The URL can be used to link to this page

Home My WebLink AboutContract 60636DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C CSC No. 60636 alight ALIGHT SUBSCRIPTION AND SERVICES AGREEMENT This Subscription and Services Agreement (this "SSA"), effective as of August 29, 2023 (the "Effective Date"), is by and between City Of Fort Worth, with its principal place of business at 1000 THROCKMORTON ST, FORT WORTH, TX 76102-6312 ("Client"), and Alight Solutions LLC, with its principal place of business at 4 Overlook Point, Lincolnshire, IL 60069 ("Alight" and, together with Client, each a "Party" and collectively the "Parties"). In consideration of the mutual covenants contained herein, and other valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the Parties agree as follows: Section 1. Contractual Framework. This SSA is a framework arrangement that sets forth terms for each Order Form (as defined below). This SSA does not establish any rights, obligations or liabilities unless, and only to the extent that, the terms of this SSA are incorporated into an Order Form, in which case such terms shall only be binding upon the parties to such Order Form. An Order Form may be entered into by the parties to this SSA or any of their respective affiliates, and all references to "Alight", "Client" and "Party(ies)" in this SSA shall refer to the applicable entities that entered into such Order Form for purposes thereof. All references in this SSA to the "Agreement" shall refer to the Order Form inclusive of the terms of this SSA incorporated therein. Each Agreement is a separate and severable agreement between the applicable Parties thereto and each such Party shall be solely responsible for its obligations thereunder. Section 2. Overview. 2.1. Scope. The services that Alight will provide to Client under the Agreement (the "Services") may include software -as -a -service offerings ("Subscription Services") and/or professional services ("Professional Services"). 2.2. Order Forms. The Services will be described in one or more statements of work or other written ordering documents (each, an "Order Form"). To be effective, each Order Form must reference this SSA and be duly executed by an authorized representative of each Party. If there is a conflict between a term in this SSA and a term in any Order Form, the term in this SSA shall control unless otherwise expressly provided in such Order Form. 2.3. Change Orders. Each Party may request changes in the Services. If the Parties agree to proceed with a change, a written change order (a "Change Order") describing the change (including the impact of the change on scope and fees) shall be prepared by Alight and submitted to Client for review. Each Party is responsible for its own costs associated with developing a Change Order unless otherwise mutually agreed. To be effective, each Change Order must be identified as such and be duly executed (or otherwise approved via another mutually agreed method) by an authorized representative of each Party. Each Change Order shall be deemed an amendment to the Agreement. 2.4. Business Requirements Documents. Where applicable, detailed requirements for the Services will be set forth in additional written documentation (the "Business Requirements Documents") prepared by Alight and submitted to Client for review and approval. To be effective, the Business Requirements Documents must be approved in writing (which may be via email or other electronic acknowledgement) by an authorized representative of Client. If there is a conflict between the description of Services in the applicable Order Form and a related Business Requirements Document, the Business Requirements Document shall control. Notwithstanding anything to the contrary herein, Client's right to use the Business Requirements Documents shall terminate upon the termination of the applicable Services. 2.5. Client Directions. Alight may receive other directions from Client that may be relied upon in providing the Services (e.g., interpretations of laws, policies, procedures and plans). If Alight reasonably requests any such direction, Client shall use reasonable efforts to provide such direction in a timely manner. 2.6. Client Affiliates. Client may make the Services available to its affiliates that have not entered into a separate Order Form with Alight. Any use of the Services by any such affiliate shall be deemed use of the Services by Client and subject to all of the terms and conditions of the Agreement. Client shall cause any such affiliate to comply with all of Client's obligations under the Agreement. Client shall be responsible for any such affiliate's acts or omissions to the same extent as if such acts or omissions were by Client. Section 3. Subscription Services. This Section applies to any Subscription Services included in an Order Form. OFFICIAL RECORD CITY SECRETARY FT. WORTH, TX DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight 3.1. Access and Use. Alight hereby grants Client a non-exclusive, non -transferable (except in compliance with the assignment provisions of this SSA) right to access and use the Subscription Services during the term of the Agreement solely for use by Client and its Authorized Users (as defined below) for Client's internal business purposes and otherwise in accordance with the terms and conditions of the Agreement. For purposes hereof, "Authorized Users" means Client's employees and other related individuals who are, in accordance with the terms of the Agreement, authorized by Client to access and use the Subscription Services. Client shall be responsible for use of the Subscription Services by its Authorized Users to the same extent as if such use was by Client. Alight may, in its reasonable discretion, modify the Subscription Services provided that such modification does not materially reduce the functionality of the Subscription Services. If the performance, integrity or security of the Subscription Services is adversely impacted or at risk of being compromised as a result of any act or omission by Client or any of its Authorized Users in violation of the Agreement, Alight may suspend access to the Subscription Services to the extent, and for so long as is, reasonably necessary to resolve the issue. In any such event, Alight will promptly notify Client of such suspension and the Parties will cooperate in good faith to resolve the issue and restore access as soon as reasonably practicable. 3.2. Access Credentials. Alight shall provide to Client and its Authorized Users any user names, passwords or other access credentials necessary to access and use the Subscription Services ("Access Credentials"). Client shall be responsible for the security and use of its and its Authorized Users' Access Credentials. 3.3. Documentation. For purposes hereof, "Documentation" means any manuals or other materials that Alight provides or otherwise makes available to Client that describe the functionality, features or requirements of the Subscription Services. Alight hereby grants Client a non-exclusive, non -transferable (except in compliance with the assignment provisions of this SSA) right to use the Documentation during the term of the Agreement solely for use by Client and its Authorized Users for Client's internal business purposes and otherwise in accordance with the terms and conditions of the Agreement. 3.4. Warranties. Alight represents and warrants to Client that, throughout the term of the Agreement, the Subscription Services will perform in material accordance with the specifications in the applicable Order Form and any applicable Business Requirements Document. In the event of any failure of the Subscription Services to comply with such warranty, Alight shall, upon Client's written request, correct such failure at its own expense to the extent such correction is reasonably necessary and practical under the circumstances. Except as otherwise expressly provided in the applicable Order Form, the Subscription Services are provided "as is" and Alight does not make, and hereby disclaims, any and all other warranties (express, implied or otherwise) with respect to the Subscription Services. 3.5. Enhancements. Alight will provide to Client at no cost all updates and enhancements to the Subscription Services that Alight provides at no cost to all of its other similarly situated customers. 3.6. Restrictions. Client shall not, and shall not permit any other Person (including any Authorized User) to, (a) access or use the Subscription Services except in accordance with the terms of the Agreement and the related Documentation, (b) use the Subscription Services in any manner that does not comply with applicable laws, (c) create derivative works based on, sell, license, transfer or otherwise grant rights to, reverse engineer or otherwise attempt to obtain source code in, or take any action that may interfere with any of Alight's rights in or to, the Subscription Services, (d) bypass or breach any security protection used by, or otherwise damage or disrupt, the Subscription Services or (e) upload or otherwise provide to or through the Subscription Services any data or other material that is unlawful or intended to harm the Subscription Services or any data or systems related thereto. 3.7. Client Systems. Client shall (a) acquire, operate and maintain all software, systems, equipment and services necessary for Client and its Authorized Users to access and use the Subscription Services ("Client Systems") and (b) be responsible for all access to and use of the Subscription Services by or through Client Systems or any other means controlled by Client or any of its Authorized Users. Section 4. Professional Services. This Section applies to any Professional Services included in an Order Form. Alight represents and warrants to Client that (a) it shall provide the Professional Services in a professional and workmanlike manner, (b) the Professional Services shall conform in all material respects with the specifications for such Professional Services set forth in the applicable Order Form and any applicable Business Requirements Document, (c) its personnel shall have the skill and qualifications reasonably necessary to perform their respective duties with respect to the Professional Services and (d) it shall be responsible for payment of all salaries and social security, unemployment and other taxes related to its personnel. DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight In the event of any failure of the Professional Services to comply with such warranties, Alight shall, upon Client's written request, correct such failure at its own expense to the extent such correction is reasonably necessary and practical under the circumstances. Except as otherwise expressly provided in the applicable Order Form, the Professional Services are provided "as is" and Alight does not make, and hereby disclaims, any and all other warranties (express, implied or otherwise) with respect to the Professional Services. Section S. Compensation. 5.1. Fees and Expenses. The fees and expenses payable in connection with the Services provided under the Agreement, together with the terms under which such fees and expenses will be invoiced, paid and adjusted, shall be set forth in the applicable Order Form, and Client shall pay such fees and expenses to Alight in accordance therewith. 5.2. Taxes. The fees payable in connection with the Services do not include, and Client shall (unless Client provides Alight with a valid tax exemption) be responsible for and pay, all sales, use, excise and other taxes relating to Client's receipt of the Services; provided that Client shall not be responsible for or pay any taxes relating to Alight's income, capital, gross receipts, employees or real or personal property. Section 6. Term and Termination. 6.1. Term; Effect of Termination. The term of this SSA shall begin on the Effective Date and shall continue until terminated by either Party upon notice to the other Party. The termination of this SSA shall not result in the termination of the Agreement. The term of the Agreement shall be set forth in the applicable Order Form. The termination of the Agreement shall not result in the termination of this SSA or any other Agreement. The rights and obligations of the Parties which, by their nature, should survive termination or expiration of the Agreement, shall survive such termination or expiration. 6.2. Termination for Convenience. The Agreement may be terminated for convenience as provided in the applicable Order Form. 6.3. Termination for Cause. Each Party may terminate the Agreement for cause if the other Party materially breaches the terms of the Agreement and such breach is not cured within 30 days after the non -breaching Party delivered notice of such breach to the breaching Party. If a breach cannot reasonably be cured within such cure period and the breaching party promptly commences diligent efforts to cure such breach, then such cure period shall continue as long as such diligent efforts to cure continue. Section 7. Client Obligations. Client shall (a) provide or otherwise make available to Alight all data in Client's control (including data held by any Client vendor or other representative on Client's behalf) necessary for Alight to perform the Services, (b) obtain any licenses, authorizations, consents and approvals required for Alight to use or otherwise access any data or other materials provided or otherwise made available to Alight by or on behalf of Client or any employee or other person that is an end user of the Services ("Service Users") and (c) provide Alight with reasonable advance notice of any known event or circumstance that may impact the Services (e.g., modifications of Client policies, procedures and plans). Client shall be responsible for the accuracy and appropriateness of any data or other materials provided or otherwise made available to Alight by or on behalf of Client. Section 8. Confidentiality. 8.1. Confidential Information. For purposes hereof, "Confidential Information" means all information, irrespective of the form thereof, disclosed by or on behalf of either Party (as applicable, the "Disclosing Party") to the other Party (as applicable, the "Receiving Party") or its Representatives (as defined below) in connection with the subject matter hereof that is marked confidential or which otherwise would be understood by a reasonable person in the position of the Receiving Party to be confidential in nature, including any such information regarding the Disclosing Party's services, products, systems, software, marketing, pricing, operations, financial results, plans, strategies, trade secrets, know-how, methods and intellectual property and its relationship with employees, prospects, customers, suppliers and other third parties, as well as the terms of the Agreement; provided, however, that, except for personal data (which shall at all times be treated as confidential), "Confidential Information" shall not include any information that (a) is or becomes generally available to the public other than as a result of a disclosure thereof by the Receiving Party or its Representatives in violation hereof, (b) was DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight or becomes available to the Receiving Party from a source (other than the Disclosing Party or its Representatives) that, to the Receiving Party's knowledge, was not prohibited from disclosing such information pursuant to a contractual, legal or fiduciary obligation of confidentiality to the Disclosing Party or (c) is or was independently developed by the Receiving Party or its Representatives without the use of any information that would otherwise be Confidential Information hereunder. 8.2. Restrictions. The Receiving Party shall not use the Disclosing Party's Confidential Information for any purpose other than to exercise its rights or perform its obligations hereunder. The Receiving Party shall not, without the prior written consent of the Disclosing Party, disclose any of the Disclosing Party's Confidential Information to any unrelated third party other than the Receiving Party's affiliates and its and their directors, officers, employees, independent contractors, advisors, subcontractors, vendors, agents or other representatives (collectively, "Representatives") who, in each case, (a) reasonably require access to such Confidential Information to assist the Receiving Party to exercise its rights or perform its obligations under the Agreement and (b) have a contractual, legal, professional or fiduciary obligation of confidentiality to the Receiving Party that is consistent in all material respects with the Receiving Party's obligations of confidentiality to the Disclosing Party hereunder. The Receiving Party shall be responsible for any use or disclosure of the Disclosing Party's Confidential Information by any of its Representatives (in their capacity as such) to the extent such use or disclosure, if by the Receiving Party, would not be permitted hereunder. 8.3. Required Disclosure. Notwithstanding the foregoing, if the Receiving Party or any of its Representatives is requested or required to disclose any of the Disclosing Party's Confidential Information by law or legal process, then (a) the Receiving Party shall (if permitted by law) promptly notify the Disclosing Party and reasonably cooperate with the Disclosing Party (at the Disclosing Party's expense) in its efforts to obtain an appropriate protective order or other remedy and (b) if such protective order or other remedy is not obtained, the Receiving Party or its Representative (as applicable) may disclose that portion of the Confidential Information which is legally required to be disclosed and shall use commercially reasonable efforts to obtain reasonable assurances that confidential treatment, if available, will be accorded such Confidential Information. Notwithstanding the foregoing, the Receiving Party and its Representatives shall be permitted to disclose any Confidential Information without the consent of or notice to the Disclosing Party and without otherwise complying with the terms of this Section in connection with any ordinary course examination by a regulator, self -regulatory organization or similar supervisory authority, provided that such examination is not specifically directed at the Disclosing Party. 8.4. Obligations on Termination. Subject to any other obligations herein with respect to the return or retention of information, following termination of the Agreement, the Receiving Party shall, and shall require its Representatives to, destroy all Confidential Information in the possession, or under the control, of the Receiving Party or its Representatives in connection with the Agreement; provided, however, that the Receiving Party and its Representatives shall be entitled to retain copies of Confidential Information to the extent necessary to comply with applicable law or published professional obligations or for litigation or bona fide records retention purposes, in each case, to the extent permitted by law. 8.5. Injunctive Relief. In addition to any other remedy to which it may be entitled, the Disclosing Party shall be entitled to seek an injunction or other equitable remedy to prevent or enjoin breaches of this Section 8 (Confidentiality) by the Receiving Party or any of its Representatives. Section 9. Proprietary Rights. 9.1. Client Data. As between the Parties, all right, title and interest, including all intellectual property rights, in and to all information and other materials provided or otherwise made available to Alight by or on behalf of Client or any Service User in connection herewith shall be owned by Client ("Client Data"). Client hereby grants Alight a non-exclusive, royalty -free right to use Client Data for the purpose of performing the Services and otherwise complying with any of its obligations or asserting any of its rights under this Agreement or any Order Form. Alight may use anonymized Client Data in compliance with applicable law. 9.2. Deliverables. Client shall own all reports and records developed by or on behalf of Alight exclusively for Client in performing the Services except for any intellectual property rights of Alight or its Representatives therein (e.g., trademarks and templates) ("Deliverables"). 9.3. Alight IP. As between the Parties, all right, title and interest, including all intellectual property rights, in and to all elements of the Services (including all trade names, trade secrets, know-how, methods, software, information and other 4 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight materials) provided or otherwise made available to Client or the Service Users by or on behalf of Alight (including the Documentation), except for any Client Data incorporated therein or any Deliverable, shall be owned by Alight ("Alight IV). Alight hereby grants Client a non-exclusive, royalty -free right to use Alight IP to the extent necessary to enable Client to make reasonable use of the Services for its own internal business purposes; provided that Client shall not create derivative works based on, sell, license, transfer or otherwise grant rights to, reverse engineer or otherwise attempt to obtain source code in, or take any action that may interfere with any of Alight's rights in or to, any Alight IP. For the avoidance of doubt, Client's right to use any Alight IP made available to Client or the Service Users by or on behalf of Alight in connection with the Services shall end upon the termination of such Services except to the extent such Alight IP is embedded in a Deliverable. 