employment;
(b) To a position designated by the employer as part
of a federal or District government
program
or obligation that is designed to encourage the employment of those with criminal
histories;
(c)To any facility or employer that provides programs, services,
or direct care to, children,
youth, or vulnerable adults; or
17 ( d) To employers that employ less than 11 employees.
F.8.6 A person claiming to be aggrieved by a violation of the Act may file an administrative
complaint with the
D.C. Office of Human Rights, and the Commission on Human Rights
may impose monetary penalties against the Contractor.
F.9 EXCHANGE PRIVACY AND SECURITY COMPLIANCE
The Contractor shall comply in all respects with the Exchange Privacy and Security
Compliance Addendum (Attachment A) to this Contract.
F.10 SUBCONTRACTS
F.11
A.
The Contractor hereunder shall not subcontract any of the Contractor's work or services to
any subcontractor without the prior written consent
of the CO. Any work or service so
subcontracted shall be performed pursuant to a subcontract agreement, which the DCHBX
will have the right to review and approve prior to its execution by the Contractor. Any such
subcontract shall specify that the Contractor and the subcontractor shall be subject to every
provision
of this contract. Notwithstanding any such subcontract approved by the DCHBX,
the Contractor shall remain liable to the DCHBX for all Contractor's work and services
required hereunder.
INSURANCE
GENERAL REQUIREMENTS. The Contractor at its sole expense shall procure and
maintain, during the entire period
of performance under this contract, the types of insurance
specified below. The Contractor shall have its insurance broker or insurance company
submit a Certificate
of Insurance to the CO giving evidence of the required coverage prior
to commencing performance under this contract. In no event shall any work be perfonned
until the required Certificates
of Insurance signed by an authorized representative of the
insurer(s) have been provided to, and accepted by, the CO. All insurance shall be written
with financially responsible companies authorized to
do business in the District of
Columbia or in the jurisdiction where the work is to be performed and have an A.M. Best
Company rating
of A-/ VII or higher. Should the Contractor decide to engage a
subcontractor for segments
of the work under this contract and wish to propose different
insurance requirements than outlined below, then, prior to commencement
of work by the
subcontractor, the Contractor shall submit in writing the name and brief description
of work
to be performed by the subcontractor on the Subcontractors Insurance Requirement
Template provided by the CA, to the Office
of Risk Management (ORM). ORM will
determine the insurance requirements applicable to the subcontractor and promptly deliver
such requirements in writing to the Contractor and the CA. The Contractor must provide
proof of the subcontractor's required insurance prior to commencement of work by the
subcontractor.
If the Contractor decides to engage a subcontractor without requesting from
ORM specific insurance requirements for the subcontractor, such subcontractor shall have
the same insurance requirements
as the Contractor.
18 General liability, commercial auto, workers' compensation and property insurance policies
(if applicable to this agreement) shall contain a waiver of subrogation provision in favor of
the Government of the District of Columbia.
The Government
of the District of Columbia shall be included in all policies required
hereunder to be maintained by the Contractor and its subcontractors ( except for workers'
compensation and professional liability insurance) as an additional insureds for claims
against
The Government of the District of Columbia relating to this contract, with the
understanding that any affirmative obligation imposed upon the insured Contractor
or its
subcontractors (including without limitation the liability to
pay premiums) shall be the sole
obligation
of the Contractor or its subcontractors, and not the additional insured. The
additional insured status under the Contractor's and its subcontractors' Commercial
General Liability insurance policies shall be effected using the ISO Additional Insured
Endorsement form
CG 20 10 11 85 (or CG 20 10 07 04 and CG 20 37 07 04) or such other
endorsement or combination
of endorsements providing coverage at least as broad and
approved by the CO in writing. All
of the Contractor's and its subcontractors' liability
policies ( except for workers' compensation and professional liability insurance) shall be
endorsed using ISO form
CG 20 01 04 13 or its equivalent so as to indicate that such
policies provide primary coverage (without any right
of contribution by any other
insurance, reinsurance
or self-insurance, including any deductible or retention, maintained
by an Additional Insured) for all claims against the additional insured arising out
of the
performance
of this Statement of Work by the Contractor or its subcontractors, or anyone
for
whom the Contractor or its subcontractors may be liable. These policies shall include
a separation
of insureds clause applicable to the additional insured.
If the Contractor and/ or its subcontractors maintain broader coverage and/or higher limits
than the minimums shown below, the District requires and shall be entitled to the broader
coverage and/or the higher limits maintained by the Contractor and subcontractors.
