Supplier Basics
All suppliers should be familiar with the following information.
Bidding process
It is U-M policy to bid any good or service that costs $50,000 or more. Procurement Services is the only organization authorized to conduct a competitive bidding process. Decisions to award purchase orders are based on many factors, including, but not limited to, service, price, location, delivery, terms and conditions, and a supplier’s compliance with U-M specifications. Competitive bidding allows U-M to properly survey the marketplace and purchase goods and services at fair and reasonable prices. Competitive bidding also ensures that U-M complies with federal, state, and university requirements.
Units may also request that Procurement Services conduct a competitive bid process for transactions of $50,000 or less. See SPG 507.01 for more information.
Conflict of interest
It is the policy of both Procurement Services and UMH Contracts and Procurement to address potential or actual conflicts of interest with suppliers promptly and fairly in order to ensure that they are reduced, managed, or eliminated as appropriate in accordance with SPG 507.01.
The state of Michigan statute, MCLA 15.322 et seq., which has been in effect since 1984, was last amended in 1992. It states that U-M may not enter into a contract with any of its employees (or a company in which an employee has an interest) without first disclosing certain information and receiving approval by a two-thirds vote of the Board of Regents before completing the transaction. This disclosure is made a matter of public record in the Regents’ Proceedings.
Electronic bidding
U-M is now using an online sourcing system to request quotes, proposals, and information from existing and potential suppliers. Visit the Electronic Bidding page to learn more.
Healthcare suppliers
Suppliers doing business with U-M units that provide healthcare services are required to comply with federal and state laws designed to prevent and detect fraud, waste, and abuse. Promptly notify appropriate university officials via the U-M Compliance Hotline if any compliance-related concerns arise.
Detailed information about U-M compliance standards for suppliers are posted on the Michigan Medicine Vendor Ethics and Compliance webpage. The site lists the various policies on conflict of interest disclosure and management, patient privacy, supplier/employee interactions, and appropriate conduct with which suppliers are expected to comply.
Questions about the university’s healthcare compliance policies may be directed to the UMHS chief compliance officer by phone at (734) 615-4400 or by email at [email protected].
Suppliers doing business with and accessing the University of Michigan Hospital and Health Centers (UMHHC) must register with the UMHHC Vendor Credentialing System prior to visiting the facility. When representatives visit any University of Michigan Hospital and Health Centers location, they are required to register at the designated check-in area. The representative will have to have an up-to-date profile in the Vendor Credentialing System to check in and access the location.
Please advise the person responsible for managing your organization’s relationship with Michigan Medicine to register.
HIPAA compliance
The Health Insurance Portability and Accountability Act of 1996, or HIPAA, is the federal law that governs patient privacy. Suppliers doing work for the university that have access to our patients’ protected health information (PHI) are considered business associates and are therefore required to complete a Business Associate agreement with U-M. For more information regarding HIPAA compliance, please visit our HIPAA section.
Information Security Requirements
The University of Michigan’s Information Security policy (SPG 601.27) and the U-M IT security standards apply to all U-M units, faculty, staff, and vendors with access to U-M institutional data or the U-M IT network. Federal or state regulations and contractual agreements may require additional actions exceeding those currently published in U-M’s policies and standards.
Suppliers are responsible for working directly with the requesting department’s IT contact to ensure the solution(s) provided meet or exceed the applicable policies, standards, and regulatory requirements. In some cases, U-M may require a security assessment to identify and verify security controls, along with documenting any control gaps requiring remediation.
Security assessments for Michigan Medicine may differ from U-M units due to regulatory requirements. Suppliers are expected to provide documentation demonstrating compliance with Michigan Medicine-specific security requirements. Failure to clearly demonstrate alignment with security requirements may result in removing suppliers from consideration.
The following are some examples of supporting documentation:
- Third-Party security certifications (ISO27001, HITRUST) or accredited third-party audits (SOC2 Type 2) that satisfy U-M Data Standard (DS)-20 service provider security compliance standards
- Adherence to established cybersecurity standards (e.g., NIST, ISO, PCIDSS, etc.)
- Company policies and procedures demonstrating the implementation and operation of security systems
- System and Organization Controls (SOC)
- Software Bill of Materials (SBOM)
- Security Whitepaper
- Architectural Diagram
- Dataflow Diagram
- Business Continuity Practices
- User Manual(s)
- Manufacturer Disclosure Statement for Medical Device Security (MDS2)
Please review the Third-Party Vendor Security & Compliance and the Minimum Information Security Requirements for Systems, Applications, and Data pages for more information.
Insurance requirements
Basic insurance requirements can be found in Section 8.0 of Basic Terms and Conditions for Product Purchase & Installation and Section 9.0 of Basic Terms and Conditions for Services. Additional insurance requirements may be needed based on the service or product being purchased.