9.4. Reservation of Rights. The Agreement does not grant or otherwise give either Party any right, title or interest in or to any of the other Party's intellectual property or other proprietary rights (including any such rights developed or acquired under or in connection with the Agreement), except as expressly provided herein. Section 10. Compliance with Law. Each Party shall comply in all material respects with the laws applicable to its business, operations and employment of its personnel. As between the Parties, Client shall be responsible for (a) preparing, adopting and maintaining all documents establishing Client policies, procedures and plans and ensuring that such Client documents comply with applicable law, (b) interpreting and complying with such documents and all laws applicable to Client and (c) supervising the activities of Client's vendors and other representatives (other than Alight). Client is responsible for ensuring that its own use of any data reported in connection with the Services complies with all applicable laws. To the extent applicable in connection with the Services, it is Alight's expectation that Client will provide Alight with data that, if processed for payment, would result in a payment permitted under applicable law (including OFAC). Alight does not provide legal or tax advice. Section 11. Data Protection. 11.1. Data Security and Privacy. The Parties shall comply with the terms and conditions of the Data Protection Agreement attached hereto (the "DPA"). If any "protected health information" (as defined under the Health Insurance Portability and Accountability Act of 1996) is created, received, maintained or transmitted by or on behalf of Alight for Client, then Alight and Client shall execute a Business Associate Agreement (a "BAA"). If Client directs Alight to provide Client Data or other information to any Client vendor or other representative (other than Alight), Client shall be responsible for the acts and omissions of such vendor or other representative with respect thereto. If Client requires Alight to establish single sign - on integration with Client's or any of its third party vendors' systems, Alight will not be responsible for any authentication by Client or any such third party. 11.2. Business Continuity. Alight shall maintain a business continuity and disaster recovery program based on generally accepted industry practices designed to reduce the effects of a significant disruption in Alight's operations. A summary of such program is in the DPA. 11.3. Record Retention. Alight shall maintain records relating to the Services provided, and the fees payable under, the Agreement in accordance with Alight's generally accepted accounting and business practices, as may be more specifically described in the applicable Order Form. Client shall retain duplicate copies of any Client Data it provides or otherwise makes available to Alight. Section 12. Remedies and Liability. 12.1. Indemnification. Alight(the "Indemnifying Party") shall indemnify the Client (the "Indemnified Party") against any and all losses, damages, liabilities and expenses (including reasonable attorneys' fees) (collectively, "Losses") incurred by such Indemnified Party in connection with third party claims to the extent such Losses are a result of (a) any breach of the Agreement by the Indemnifying Party, (b) any negligent or more culpable act or omission (including willful misconduct) of the Indemnifying Party or any of its Representatives in connection with the subject matter of the Agreement, (c) any bodily injury (including death) or damage to real or tangible personal property caused by any negligent or more culpable act or omission (including willful misconduct) of the Indemnifying Party or any of its Representatives in connection with the subject matter of the Agreement or (d) any infringement of the intellectual property rights of a third party by use of Alight IP (if Alight is the Indemnifying Party) or Client Data (if Client is the Indemnifying Party) as contemplated hereunder. For the avoidance of doubt, the Indemnified Party shall not be entitled to indemnification under the Agreement for any Losses DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight to the extent that such Indemnified Party has been otherwise compensated with respect to such Losses (including as a result of re -performance). 12.2. Defense of Third Party Claims. If any third party claim is threatened or otherwise asserted that would reasonably be expected to give rise to a claim for indemnification hereunder, the Indemnified Party shall deliver a reasonably detailed notice thereof to the Indemnifying Party; provided that a failure to provide such notice shall not relieve the Indemnifying Party of any liability hereunder unless, and only to the extent that, the defense of such third party claim is prejudiced by such failure. The Indemnifying Party may elect (but is not obligated) to assume and thereafter conduct the defense of such third party claim by promptly providing the Indemnified Party with notice to such effect; provided that the Indemnified Party shall have the exclusive right to assume and conduct the defense of any third party claim (a) to the extent such third party claim seeks an injunction or other equitable relief or may give rise to criminal liability, (b) if a material conflict of interest exists between the Indemnified Party and the Indemnifying Party with respect to such third party claim or (c) if the Indemnifying Party fails to vigorously defend such third party claim. If the Indemnifying Party assumes such defense, the Indemnified Party may also participate in such defense with counsel of its choice and at its expense and shall otherwise reasonably cooperate with the Indemnifying Party in such defense. Neither the Indemnified Party nor the Indemnifying Party shall enter into any settlement of, or consent to the entry of any judgment arising from, any such third party claim without the other's prior written consent (which consent shall not be unreasonably withheld, conditioned or delayed); provided that the Indemnifying Party shall not be required to obtain the Indemnified Party's consent for any such settlement or judgment that provides for the unconditional release of the Indemnified Party in connection therewith and solely involves the payment of monetary damages (i.e., no injunction or other equitable relief) for which the Indemnified Party will be indemnified hereunder. 12.3. Reserved. 12.4. Mitigation. Each Party shall use reasonable efforts to mitigate any Losses it incurs in connection with the Agreement and the Parties shall reasonably cooperate to mitigate the effects of any of the events giving rise to such Losses. 12.5. LIMITATION OF LIABILITY. Notwithstanding anything to the contrary herein, each Party's maximum aggregate liability arising from or related to the Agreement shall not in any event exceed an amount equal to the average annual fees paid or payable to Alight in connection with the Agreement (the "General Cap"); provided that such limitation shall not apply to liabilities resulting from a breach by a Party of its obligations under Section 8 (Confidentiality), Section 11.1 (Data Security and Privacy), the DPA or, if applicable, the BAA, for which liabilities a Party's maximum aggregate liability shall not in any event exceed an amount equal to the greater of $500,000 USD and the General Cap (the "Data Cap") (it being understood and agreed that liabilities subject to the General Cap shall not apply toward the Data Cap and vice versa). The limitations in this Section shall apply to any and all liabilities of any nature whatsoever and to all legal theories of recovery (including breach of contract or warranty, breach of fiduciary duty, tort (including negligence), failure of essential purpose, strict or statutory liability, contribution or any other cause of action and regardless of whether asserted as a direct claim, a third party claim or otherwise); provided that such limitations shall not apply to any liability resulting from (a) any fraudulent, criminal or willful and intentional misconduct by a Party or any of its Representatives, (b) a Party's indemnification obligations under Section 12.1(c) (Bodily Injury and Property Damage), Section 12.1(d) (IP Infringement) and Section 12.3 (Related Third Party Claims), (c) a breach by Client of any of its payment obligations hereunder or (d) any other liability which may not be limited under applicable law. Any Losses incurred by a Party as a result of any third party claim arising from or related to the Agreement that is made by any of the other Party's Representatives (and including in the case of Client any Service User) shall apply toward the General Cap or Data Cap (as applicable). 12.6. CONSEQUENTIAL DAMAGES. Notwithstanding anything to the contrary herein, to the extent permitted by law, in no event shall either Party be liable for any loss of anticipated savings, loss of data, harm to reputation, impaired goodwill or lost productivity, lost profits or revenue, diminution in value or consequential, indirect, incidental, special, punitive or exemplary damages suffered by the other Party or its Representatives arising from or related to the Agreement, regardless of the applicable legal theory of recovery (including breach of contract or warranty, breach of fiduciary duty, tort (including negligence), failure of essential purpose, strict or statutory liability, contribution or any other cause of action) or the foreseeability thereof (and whether or not such Party was advised of the possibility thereof). [: DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight Section 13. Insurance. Alight shall, at its own expense, maintain the following insurance coverages with insurers rated A- VII or better in the A.M. Best Key Rating Guide for Property and Casualty Insurance Companies: (a) workers' compensation and related insurance as prescribed by applicable law; (b) employer's liability insurance with limits of $1,000,000 USD for bodily injury per occurrence; (c) general liability insurance in the amount of $2,000,000 USD per occurrence and $4,000,000 USD in the aggregate; and (d) professional / cyber liability insurance in the amount of $5,000,000 USD in the aggregate. Upon Client's request, Alight shall provide Client with certificates of insurance evidencing such coverages. Section 14. Dispute Resolution. In the event of any dispute arising from or related to the Agreement, the Parties shall for a period of at least 30 days attempt in good faith to negotiate a resolution thereof, including by escalating the matter to the managers of the persons with direct responsibility for administration of the Agreement; provided that the foregoing shall not limit a Party's right to commence legal proceedings to prevent irreparable harm. All communications in connection therewith shall be treated as compromise and settlement negotiations without prejudice for purposes of applicable rules of evidence. Section 15. Miscellaneous 15.1. Entire Agreement. The Agreement, together with any Business Requirements Document and Change Order, the DPA and, if applicable, the BAA and all exhibits and schedules referenced herein and therein, constitutes the sole and entire agreement of the Parties with respect to the subject matter hereof and thereof, and supersedes all prior and contemporaneous understandings, agreements, representations and warranties, both written and oral, with respect to such subject matter. 15.2. Severability. If any provision of the Agreement, or the application thereof to any person, place or circumstance, shall be held by a court of competent jurisdiction to be invalid, void or unenforceable, the remainder of the Agreement and such provision as applied to other persons, places or circumstances shall remain in full force and effect and such invalid, void or unenforceable provision shall be enforced to the fullest extent permitted by law. 15.3. Amendment; Waiver. Neither this SSA nor the Agreement may be amended or otherwise modified unless such amendment or modification is set forth in writing, identified as an amendment or modification thereof and duly executed by an authorized representative of each of the applicable Parties. No provision of this SSA or the Agreement may be waived unless such waiver is set forth in writing, identified as a waiver thereof and signed by an authorized representative of the waiving Party. An amendment or waiver of this SSA shall have no effect on any Agreement in effect at the time of such amendment or waiver unless otherwise agreed by each of the applicable Parties. An amendment or waiver of the Agreement shall have no effect on this SSA or any other Agreement. Except as otherwise provided in the Agreement, no failure or delay by a Party in exercising any right under the Agreement shall operate as a waiver thereof, nor shall any single or partial exercise thereof preclude any other or further exercise thereof or the exercise of any other right. 15.4. Assignment. A Party may not assign this SSA or the Agreement without the prior written consent of the applicable non -assigning Party and any purported assignment without such consent shall be void and unenforceable; provided that a Party may, without obtaining such consent, assign this SSA or the Agreement (as applicable) to any affiliate of such Party or to any person in connection with any sale or other transfer of all or substantially all of the business or assets of such Party. Notwithstanding the foregoing, Alight may engage affiliates, subcontractors and other third parties to perform a portion of the Services; provided that Alight shall remain responsible for the performance of such Services by such affiliates, subcontractors and other third parties to the same extent as if such Services were performed by Alight. 15.5. No Third Party Beneficiaries. The Agreement shall be binding upon and inure to the benefit of the Parties and their respective successors and permitted assigns and nothing herein, express or implied, is intended to or shall confer upon any other person any legal or equitable right, benefit or remedy of any nature whatsoever under or by reason of the Agreement. 15.6. Relationship of the Parties. The relationship between the Parties is that of independent contractors and the Agreement will not establish any agency, partnership, joint venture, fiduciary, franchise or employment relationship between the Parties (or between one Party and the Representatives of the other Party). Neither Party by virtue of the Agreement shall have any right, power or authority, express or implied, to bind the other Party. Except for its express obligations hereunder, the method and manner for performance of the Services shall be under the exclusive control of Alight. VA DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight 15.7. Force Majeure; Excused Performance. Notwithstanding anything to the contrary herein, neither Party shall be liable for, nor be deemed to be in breach hereof as a result of, any failure to comply with its obligations hereunder (except for any of Client's payment obligations hereunder) to the extent attributable to any act of God, flood, fire, earthquake, hurricane, act of war or other hostility, act of terrorism, governmental action or inaction, civil unrest, national emergency, epidemic (including COVID-19), strike or other labor dispute, act or omission by a third party or a third party product or service, power, telecommunication or other service outage or any other cause or circumstance beyond the reasonable control of such Party; provided that nothing in this Section shall limit or otherwise affect Alight's obligation to execute its business continuity and disaster recovery program. The affected Party shall give the other Party prompt notice of any such event and use commercially reasonable efforts to end and minimize the effects thereof. In addition, notwithstanding anything to the contrary herein, Alight shall not be liable for, nor be deemed to be in breach hereof as a result of, any failure to comply with its obligations hereunder or any other act or omission attributable to (a) any failure by Client to comply with its obligations or perform its assigned tasks hereunder, (b) Alight's reliance upon any Client direction or any information provided or otherwise made available to Alight by or on behalf of Client or any Service User in performing the Services or (c) any act or omission of any Client vendor or other Representative (other than Alight). The Parties shall use commercially reasonable efforts to mitigate the effects of any of the foregoing circumstances. 15.8. Choice of Law; Jury Trial Waiver. This SSA and the Agreement and any dispute or claim arising out of or in connection therewith or the subject matter or formation thereof (including non -contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of the State of Delaware without regard to conflict of law principles that would cause the application of the laws of any other jurisdiction. Each Party irrevocably and unconditionally agrees that it will not commence any action, litigation or proceeding of any kind whatsoever against the other Party in any way arising from or relating to this SSA or the Agreement or the subject matter or formation thereof (including non -contractual disputes or claims), in any forum other than the federal courts located in Cook County, Illinois, USA (and any court from which an appeal therefrom may be validly taken) and hereby expressly and irrevocably submits to the exclusive personal jurisdiction and venue of such courts for the purposes thereof and expressly waives any claim of improper venue and any claim that such courts are an inconvenient forum. Each Party irrevocably and unconditionally waives any right it may have to a trial by jury in respect of any proceeding (whether in tort, contract or otherwise) arising out of or in connection with this SSA or the Agreement or the subject matter or formation thereof. 15.9. Counterparts. This SSA and each Order Form may be executed in any number of counterparts, each of which when so executed and delivered shall constitute an original, but such counterparts shall constitute one and the same instrument. This SSA and each Order Form may be executed and delivered electronically. 15.10. Interpretation. Unless the express context otherwise requires, the words "hereof", "herein", "hereunder' and words of similar import refer to the Agreement as a whole and not to any particular provision of the Agreement, references to a specific section, exhibit or schedule in this SSA or an Order Form refer to the sections, exhibits or schedules in this SSA or such Order Form (as applicable) unless otherwise expressly provided and the words "include", "including" and words of similar import shall be deemed to be followed by the words "without limitation". Each Business Requirements Document and Change Order, the DPA and, if applicable, the BAA and all exhibits and schedules referenced herein or therein are incorporated in and made a part of the Agreement as if set forth in full herein. The captions or headings in the Agreement are for convenience only and shall not be considered a part of or affect the construction or interpretation of any provision of the Agreement. 15.11. Notices. All notices under the Agreement shall be in writing and shall be deemed to have been given on the next business day after it is sent, if sent by overnight courier service (provided delivery is confirmed), or when actually received, if sent by other means, in each case, to the address of the applicable Party first written above (in the case of notices to Alight, to the attention of the Legal Dept.) or at such other address as shall be specified in the Agreement or by notice delivered in accordance herewith. 