language to manage risk & liability for third party use of network

[Justin Sipher <jsipher () STLAWU EDU>]

Hello InfoSec community.

Have any of you developed contractual language you’d be willing to share that manages institutional risk/liability for 
an authorized third party wanting to use your data network as transport for their sensitive information.  They are 
encrypting it, and we will segment it from the rest of the traffic, but we still feel we should have some language 
document this use and clarifying the fact that the institution has no responsibilities or liabilities in the event of 
the breach of their system.

I know I can develop something but through I’d try to not reinvent the wheel.  ☺

Thanks all,
Justin
--------
Justin Sipher
Vice President, Libraries & Information Technology
St. Lawrence University