Invoicing requirements
Suppliers should refer to their U-M contract or purchase order (PO) for the applicable invoice method.
Submit invoices via email to Accounts Payable at the Shared Services Center (SSC). If, however, email is not an option, suppliers may mail invoices to:
SSC Accounts Payable
3003 S. State Street
Ann Arbor, MI 48109-1282
Suppliers are advised to invoice against the purchase order they receive. For more information related to invoicing requirements, visit the Shared Services website and click on Pay an invoice.
Made in Michigan
Procurement Services has a number of University-Wide contracts with Michigan suppliers, offering a wide range of products and services.
Payment terms and methods
Standard Payment Terms: Payment shall not be due prior to thirty (30) days (a) from the date the invoice is received by U-M at the address indicated in the “Bill To” field on the face of the purchase order and is further qualified by the applicable purchase terms and conditions. The standard payment method is a UM-issued check.
Alternate Card-Based Payment Methods: U-M offers several alternate electronic card-based payment methods through its banking partners. These programs are available with accelerated payment terms of net15 and eliminate check payments. Two programs are available through American Express: Buyer Initiated Payment (BIP) and a virtual card program Synaptic/Paygenus. JP Morgan Chase offers a virtual card program.
Please refer to the linked endorsement letters for additional details and information for enrolling in any of these programs. U-M does not charge any fees to suppliers for participation. Any supplier fees associated with these programs would be governed by a supplier’s respective merchant agreement with the bank.
EFT-ACH: This method may be available to suppliers with negotiated supplier agreements and may require deferred and discounted payment terms.
Wire Transfer: This method is available for select international payments and any fees associated with the transfers are charged to the originating unit.
Procurement authority
Procurement Services is the sole agency authorized to make commitments against university accounts for the procurement of goods and services. Only Procurement Services has the authority to negotiate, sign, and amend any procurement agreements on behalf of U-M.
For goods and services of less than $50,000, purchasing authority has been delegated to individual university units. Departments may make one-time purchases of less than $50,000 per transaction.
Some types of purchases are restricted (e.g. some types of lab supplies) and will need to be reviewed by other U-M units, regardless of the dollar amount.
Schedule a meeting
Signature authority
Departments have not been delegated signature authority and do not have the authority to sign agreements.
Supplier certification (Substitute W-9) form
Suppliers (both new and existing) may periodically need to provide a completed Substitute W-9 form to Procurement Services in order to make a purchase or for payment of goods or services.
For more information on filling out or submitting the Substitute W-9, please contact the SSC Supplier Management team at [email protected] or, if you are already working with Procurement Services, [email protected].
Supplier code of conduct
U-M has a longstanding commitment to sound, ethical, and socially responsible practices. The ideal university-supplier partnership is founded on mutually agreeable and important goals based on these practices. To clearly define these practices for U-M suppliers, the President’s Task Force on Purchasing Ethics and Policies developed the University of Michigan Vendor Code of Conduct.
Supplier diversity & Sustainable purchasing
Procurement Services actively pursues supplier diversity and also welcomes opportunities for small businesses to participate in the university’s procurement of goods and services. For more information, please visit the Supplier Diversity and the Sustainable Purchasing pages.
Supplier portal
Supplier Portal enables suppliers under contract with U-M to:
- Review orders, invoices, and payment information
- Maintain supplier information, including contacts, addresses, and user access IDs
Supplier terminology
Request for Information (RFI): An informal process for solicitating information or ideas from suppliers. Requests for pricing are for budgetary purposes only.
Request for Proposal (RFP): A formal process for obtaining pricing and proposals from suppliers for goods or services. Evaluations of proposals are made against established criteria and may include supplier presentations and interviews. Proposal selection may be based on a variety of factors, including price.
Request for Quotation (RFQ): A formal process for soliciting pricing and delivery information on goods or services. Detailed specifications and delivery requirements are provided in the RFQ documentation. Supplier responses are evaluated against the specifications. The award is based on the most competitive bid that complies with U-M specifications.
Tax exempt
U-M is a tax-exempt institution, granted such status by authorized taxing units of the state of Michigan, and is exempt from Federal Excise Tax and Michigan General Sales Tax (see Michigan Public Act 167 of 1933, section 4 as amended).
M-Marketsite Statements of Work – Hosted and Punch Out Suppliers
M-Marketsite Hosted Supplier: Supplier will participate in and receive orders from the University’s online ordering system, M-Marketsite. Supplier will provide and maintain catalog information to be hosted on the site as defined in Hosted Statement of Work.
M-Marketsite Punch-out Supplier: Supplier will participate in and receive orders from the University’s online ordering system, M-Marketsite. Supplier will provide and maintain a University specific online catalog to be accessed through a punch-out from M-marketsite as defined in Punch Out Statement of Work.