15.12. Publicity. The Parties shall agree upon the content and timing of any press release regarding the subject matter of the Agreement. Notwithstanding anything to the contrary herein, Alight may disclose in its client lists, proposals and other communications (including social media and case studies) the fact that it provides Services to Client so long as no Client Confidential Information is disclosed in connection therewith. DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht IN WITNESS WHEREOF, the Parties have caused this SSA to be duly executed as of the Effective Date. ACCEPTED AND AGREED: CITY: City of Fort Worth Contract Compliance Manager: By: Cvc�—") By signing I acknowledge that I am the person Jesica McEachern responsible for the monitoring and administration Name: of this contract, including ensuring all performance Title: Assistant City Manager and reporting requirements. Date: Dec 22, 2023 By: 9'� Name: Joanne Hinton Title: Benefits Manager Approval Recommended: Approved as to Form and Legality: By; SOD a, Ho yHM� ec 18,2 12.07CST) Name: Holly H Moyer Name: Jessika J. Williams Title: Asst. Human Resources Director Title: Assistant City Attorney Attest: Qa "� pGgT °Qa 0- �ao By: Contract Authorization: Name: Jannette S. Goodall M&C: 23-0750 Title: City Secretary VENDOR: Alight S u SATI-` y: By; 1814617AEBE942A... Daniel 7. Quinn Name: Title: VP, Sales Operations 12/15/2023 1 5:47 PM CST Date: OFFICIAL RECORD CITY SECRETARY FT. WORTH, TX I• DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht DATA PROTECTION AGREEMENT This Data Protection Agreement (this "DPA"), effective as of August 29, 2023 (the "Effective Date"), is by and between City Of Fort Worth ("Client"), and Alight Solutions LLC ("Alight" and, together with Client, each a "Party" and collectively the "Parties"). This DPA is entered into in connection with services to be provided by Alight to Client ("Services") under that certain Subscription and Services Agreement, effective as of August 29, 2023, by and between the Parties (the "Services Agreement"), pursuant to which Alight may be required to process Personal Data (as defined below). In consideration of the mutual covenants contained herein, and other valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the Parties agree as follows: Section 1. Definitions. Capitalized terms used but not otherwise defined herein shall have the meanings ascribed thereto in the Services Agreement. Unless the express context otherwise requires, any reference to the Services Agreement includes any order form, statement of work or other ordering document entered into thereunder. 1.1. "Data Protection Laws" means all applicable laws and regulations regarding privacy, security or data protection, including, as applicable, the California Consumer Privacy Act of 2018 ("CCPA"), the California Privacy Rights Act of 2020 ("CPRA"), the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), the EU General Data Protection Regulation 2016/679 ("GDPR"), the Gramm -Leach -Bliley Act ("GLBA"), the UK Data Protection Act of 2018 or the New York Department of Financial Services Regulations, as any are amended, repealed or replaced. 1.2. "Data Subject" means, with respect to any Personal Data, the subject of such Personal Data. 1.3. "Personal Data" means any information processed by or on behalf of Alight for Client in connection with the Services Agreement that (a) relates to an identified or identifiable natural person, where an identifiable natural person is one who can be identified, directly or indirectly, from such information alone or in combination with other information processed by or on behalf of Alight, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person or (b) is otherwise protected under the Data Protection Laws. 1.4. "Processing" or "Process(es)" means (a) any operation or set of operations that are performed on Personal Data or on sets of Personal Data, whether or not by automated means, including collection, storage, adaptation or alteration, retrieval, use, disclosure, erasure or destruction, and (b) any other activity involving Personal Data included in the definition of "processing" under Data Protections Laws. 1.5. "Standard Contractual Clauses" or "SCCs" means the standard contractual clauses for the transfer of personal data from the European Union ("EU") or the European Economic Area ("EEA") to third countries annexed to the Commission Implementing Decision (EU) 2021/914 of 4 June 2021, or any successor documents or transfer mechanisms. 1.6. "Subprocessor" means any person (other than an employee), including Alight's affiliates, appointed by or on behalf of Alight to Process Personal Data on behalf of Client. 1.7. "UK IDTA" means the International Data Transfer Addendum to the SCCs, version B1.0, approved by the United Kingdom ("UK") parliament on 21 March 2022, issued under Section 119A of the Data Protection Act 2018 to comply with Article 46 of the UK GDPR when making restricted transfers, or any successor documents or transfer mechanisms. Section 2. Processing Personal Data. 2.1. Instructions; Limits on Use. Client hereby appoints and instructs Alight to Process Personal Data for the purpose of performing the Services and otherwise complying with any of its obligations or asserting any of its rights under the Services Agreement and this DPA, complying with applicable law and complying with any other instruction provided by or on behalf of Client (the "Purpose"). Alight shall only retain, use, disclose or otherwise Process Personal Data for the Purpose. Client shall ensure that its instructions to Alight comply with Data Protection Laws. Alight shall immediately notify Client if, in its opinion, an instruction provided by or on behalf of Client is in conflict with any Data Protection Law; provided that Alight shall have no responsibility to seek out or discover such conflicts or to otherwise ensure that such conflicts do not exist. In the event Alight notifies Client of any such conflict, Alight may suspend the execution of the applicable instruction 10 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight to the extent necessary to avoid such conflict while the Parties cooperate in good faith to resolve such matter in a timely manner. 2.2. Limits on Disclosure. Alight shall not disclose any Personal Data to any third party except as necessary to fulfill the Purpose and otherwise in accordance with this DPA. If Alight or any of its representatives is requested or required to disclose or otherwise Process any Personal Data by law or legal process, then Alight shall (if permitted by law) promptly notify Client and reasonably cooperate (at Client's expense) in Client's efforts to obtain an appropriate protective order or other remedy. Client shall only disclose Personal Data to Alight to the extent requested by Alight or as otherwise necessary for the Purpose. 2.3. Compliance with Data Protection Laws. Each Party shall comply with its obligations under Data Protection Laws. Alight shall provide reasonable assistance to Client with meeting its obligations under Data Protection Laws in relation to the Processing of Personal Data, taking into account the nature of Alight's Processing and the information available to Alight. 2.4. Supervisory Authority Requests. If Client receives a request for information from a competent supervisory authority in relation to Processing of Personal Data by Alight (including details regarding the Purpose), Alight shall provide reasonable assistance to Client in responding to such request to the extent Client does not otherwise have access to such information, and taking into account the nature of the Processing and information available to Alight. 2.5. Data Protection Impact Assessment and Prior Consultation. Alight shall provide reasonable assistance to Client with any data protection impact assessments, and prior consultations with supervising authorities or other competent data privacy authorities, which Client reasonably considers to be required by the Data Protection Laws, in each case solely in relation to Processing of Personal Data by, and taking into account the nature of the Processing and information available to, Alight. 2.6. Data Subject Rights. Alight shall promptly notify Client if it receives any request from a Data Subject asserting rights under Data Protection Laws with respect to their Personal Data. Alight will not respond to any such request except on the written instructions (including email) of Client or as required by Data Protection Laws, in which case Alight shall, to the extent permitted by such Data Protection Laws, inform Client of such requirement prior to such response. Alight will provide Client with reasonable assistance in its efforts to fulfill its obligations to respond to such requests, including by providing access to or information about, deleting or modifying the relevant Personal Data, in each case, to the extent required under and in accordance with Data Protection Laws. If Alight is unable to provide any such assistance for reasons permitted under Data Protection Laws, Alight shall promptly notify Client of such fact and shall provide such assistance promptly after the reasons for not doing so have expired. 2.7. Return and Destruction. Upon written request of Client following termination or expiration of the Services Agreement, Alight shall, and shall require its Subprocessors to, (a) return a complete copy of all Personal Data to Client by secure file transfer in Alight's customary format and (b) delete or render permanently anonymous all other copies of Personal Data. Alight shall comply with any such written request within 20 business days. Alight and its Subprocessors may retain Personal Data as necessary to fulfill the Purpose and comply with applicable law, in which case the terms of this DPA shall continue to apply to such Personal Data for so long as it is retained. 2.8. Recordkeeping. Alight shall keep accurate and up-to-date records regarding any Processing of Personal Data, including (a) records regarding access to and security of the Personal Data, the purposes and categories of Processing the Personal Data and its Subprocessors and (b) any other records as required by Data Protection Laws. This DPA serves as record of processing activities as required under art. 30(2) GDPR. 2.9. Employees. Personal Data shall only be accessed by Alight employees who require such access to assist Alight in connection with the Purpose. Unless otherwise restricted by applicable local laws, Alight requires all new employees be subjected to a comprehensive pre -employment background check in accordance with local laws and customs. Alight requires that agreements that include non -disclosure / confidentiality provisions be signed by all new employees. Alight provides employees with periodic data security and privacy training. 11 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight 2.10. Subprocessors. Client generally authorizes Alight to appoint Subprocessors to support performance of the Services. Alight will list its Subprocessors at https://splist.alight.com/sites/SPList/pages/Home.aspx. This website will allow Client to sign up to receive email notifications of any change in the list of Subprocessors. Solely to the extent necessary to comply with Data Protection Laws, Client shall have the right to object to any such change within 10 business days of such notice; provided that Client may only object on the basis of reasonable concerns that the new or replacement Subprocessor is not capable of providing the level of protection of Personal Data required by this DPA. If Client does not object to the appointment within such period of time, Alight may engage the new or replacement Subprocessor to Process Personal Data. If Client objects to the appointment within such period of time, Alight may choose to (a) not use such Subprocessor or (b) take the corrective steps requested by Client in its objection and use the Subprocessor. Alight shall work with Client in good faith to make available materials evidencing any Subprocessor's ability to provide the level of protection of Personal Data required by this DPA. Alight shall remain responsible for the use, disclosure or other Processing of Personal Data by any of its Subprocessors to the same extent as if such use, disclosure or other Processing was by Alight. Before any Subprocessor Processes Personal Data, Alight will carry out adequate due diligence to determine that such Subprocessor is capable of providing the level of protection of Personal Data required by this DPA. The arrangement between Alight and each Subprocessor will be governed by a written contract that contains requirements that are consistent and no less stringent than those that apply to Alight under this DPA. Alight represents that it maintains a vendor security program that assesses Subprocessors' compliance with such contracts. Upon Client's written request, Alight shall make a summary of Subprocessor data protection terms available to Client (redacted, if necessary, to protect any confidential information). Section 3. Technical and Organizational Measures. Alight shall implement and maintain appropriate physical, technical, organizational and administrative measures reasonably designed to protect against the unauthorized destruction, loss, access to or alteration of Personal Data, including the measures listed in Exhibit A attached hereto and incorporated herein. The measures implemented by Alight to protect Personal Data shall be consistent and no less stringent than what is required under Data Protection Laws. Alight shall implement and maintain written privacy and information security policies consistent with industry standards. Section 4. Data Security Incident Notification and Response. 4.1. Alight shall notify Client without undue delay and in accordance with the requirements of applicable Data Protection Laws of any confirmed or reasonably suspected breach of security by Alight or any of its Subprocessors leading to the unlawful or unauthorized access, alteration, destruction, disclosure or loss of Personal Data (a "Data Security Incident"). 4.2. In the event of a Data Security Incident, Alight shall take reasonable and appropriate measures to (a) investigate the impact of such Data Security Incident, (b) identify the root cause of such Data Security Incident, (c) remedy the Data Security Incident and (d) prevent a reoccurrence of such Data Security Incident. 4.3. Alight will provide Client without undue delay information regarding the nature and consequences of the Data Security Incident, to the extent known by Alight, including any such information necessary to allow Client to notify relevant parties in accordance with Data Protection Laws. Section 5. Audits. Client may, at its own expense and upon reasonable advance notice to Alight, audit Alight's books, records and other documents to the extent necessary to verify Alight's compliance with the terms of this DPA; provided that Client may not exercise its audit rights hereunder more than one time in any 12-month period (unless otherwise required by law or in connection with any audit initiated by a governmental entity having jurisdiction over Client). Each such audit shall occur during normal business hours and shall not unreasonably interfere with Alight's normal business operations, and Alight shall not be required to disclose or otherwise provide access to any information the disclosure of which would cause Alight to violate any confidentiality obligation or applicable law. Client may engage a third party to conduct any such audit so long as such third party is not a competitor of Alight and enters into a confidentiality agreement reasonably acceptable to Alight. Audits under this DPA shall be subject to any additional terms and conditions regarding audits in the Services Agreement. Section 6. CCPA/CPRA. This Section shall apply to any Personal Data that is governed by CCPA/CPRA. 6.1. Client represents and warrants to Alight that any Personal Data disclosed by or on behalf of Client hereunder is provided solely for the Purpose, which is a "Business Purpose" (as defined under CCPA/CPRA). 12 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight 6.2. Alight shall only retain, use and disclose Personal Data for the Purpose and not for any other commercial purpose or otherwise outside the relationship between Alight and Client. Alight shall not sell or share Personal Data in violation of CCPA/CPRA. Alight shall comply with its obligations under CCPA/CPRA. Alight shall promptly notify Client if it can no longer comply with its obligations under CCPA/CPRA. 6.3. Alight acknowledges and agrees that Client shall have the right to take reasonable and appropriate steps to (a) ensure that Alight uses the Personal Data in a manner consistent with Client's obligations under CCPA/CPRA and (b) stop and remediate unauthorized use of Personal Data. 6.4. Client shall promptly inform Alight of any consumer request made pursuant to CCPA/CPRA that Alight must comply with, and provide the information necessary for Alight to comply with such request. Section 7. HIPAA. If any "protected health information" (as defined under HIPAA) is created, received, maintained or transmitted by or on behalf of Alight for Client, then Alight and Client shall execute a HIPAA business associate agreement. Section 8. Details of Processing. Certain information regarding Alight's Processing of Personal Data required by Article 28(3) of GDPR is set forth in Exhibit B attached hereto and incorporated herein. Client may make reasonable amendments to Exhibit B by notice to Alight from time to time as Client reasonably considers necessary to meet such requirements. Nothing in Exhibit B confers any right or imposes any obligation on any Party. Section 9. Cross -Border Transfers. 9.1. General. Neither Party will transfer Personal Data across borders unless such transfer complies with Data Protection Laws. The Parties will reasonably cooperate as necessary to determine whether any cross -border transfer of Personal Data between Client and Alight in connection with the Purpose complies with Data Protection Laws. 9.2. SCCs. If any transfer of Personal Data between Client and Alight requires execution of the SCCs in order to comply with Data Protection Laws, Client, as controller and data exporter, and Alight, as processor and data importer, hereby enter into (and incorporate herein by reference) the SCCs effective as of the commencement of such transfer. The Parties shall use Module II (Controller to Processor) of the SCCs, which shall be populated as follows: 9.2.1. Clause 7: The optional docking clause shall apply. 9.2.2. Clause 9: Option 2 shall apply, and the time period for notice of Subprocessor changes shall be as agreed under this DPA. 9.2.3. Clause 11(a): The optional language shall not apply. 9.2.4. Clause 13 and Annex I.C.: The supervisory authority of the Republic of Ireland shall be the competent supervisory authority. 9.2.5. Clause 17: Option 1 shall apply, and the governing law shall be the laws of the Republic of Ireland. 9.2.6. Clause 18(b): Disputes shall be resolved by the courts of the Republic of Ireland. 9.2.7. Annex I: (a) the List of Parties shall be as set forth in the Services Agreement and any applicable order form, statement of work, change order or other document more fully describing the applicable Services; (b) the Descriptions of Transfer shall be as set forth in Exhibit B (Details of Processing); and (c) the Competent Supervisory Authority shall be as set forth above. 9.2.8. Annex II: the Technical and Organisational Measures shall be as set forth in Exhibit A (Technical and Organisational Measures), which are substantially the same for Alight and its Subprocessors. 9.2.9. Annex III: the List of Subprocessors shall be maintained in accordance with Section 2.10 (Subprocessors). 13 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight 9.2.10. The Parties may supplement the Annexes to the SCCs in any order form, statement of work, change order or other document more fully describing the applicable Services, which shall be deemed incorporated herein by reference with respect to such Services. In the event of any conflict or inconsistency between this DPA or any such supplemental document, on the one hand, and the SCCs, on the other hand, the SCCs shall prevail to the extent required by Data Protection Laws. Notwithstanding anything to the contrary herein, in no event shall this DPA or any such supplemental document, directly or indirectly, prejudice the rights of data subjects under Data Protection Laws. 9.3. UK IDTA. If any transfer of Personal Data between Client and Alight requires execution of the UK IDTA in order to comply with Data Protection Laws, Client, as controller and data exporter, and Alight, as processor and data importer, hereby enter into (and incorporate herein by reference) the UK IDTA effective as of the commencement of such transfer. The UK IDTA shall be populated as follows: 9.3.1. Part 1, Table 1 (Parties): The parties shall be as set forth in the Services Agreement and any applicable order form, statement of work, change order or other document more fully describing the applicable Services. 9.3.2. Part 1, Table 2 (Selected SCCs, Modules and Selected Clauses): The UK IDTA shall be appended to the SCCs as set forth in Section 9.2 (SCCs). 9.3.3. Part 1, Table 3 (Appendix Information): The appendix information shall be as set forth in Section 9.2 (SCCs). 9.3.4. Part 1, Table 4 (Ending this Addendum when the Approved Addendum Changes): Neither Party may end the UK IDTA as set out in Section 19 thereof. 