B. INSURANCE REQUIREMENTS
1. Commercial General Liability Insurance ("CGL") -The Contractor shall provide
evidence satisfactory to the CO with respect to the services performed that it carries a
CGL policy, written on an occurrence (not claims-made) basis, on Insurance Services
Office, Inc. ("ISO") form
CG 00 01 04 13 ( or another occurrence-based form with
coverage at least as broad and approved by the CO in writing), covering liability for all
ongoing and completed operations
of the Contractor, including ongoing and completed
operations under all subcontracts, and covering claims for bodily injury, including
without limitation sickness, disease
or death of any persons, injury to or destruction of
property, including loss of use resulting therefrom, personal and advertising injury, and
including coverage for liability arising out
of an Insured Contract (including the tort
liability
of another assumed in a contract) and acts of terrorism (whether caused by a
foreign or domestic source). Such coverage shall have limits
of liability of not less than
$1,000,000 each occurrence, a $2,000,000 general aggregate (including a per location
or per project aggregate limit endorsement, if applicable) limit, a $1,000,000
personal and advertising injury limit, and a
$2,000,000 products-completed operations aggregate limit.
19 The contractor should be named as an additional insured on the applicable
manufacturer's/distributer's Commercial General Liability policy using Insurance
Services Office, Inc. ("ISO") form
CG 20 15 04 13 ( or another occurrence-based form
with coverage at least as broad).
DCHBX should collect, review for accuracy and maintain all warranties for goods
and services.
2. Automobile Liability Insurance -The Contractor shall provide evidence satisfactory to
the
CO of commercial (business) automobile liability insurance written on ISO form
CA 00 01 10 13 (or another fonn with coverage at least as broad and approved by the
CO in writing) including coverage for all
owned, hired, borrowed and non-owned
vehicles and equipment used
by the Contractor, with minimum per accident limits
equal to the greater
of (i) the limits set forth in the Contractor's commercial automobile
liability policy
or (ii) $1,000,000 per occurrence combined single limit for bodily
injury and property damage.
3. Workers' Compensation Insurance -The Contractor shall provide evidence satisfactory
to the
CO of Workers' Compensation insurance in accordance with the statutory
mandates
of the District of Columbia or the jurisdiction in which the contract is
performed.
Employer's Liability Insurance -The Contractor shall provide evidence satisfactory to
the
CO of employer's liability insurance as follows: $500,000 per accident for injury;
$500,000
per employee for disease; and $500,000 for policy disease limit.
-
All insurance required by paragraphs 1,2 and 3 shall include a waiver of subrogation
endorsement for the benefit
of the Government of the District of Columbia.
4. Cyber Liability Insurance -The Contractor shall provide evidence satisfactory to the
Contracting Officer
of Cyber Liability Insurance, with limits not less than $2,000,000
per occurrence or claim, $2,000,000 aggregate. Coverage shall be sufficiently broad to
respond to the duties and obligations as is undertaken by Contractor in this agreement
and shall include, but not limited to, claims involving infringement
of intellectual
property, including but
not limited to infringement of copyright, trademark, trade dress,
invasion
of privacy violations, information theft, damage to or destruction of electronic
information, release
of private information, alteration of electronic infomrntion,
extortion and network security. The policy shall provide coverage for breach response
costs as well as regulatory fines and penalties as well as credit monitoring expenses
with limits sufficient to respond to these obligations. Limits
may not be shared with
other lines
of coverage. A copy of the cyber liability policy must be submitted to the
Office
of Risk Management (ORM) for compliance review.
5. Professional Liability Insurance (Errors & Omissions) - The Contractor shall provide
Professional Liability Insurance (Errors and Omissions) to cover liability resulting
20 from any error or omission in the performance of professional services under this
Contract. The policy shall provide limits
of $5,000,000 per claim or per occurrence for
each wrongful act and
$5,000,000 annual aggregate. The Contractor warrants that any
applicable retroactive date precedes the date the Contractor first performed any
professional services for the Government
of the District of Columbia and that
continuous coverage will be maintained or an extended reporting period will be
exercised for a period
of at least ten years after the completion of the professional
services. Limits
may not be shared with other lines of coverage.
6. Commercial Umbrella or Excess Liability -The Contractor shall provide evidence
satisfactory to the CO
of commercial umbrella or excess liability insurance with
minimum limits equal to the greater
of (i) the limits set forth in the Contractor's
umbrella or excess liability policy
or (ii) $5,000,000 per occurrence and $5,000,000 in
the annual aggregate, following the form and in excess
of all liability policies. All
liability coverages must be scheduled under the umbrella and/or excess policy. The
insurance required under this paragraph shall be written in a form that annually
reinstates all required limits. Coverage shall be primary to any insurance, self
insurance
or reinsurance maintained by the District and the "other insurance" provision
must be amended in accordance with this requirement and principles
of vertical
exhaustion.
C. PRIMARY AND NONCONTRIBUTORY INSURANCE
The insurance required herein shall be primary to and will not seek contribution from any
other insurance, reinsurance
or self-insurance including any deductible or retention,
maintained by the Government
of the District of Columbia.
