NASA Federal Acquisition Regulation Supplement; Correction, 43031-43033 [2015-17717]

Download as PDF Federal Register / Vol. 80, No. 139 / Tuesday, July 21, 2015 / Rules and Regulations § 1.1911 Demand for payment. * * * * * (d) The Commission may, as circumstances and the nature of the debt permit, include in demand letters such items as the Commission’s willingness to discuss alternative methods of payment; its policies with respect to the use of credit bureaus, debt collection centers, and collection agencies; the Commission’s remedies to enforce payment of the debt (including assessment of interest, administrative costs and penalties, administrative garnishment, the use of collection agencies, Federal salary offset, tax refund offset, administrative offset, and litigation); the requirement that any debt delinquent for more than 120 days be transferred to the Department of the Treasury for collection; and, depending on applicable statutory authority, the debtor’s entitlement to consideration of a waiver. Where applicable, the debtor will be provided with a period of time (normally not more than 15 calendar days) from the date of the demand in which to exercise the opportunity to request a review. * * * * * ■ 3. Revise § 1.1912(b)(1) to read as follows: § 1.1912 offset. Collection by administrative * * * * * (b) Mandatory centralized administrative offset. (1) The Commission is required to refer past due, legally enforceable nontax debts which are over 120 days delinquent to the Treasury for collection by centralized administrative offset. Debts which are less than 120 days delinquent also may be referred to the Treasury for this purpose. See FCCS for debt certification requirements. * * * * * ■ 4. Revise § 1.1917(c) to read as follows: § 1.1917 Referrals to the Department of Justice and transfer of delinquent debt to the Secretary of Treasury. asabaliauskas on DSK5VPTVN1PROD with RULES * * * * * (c) All non-tax debts of claims owed to the Commission that have been delinquent for a period of 120 days shall be transferred to the Secretary of the Treasury. Debts which are less than 120 days delinquent may also be referred to the Treasury. Upon such transfer the Secretary of the Treasury shall take appropriate action to collect or terminate collection actions on the debt or claim. A debt is past-due if it has not been paid by the date specified in the Commission’s initial written demand for VerDate Sep<11>2014 16:53 Jul 20, 2015 Jkt 235001 payment or applicable agreement or instrument (including a postdelinquency payment agreement) unless other satisfactory payment arrangements have been made. [FR Doc. 2015–17288 Filed 7–20–15; 8:45 am] BILLING CODE 6712–01–P NATIONAL AERONAUTICS AND SPACE ADMINISTRATION 48 CFR Parts 1837 and 1852 43031 removed in error and need to be restored. NASA is not altering these policies and regulations, but rather, correcting an inadvertent deletion. This document corrects the final rule by revising these sections. List of Subject in 48 CFR Parts 1837 and 1852 Government procurement. Cynthia Boots, Alternate Federal Register Liaison. RIN 2700–AE01 and 2700–AE09 Accordingly, 48 CFR parts 1837 and 1852 are amended as follows: NASA Federal Acquisition Regulation Supplement; Correction PART 1837—SERVICE CONTRACTING National Aeronautics and Space Administration. ACTION: Correcting amendments. AGENCY: The National Aeronautics and Space Administration (NASA) published a final rule in the Federal Register on Thursday, March 12, 2015 (80 FR 12935), as part of the NASA Federal Acquisition Regulation Supplement (NFS) regulatory review. That document (80 FR 12835) inadvertently removed sections of the NFS that relate to access and release of sensitive information in the performance of advisory and assistance services in NFS parts 1837 and 1852. This document corrects the final rule by reinstating these original sections of the regulation. DATES: Effective: July 21, 2015. FOR FURTHER INFORMATION CONTACT: Marilyn J. Seppi, NASA, Office of Procurement, Contract and Grant Policy Division, via email at marilyn.j.seppi-1@ nasa.gov, or telephone (202) 358–0447. SUPPLEMENTARY INFORMATION: SUMMARY: 1. The authority citation for part 1837 is revised to read as follows: ■ Authority: 51 U.S.C. 20113(a) and 48 CFR chapter 1. 2. Revise subpart 1837.2 to read as follows: ■ Subpart 1837.2—Advisory and Assistance Services Sec. 1837.203 Policy. 1837.203–70 Providing contractors access to sensitive information. 1837.303–71 Release of contractors’ sensitive information. 1837.203–72 NASA contract clauses. Subpart 1837.2—Advisory and Assistance Services 1837.203 Policy. (c) Advisory and assistance services of individual experts and consultants shall normally be obtained by appointment rather than by contract (see NPR 3300.1, Appointment of Personnel To/From NASA, Chapter 4, Employment of Experts and Consultants). I. Background 1837.203–70 Providing contractors access to sensitive information. NASA published a final rule in the Federal Register on March 12, 2015, inadvertently removing from the Code of Federal Regulations (CFR) those sections of the NASA FAR Supplement that contained information related to access and release of sensitive information while performing contracted advisory and assistance contracts. As published, the rule contains errors due to inadvertent deletion of text that needs to be