9.4. Swiss Data Protection Act. The SCCs, as set forth in Section 9.2 (SCCs), shall apply to any cross -border transfers of Personal Data governed by the Swiss Data Protection Act, with the following modifications: 9.4.1. Any references in the SCCs to "Regulation (EU) 2016/679" shall be interpreted as references to the Swiss Data Protection Act, and any references in the SCCs to specific Articles of "Regulation (EU) 2016/679" shall be replaced with the equivalent article or section of the Swiss Data Protection Act. 9.4.2. Any references in the SCCs to "EU", "Union", "Member State" or "Member State law" shall be interpreted as references to Switzerland and the laws of Switzerland, as the case may be, and shall not be interpreted in such a way as to exclude Data Subjects in Switzerland from exercising their rights in their place of habitual residence in accordance with Clause 18(c) of the SCCs. In furtherance of the foregoing, Clause 17 of the SCCs shall be modified to provide that the governing law shall be the laws of Switzerland. 9.4.3. Any references in the SCCs to "competent supervisory authority" or "competent courts" shall be interpreted as references to the Federal Data Protection and Information Commissioner of Switzerland (the "Swiss FDPIC") and the courts of Switzerland, as the case may be. In furtherance of the foregoing, (a) Clause 13 and Annex I.C. of the SCCs shall be modified to provide that the Swiss FDPIC shall have authority over data transfers governed by the Swiss Data Protection Act (it being agreed that authority over data transfers not governed by the Swiss Data Protection Act shall be as otherwise set forth in this DPA) and (b) Clause 18(b) of the SCCs shall be modified to provide that disputes shall be resolved by the courts of Switzerland. Section 10. Client Affiliates. The terms of this DPA shall apply equally to any Personal Data Processed by or on behalf of Alight for any Client affiliate. Client represents and warrants that it is and will at all relevant times remain duly and effectively authorized to enter into this DPA and perform all of its obligations hereunder on behalf of each such Client affiliate. Client shall at all times be liable for Client's affiliates' compliance with this DPA and all acts and omissions by Client's affiliates receiving Services under the Services Agreement are deemed acts and omissions of Client. Section 11. Client Obligations. If Client directs Alight to provide Personal Data to any Client vendor or other representative (other than Alight), Client shall be responsible for the acts and omissions of such vendor or other representative with respect thereto. Client shall be responsible for maintaining all rights (including the lawful legal basis), obtaining any licenses, 14 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLi�ht authorizations, approvals and consents and providing all notices, in each case, required for Alight to Process Personal Data for the Purpose. Client remains responsible for ensuring that its retention, use, disclosure or other Processing of Personal Data complies with its policies and practices and the laws applicable thereto. Section 12. Term; Effect of Termination. The term of this DPA shall begin on the Effective Date and shall continue for so long as the Services Agreement remains in effect or Alight or any of its Subprocessors retains any Personal Data. The rights and obligations of the Parties which, by their nature, should survive termination or expiration of this DPA, shall survive such termination or expiration. Section 13. Miscellaneous. 13.1. Entire Agreement. This DPA shall be deemed incorporated into and a part of the Services Agreement. This DPA, together with the Services Agreement, constitutes the sole and entire agreement of the Parties with respect to the subject matter hereof and thereof, and supersedes all prior and contemporaneous understandings, agreements, representations and warranties, both written and oral, with respect to such subject matter. For the avoidance of doubt, all claims and liabilities arising from or related to this DPA shall be brought under and subject to the terms of the Services Agreement, including any provisions therein regarding indemnification, limitation of liability, dispute resolution, choice of law or choice of forum. 13.2. Severability. If any provision of this DPA, or the application thereof to any person, place or circumstance, shall be held by a court of competent jurisdiction to be invalid, void or unenforceable, the remainder of this DPA and such provision as applied to other persons, places or circumstances shall remain in full force and effect and such invalid, void or unenforceable provision shall be enforced to the fullest extent permitted by law. 13.3. Amendment; Waiver. The Parties agree to take such reasonable actions as are necessary to amend this DPA from time to time as is necessary for the Parties to comply with Data Protection Laws. This DPA may not be amended or otherwise modified unless such amendment or modification is set forth in writing, identified as amendment or modification of this DPA and signed by an authorized representative of each of the Parties. No provision of this DPA may be waived unless such waiver is set forth in writing, identified as a waiver of this DPA and signed by an authorized representative of the waiving Party. Except as otherwise provided in this DPA, no failure or delay by a Party in exercising any right under this DPA shall operate as a waiver thereof, nor shall any single or partial exercise thereof preclude any other or further exercise thereof or the exercise of any other right. 13.4. Assignment. Neither Party may assign this DPA or any of its rights herein without the prior written consent of the non -assigning Party and any purported assignment without such consent shall be void and unenforceable; provided that each Party may, without obtaining such consent, assign this DPA as part of an assignment pursuant to and in accordance with the Services Agreement. 13.5. No Third Party Beneficiaries. This DPA shall be binding upon and inure to the benefit of the Parties and their respective successors and permitted assigns and nothing herein, express or implied, is intended to or shall confer upon any other person any legal or equitable right, benefit or remedy of any nature whatsoever under or by reason of this DPA. 13.6. Relationship of the Parties. The relationship between the Parties is that of independent contractors and this DPA will not establish any agency, partnership, joint venture, fiduciary, franchise or employment relationship between the Parties (or between one Party and a representatives of the other Party). Neither Party by virtue of this DPA shall have any right, power or authority, express or implied, to bind the other Party. 13.7. Force Majeure; Excused Performance. Notwithstanding anything to the contrary in this DPA, Alight shall not be liable for, nor be deemed to be in breach of this DPA as a result of, any failure to comply with its obligations hereunder or any other act or omission attributable to (a) any failure by Client to comply with its obligations hereunder or under Data Protection Laws, (b) any act or omission of any vendor or other representative of Client (other than Alight and its Subprocessors) or (c) any act of God or other act or circumstance beyond the reasonable control of Alight; provided that nothing in this Section shall limit or otherwise affect Alight's obligation to execute its business continuity and disaster recovery program. Each of the Parties shall use commercially reasonable efforts to mitigate the effects of any of the foregoing circumstances. 15 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht 13.8. Counterparts. This DPA may be executed in any number of counterparts, each of which when so executed and delivered shall constitute an original, but such counterparts shall constitute one and the same instrument. This DPA may be executed and delivered electronically. 13.9. Interpretation. Any ambiguity in this DPA shall be resolved in favor of a meaning that permits both Parties to comply with Data Protection Laws. Unless the express context otherwise requires, the words "hereof", "herein", "hereunder" and words of similar import refer to this DPA as a whole and not to any particular provision of this DPA, references to a specific section refer to the sections in this DPA unless otherwise expressly provided and the words "include", "including" and words of similar import shall be deemed to be followed by the words "without limitation". The captions or headings in this DPA are for convenience only and shall not be considered a part of or affect the construction or interpretation of any provision of this DPA. 13.10. Notices. All notices under this DPA to Alight shall be sent to legalrequests@alight.com. All notices under this DPA to Client shall be sent to joanne.hinton@fortworthtexas.gov. 16 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLi�ht IN WITNESS WHEREOF, the Parties have caused this DPA to be duly executed as of the Effective Date. ACCEPTED AND AGREED: CITY: City of Fort Worth By: Name: Jesica McEachern Title: Assistant City Manager Date: Dec 22, 2023 Approval Recommended: By; HoIIyH M® er (Dec 18,2 12:01 CST) Holly H Moyer Name: Title: Asst. Human Resources Director Attest: By: Name: Jannette S. Goodall Title: City Secretary VENDOR: Alight S iionsi&ighy: L�a,L"L-4. By: Daniel 7. Quinn Name: Title: VP, Sales operations 12/15/2023 1 5:47 PM CST Date: Contract Compliance Manager: By signing I acknowledge that I am the person responsible for the monitoring and administration of this contract, including ensuring all performance and reporting requirements. Y Name: Joanne Hinton Title: Benefits Manager Approved as to Form and Legality: By: o Name: Jessika J. Williams Title: Assistant City Attorney Contract Authorization: 23-0750 M&C: 17 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight Exhibit A —Technical and Organisational Measures 1. Physical Security. Alight maintains security controls for entry points, holding areas, telecommunications areas and cabling areas that contain information processing systems or media containing Personal Data. Security controls include: a. Access control and restriction by use of a defined security perimeter, appropriate security barriers, security cameras, entry controls and authentication controls, and maintenance of access logs for a period of time specified by law or policy; b. Where Alight ID cards are deployed, a requirement for all personnel, vendors, contractors and visitors to wear some form of visible identification to identify themselves as employees, contractors, vendors or visitors; c. A clear desk/clear screen policy; d. An automatic idle -lock for unattended equipment; e. A requirement for visitors to Alight's premises to be escorted at all times; and f. Where technically feasible and commercially reasonable, cameras and CCTVs. 2. Business Continuity and Disaster Recovery. Alight maintains the following business continuity controls and safeguards: a. Business continuity and disaster recovery program is based on generally accepted industry practices designed to reduce the effects of a significant disruption in Alight's operations; b. Business continuity and disaster recovery programs are tested at least annually; c. Backups of Alight systems and software used in the delivery of Services are replicated to its disaster recovery facility so that recovery can take place when there is a disaster; and d. Data is replicated to its disaster recovery facility, providing a scheduled point in time backup of the data to ensure integrity. 3. Network Security Controls. Alight maintains the following network security controls and safeguards: a. Defense -in-depth design with perimeter routers, network switches and firewall devices and default deny - all policy to protect internet presence; b. Least privilege and authenticated access for network users and equipment; c. Control of internet access by proxies; d. Two -factor authentication for remote access with a non -reusable password; e. Intrusion detection system to monitor and respond to potential intrusions; f. Real-time network event logging and investigation using a security information event management tool; g. Content filtering and website blocking using approved lists; h. Limitations on wireless access to the network; i. Policies and standards for wireless network devices; j. Prohibitions on bridging of wireless and other networks, including the corporate network; and k. Detection and disassociation of rogue wireless access points. 4. Platform Security Controls. Alight maintains the following platform security controls and safeguards: a. Maintenance of configuration/hardening standards; b. Control of changes through an internal change control process; c. Prohibition on installing unauthorized hardware and software; d. Where technically feasible, automatic session timeouts after periods of inactivity; e. Removal of vendor -supplied defaults (accounts, passwords and roles) during installation; f. Removal of services and devices that are not required by valid business needs; g. Use of an anti -virus program with timely updates; 18 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight h. Non -privileged account access on workstations and laptops; i. Full disk encryption on laptops; j. Development and test platforms will be segregated from operational platforms used in providing the Services; k. Development tools such as compilers, assemblers, editors and other general-purpose utilities within the production environment will not be permitted unless expressly required for the delivery of the Services, in which case access is restricted; and I. Software and hardware used in the delivery of the Services will be updated in line with industry standards, vendor support and security guidelines. 5. Application Security Controls. Alight maintains the following application security controls and safeguards: a. Defense -in-depth with the use of n-tier architecture for separation and protection of data; b. A secure software development life cycle (SSDLC) for application development that includes training, development, testing and ongoing assessments; c. Documentation, review, testing and approval before changes are implemented into production; d. Identification, testing and remediation of application vulnerabilities and patches in a timely manner; and e. A prohibition on using production data in development and testing environments. 6. Data and Asset Management. Alight maintains the following data and asset management security controls and safeguards: a. Technical, administrative and physical safeguards; b. Regular backups and storage of Personal Data; c. Encryption of Personal Data transmitted over public networks and on removable media; d. Use of a data loss prevention tool for end point data transfer activities involving social security numbers or other national identification numbers; e. Use of an inventory program to control the installation, ownership and movement of hardware, software and communications equipment; f. Encryption, sanitization, destruction, or purging of all physical media containing Personal Data leaving Alight's custody to ensure that residual magnetic, optical, electrical or other representation of data has been deleted, and is not recoverable; and g. Logical separation of Personal Data of an Alight client from other Alight clients. 7. Access Control and Management. Alight maintains the following access control and management security controls and safeguards: a. Monitoring and logging access and use of the Alight systems that contain Personal Data, including logging of access attempts to the Alight systems that contain Personal Data; b. Periodic review and validation of role -based access to Personal Data and prompt removal of unnecessary access; c. Unique logon ID and passwords; d. Strong passwords with minimum length, complexity and expiration requirements; e. Disabling access after a limited number of failed login attempts; and f. Rejection of previously used passwords. 8. Risk Management. Alight maintains the following risk management controls and safeguards: a. An information security risk management system aligned to The Standard of Good Practice for Information Security (Information Security Forum); b. A cycle of risk assessments of critical assets, the frequency of which are dependent on the number of residual risks identified at each site; c. Risk analysis is documented using standardized risk assessment templates; and d. Risk management activities are established when risks are defined and agreed with the asset owners. 19 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight 9. Vulnerability and Patch Management. Alight takes the following measures designed to identify and mitigate vulnerabilities that threaten Alight's ability to enforce the confidentiality, integrity, and availability of Personal Data: a. A vulnerability monitoring process that provides alerts or notifications of new fixes available, and the resulting timeframe for remediation; b. Regular scanning to identify and remediate vulnerabilities promptly; c. Classification of vulnerabilities based on severity to allow for remediation based on predetermined service level expectations; and d. Penetration tests on applicable Alight environments, including perimeter vulnerability testing, internal infrastructure vulnerability testing and application testing. 20 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht Exhibit B — Details of Processing Processing Operations The Processing operations to be carried out under this DPA are as follows: The Personal Data received on behalf of Client will be used for performing Services under the Services Agreement (e.g., payroll and other business process outsourcing services, benefits -related services, software consulting and related activities) and may include: • providing data processing software, equipment, and services through various tools, applications and vendors; • application maintenance and configuration; • data uploads and transfers; • storing or recording Personal Data; • preventing unauthorized access to or modification of Personal Data (and other non -Personal Data); • programing, printing and assembling, reviewing, and modifying statements as directed by Client; • communicating with data subjects in connection with services provided to Client; and • providing reference materials as requested by Client. The purpose of the processing operations above is to provide the Services in accordance with the Services Agreement. Data Subjects The Personal Data to be Processed by Alight on behalf of Client concern the following categories of data subjects: current, former and/or prospective employees, their relatives and family members and other representatives of Client and Client's affiliates. Categories of Personal Data to be Processed The Personal Data processed by Alight comprise of the following categories: HR/Employee data: that may include: full name; maiden name; employee identification number; user name; picture; contact information (including home and work address, home and work telephone numbers, mobile telephone numbers, web address data, home and work email address); marital status, citizenship information; date of birth; gender, • drivers' license information; national and governmental identification information; financial information (including bank account garnishments, loans, salary and account balances); benefit program information (including benefit elections, beneficiary information, claims information, benefit plan account numbers and balances, and date of retirement); payroll information; professional or employment information (including date of hire, employment status, job title, work and educational history, pay history, tax withholding information, performance records, leave information, travel information and date of termination); and such other personal data that may be transferred from (or on behalf of) Client to Alight for performing services for Client. Related persons' data: may include but not limited to: name, date of birth, gender and contact information of dependents or beneficiaries (including home address, home and work telephone numbers, mobile telephone numbers); and such other personal data that may be transferred from (or on behalf of) Client to Alight for performing services for Client. Special categories of Personal Data The Personal Data processed by Alight may include sensitive personal data including information about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life, health, genetic, biometrics or medical records, or/and criminal records. 21 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (this "BAA"), effective as of August 29, 2023 (the "Effective Date"), is by and between City Of Fort Worth ("Client"), on behalf of itself and its group health plan(s) (each such group health plan, a "Covered Entity"), and Alight Solutions LLC ("Business Associate" and, together with Client and each Covered Entity, each a "Party" and collectively the "Parties"). This BAA is intended to facilitate compliance with HIPAA Laws (as defined below) with respect to any PHI (as defined below) that Business Associate may create, receive, maintain or transmit in connection with the functions, activities and services that Business Associate performs for Client under that certain Subscription and Services Agreement, effective as of August 29, 2023, by and between Client and Business Associate (the "Services Agreement"). In consideration of the mutual covenants contained herein, and other valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the Parties agree as follows: Section 1. Definitions. 