Oklahoma statutes and rules contain certain requirements for specific contract clauses to be included in IT contracts, e.g., source code escrow, accessibility and patented property and copyrighted materials developed by the State (62 O.S 34.31; OAC 260:115-7-54).

When a Supplier will have access to or be processing, storing or transmitting State or citizen data, the Supplier will be required, prior to contract award, to submit a security assessment questionnaire [insert link] and the information provided will be evaluated by the State Chief Information Security Officer on behalf of the CIO. The purpose of the evaluation is to access the physical and information security risk to State or citizen data in order to inform good business decisions. Additional terms [insert link to terms] relating to Supplier obligations in such instances are required to be included in a contract involving Supplier access, processing, storage or transmission of State or citizen data.