D.
DURATION. The Contractor shall carry all required insurance until all contract work is
accepted by the District of Columbia and shall carry listed coverages for ten years for
construction projects following final acceptance
of the work performed under this contract
and two years for non-construction related contracts.
E. LIABILITY. These are the required minimum insurance requirements established by the
District
of Columbia. However, the required minimum insurance requirements provided
above will not in any
way limit the contractor's liability under this contract.
F.
CONTRACTOR'S PROPERTY. Contractor and subcontractors are solely responsible for
any loss
or damage to their personal property, including but not limited to tools and
equipment, scaffolding and temporary structures, rented machinery, or owned and leased
equipment. A waiver
of subrogation shall apply in favor of the District of Columbia.
G. MEASURE OF PAYMENT. The District shall not make any separate measure or payment
for the cost
of insurance and bonds. The Contractor shall include all of the costs of
insurance and bonds in the contract price.
H. NOTIFICATION. The Contractor shall ensure that all policies provide that the CO shall
be given thirty (30) days prior written notice in the event
of coverage and / or limit
21 F.12
F.12.1
changes or if the policy is canceled prior to the expiration date shown on the certificate.
The Contractor shall provide the CO with ten (10) days prior written notice in the event
of
non-payment of premium. The Contractor will also provide the CO with an updated
Certificate
of Insurance should its insurance coverages renew during the contract.
I. CERTIFICATES OF INSURANCE. The Contractor shall submit certificates of insurance
giving evidence
of the required coverage as specified in this section prior to commencing
work. Certificates
of insurance must reference the corresponding contract number.
Evidence
of insurance shall be submitted to:
The Government of the District of Columbia
Health Benefit Exchange Authority
And mailed to the attention of:
Kenneth Wallington, Contracting Officer
1225 I Street,
NW 4
th
Floor Washington, DC 20005
(202) 741-0846
kenneth. wal 1 ington@dc.gov
The CO
may request and the Contractor shall promptly deliver updated certificates of
insurance, endorsements indicating the required coverages, and/ or certified copies of the
insurance policies.
If the insurance initially obtained by the Contractor expires prior to
completion
of the contract, renewal certificates of insurance and additional insured and
other endorsements shall be furnished to the CO prior to the date
of expiration of all such
initial insurance. For all coverage required to
be maintained after completion, an additional
certificate
of insurance evidencing such coverage shall be submitted to the CO on an annual
basis as the coverage is renewed (or replaced).
J. DISCLOSURE OF INFORMATION . The Contractor agrees that the District may disclose
the name and contact information
of its insurers to any third party which presents a claim
against the District for any damages or claims resulting from
or arising out of work
performed by the Contractor, its agents, employees, servants or subcontractors in the
performance
of this contract.
K. CARRIER RATINGS. All Contractor's and its subcontractors' insurance required in
connection with this contract shall be written by insurance companies with an A.M. Best
Insurance Guide rating
of at least A-VII ( or the equivalent by any other rating agency) and
licensed in the District.
ETHICAL OBLIGATIONS AND LEGAL CONFLICTS OF INTEREST
An attorney-client relationship will exist between the DCHBX and any attorney
who performs work under the Contract, as well as between the
DCHBX and the
finn
of any attorney who performs work under the Contract. The D.C. Rules of
Professional Conduct (RPC) and the ethical rules of any other jurisdiction in
which
work is performed are binding on the Contractor. The parties agree that
the
DCHBX may have a contractual cause of action based on violation of such
22 F.12.2
F.12.3
F.12.4
rules, in addition to any other remedies available.
In addition to the prohibitions contained in the RPC and the ethical rules of any
other jurisdiction in
which work is performed, the Contractor agrees that it shall
recognize that in the performance
of the Contract it may receive certain
information submitted to the
DCHBX government on a proprietary basis by third
parties, information
which relates to potential or actual claims against the
DCHBX or District government, or information which relates to matters in
dispute
or litigation. Unless the DCHBX consents to a particular disclosure, the
Contractor shall use such information exclusively in the performance
of the
Contract and shall forever hold inviolate and protect from disclosure all such
information, except disclosures required
by applicable law or court order. The
Contractor also agrees that, to the extent it is permitted to disclose such
information, it will
make such disclosures only to those individuals who need to
know such information in order to perform required tasks in their official capacity
and will restrict access to such information to such individuals.