1.1. Capitalized terms used but not otherwise defined herein shall have the meanings ascribed thereto under HIPAA Laws, including the following terms: Authorization; Breach; Data Aggregation; Designated Record Set; Individual; Required By Law; Secretary; Security Incident; and Subcontractor. The terms "use", "disclose" and "discovery", and derivations thereof, although not capitalized, shall also have the meanings ascribed thereto under HIPAA Laws. 1.2. "HIPAA Laws" means (a) the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), (b) the privacy standards at 45 C.F.R. Part 160 and Subparts A and E of Part 164 (the "Privacy Rule"), (c) the security standards at 45 C.F.R. Parts 160 and 162 and Subparts A and C of Part 164 (the "Security Rule"), (d) the notification standards at 45 C.F.R. Subpart D of Part 164 (the "Notification Rule") and (e) Subtitle D of the Health Information Technology for Economic and Clinical Health Act, Division A, Title XIII of Pub. L. No. 111-51 and its implementing regulations (the "HITECH Act") and the regulations promulgated thereunder, including the HIPAA omnibus final rule. Any reference herein to a section of the Code of Federal Regulations, the Privacy Rule, the Security Rule or any other section of HIPAA Laws means such section, as amended from time to time. 1.3. "PHI" means "protected health information", "ePHI" means "electronic protected health information" and "Unsecured PHI" means "unsecured protected health information", in each case, as defined under the HIPAA Laws but only to the extent created, received, maintained or transmitted by Business Associate on behalf of Covered Entity. For the avoidance of doubt, PHI, ePHI and Unsecured PHI shall not include "employment records" as provided under HIPAA Laws. Section 2. Obligations of Business Associate. 2.1. Permissible Uses and Disclosures. Business Associate agrees to not use or disclose PHI other than as permitted or required by this BAA or as Required by Law. 2.2. Safeguards. Business Associate agrees to use appropriate safeguards to prevent use or disclosure of PHI by Business Associate other than as provided for by this BAA. Business Associate agrees to implement administrative, physical and technical safeguards, and policies and procedures, to reasonably and appropriately protect the confidentiality, integrity and availability of ePHI as required by the Security Rule. 2.3. Mitigation. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate resulting from a use or disclosure of PHI by Business Associate in violation of this BAA. 2.4. Reporting Impermissible Uses and Disclosures. Business Associate agrees to report to Covered Entity any use or disclosure of PHI by Business Associate not permitted or required by this BAA of which Business Associate becomes aware. 2.5. Reporting Security Incidents. Business Associate agrees to report to Covered Entity any Security Incident of which Business Associate becomes aware. The Parties acknowledge and agree that this Section constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence of Security Incidents that do not result in unauthorized access, use or disclosure of PHI (including pings and other broadcast attacks on Business Associate's firewall, port scans, denial -of -service attacks or any combination of the above) for which further notice shall not be required. 22 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight 2.6. Reporting Breaches. Business Associate agrees to report to Covered Entity any Breach of Unsecured PHI of which it becomes aware without unreasonable delay and in no case later than 5 days after discovery of such Breach. Any such report shall include, to the extent possible, the identification of each Individual whose Unsecured PHI has been or is reasonably believed by Business Associate to have been, accessed, acquired, used or disclosed during such Breach. In addition, Business Associate agrees to provide any other available information with respect to any such Breach that is reasonably requested by Covered Entity for purposes of providing notification to affected Individuals as required under the Notification Rule, including, to the extent possible, the date of such Breach, the date of discovery of such Breach, the types of Unsecured PHI involved in such Breach and a brief description of what Business Associate is doing to investigate such Breach, to mitigate harm to affected Individuals and to protect against any such further Breaches. 2.7. Subcontractors. Business Associate agrees to ensure that any Subcontractor that creates, receives, maintains or transmits PHI on behalf of Business Associate agrees to the same or substantially similar restrictions and conditions that apply to Business Associate under this BAA with respect to such PHI. 2.8. Governmental Audits. Business Associate agrees to make its internal practices, books and records, including policies and procedures, relating to the use and disclosure of PHI available to the Secretary for purposes of the Secretary determining Covered Entity's compliance with the Privacy Rule. Covered Entity agrees to notify Business Associate in writing within 10 days of receiving any such request from the Secretary. 2.9. Accounting of Disclosures. Business Associate agrees to maintain information as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures pursuant to 45 C.F.R. § 164.528. Upon written request by Covered Entity, Business Associate agrees to make available, within 45 days of receiving such written request, any such information to Covered Entity (or, at Covered Entity's direction, the applicable Individual) to the extent necessary for Covered Entity to comply with its obligations under 45 C.F.R. § 164.528. If Business Associate receives a request from an Individual for an accounting of disclosures of PHI pursuant to 45 C.F.R. § 164.528, Business Associate agrees to promptly notify Covered Entity of such request and, unless otherwise directed by Covered Entity, to make available to such Individual, within 60 days of receiving such request, the information regarding such accounting in its possession in accordance with such request and HIPAA Laws. For the avoidance of doubt, if, during the period covered by any accounting, Business Associate has made multiple disclosures to the same person or entity (including a Covered Entity) for a single purpose, Business Associate may provide Covered Entity or the Individual (as applicable) (a) the information required by 45 C.F.R. § 164.528(b)(2) for the first such disclosure, (b) the frequency, periodicity or number of such disclosures and (c) the date of the last such disclosure. 2.10. Access to PHI. Upon written request by Covered Entity, Business Associate agrees to make available, within 20 days of receiving such written request, any PHI in its possession that is contained in a Designated Record Set to Covered Entity (or, at Covered Entity's direction, the applicable Individual) to the extent necessary for Covered Entity to comply with its obligations under 45 C.F.R. § 164.524. If Business Associate receives a request from an Individual to make PHI available pursuant to 45 C.F.R. § 164.524, Business Associate agrees to promptly notify Covered Entity of such request and, unless otherwise directed by Covered Entity, to make available to such Individual, within 30 days of receiving such request, any PHI in its possession that is contained in a Designated Record Set for such Individual in accordance with such request and HIPAA Laws. 2.11. Amending PHI. Upon written request by Covered Entity, Business Associate agrees to amend, within 45 days of receiving such written request, any PHI in its possession that is contained in a Designated Record Set to the extent necessary for Covered Entity to comply with its obligations under 45 C.F.R. § 164.526. If Business Associate receives a request from an Individual to amend PHI pursuant to 45 C.F.R. § 164.526, Business Associate agrees to promptly notify Covered Entity of such request and, unless otherwise directed by Covered Entity, to amend, within 60 days of receiving such request, any PHI in its possession that is contained in a Designated Record Set for such Individual in accordance with such request and HIPAA Laws; provided that, if such Individual requests that Business Associate make an amendment that Business Associate is not permitted to make pursuant to the terms of the Services Agreement, then Business Associate shall refer such Individual to the Covered Entity. 2.12. Minimum Necessary. When using or disclosing PHI or when requesting PHI, Business Associate agrees to make reasonable efforts to limit such PHI to the minimum necessary to accomplish the intended purpose of such use, disclosure or request as required by 45 C.F.R. § 164.502(b). Business Associate will determine what constitutes the minimum 23 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight necessary to accomplish the intended purpose of such use, disclosure or request in accordance with the relevant provisions of HIPAA Laws (including 45 C.F.R. § 164.514(d)) and related guidance issued by the Secretary. 2.13. Covered Entity's Obligations. To the extent Business Associate is to carry out Covered Entity's obligation under the Privacy Rule, Business Associate agrees to comply with the requirements of the Privacy Rule that apply to Covered Entity in the performance of such obligation. Section 3. Permitted Uses and Disclosures by Business Associate. 3.1. Business Associate may use or disclose PHI (a) as permitted or required by the Services Agreement provided that such use or disclosure would not violate the requirements of the Privacy Rule if done by Covered Entity or Client, on behalf of Covered Entity, (b) as permitted or required by this BAA, (c) as Required by Law or (d) as otherwise directed by Covered Entity or Client, on behalf of Covered Entity. 3.2. Business Associate may use PHI for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate. 3.3. Business Associate may disclose PHI for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate if such disclosures are (a) Required by Law or (b) Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will be held confidentially and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to such person, and such person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached. 3.4. Business Associate may use PHI to provide Data Aggregation services to Covered Entity as permitted by 45 C.F.R. § 164.504(e)(2)(i)(B). 3.5. Business Associate may de -identify PHI, provided that the de -identification process conforms to the requirements of 45 C.F.R. § 164.514(b). 3.6. Business Associate may use and disclose PHI to report violations of law to appropriate Federal and State authorities, consistent with 45 C.F.R. § 164.502(j)(1). Section 4. Obligations of Covered Entity. 4.1. Covered Entity or Client shall notify Business Associate of any limitation(s) in the respective notice of privacy practices that Covered Entity produces in accordance with the Privacy Rule and any changes or limitations to such notice under 45 C.F.R. § 164.520 to the extent that such change or limitation may affect Business Associate's use or disclosure of PHI. 4.2. Covered Entity or Client shall notify Business Associate of any changes in or revocation of permission by an Individual to use or disclose PHI to the extent that such change or revocation may affect Business Associate's use or disclosure of PHI. 4.3. Covered Entity or Client shall notify Business Associate of any restriction to the use or disclosure of PHI that Covered Entity has agreed to or is required to abide by under 45 C.F.R. § 164.522 to the extent that such restriction may affect Business Associate's use or disclosure of PHI; provided that neither Covered Entity nor Client shall agree to any such restrictions unless legally required to do so. 4.4. Covered Entity or Client shall obtain all Authorizations necessary for any use or disclosure of PHI as contemplated under the Services Agreement. 4.5. Neither Covered Entity nor Client shall request that Business Associate use or disclose PHI in any manner that would not be permissible under HIPAA Laws. 24 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht 4.6. Client hereby represents and warrants that it has all requisite power and authority to enter into this BAA on behalf of Covered Entity and to perform all of Covered Entity's obligations hereunder. Section S. Designated Third Parties. In connection with the Services Agreement, Covered Entity or Client may direct Business Associate to disclose certain PHI to, or receive certain PHI from, certain third parties with whom Covered Entity or Client has a relationship (other than Business Associate's Subcontractors), including third party administrators, consultants, brokers, auditors, successor administrators or insurers, and stop -loss carriers, and/or data warehouse vendors, and data analytics and/or data integration vendors as applicable ("Designated Third Parties"). Covered Entity shall enter into and maintain an appropriate business associate agreement with each Designated Third Party, and any PHI disclosed by Business Associate to, or otherwise held by, any such Designated Third Party, shall be governed by the terms of such business associate agreement (or any other applicable agreement between Covered Entity or Client and such Designated Third Party). Business Associate shall not have any liability for the acts or omissions of any Designated Third Party. Section 6. Term and Termination 6.1. Term; Effect of Termination. The term of this BAA shall commence as of the Effective Date and shall continue until the earlier of (a) the termination of the Services Agreement in accordance with the terms thereof and (b) the termination of this BAA for cause in accordance with the terms hereof; provided that this BAA shall terminate as to any Covered Entity upon termination of such Covered Entity by Client. The rights and obligations of the Parties which, by their nature, should survive termination or expiration of this BAA, shall survive such termination or expiration. 6.2. Termination for Cause. Upon Covered Entity's or Business Associate's knowledge of a material breach of this BAA by the other Party, the non -breaching Party shall notify the breaching Party of such material breach. If such material breach is not cured within 60 days of the breaching Party's receipt of such notice (or within such longer period as the non - breaching Party may agree), or if cure is not possible, the non -breaching Party may terminate this BAA and the related portion of the Services Agreement upon written notice to the breaching Party. If termination is not feasible, the non -breaching party may report the breach to the Secretary in accordance with 45 C.F.R 164.504(e)(1)(ii). 6.3. Obligations Upon Termination. Upon termination of this BAA for any reason, Business Associate shall return or destroy all PHI that Business Associate still maintains in any form and retain no copies of such information; provided that, if Business Associate determines that the return or destruction of any PHI is not feasible (e.g., because such PHI is necessary for its proper management and administration or to carry out its legal responsibilities), Business Associate may retain such PHI, in which case Business Associate shall continue to apply the protections of this BAA to such PHI and limit further uses and disclosures of such PHI to those purposes that make the return or destruction of such PHI infeasible, for so long as Business Associate maintains such PHI. Section 7. Miscellaneous 7.1. Entire Agreement. This BAA is an amendment to, and shall be deemed incorporated into and a part of, the Services Agreement. Except as expressly provided in this BAA, all of the terms and provisions of the Services Agreement are and will remain in full force and effect and are hereby ratified and confirmed by the Parties. This BAA, together with the Services Agreement, constitutes the sole and entire agreement of the Parties with respect to the subject matter hereof and thereof, and supersedes all prior and contemporaneous understandings, agreements, representations and warranties, both written and oral, with respect to such subject matter. For the avoidance of doubt, all claims and liabilities arising from or related to this BAA shall be brought under and subject to the terms of the Services Agreement, including any provisions therein regarding indemnification, limitation of liability, dispute resolution, choice of law or choice of forum. 7.2. Severability. If any provision of this BAA, or the application thereof to any person, place or circumstance, shall be held by a court of competent jurisdiction to be invalid, void or unenforceable, the remainder of this BAA and such provision as applied to other persons, places or circumstances shall remain in full force and effect and such invalid, void or unenforceable provision shall be enforced to the fullest extent permitted by law. 7.3. Amendment; Waiver. The Parties agree to take such reasonable actions as are necessary to amend this BAA from time to time as is necessary for Covered Entity and Business Associate to comply with the requirements of HIPAA Laws. This BAA may not be amended or otherwise modified unless such amendment or modification is set forth in writing, 25 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight identified as amendment or modification of this BAA and signed by an authorized representative of each of the Parties. No provision of this BAA may be waived unless such waiver is set forth in writing, identified as a waiver of this BAA and signed by an authorized representative of the waiving Party. Except as otherwise provided in this BAA, no failure or delay by a Party in exercising any right underthis BAA shall operate as a waiver thereof, nor shall any single or partial exercise thereof preclude any other or further exercise thereof or the exercise of any other right. 7.4. Assignment. Neither Party may assign this BAA or any of its rights herein without the prior written consent of the non -assigning Party and any purported assignment without such consent shall be void and unenforceable; provided that each Party may, without obtaining such consent, assign this BAA as part of an assignment pursuant to and in accordance with the Services Agreement. 7.5. No Third Party Beneficiaries. This BAA shall be binding upon and inure to the benefit of the Parties and their respective successors and permitted assigns and nothing herein, express or implied, is intended to or shall confer upon any other person any legal or equitable right, benefit or remedy of any nature whatsoever under or by reason of this BAA. 7.6. Relationship of the Parties. The relationship between the Parties is that of independent contractors and this BAA will not establish any agency, partnership, joint venture, fiduciary, franchise or employment relationship between the Parties (or between one Party and a representatives of the other Party). Neither Party by virtue of this BAA shall have any right, power or authority, express or implied, to bind the other Party. 7.7. Force Majeure; Excused Performance. Notwithstanding anything to the contrary in this BAA, Business Associate shall not be liable for, nor be deemed to be in breach of this BAA as a result of, any failure to comply with its obligations hereunder or any other act or omission attributable to (a) any failure by Client or Covered Entity to comply with its obligations hereunder or under HIPAA Laws, (b) any act or omission of any Designated Third Party or other vendor or representative of Client or Covered Entity (other than Business Associate and its Subcontractors and other vendors and representatives) or (c) any act of God or other act or circumstance beyond the reasonable control of Business Associate; provided that each of the Parties shall use commercially reasonable efforts to mitigate the effects of any of the foregoing circumstances. 7.8. Counterparts. This BAA may be executed in any number of counterparts, each of which when so executed and delivered shall constitute an original, but such counterparts shall constitute one and the same instrument. This BAA may be executed and delivered electronically. 7.9. Interpretation. Any ambiguity in this BAA shall be resolved in favor of a meaning that permits Covered Entity and Business Associate to comply with HIPAA Laws. If any use or disclosure of PHI by Business Associate or Client under the Services Agreement would be invalidated by the terms and provisions of this BAA, the terms of the Services Agreement will be interpreted by substituting Covered Entity for Client (where appropriate) in order for such use or disclosure to be valid under this BAA. Unless the express context otherwise requires, the words "hereof", "herein", "hereunder" and words of similar import refer to this BAA as a whole and not to any particular provision of this BAA, references to a specific section refer to the sections in this BAA unless otherwise expressly provided and the words "include", "including" and words of similar import shall be deemed to be followed by the words "without limitation". The captions or headings in this BAA are for convenience only and shall not be considered a part of or affect the construction or interpretation of any provision of this BAA. 7.10. Notices. Any notice or other communication that is required to be provided to Covered Entity hereunder may be made to Client in accordance with the notice provisions set forth in the Services Agreement. 