← All articles

AI procurement: the questions to ask before signing any AI contract.

Most AI tools are bought on demo enthusiasm. The contracts that ship to legal are often inadequate. Here is the procurement checklist that prevents the predictable problems.

7 min read

If you procure AI tools for a team or organization, the contract is doing more work than people realize. AI vendors learned the playbook from the prior SaaS era. The boilerplate sometimes works in your favor and sometimes very much does not. Here is the checklist.

Data use and training

Question 1: Does the vendor train its models on your data? - Acceptable answers for enterprise tier: "No, unless you opt in." "No, ever." - Unacceptable: "Yes, but anonymized." (Anonymized has lost most of its protective meaning.) Or "we may use it to improve our services" without specifics.

Question 2: Is your input data ever displayed to other customers? - Acceptable: "No." - Unacceptable: anything vague.

Question 3: What is the data-retention policy? - Acceptable: 30-90 days for input/output logs by default; configurable to immediate deletion for sensitive workflows.

Security and compliance

Question 4: SOC 2 Type II? ISO 27001? HIPAA? FedRAMP? - Get the actual reports, not the badges. Read them.

Question 5: Where does data reside? - Specific regions, specific data centers. Not "the cloud."

Question 6: Is the data encrypted in transit and at rest with vendor-held keys, or can we hold our own? - BYOK / HYOK arrangements matter for some regulated industries.

Performance, accuracy, and accountability

Question 7: What SLAs are committed for availability, latency, and accuracy? - Availability and latency are normal SaaS SLAs. - Accuracy SLAs in AI are rare but emerging. Push for them on high-stakes use cases.

Question 8: Who owns the output? - Default for most vendors: customer owns output. Get this in writing. Some vendors retain training rights on output unless you negotiate.

Question 9: What is the liability cap and the carve-outs? - Standard SaaS: liability capped at 12 months of fees. For AI, you may want carve-outs for IP infringement (some AI outputs have triggered copyright issues), data-breach liability, and indemnification for third-party claims arising from the AI's output.

Termination and exit

Question 10: What happens to our data on termination? - Acceptable: returned in standard format within 30 days, then deleted from vendor systems with attestation.

Question 11: What happens to derived assets (fine-tuned models, embeddings, custom prompts)? - These are increasingly disputed in contracts. Negotiate clearly.

Industry-specific addenda

For federal customers: FedRAMP authorization (or path-to-FedRAMP), DFARS 252.204-7012 compliance for CUI, BAA if PHI is in scope, FAR 52.224-3 privacy-training compatibility.

For healthcare: HIPAA BAA, HITECH compliance, state-specific addenda (California CMIA, Texas HB 300).

For financial services: SOC 2 Type II, PCI DSS if scoped, jurisdiction-specific (NY DFS Part 500, GLBA).

The single most important step

Have legal review every AI vendor contract before signing, even if the spend is small. The downside-tail risk is asymmetric.

The LearnTrainAI for Enterprises module on AI procurement walks teams through this checklist live.