What is a Security Service Agreement?
A Security Service Agreement (SSA) is a contract between a business and a security services provider that outlines the specific security services to be provided to the business. The purpose of an SSA is to ensure the safety and security of a business’s employees, customers, assets, and premises by providing clear guidelines on the obligations of both parties to the agreement. SSAs can cover a wide range of security services , including, but not limited to, ATM services, business security monitoring, perimeter and property security, burglar alarms, guard and patrol services, technical services, treasury services, contingency planning, and litigation security. Although an SSA may cover multiple security services, each service is typically quoted and priced separately in an SSA.
What should be in a Security Service Agreement?
A comprehensive security service agreement should be well-structured and include crucial components. The following sections are ones that a smart security service agreement should include:
Scope of Services – A clearly defined scope of services is essential. If there are multiple elements, this section should detail the specific services the contractor will provide. A security company could be hired for an array of purposes from hourly patrol to after-hours emergency response to armed guards at facilities in high-crime areas to trained dispatchers manning monitoring stations to keep an eye on live feeds from security cameras. Some contracts contain language that the agreement is for minimum staffing levels and can be increased as needed. In addition, many clients have special needs or circumstances that may not be addressed in standard security contracts. This is a great chance to include a provision detailing any additional or specialized security services that have not been addressed in other sections of the security service contract.
Duration – The duration of the agreement is another critical aspect of the contract that both the client and the security services provider should agree upon and outline in the document. If there is more than one type of service offered, it is best to detail the duration of each individually, as in,
Confidentiality Clauses – Security guard companies are privy to a vast amount of confidential information, from the locations of your facilities to the time sensitive data to the identity of the board of directors. For this reason, a security contractor should include strong confidentiality clauses in the security contracts and other agreements they have with their clients. In fact, most security services contractors include a clause stating that the contractor will hold any and all information about the client, its affiliates, employees and customers in the strictest confidence and will not reveal any information about the client that has not been approved for release. A large part of what a security guard company does is collect, monitor and process information. This data is often sensitive in nature. And, in today’s digital world, there is the potential for data to be leaked. Therefore, consulting with a lawyer about digital confidentiality agreements makes sense, as does nondisclosure agreements (NDAs) for your security guard company employees.
Termination Conditions – Security services agreements tend to be lengthy and have many conditions, clauses, and covenants. However, even the most meticulous security agreements have loopholes and flaws. When a security guard company enters into a contract with a client, it becomes law. It is crucial that it is in compliance with both parties’ obligations and rights under this document. Therefore, you need to make sure the termination conditions are clear and unambiguous. Many security service contracts include termination clauses that state that either party can terminate for any reason with 30 (or more) days’ notice. Other termination clauses may provide for immediate termination for "cause," such as breach of contract. At the same time, the contract should be reviewed to determine how the company can exit the agreement. There are also contractual provisions regarding automatic renewal of an agreement. These provisions should be understood and clearly addressed in the agreement so that both parties know when the contract will expire and be able to plan accordingly if the contract terms are not satisfactory when it expires.
Tailoring a Security Service Agreement
There are no "standard" security service agreements. A business should always customize its security service agreement to fit its specific needs. This customization can be as extensive as eliminating entirely provisions that come from a different industry and are simply not relevant to the business, or as narrow as adding specific language to a provision already contained in the security service agreement that fits the business’s particular needs.
There are also many circumstances in which particular provisions of a security service agreement will depend on "negotiation" and the specific facts and circumstances between the parties. For example, security service agreements often provide for a certain level of exclusivity with respect to other customers of the security company. Very large businesses (Fortune 1000 and otherwise), in negotiating a security service agreement, will push for increased exclusivity language that prevents their security company from providing services for certain specific competitors of the Fortune 1000 Business.
In addition, depending on the nature of the business, certain security service agreements require industry-specific provisions. For example, if a business is a financial organization, one commonly required provision is a requirement to comply with the applicable state or federal privacy rules and regulations (for example, the Gramm-Leach-Bliley Act or the Health Insurance Portability and Accountability Act (HIPAA)).
Security Service Agreements: Legal Issues
When it comes to security service agreements, there are several legal considerations that must be considered in the drafting process. For example, liability is a huge issue when it comes to these types of agreements. In many cases, the security company can be held liable for any loss of property during the service agreement term.
In this instance, the same service agreement should specifically exclude liability for any loss of property during the service agreement term. In many instances, it may not be clear if the security company was negligent. To avoid liability, the company should clearly exclude liability in the service agreement. The service agreement can specifically state that the security company cannot be held liable for any loss of property. However, as a general contract rule, parties can agree to not limit liability for fraud, gross negligence and willful misconduct.
Another common issue is negligence. If a security company agrees to provide security services to a client , and the client claims that the employee was negligent and that the negligence caused an event such as theft, the client could seek recourse against the company and its employee. However, if the security company and employee also agree to indemnify the client for any losses incurred due to negligence in the performance of services, then the client can’t pursue the security company for such damages or losses. It’s important that the company also discuss the indemnification clause with its insurance provider before agreeing to such clause terms, so that the insurance policy adequately covers any potential liabilities.
Dispute resolutions have also proven problematic in these types of agreements. In the service agreement, the company should specifically state what process will be used to resolve disputes. The company can state that it will only use Alternative Dispute Resolution (ADR) methods to settle disputes, which can be binding or non-binding. Using ADR processes will certainly reduce costs for both parties involved as it eliminates the use of the courts to settle disputes.
Managing a Security Service Agreement: Best Practices
When it comes to managing Security Service Agreements (SSAs), there are a number of best practices that can help ensure a successful relationship between the business and the vendor.
First and foremost, the business should have clear policies and procedures for managing agreements and related documents. This means establishing a centralized repository for all documents, including the SSA, Statement of Work, Non-Disclosure Agreements, and System Security Plans. It also means keeping a log of all activities related to the agreement, including meetings with the vendor, changes made to the agreement, and any issues that arise during the life of the SSA. By having all the documents and information in one place and ensuring everyone involved in the process knows where to find the documents and what their responsibilities are, the business will be better served in both the short- and long-term.
The business should also keep an eye on the confirmation clause thresholds and any modifications that the vendor may want to make to thresholds. Likewise, businesses should keep a close eye on change orders to the Statement of Work and Monitor List to ensure accuracy and completeness. Ensuring that every change is properly documented and reflected in the Statement of Work is crucial.
Finally, the business should proactively encourage communication between all parties involved in the relationship. This means establishing a single point of contact for all vendor-related matters, communicating regularly with the vendor, and ensuring everyone knows they can raise issues without fear of retribution.
Security Service Agreements: Common Pitfalls
One of the most prevalent mistakes made is failing to include the appropriate scope of work or duties to the situation that is being protected. A prime example comes from a case in California in the early 1990s. It was a well known department store security case where a store lost a large quantity of certain types of fragrances in their perfume department and placed blame on their private security company for not providing the level of service they contracted for. What had happened was that they had already experienced shrinkage in that department and the manager of the store evaluated his security needs and purchased a more elaborate security system including motion detection devices for that one area alone . The problem occurred when the loss started again and the store manager alleged that the security company failed to meet that higher level of protection.
What this store manager failed to do was revise his Security Service Agreement with that security company to reflect his change in needs. After much litigation the courts sided with the security company. The court ruled that the contract was signed as it stood and that the manager assumed the risk that something of that nature could happen and should have provided the physical level of protection with his loss prevention staff at those perfume displays until he amended the contract. As a takeaway from this case, the selection of personnel assigned to a particular area is crucial to limiting liability.