26 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLi�ht IN WITNESS WHEREOF, the Parties have caused this BAA to be duly executed as of the Effective Date. ACCEPTED AND AGREED: CITY: City of Fort Worth By: C�� Name: Jesica McEachern Title: Assistant City Manager Date: Dec 22, 2023 Approval Recommended: d1207CST, By: Foll�7, Del 13,2 Holly H Moyer Name: Title: Asst. Human Resources Director Attest: By: (J Name: Jannette S. Goodall Title: City Secretary VENDOR: Alight S u fMgC ty: By: 1814617AESE942A... Daniel 7. Quinn Name: Title: VP, Sales Operations 12/15/2023 1 5:47 PM CST Date: Contract Compliance Manager: By signing I acknowledge that I am the person responsible for the monitoring and administration of this contract, including ensuring all performance and reporting requirements. By: 9'—//'w Name: Joanne Hinton Title: Benefits Manager Approved as to Form and Legality: uJd By: Name: Jessika J. Williams Title: Assistant City Attorney Contract Authorization: M&C: 23-0750 27 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht Order Form This Order Form (this "Order Form"), effective as of August 29, 2023 (the "Effective Date"), is by and between City of Fort Worth, with its principal place of business at 1000 THROCKMORTON ST, FORT WORTH, TX 76102-6312 ("Client"), and Alight Solutions LLC, with its principal place of business at 4 Overlook Point, Lincolnshire, IL 60069 ("Alight" and, together with Client, each a "Party" and collectively the "Parties"). This Order Form adopts and incorporates by reference the terms and conditions of that certain ALIGHT SUBSCRIPTION AND SERVICES AGREEMENT, effective as of August 29, 2023, by and between Client and Alight (the "Services Agreement"). Capitalized terms used but not defined herein shall have the meanings ascribed thereto in the Services Agreement. In consideration of the mutual covenants contained herein, and other valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the Parties agree as follows: Section 1. Services. A description of the Services to be provided by Alight hereunder and certain terms and conditions thereof are set forth in the Service Schedule(s) attached hereto and incorporated herein. Section 2. Fees. The fees and expenses payable by Client to Alight in connection with the Services to be provided by Alight hereunder are set forth in the Fee Schedule attached hereto and incorporated herein. Section 3. Term. 3.1. Initial Term; Renewal. The initial term hereof (the "Initial Term") shall commence on the Effective Date and shall end on December 31, 2026 unless sooner terminated in accordance with the Services Agreement and the terms hereof. Upon the expiration of the Initial Term or any Renewal Term (together, the "Term"), this Order Form shall automatically renew for two successive one year terms (each, a "Renewal Term") unless Client provides Alight with a written termination notice at least 180 days prior to the end of the Initial Term or such Renewal Term (as applicable). 3.2. Termination for Convenience. Client may terminate this Order Form for convenience upon notice to Alight at least 180 days prior to the effective date thereof. Section 4. Additional Terms. 4.1. Plan Fiduciary. Alight shall not be a fiduciary or plan administrator within the meaning of any applicable law with respect to any Client policies, procedures or plans. Alight shall not have any discretion with respect to the management or administration of any Client policies, procedures or plans or any control or authority with respect to any Client plan assets. 28 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLi�ht IN WITNESS WHEREOF, the Parties have caused this Order Form to be duly executed as of the Effective Date: ACCEPTED AND AGREED: CITY: City of Fort Worth By: ovt Name: Jesica McEachern Title: Assistant City Manager Date: Dec 22, 2023 Approval Recommended: BD.O �f/7y/ By: Ho Iyl er(De<18,2X2:07 CST) Holly H Moyer Name: Title: Asst. Human Resources Director Attest: By: Name: Jannette S. Goodall Title: City Secretary VENDOR: Alight fFf 'Lete: By: 1814617AE8E942A._. Daniel 7. Quinn Name: Title: VP, Sales operations 12/15/2023 1 5:47 PM CST Date: Contract Compliance Manager: By signing I acknowledge that I am the person responsible for the monitoring and administration of this contract, including ensuring all performance and reporting requirements. By: Name: Joanne Hinton Title: Benefits Manager Approved as toI Form and Legality: �lav� We�ht2 By: 4 Name: Jessika J. Williams Title: Assistant City Attorney Contract Authorization: M&C: 23-0750 29 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht Fee Schedule Section 1. Definitions. Term Baseline Unit Count I Definition Baseline Unit Count n/a For each Unit (if applicable), the number of such Units used as the baseline for purposes of determining the fee applicable to such Unit. Fee Start Date n/a For each Service, the date that the fee for such Service commences. Live Date n/a For each ongoing Professional Service, the date that such Service commences. For each Subscription Service, the date that such Service commences in a production environment (which may be n/a if Alight is not responsible for implementing such Subscription Service by a targeted date). Navigation Participant 4,858 A Client employee enrolled in Client's US medical plan (excluding employees only eligible for employer -sponsored Medicare Advantage or similar supplemental programs). Unit n/a For each Service, the user, project, transaction or other item that the fee for such Service is based on. Section 2. Ongoing Service Fees. 2.1. Fee Table. Service Live Date Fee Start Date I Unit Per Unit Rate I Fee Details Alight Worklife Subscription TBD Live Date Navigation $1.00 See "Monthly Per Unit Fees' below. Services: Essentials Participant Navigation Subscription January 1, January 1, Navigation $1.36 See "Monthly Per Unit Fees' below. Services: Healthcare 2024 2024 Participant Navigation Technology Navigation Subscription January 1, January 1, Navigation $1.13 See "Monthly Per Unit Fees' below. Services: Clinical Guidance 2024 2024 Participant Technology Navigation Professional January 1, January 1, Navigation $2.89 See "Monthly Per Unit Fees" below. Services: Health Pros 2024 2024 Participant Navigation Professional January 1, January 1, Navigation $1.37 See "Monthly Per Unit Fees" below. Services: Medical Allies 2024 2024 Participant General Professional Services: n/a n/a Data File $2,500 This is an optional service that can be Data File Integration Integration performed upon request by Client. See "Per Transaction Fees" below. Fee does not apply to Client's eligibility file or any Data File Integration that is included for no additional charge pursuant to a Service Schedule. General Professional Services: n/a n/a SSO $4,000 This is an optional service that can be Optional Single Sign -On (SSO) Integration performed upon request by Client. Integration See "Per Transaction Fees" below. Fee does not apply to any SSO Integration that is included for no additional charge pursuant to a Service Schedule. 2.2. Fee Details. This following Sections apply as indicated in the fee table above. 2.2.1. Monthly Per Unit Fees. The fee for each Service will commence on the applicable Fee Start Date. If the Fee Start Date for any Service is its Live Date, and such Live Date is delayed by Client, the fee for such Service will commence as originally scheduled. The fee for each month will be invoiced in the preceding month (e.g., in January for February fees) and will equal the number of Units for such month, multiplied by the applicable Per Unit Rate. If the Fee Start Date for any Service occurs prior to its Live Date, then, for purposes of determining such fee for each month prior to such Live Date, the number of Units will equal the applicable Baseline Unit Count. For each Service billed on the basis of a Unit with a Baseline Unit Count, the minimum fee for such Service each month will equal (x) 90% of the applicable Baseline Unit Count, multiplied by (y) the applicable Per Unit Rate. 2.2.2. Per Transaction Fees. The fee for each Service will be invoiced monthly in arrears based on the number of applicable Units that occurred during the prior month. 30 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht 2.3. Fee Adjustments. All fees will be subject to a 5% annual increase on each anniversary of the applicable Fee Start Date. 2.4. Early Termination Fees. 2.4.1. If a Subscription Service is terminated by Client for convenience or by Alight for cause, then all subscription fees that would reasonably have been payable for such Subscription Service during the remainder of the applicable term thereof if not for such termination will be invoiced and payable at such time. 2.4.2. If a Professional Service is terminated by Client for convenience or by Alight for cause, then Client shall pay Alight a termination fee equal to (x) 20% of the average aggregate monthly fee that was due for the terminated Professional Service during the 12 months prior to such termination (or, if shorter, during the period of time since the applicable Live Date) without regard to any credits or other offsets, multiplied by (y) the number of months remaining in the applicable term (covers un-recouped investments, severance costs and transition costs including redeployment and wind - down costs). For purposes of determining such average aggregate monthly fee, any annual fees paid in respect of the applicable period will be de -annualized. Section 3. Pass -Through Expenses. 3.1. Except as otherwise expressly provided in this Schedule or in the applicable Service Schedule, Client will reimburse Alight for the following pass -through expenses that are paid by Alight, specific to the Services: 3.1.1. Travel -related expenses. 3.1.2. Postage, shipping, express mail and messenger services. 3.1.3. Fulfillment, printing and related supplies. 3.1.4. Additional employee communications. 3.1.5. Translation and employee location services. 3.1.6. Non -electronic records, paper files and outside records management suppliers. 3.1.7. Third party invoicing and billing portals. 3.1.8. Time and materials expenses incurred responding to requests for litigation support and research. 3.2. All pass -through expenses will be invoiced monthly in arrears. Section 4. Payment Terms. 4.1. Client shall pay Alight all fees and expenses within 30 days from date of invoice. 4.2. Interest at 0.75% per month will accrue on all past due amounts from the corresponding due date until payment is received. 4.3. Unless otherwise expressly provided in this Schedule, all payments shall be made in US Dollars (USD). 31 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight Alight Worklife Platform Service Schedule This Service Schedule describes the Worklife Platform features and functionalities. Worklife Essentials Features General Essentials allows clients to integrate HR and benefits ecosystems into a single portal that allows users to engage with their health, wealth, payroll, wellbeing, and retiree benefits through a connected user experience. The Alight Essentials mobile app is a mobile experience for employees that expands upon use cases by using native experiences and complementing that with the full access to the Alight Worklife website using responsive technologies. Authorized User Features Intelligent Virtual Assistant (IVA) provides 24/7 support to help users with questions, navigation, and transition to other support channels when appropriate. Engagement Content provides for the design (combination of strategy, consulting, and user experience), copywriting, image selection, and personalization requirements for rules -based expressions and AI -driven content. Personalized content is driven by pre -determined population definitions. Searchable Content Library Personal Dashboard and profile creation allowing for financial institutions additions, dependent summary, beneficiary designations, status trackers. Access to additional features such as "Alight Journeys," providing guidance on multi -stage life events; "Quick-links/Quick Action" and To -Dos" action center Integrated message center with personalized communications and individual communication preference controls, including push notifications. Administrator Features (Authorized Users designated by Client to have access to Administrator Features): Web portal impersonation access. Employer Portal includes an analytics tool designed to enable a data -driven strategy and operational efficiency when leveraging the analytics module. Using access to data and interactions, analytics provides clients with benchmarking and industry guidance, value realization, and insights into employee engagement. It allows for monitoring and transparency into both plan and employee level data. Centralized provision and content requirement tracking. Self-service authorization controls for Administrator tools. Client content creation tools. Communications portal supporting integrated message center, web & mobile home page alerts, direct email, mobile text and mobile app notifications. Access and Authentication Features: Access via web, IOP and Android apps. Alight Integration Center (AIC) providing access to Alight's API best practices, code optimization, access tokens and contains a suite of APIs across numerous domains, including Payroll, Supplemental, Health, Wealth, Vendor Data, and Customer Care. Includes "Getting started" guiding users on how to connect with APIs/domains as well as the "Try -it" functionality, which allows API operations to be tested and mock-up responses. User -defined ID, password and security questions (if participant is not using SSO); device registration. Biometric authentication via mobile device — utilized for mobile app and web portal. One-time codes for forgotten passwords. Provide outbound single sign -on links to client partners, using SAML 2.0 or mutually agreed upon technology, where available. This may be subject to additional charges. 32 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht Service Schedule Navigation Section 1. Introduction. This Service Schedule provides a description of Alight's Navigation Services and certain terms and conditions thereof. Section 2. Covered Population. The Services will be made available to Navigation Participants (as defined in the Fee Schedule). Certain Services may also be utilized by a Navigation Participant's dependents and other household family members (together with the Navigation Participants, "Client Members"), however, the support provided to such dependents and other family members may be more directional and educational to the extent relating to any benefit plans and programs that are not sponsored by Client. Client shall provide a single census file for all Navigation Participants in Alight standard format to the extent not provided to Alight in connection with other services performed by Alight. Section 3. Return on Investment. Alight agrees to put certain fees at risk based on cost savings generated by Services provided by Alight as set forth in the ROI Schedule attached hereto and incorporated herein. Section 4. Service Level Agreements. The service level agreements applicable to the Services are set forth in the SLA Schedule attached hereto and incorporated herein. Section S. Other Service -Specific Terms. 5.1. Unless otherwise noted, the hours of operation for the Services are defined as Alight's standard office hours in the delivery location. Unless otherwise noted, all Services will be delivered in English. The Services may be modified from time to time by Alight based on the particular needs of a Client Member or improvements to Alight's internal processes and technology. 5.2. Communications from Alight to Navigation Participants will be limited to the channels established with such Navigation Participants (e.g., email will not be an option if Alight has not received an email address for such Navigation Participant from Client). Alight may limit communications in order to establish control groups for purposes of testing message effectiveness. Communications will not be translated or editable unless otherwise noted. Navigation Participants will be able to opt out of any communications. Alight may ask Client Members to complete surveys regarding their experience with the Services. All Client reporting regarding the Services will be on a de -identified basis. Due to privacy concerns, Alight cannot make communications with Client Members available to Client in the absence of a legal requirement to do so. 5.3. Note that information provided in connection with the Services is for informational purposes only and is not medical advice, is not intended for the diagnosis or treatment of medical conditions and does not replace the judgment of healthcare professionals. While Client Members may receive healthcare provider recommendations and cost estimates, provider guidance adherence support, expert opinions and other healthcare education and assistance as part of the Services (including in some cases from licensed nurses and physicians), no physician/patient relationship is intended to be created between Alight or any of its representatives, on the one hand, and any Client Member, on the other hand, and Alight expressly disclaims the creation of any such relationship. The Client Member's physician or other healthcare providers remain responsible for their actual medical care and the associated outcomes. The Services are not an insurance product and Client Members and their insurers will remain responsible for any healthcare costs. Alight does not guarantee any particular healthcare, insurance or other outcome or result for Client Members. Section 6. Subscription Services. Line Item # I Description Healthcare Navigation Technology 1. SmartSelect MD A self-service decision support tool available within Alight Worklife that provides access to: • healthcare provider recommendations based on quality ratings and care -path cost metrics for providers and facilities • cost estimates for procedures and care based on network rates and full bundled costs (anesthesia, pathology, etc.) 33 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight Line Item # Description 2. Healthcare Navigation Engagement Content Provides employers with the ability to increase Navigation Participant engagement with the Services and certain other employer -provided programs (e.g., musculoskeletal, diabetes and cancer management) on a personalized basis by: • activating Alight's standard library of healthcare navigation content within Alight Worklife • delivering timely, targeted communications to Navigation Participants through multiple channels Al is used to analyze the following data sets on an ongoing basis to identify Navigation Participants who fit within the intended audience for such content: • demographic data provided to Alight by Client • data collected from Navigation Participants by Alight • medical claims data Such data sets may include data provided to or collected by Alight in connection with other services performed by Alight for Client. Note: The nature of and audience for personalized communications to Navigation Participants will depend upon the data sets available to Alight. Such communications and other content may be configured to include Client name and logo but otherwise consists of Alight standardized, defined configurable parameters and will not be translated or otherwise customized for Client. 3. Symptom Checker A self-service decision support tool available within Alight Worklife that uses a dynamic, AI -generated interview process to analyze user -submitted symptoms and other information to provide: • a list of possible conditions • healthcare recommendations (e.g., triage level) • educational content as appropriate • links to other relevant resources within an employer's benefits ecosystem (e.g., telehealth vendors) 4. Employer Reporting Employers will have access to Alight's standard healthcare navigation reporting via Alight's web portal, including engagement metrics. Clinical Guidance Technology 5. Clinical Guidance Engagement Content Provides employers with the ability to increase Navigation Participant engagement with Alight's clinical guidance services and certain other employer -provided programs (e.g., musculoskeletal, diabetes and cancer management) on a personalized basis by: • activating Alight's standard library of clinical guidance content within Alight Worklife • delivering timely, targeted communications to Navigation Participants through multiple channels Al is used to analyze the following data sets on an ongoing basis to identify Navigation Participants who fit within the intended audience for such content: • demographic data provided to Alight by Client • data collected from Navigation Participants by Alight • medical claims data Such data sets may include data provided to or collected by Alight in connection with other services performed by Alight for Client. Note: The nature of and audience for personalized communications to Navigation Participants will depend upon the data sets available to Alight. Such communications and other content may be configured to include Client name and logo but otherwise consists of Alight standardized, defined configurable parameters and will not be translated or otherwise customized for Client. 