corrected. Specifically, in amendatory instruction 49 on page 12944 of that final rule, NFS sections 1837.203–70, 1837.203–71, and 1837.203–72 were erroneously deleted and need to be restored. In addition, in amendatory instruction 94 on page 12953 of the final rule, the associated clauses at NFS 1852.237–72 and 1852.237–73 were also (a)(1) As used in this subpart, ‘‘sensitive information’’ refers to information that the contractor has developed at private expense or that the Government has generated that qualifies for an exception to the Freedom of Information Act, which is not currently in the public domain, may embody trade secrets or commercial or financial information, and may be sensitive or privileged, the disclosure of which is likely to have either of the following effects: To impair the Government’s ability to obtain this type of information in the future; or to cause substantial harm to the competitive position of the person from whom the information was obtained. The term is not intended to resemble the markings of national security documents as in sensitivesecret-top secret. PO 00000 Frm 00025 Fmt 4700 Sfmt 4700 E:\FR\FM\21JYR1.SGM 21JYR1 asabaliauskas on DSK5VPTVN1PROD with RULES 43032 Federal Register / Vol. 80, No. 139 / Tuesday, July 21, 2015 / Rules and Regulations (2) As used in this subpart, ‘‘requiring organization’’ refers to the NASA organizational element or activity that requires specified services to be provided. (3) As used in this subpart, ‘‘service provider’’ refers to the service contractor that receives sensitive information from NASA to provide services to the requiring organization. (b)(1) To support management activities and administrative functions, NASA relies on numerous service providers. These contractors may require access to sensitive information in the Government’s possession, which may be entitled to protection from unauthorized use or disclosure. (2) As an initial step, the requiring organization shall identify when needed services may entail access to sensitive information and shall determine whether providing access is necessary for accomplishing the Agency’s mission. The requiring organization shall review any service provider requests for access to information to determine whether the access is necessary and whether the information requested is considered ‘‘sensitive’’ as defined in paragraph (a)(1) of this section. (c) When the requiring organization determines that providing specified services will entail access to sensitive information, the solicitation shall require each potential service provider to submit with its proposal a preliminary analysis of possible organizational conflicts of interest that might flow from the award of a contract. After selection, or whenever it becomes clear that performance will necessitate access to sensitive information, the service provider must submit a comprehensive organizational conflicts of interest avoidance plan. (d) This comprehensive plan shall incorporate any previous studies performed, shall thoroughly analyze all organizational conflicts of interest that might arise because the service provider has access to other companies’ sensitive information, and shall establish specific methods to control, mitigate, or eliminate all problems identified. The contracting officer, with advice from Center counsel, shall review the plan for completeness and identify to the service provider substantive weaknesses and omissions for necessary correction. Once the service provider has corrected the substantive weaknesses and omissions, the contracting officer shall incorporate the revised plan into the contract, as a compliance document. (e) If the service provider will be operating an information technology system for NASA that contains sensitive information, the operating contract shall VerDate Sep<11>2014 17:50 Jul 20, 2015 Jkt 235001 include the clause at 1852.204–76, Security Requirements for Unclassified Information Technology Resources, which requires the implementation of an Information Technology Security Plan to protect information processed, stored, or transmitted from unauthorized access, alteration, disclosure, or use. (f) NASA will monitor performance to assure any service provider that requires access to sensitive information follows the steps outlined in the clause at 1852.237–72, Access to Sensitive Information, to protect the information from unauthorized use or disclosure. 1837.203–71 Release of contractors’ sensitive information. Pursuant to the clause at 1852.237–73, Release of Sensitive Information, offerors and contractors agree that NASA may release their sensitive information when requested by service providers in accordance with the procedures prescribed in 1837.203–70 and subject to the safeguards and protections delineated in the clause at 1852.237–72, Access to Sensitive Information. As required by the clause at 1852.237–73, or other contract clause or solicitation provision, contractors must identify information they claim to be ‘‘sensitive’’ submitted as part of a proposal or in the course of performing a contract. The contracting officer shall evaluate all contractor claims of sensitivity in deciding how NASA should respond to requests from service providers for access to information. 