Before any contractor can be retained to perform legal services under the
Contract, on
behalf of the DCHBX, the Attorney General for the District of
Columbia must review and waive all actual or potential direct and indirect
conflicts
of interest pursuant to RPC 1.6, 1.7, 1.8, 1.9 and 1.10. Contractor shall
provide the Attorney General with the following:
(1) a written statement that
there exists no Rule 1.7(a) direct conflict
of interest regarding the work to be
performed under the Contract; (2) a written description
of all actual or potential
conflicts
of interest regarding the work to be performed under the Contract that
require
waiver pursuant to Rule 1. 7(b) because the contractor represents another
client in a matter adverse to any
of the following: (i) the District government
agency
or instrumentality to be represented under the Contract; (ii) the District
government as a whole;
or (iii) any other agency or instrumentality of the District
government (for this purpose, under D.C. Bar Legal Ethics Committee Opinion
No. 268, a representation
of a private client against a discrete government agency
or instrumentality can have government-wide implications and thus constitute a
representation adverse to the government as a whole pursuant to the RPC); and
(3) a written description
of all representations of clients who are or will be
adverse to the District government with regard to the
work to be performed under
the Contract, whether
or not such representations are related to the matter for
which the
work is to be performed under the Contract.
The Attorney General generally does
not grant prospective conflict of interest
waivers, except in certain
pro bona matters. Thus, in addition to the prohibitions
contained in the
RPC and the ethical rules of any other jurisdiction in which work
is performed under the Contract, without the consent of the Attorney General, the
Contractor sha
ll not represent any party other than the District in any disputes,
negotiations, proceedings or litigation adverse to any agency
or instrumentality
of the District government or the District government as a whole, including, but
not limited to, matters related to the
work to be
23 F.12.5
F.11
performed under the Contract. The Contractor shall notify the Attorney General
immediately, in writing,
of any potential conflicts of interest (as defined in the
RPC) that arise during the period that the Contractor is
perfonning work under
the Contract. The Attorney General makes every attempt to be reasonable in
deciding whether
or not to consent to a conflict of interest and usually makes this
decision promptly after receiving notice and sufficient information regarding the
conflict.
If the Attorney General does not waive a conflict of interest, the
Contractor shall undertake immediate action to eliminate the source
of any such
conflict
of interest.
Before any contractor can be retained pursuant to the Contract, the Attorney
General for the District
of Columbia must review all actual, direct and potential
conflicts
of interest on behalf of the District government in light of
D.C. Bar Rules of Professional Conduct ("RPC") 1.6, 1. 7, 1.8, 1.9 and 1. 10.
Contractor shall provide the Attorney General with written notice
of all actual
or potential direct and indirect conflicts of interest in which the Contractor
represents (
or may represent) another client with interests adverse to the District
government agency to be represented as well
as against the District government
as a whole. For this purpose, under D.C.
Bar Legal Ethics Committee Opinion
No. 268, (http://app.ocp.dc.gov/ pdf/DCEB-2018-R-0001
ATTT2.pdf), a representation
of a private client against a discrete government
agency can have government-wide implications and thus qualify under the RPC
as being against the government as a whole, including the individual agency that
the private firm represents. In that situation, the private firm would be required
to notifythe Attorney General
of the existence of a conflict under RPC 1. 7 and
obtain consent to such representation and waiver
of the conflict. The Attorney
General makes every attempt to be reasonable in deciding whether or not to
consent to a conflict and usually makes this decision promptly after receiving
notice
of the conflict.
ATTACHMENTS
The following attachments are incorporated in this contract by reference:
Attachment A-Exchange Privacy and Security Compliance
Attachment B-Norton Rose Fulbright, Letter
of Engagement, dated 3/10/2023
Attachment G.1 -
HBX Standard Contract Provisions, as amended
F.11.1 Attachment A -Exchange Privacy and Security Compliance is hereby amended as
such:
1. Section C.1.d.i -In the Sentence "Contractor shall provide and/or assist HBX
with providing individuals with a simple and timely means to access and obtain
their PII in a readable
fonn and format." Delete "provide and/or".
2. Section F.8.d-This subsection
is deleted.
24 F.112 Attachment G.1 -HBX Standard Contract Provisions are hereby amended as such:
F.12
1. § 12. Freedom oflnformation Act is stricken.
3. § 13. Subcontracting Requirements are waived.
4. §
24 Insurance - The Insurance requirements in the SCP are replaced by the
Insurance requirements in the contract
document under section F. 11 Insurance.
5. § 28 Inspection
of Supplies provision is deleted.
6. § 29 Inspection of Services provision is deleted except for item (b ).
7. § 31 Default provision is deleted.
8. §32 Indemnification provision is stricken.
ORDER OF PRECEDENCE
A conflict in language shall be resolved by giving precedence to the document in the
highest
order of priority that contains language addressing the issue in question. The
following documents are incorporated into the contract
by reference and made a part of the
contract in the following order
of precedence:
(1) An applicable Court Order, if any
(2) Contract document
(3) Standard Contract Provisions
(4) Contract attachments other than the Standard Contract Provisions
( 5)
Norton Rose Fulbright, Letter of Engagement, dated 3/10/2023
25