6. Employer Reporting Employers also have access to Alight's standard clinical guidance reporting via Alight's web portal, including engagement metrics. 34 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight Section 7. Professional Services. Legend: Client = Client responsibility Alight = Alight responsibility N/A = Not Applicable Line Item # I Description Responsible Health Pro Support 1. Provide Client Members access to personal consultants with healthcare expertise ("Health Alight Pros") offering the following assistance: • comprehensive education and navigation support with respect to the benefits available to Client Members under Client's medical plan, dental plan, vision plan, prescription drug plan, employee assistance program, health reimbursement arrangements, health savings accounts and flexible spending accounts • general education and referrals to Client's health and wellness programs (e.g. telehealth, expert opinion and condition -specific management programs), COBRA, family service and childcare programs (e.g., adoption assistance, eldercare and childcare programs) and supplemental health voluntary benefits (e.g., critical illness, hospital indemnity and accident & dismemberment), group life and disability insurance and leave administration program and benefits • healthcare provider recommendations based on quality ratings and care -path cost metrics for providers and facilities • cost estimates for procedures and care based on network rates and full bundled costs (anesthesia, pathology, etc.) • medical bill and claim review and resolution, including reviews for accuracy, coordination of benefits and appeals processes • prescription reviews for lower cost alternatives, including generics/clinical alternatives and 90-day supplies and mail order options when available • scheduling and preparing Client Members for appointments with healthcare providers, including transferring medical records Health Pros may be contacted via the Alight Worklife web portal and mobile app or phone (including via transfers from Client's benefits call center). Health Pros will be available Monday through Friday, 8:00 a.m. to 8:00 p.m. Central time, except for Alight observed holidays. A Client Member who doesn't speak English will be routed to a Health Pro who speaks their language when available. If unavailable, a Health Pro will establish contact with an interpreter service/language line on behalf of such Client Member (additional charges may apply based on high utilization rates for languages other than Spanish). The status of Health Pro requests may be tracked via the Alight Worklife web portal and mobile app. Note: Primary annual enrollment support will be provided by Client's benefits call center or other resources (not Health Pros). 2. Provide summary plan descriptions or other documents describing Client's benefit plans and Client programs to be supported, communications to employees regarding such benefit plans and programs (including any open enrollment guides) and contact information for third party providers of such benefit plans and programs. 35 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight Legend: Client = Client responsibility Alight = Alight responsibility N/A = Not Applicable Line Item # I Description Medical Ally Support Responsible 3. Provide Client Members access to licensed registered nurses and other experts with clinical Alight backgrounds ("Medical Allies') offering the following assistance: • clinically focused education, documentation and decision support for Client Member medical and behavioral health conditions healthcare provider recommendations based on quality ratings and care -path cost metrics for providers and facilities pre -appointment education, expectation setting and preparation reinforcing provider guidance adherence, including by scheduling post -appointment follow ups as appropriate Medical Allies may be contacted via the Alight Worklife web portal or phone. Medical Allies will be available Monday through Friday, 8:00 a.m. to 8:00 p.m. Central time, except for Alight observed holidays. A Client Member who doesn't speak English will be routed to a Medical Ally who speaks their language when available. If unavailable, a Medical Ally will establish contact with an interpreter service/language line on behalf of such Client Member (additional charges may apply based on high utilization rates for languages other than Spanish). Surgery Decision Support Program 4. Provide Client Members access to Alight's surgery decision support program. Current eligibility Alight requirements for the program include having a pre -engagement, physician -recommended elective surgical treatment plan for low back surgery, hysterectomy, knee replacement, hip replacement or weight loss surgery, and enrolling in the program at least 30 days in advance of the scheduled surgery. Participants in the program will have access to licensed registered nurses and other experts with clinical backgrounds offering clinically focused education, documentation and decision support with respect to their medical condition. 5. Provide a $400 incentive to all Client Members who are eligible for, enroll in and complete Alight Alight's surgery decision support program. Completion of the program requires a minimum of 30 days of engagement and completion of a survey. Such incentives will be funded out of the fees paid to Alight for the Services. 6. Satisfy all withholding, reporting, payment and other obligations with respect to any taxable Client compensation or income related to such incentives. 7. Provide information in its control regarding such incentives as reasonably necessary for Client to Alight satisfy withholding, reporting, payment and other obligations. 36 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight Legend: Client = Client responsibility Alight = Alight responsibility N/A = Not Applicable Line Item # I Description Responsible Expert Opinion Support 8. Provide Client Members access to expert opinions regarding their medical condition, including Alight the following support: • identify experts based on Alight's cost and quality analytics and Client Member's condition and preferences • schedule and facilitate Client Member appointments with expert opinion providers, when requested • provide relevant information and tools to Client Members in preparation for the expert opinion • facilitate Client Member access to a remote expert opinion instead of an in -person expert opinion if appropriate and feasible Note: All in -person expert opinions are performed by third party experts having no relationship with Alight, and the Client Member and its insurers will be responsible for the costs of such opinions. All remote expert opinions will be performed by experts retained by Alight, and the costs of such opinions will be funded out of the fees paid to Alight for the Services. Client will reimburse Alight for the cost of translating medical records to English when necessary to perform the remote expert opinion. If a Client Member participating in a remote expert opinion doesn't speak English, a Medical Ally will establish contact with an interpreter service/language line on behalf of such Client Member (additional charges may apply based on high utilization rates for languages other than Spanish). Communications Services 9. Meet with Client to design an annual communication plan based on Alight best practices. Alight 10. Implement the annual communications plan through multiple channels, including via Alight Alight Worklife, email, webinars, posters and postcards, as well as up to 1 onsite event per year. Postage costs for distribution of any print materials and travel expenses for onsite events will be reimbursable expenses. Certain communication elements are configurable to include Client organizational / program branding. Any Client custom content (including any translations from English) must be mutually agreed upon and may be subject to additional charges. 11. Provide self-service toolkit housing standard Alight digital communications collateral. Alight 12. Provide a referral guide for use by Client with other vendors in its health program ecosystem Alight that includes Alight best practices for integration and participant referrals. 13. Provide contact information (including email and home addresses) for Navigation Participants. Client 14. Reasonably cooperate with Alight in the development and implementation of Alight's Client engagement strategy with respect to the Services. Implementation Services 15. Train Alight personnel delivering ongoing Professional Services on the Client benefit programs Alight that will be supported. 16. In advance of the Live Date, Alight will configure, test and deploy the Subscription Services. As Alight part of the configuration, Alight will establish the requirements that drive eligibility for, and trigger display and communications of, the healthcare engagement content. Alight will provide Client with one review period to approve the configuration, during which Client must approve audience eligibility and requirements for personalized messages. 17. As part of the deployment, Alight will establish data integrations with Client's medical carrier(s) Alight for no additional charge, however such data integrations are contingent upon Client causing such carrier(s) to reasonably cooperate with Alight. 18. Following the initial implementation of the Services, additional charges may apply to Alight accommodate the addition of, or a change to, a Client medical, Rx, dental or vision plan (e.g., plan offering changes, plan design changes, network changes or formulary changes). 37 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht ROI Schedule Navigation Section 1. Introduction. Alight agrees to put certain fees payable in respect of the Navigation Services provided by Alight (the "Covered Fees") at risk based on the cost savings generated by Alight (the "Cost Savings"), in each case, as described in this Schedule. Section 2. Covered Fees. Covered Fees only include the ongoing fees paid in respect of the Navigation Services provided by Alight. Covered Fees do not include any fees that are non -recurring in nature (including any implementation, termination or other one-time fees) or any expense reimbursement. Section 3. Healthcare Navigation Cost Savings. 3.1. The Cost Savings generated by the Navigation Services will be calculated in respect of each solution, meaning a Client Member engagement with an Alight representative or self-service decision support tool. Such Cost Savings are intended to represent savings in medical, Rx, dental and vision expenses and other healthcare -related cost savings for Client and Client Members. 3.2. If a solution involves a recommendation (e.g., a provider or prescription recommendation) with respect to a care episode (meaning all services related to a particular medical intervention or condition), the Cost Savings associated with such solution will equal the typical price of such care episode, minus the expected price of such care episode based on such recommendation; provided, however, to the extent Client claims data is provided or otherwise made available to Alight by or on behalf of Client, the Cost Savings associated with such solution will equal the typical price of such care episode, minus the actual price of such care episode as reflected in such claims data. If claims data only becomes available for a portion of a care episode prior to the date any calculation is delivered, Cost Savings may be calculated based on that portion, with any further claims -verified Cost Savings with respect to such care episode counting towards subsequent Measurement Periods (as defined below). The typical and expected price of a care episode will be determined by Alight in good faith using available market data; provided that Alight will use available Client claims data in the first instance to determine the typical price of a care episode when feasible. 3.3. If a solution involves a Client Member's engagement with Alight's surgery decision support program, the Cost Savings associated with such solution will equal the typical price of the Client Member's surgical care path, minus the expected price of such surgical path based on such engagement; provided, however, that to the extent Client claims data is provided or otherwise made available to Alight by or on behalf of Client, the Cost Savings associated with such solution will equal the average price of the Client Member's surgical care path based on their pre -engagement, physician -recommended surgical treatment plan, minus the average price of the surgical care path actually chosen by the Client Member as reflected in Client claims data. The typical, expected and average price of a surgical care path will be determined by Alight in good faith using available market data. 3.4. If a solution involves the referral of a Client Member to a voluntary insurance product (e.g., critical illness insurance, hospital indemnity insurance or cancer insurance) under which such Client Member is eligible to make a claim, the Cost Savings associated with such solution will be equal to the amount of the claim that such Client Member is eligible to make under such product. 3.5. If a solution involves a medical bill review, the Cost Savings associated with such solution will be equal to (a) the amount payable (whether payable by the Client Member or the plan) at the outset of the solution minus (b) the final amount payable upon completion of the solution (as confirmed with the provider). Section 4. Calculation of ROI Credit. 4.1. Client will be entitled to a credit ("ROI Credit") if, for any given Measurement Period (as defined below), the aggregate amount of Cost Savings generated during such Measurement Period ("Generated Cost Savings") is less than 100% of the aggregate amount of Covered Fees paid by Client for Services performed during such Measurement Period ("Guaranteed Fee Amount"). The amount of such RO1 Credit will equal the amount (if any) by which the Guaranteed Fee Amount exceeds the Generated Cost Savings. For purposes of determining both Covered Fees and Cost Savings, the following Client populations will be excluded from the calculation: (a) employees whose employment with Client terminates during a Measurement Period as a result of a divestiture or other M&A activity (together with their related Client Members); (b) participants in a health maintenance organization or accountable care organization; (c) Medicare -eligible individuals 38 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight (including participants in a Client -sponsored Medicare supplement plan); (d) non -US residents (including residents of US territories and participants in any non -US health plan); and (e) any individuals for whom healthcare cost variance does not exist. 4.2. The RO1 Credit will be calculated in respect of (a) the period beginning on the Live Date of the Navigation Services and ending on December 31 of the year following the year in which such date occurred (the "First Measurement Period") and (b) each calendar year following the First Measurement Period (together with the First Measurement Period, each a "Measurement Period"); provided that, if the term of the Navigation Services terminates or expires on or before the last day of a Measurement Period (including as a result of a non -renewal), then there will be no ROI Credit in respect of such Measurement Period. Alight will complete each RO1 Credit calculation within 90 days after the end of the applicable Measurement Period; provided that, if Cost Savings are calculated with reference to claims data, such period will be extended by 12 months due to the lag in receiving claims data. The amount of the RO1 Credit (if any) due to Client will be applied as an offset against future invoices; provided that, if an ROI Credit has not been fully offset within 6 months following the calcu lation thereof or if there are no further invoices (e.g., at the expiration of the service term), Alight will pay the remainder of such ROI Credit to Client at such time. 4.3. If the Generated Cost Savings for any Measurement Period exceed the Guaranteed Fee Amount for such Measurement Period ("Excess Savings"), then Alight may either (a) include the amount of such Excess Savings in a recalculation of any ROI Credit that Client received in respect of any prior Measurement Period(s) (if any) and include the resulting reduction in such ROI Credit(s) as an additional charge payable by Client or (b) include the amount of such Excess Savings in the calculation of Generated Cost Savings for the following Measurement Period. Any amount payable by Client pursuant to clause (a) above will be invoiced in equal installments over the 3 months following the calculation thereof or, if there are no further invoices (e.g., at the expiration of the service term), included on the final invoice. Section S. Conditions. All of the following conditions must be satisfied throughout a Measurement Period in order for Client to be entitled to an ROI Credit in respect of such Measurement Period: 5.1. Client must make Alight's Navigation Services available to all Navigation Participants 5.2. Client must reasonably cooperate with Alight in the implementation of the Services giving rise to Cost Savings, including an executive communication regarding the Services at launch. 5.3. Client must timely provide or otherwise make available to Alight all information reasonably necessary to perform the Navigation Services, including Client claims data and any information requirements described in the applicable Service Schedule. 5.4. Client must send preferred email address to existing benefit administrator who will transmit the email addresses to Alight on the ongoing census file. As needed Alight will be able to solicit email addresses from employees. S.S. Client must send to Alight, on a monthly basis, a census file that includes all corporate email addresses issued to Navigation Participants. 5.6. Client must allow Alight to implement and use its communications best practices with respect to the Navigation Services, including monthly communications via email and use of text messages, push notifications and, if other channels are not effective in driving engagement, print communications. 5.7. Client must not make available to Navigation Participants any services not provided by Alight that are substantially similar to the Navigation Services provided by Alight. 5.8. Client must allow Alight to configure its participant -facing benefits web portal and app to prominently feature tiles, messages, links and similar elements of integration with Alight's Navigation Services (including variable and personalized content). 5.9. Client will promote Alight's services in good faith via the City of Fort Worth's communication channels (e.g., benefits materials, intranet, SBC). 5.10. Client must allow Alight to make its mobile app and web portal available to Navigation Participants. 39 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht Section 6. Exclusions. Client will not be entitled to an ROI Credit to the extent Alight's ability to generate Cost Savings is limited by circumstances beyond its reasonable control, including as a result of any change in law (e.g., healthcare price controls) or any change in Client's benefit plan design (e.g., a model with no out-of-pocket costs). 40 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C aLitht SLA Schedule Healthcare Navigation Services Section 1. General. The performance measures contained in this Schedule apply to the healthcare navigation Services provided by Alight. These performance measures are included for informational purposes only. Notwithstanding anything to the contrary in the Services Agreement, Alight shall have no liability to Client for any Service Level Default. Section 2. Definitions. 2.1. "Measurement Period" means, with respect to each Service Level, the period against which Alight will measure its performance against such Service Level. The Measurement Period for each Service Level is set forth in the Service Level Matrix. 2.2. "Performance Target" means, with respect to each Service Level, the performance target applicable to such Service Level. The Performance Target for each Service Level is set forth in the Service Level Matrix. 2.3. "Reported Period" means, with respect to each Service Level, the period against which Alight will report its performance against such Service Level. The Reported Period for each Service Level is set forth in the Service Level Matrix. 2.4. "Service Level(s)" means the performance measures set forth in the Service Level Matrix. 2.5. "Service Level Default" means, with respect to a Service Level, the failure to meet the applicable Performance Target with respect to any applicable Measurement Period. 2.6. "Service Level Matrix" means the chart in this Schedule that sets forth the performance measures. Section 3. Service Level Methodology. Alight will measure and report its performance of the Services against the Service Levels as set forth herein. 3.1. Commencement of Obligations. 3.1.1. Reporting of all Service Levels will commence on the applicable Live Date. 3.2. Reporting and Measurement. 3.2.1. Alight will report performance results for each Service Level for each Reported Period. 3.2.2. Alight will use its own tools for measuring Service Levels. 3.2.3. Service Level reporting, including any data and detailed supporting information, will be Alight Confidential Information. 3.2.4. For any Service Levels measured as a percentage where the Performance Target is less than 100%, it is intended that the overall volumes of transactions or records measured will be large enough to reach a single occurrence threshold, meaning that a single failure by Alight during the Measurement Period would not cause Alight to fail to meet such Performance Target. If during a Measurement Period, the volume measured is less than the single occurrence threshold, then the following methodology will be used to adjust such volume to determine whether there is a Service Level Default: (a) the total number of transactions or records occurring during such Measurement Period shall be multiplied by the stated Performance Target; and (b) if the product of that multiplication is not a whole number, then such product shall be rounded down to the nearest whole number. 3.2.5. Alight enterprise -wide results will be used instead of client -specific results for all Service Level categories. 3.2.6. If the term of the Services underlying any Service Level terminates or expires before the last day of a Measurement Period (including as a result of a non -renewal), then there will be no reporting or measurement in respect of such Measurement Period. Section 4. Excused Performance. Alight will not be responsible for a Service Level Default to the extent such Service Level Default was attributable to any of the following: 4.1. Any act of God or other act or circumstance beyond the reasonable control of Alight. 4.2. Alight operating under its business continuity and disaster recovery plan. 41 DocuSign Envelope ID: 3F1 D16E8-F736-404D-B2DB-96D482A5226C alight 4.3. Any failure by Client to comply with its obligations or perform its assigned tasks under the Services Agreement, Alight's reliance upon any Client direction or any information provided or otherwise made available to Alight by or on behalf of Client or any Service User in performing the Services, or any act or omission of any Client vendor or other Representative (other than Alight). 4.4. Reductions in Services or resources requested or approved by Client and agreed to by the Parties through the Change Order procedures; provided that Alight has previously notified Client as part of such Change Order procedures that the implementation of such change could result in such Service Level Default. 4.5. Significant (i.e., more than 120% in a month) unplanned volume increases. Section S. Service Level Matrix Category Service Definition Level Customer Care Daily Average Speed to Average Answer (ASA) is Speed to defined as the Answer amount of time a participant waits to speak with an Alight representative after the call is transferred to the automated call distribution (ACD) system. Case Case Measures the Management Manageme number of Health nt - 2 Days Pro cases that were resolved on time. "On time" is defined as 2 business days. Case types included are doctor recommendations , cost estimates, insurance benefit questions and prescription reviews only. Cases that require follow-up outside Alight's control are excluded from any calculation. Participant Net Measures Satisfaction Promoter customer Score satisfaction using surveys. If a 10-point scale is used, ratings of 9-10 are considered promoters, ratings of 6 or less are considered detractors, and Calculation Calculated as the number of days the ASA is under 5 minutes, divided by the total number of days in the Measurement Period. Reported Measurement Performance Target Period Period Quarterly Quarterly 80% (70% during the quarter with annual enrollment) Number of cases Quarterly Quarterly 90.0% closed on time, divided by the total number of cases closed. Percentage of Annual Annual +60 promoters minus percentage of detractors. 42 DocuSign Envelope ID: 3F1D16E8-F736-404D-B2DB-96D482A5226C dio%ht Category Service Definition Calculation Reported Measurement Performance Target Level Period Period other ratings are considered passive and not included in the measurement. If a 5-point scale is used, ratings of 4- 5 are considered promoters, ratings of 1-2 are considered detractors, and other ratings are considered passive and not included in the measurement. 43 DocuSign Envelope ID: 3F1D16E8-F736-404D-B2DB-96D482A5226C ADDENDUM TO ALIGHT SUBSCRIPTION AND SERVICES AGREEMENT BETWEEN THE CITY OF FORT WORTH AND ALIGHT SOLUTIONS LLC This Addendum to the Alight Subscription and Services Agreement ("Addendum") is entered into by and between Alight Solutions LLC ("Vendor") and the City of Fort Worth ("City"), collectively the "Parties." The Contract documents shall include the following: 1. The Alight Subscription and Services Agreement and all Attachments or Exhibits thereunder; and 2. This Addendum. Notwithstanding any language to the contrary in the attached Alight Subscription and Services Agreement (the "Agreement"), the Parties hereby stipulate by evidence of execution of this Addendum below by a representative of each party duly authorized to bind the Parties hereto, that the Parties hereby agree that the provisions in this Addendum below shall be applicable to the Agreement as follows: 1. Term. The Agreement shall become effective upon the signing of the Agreement by an Assistant City Manager of the City (the "Effective Date") and shall expire on December 31, 2026 (the Expiration Date"), unless terminated earlier in accordance with the provisions of the Agreement. The Agreement may be renewed for two (2) successive one-year renewal options, at the Parties' mutual agreement, each a "Renewal Term." City shall provide Vendor with written notice of its intent to renew at least thirty (90) days prior to the end of each term. 2. Termination. a. Convenience. Either City or Vendor may terminate the Agreement at any time and for any reason by providing the other party with 180 days written notice of termination. In the event City terminates for convenience in accordance with this provision, any unamortized implementation costs estimated to be a total of $134,593 at project start shall be invoiced as an equitable adjustment based actual costs and the time remaining in the initial term, so long as those funds have been appropriated. b. Breach. If either party commits a material breach of the Agreement, the non - breaching Party must give written notice to the breaching party that describes the breach in reasonable detail. The breaching party must cure the breach thirty (30) calendar days after receipt of notice from the non -breaching party, or other time frame as agreed to by the parties. So long as Vendor makes good faith efforts to cure the breach within the initial cure period or if the breach is not able to be cured within the initial period, City shall extend the cure period by another thirty (30) calendar days to permit the Vendor to complete the cure. If the breaching party fails to cure the breach within the initial or extended period of Addendum Page I of 4 DocuSign Envelope ID: 3F1D16E8-F736-404D-B2DB-96D482A5226C time, the non -breaching party may, in its sole discretion, and without prejudice to any other right under the Agreement, law, or equity, immediately terminate this Agreement by giving written notice to the breaching party. With respect to the City, for the avoidance of doubt, a material breach would include but is not limited to breach of payment obligations, confidentiality, or proprietary obligations under the SSA or relevant Order Form. C. Fiscal Funding Out. In the event no funds or insufficient funds are appropriated by City in any fiscal period for any payments due hereunder, City will notify Vendor of such occurrence at least 60 days in advance and the Agreement shall terminate on the last day of the fiscal period for which appropriations were received without penalty or expense to the City except as to the portions of the payments herein agreed upon for which funds have been appropriated. d. Duties and Obligations of the Parties. In the event that the Agreement is terminated prior to the Expiration Date, City shall pay Vendor for services actually rendered up to the effective date of termination and Vendor shall continue to provide City with services requested by City and in accordance with the Agreement up to the effective date of termination. Upon termination of the Agreement for any reason, Vendor shall provide City with copies of all completed or partially completed documents prepared under the Agreement. In the event Vendor has received access to City information or data as a requirement to perform services hereunder, Vendor shall return all City provided data to City in a machine readable format or other format deemed acceptable to City. Any required transition services requiring additional funding and needing new or different appropriations would occur via a Change Order. In addition, any unamortized implementation costs shall be reimbursed by City, so long as those funds have been appropriated. 3. Law and Venue. The Agreement and the rights and obligations of the parties hereto shall be governed by, and construed in accordance with the laws of the United States and state of Texas, exclusive of conflicts of laws provisions. To the extent allowable under law, venue for any suit brought under the Agreement shall be in a federal court of competent jurisdiction in Tarrant County, Texas. To the extent the Agreement is required to be governed by any state law other than Texas or venue in Tarrant County, City objects to such terms and any such terms are hereby deleted from the Agreement and shall have no force or effect. 4. Insurance. The City is a governmental entity under the laws of the state of Texas and pursuant to Chapter 2259 of the Texas Government Code, entitled "Self -Insurance by Governmental Units," is self -insured and therefore is not required to purchase insurance. To the extent the Agreement requires City to purchase insurance, City objects to any such provision, the parties agree that any such requirement shall be null and void and is hereby deleted from the Agreement and shall have no force or effect. City will provide a letter of self -insured status as requested by Vendor. 5. Sovereign Immunitv. Nothing herein constitutes a waiver of City's sovereign immunity. To the extent the Agreement requires City to waive its rights or immunities as a government entity; such provisions are hereby deleted and shall have no force or effect. Addendum Page 2 of 4 DocuSign Envelope ID: 3F1D16E8-F736-404D-B2DB-96D482A5226C 6. Limitation of Liabilitv and Indemnity. Reserved. 7. IP Indemnification. Reserved. 8. Confidential Information. City is a government entity under the laws of the State of Texas and all documents held or maintained by City are subject to disclosure under the Texas Public Information Act. To the extent the Agreement requires that City maintain records in violation of the Act, City hereby objects to such provisions and such provisions are hereby deleted from the Agreement and shall have no force or effect. In the event there is a request for information marked Confidential or Proprietary, City shall promptly notify Vendor. It will be the responsibility of Vendor to submit reasons objecting to disclosure. A determination on whether such reasons are sufficient will not be decided by City, but by the Office of the Attorney General of the State of Texas or by a court of competent jurisdiction. 9. Addendum Controlling. If any provisions of the attached Agreement, conflict with the terms herein, are prohibited by applicable law, conflict with any applicable rule, regulation or ordinance of City, the terms in this Addendum shall control. 10. Right to Audit. No more than one time per year and at the City's expense, Vendor agrees that City shall, until the expiration of three (3) years after final payment under the Agreement, have access to and the right to examine any directly pertinent books, documents, papers and records of Vendor involving transactions relating to the Agreement. City agrees that it will sign a Non -disclosure Agreement (NDA) related to such audit. However, the NDA is subject to all relevant law. City is a government entity under the laws of the State of Texas and all documents held or maintained by City are subject to disclosure under the Texas Public Information Act. In the event there is a request for information marked Confidential or Proprietary, City shall promptly notify Vendor. It will be the responsibility of Vendor to submit reasons objecting to disclosure. A determination on whether such reasons are sufficient will not be decided by City, but by the Office of the Attorney General of the State of Texas or by a court of competent jurisdiction. Vendor agrees that City shall have access during normal working hours to all necessary Vendor facilities and shall be provided adequate and appropriate workspace in order to conduct audits in compliance with the provisions of this section. City shall give Vendor reasonable advance notice of intended audits and City will limit the scope of the audit to be minimally intrusive so as to mitigate overall disruptions to Vendor's overall operations and services Vendor provides to other clients. Notwithstanding the fact that Client signs an NDA under this provision, Vendor shall not have access to the confidential or proprietary information Vendor possesses from other clients or confidential information about its systems or networks. (Signature page follows) Addendum Page 3 of 4 DocuSign Envelope ID: 3F1D16E8-F736-404D-B2DB-96D482A5226C ACCEPTED AND AGREED: CITY: City of Fort Worth By: C>TSL-1 Name: Jesica McEachern Title: Assistant City Manager Date: Dec 22, 2023 Approval Recommended: By: Hot er (Dec 18, 2 12:07 CST) Name: Holly H Moyer Title: Asst. Human Resources Director Attest: By: Name: Jannette S. Goodall Title: City Secretary VENDOR: Alight Solutions LLC DocuSigned by: 4a..,";a -4. Q."� By: zi i c �� Name: Dam e i 66i nn Title: VP, Sales Operations Date: 12/15/2023 1 5:47 PM CST Contract Compliance Manager: By signing I acknowledge that I am the person responsible for the monitoring and administration of this contract, including ensuring all performance and reporting requirements. By. c' /, . Name: Joanne Hinton Title: Benefits Manager Approved as to Form and Legality: By: OO Name: Jessika J. Williams Title: Assistant City Attorney Contract Authorization: M&C: 23-0750 Addendum Page 4 of 4 12/18/23, 10:29 AM M&C Review CITY COUNCIL AGENDA Create New From This M&C DATE: 9/12/2023 REFERENCE **M&C 23- LOG NAME: 13P RFP 23-0072 MEDICAL NO.: 0750 CONCIERGE SERVICES CODE: P TYPE: CONSENT PUBLIC NO HEARING: SUBJECT. (ALL) Authorize Execution of an Agreement with Alight Solutions, LLC for Health Care Concierge and Disease Management Services for a Three -Year Initial Term for an Annual Amount Up to $1,550,000.00 for the Human Resources Department Official site of the City of Fort Worth, Texas FORT WORTH �v RECOMMENDATION: It is recommended that the City Council authorize execution of an agreement with Alight Solutions, LLC for health care concierge and disease management services for a three-year initial term for an annual amount up to $1,550,000.00 and authorize two, one-year renewals for the same amount for the Human Resources Department. DISCUSSION: The Human Resources Department approached the Purchasing Division to procure an agreement for health care concierge and disease management services. These services will help connect employees, retirees and their families on the health plan to low cost, high quality physicians and facilities. These services will also include coordinating care by verifying coverage, scheduling appointments, helping to transfer medical records and informing employees about different programs and resources that are applicable for their individual situations. They will also be there to assist with medical bill review after services are complete and answer basic benefits questions. The Clinical guidance will deliver a high touch clinical support team to help guide employees and retiree in their healthcare journeys. In order to procure these goods, staff issued Request for Proposal (RFP) No. 23-0072. The RFP consisted of detailed specifications for the care concierge/disease management services. The RFP was advertised in the Fort Worth Star -Telegram on May 17, 2023, May 24, 2023, and May 31, 2023, June 7, 2023, and June 14, 2023. The City received eight (8) responses. An evaluation panel consisting of representatives of the Human Resources and Library Departments reviewed and scored the remaining submittals using Best Value criteria accordance with the criteria below. a. Cost vs Impact on Claims b. Reporting c. Access to information d. Customer Service Levels e. Cost The individual scores were averaged for each of the criteria and the final scores are listed in the table below Bidders Evaluation Factors a b c d e Alight Solutions, LLC 12.50 10.13 17.50 18.75 13.07 Vera Whole Health, Inc. dba Apree Health 12.00 8.63 16.25 15.00 15.00 Sharecare Operating Company, Inc 11.00 7.88 13.75 11.88 0.00 Rightway Healthcare, Inc 10.50 7.50 12.50 13.75 0.00 Quantum Health, Inc 11.00 7.13 12.50 13.13 0.00 Health Advocate 9.50 8.63 13.13 11.88 0 Accolade Inc Bidder did not meet technical points; therefore, cost was not 11.00 7.13 13.75 9.38 evaluated. Total Scores 71.95 66.88 44.50 44.25 43.75 43.13 41.25 HealthJoy Bidder did not meet technical points; therefore, cost was not 9.50 6.75 10.00 8.13 evaluated. 34.38 The top two firms were interviewed on July 21, 2023 and the City requested a Best and Final Offer (BAFO) from the respondents. apps.cfwnet.org/counci I_packet/mc_review.asp? I D=31376&counci ddate=9/12/2023 1 /2 12/18/23, 10:29 AM M&C Review After evaluation of the BAFO, the panel concluded that Alight Solutions, LLC presented the best value to the City. Therefore, staff recommends that Council authorize this purchase with Alight Solutions, LLC. Staff certifies that the recommended vendor bid met specifications. Funding will be budgeted in the Human Resource Department's Claims Administration Expense account within the Group Health Insurance and Retiree Healthcare Trust Funds for Fiscal Year 2024. DIVERSITY AND INCLUSION (DVIN) - A waiver of the goal for Business Equity subcontracting requirement is approved by the DVIN-BE, in accordance with the Business Equity Ordinance, because the purchase of goods or services is from sources where subcontracting or supplier opportunities are negligible. AGREEMENT TERMS - Upon City Council approval, this agreement shall begin upon execution and expire three years from that date. RENEWAL TERMS -This agreement may be renewed for two additional one-year renewal periods. This action does not require specific City Council approval provided that the City Council has appropriated sufficient funds to satisfy the City's obligations during the renewal term. ADMINISTRATIVE CHANGE ORDER: An administrative change order or increase may be made by the City Manager up to the amount allowed by relevant law and the Fort Worth City Code and does not require specific City Council approval as long as sufficient funds have been appropriated. FISCAL INFORMATION/CERTIFICATION: The Director of Finance certifies that upon approval of the above recommendation and adoption of the Fiscal Year 2024 Budget by the City Council, funds will be available in the Fiscal Year 2024 operating budget, as appropriated, in the Group Health Insurance and Retiree Healthcare Trust Funds. Prior to an expenditure being incurred, the Human Resource Department has the responsibility to validate the availability of funds. BQN\\ TO Fund Department Account Project Program Activity Budget Reference # Amount ID ID Year (Chartfield 2) FROM Fund Department Account Project Program Activity Budget Reference # Amount ID ID Year (Chartfield 2) Submitted for City Manaaer's Office bv: Originating Department Head: Additional Information Contact: ATTACHMENTS Reginald Zeno (8517) Jesica McEachern (5804) Reginald Zeno (8517) Dianna Giordano (7783) Jo Ann Gunn (8525) Taylor Dean (7648) FIDS table Medical Concierae Services.xlsx (CFW Internal) Form 1295 Aliaht Solutions Executed 7-31-23.odf (CFW Internal) SAMS Aliaht Solutions. LLC.Ddf (CFW Internal) Waiver of Business Eauitv Goal Health Concierae 230403 GV.Ddf (CFW Internal) apps.cfwnet.org/counci I_packet/mc_review.asp? I D=31376&counci ddate=9/12/2023 2/2