1837.203–72 NASA contract clauses. (a) The contracting officer shall insert the clause at 1852.237–72, Access to Sensitive Information, in all solicitations and contracts for services that may require access to sensitive information belonging to other companies or generated by the Government. (b) The contracting officer shall insert the clause at 1852.237–73, Release of Sensitive Information, in all solicitations, contracts, and basic ordering agreements. PART 1852—SOLICITATION PROVISIONS AND CONTRACT CLAUSES 3. The authority citation for part 1852 continues to read as follows: ■ Authority: 51 U.S.C. 20113(a) and 48 CFR chapter 1. 4. In subpart 1852.2, add sections 1852.237–72 and 1852.237–73 to read as follows: ■ PO 00000 Frm 00026 Fmt 4700 Sfmt 4700 1852.237–72 Information. Access to Sensitive As prescribed in 1837.203–72(a), insert the following clause: ACCESS TO SENSITIVE INFORMATION (JUNE 2005) (a) As used in this clause, ‘‘sensitive information’’ refers to information that a contractor has developed at private expense, or that the Government has generated that qualifies for an exception to the Freedom of Information Act, which is not currently in the public domain, and which may embody trade secrets or commercial or financial information, and which may be sensitive or privileged. (b) To assist NASA in accomplishing management activities and administrative functions, the Contractor shall provide the services specified elsewhere in this contract. (c) If performing this contract entails access to sensitive information, as defined above, the Contractor agrees to— (1) Utilize any sensitive information coming into its possession only for the purposes of performing the services specified in this contract, and not to improve its own competitive position in another procurement. (2) Safeguard sensitive information coming into its possession from unauthorized use and disclosure. (3) Allow access to sensitive information only to those employees that need it to perform services under this contract. (4) Preclude access and disclosure of sensitive information to persons and entities outside of the Contractor’s organization. (5) Train employees who may require access to sensitive information about their obligations to utilize it only to perform the services specified in this contract and to safeguard it from unauthorized use and disclosure. (6) Obtain a written affirmation from each employee that he/she has received and will comply with training on the authorized uses and mandatory protections of sensitive information needed in performing this contract. (7) Administer a monitoring process to ensure that employees comply with all reasonable security procedures, report any breaches to the Contracting Officer, and implement any necessary corrective actions. (d) The Contractor will comply with all procedures and obligations specified in its Organizational Conflicts of Interest Avoidance Plan, which this contract incorporates as a compliance document. (e) The nature of the work on this contract may subject the Contractor and its employees to a variety of laws and regulations relating to ethics, conflicts of interest, corruption, and other criminal or civil matters relating to the award and administration of government contracts. Recognizing that this contract establishes a high standard of accountability and trust, the Government will carefully review the Contractor’s performance in relation to the mandates and restrictions found in these laws and regulations. Unauthorized uses or disclosures of sensitive information may result in termination of this E:\FR\FM\21JYR1.SGM 21JYR1 Federal Register / Vol. 80, No. 139 / Tuesday, July 21, 2015 / Rules and Regulations contract for default, or in debarment of the Contractor for serious misconduct affecting present responsibility as a government contractor. (f) The Contractor shall include the substance of this clause, including this paragraph (f), suitably modified to reflect the relationship of the parties, in all subcontracts that may involve access to sensitive information. (End of clause) 1852.237–73 Information. Release of Sensitive As prescribed in 1837.203–72(b), insert the following clause: RELEASE OF SENSITIVE INFORMATION asabaliauskas on DSK5VPTVN1PROD with RULES (JUNE 2005) (a) As used in this clause, ‘‘sensitive information’’ refers to information, not currently in the public domain, that the Contractor has developed at private expense, that may embody trade secrets or commercial or financial information, and that may be sensitive or privileged. (b) In accomplishing management activities and administrative functions, NASA relies heavily on the support of various service providers. To support NASA activities and functions, these service providers, as well as their subcontractors and their individual employees, may need access to sensitive information submitted by the Contractor under this contract. By submitting this proposal or performing this contract, the Contractor agrees that NASA may release to its service providers, their subcontractors, and their individual employees, sensitive information submitted during the course of this procurement, subject to the enumerated protections mandated by the clause at 1852.237–72, Access to Sensitive Information. (c)(1) The Contractor shall identify any sensitive information submitted in support of this proposal or in performing this contract. For purposes of identifying sensitive information, the Contractor may, in addition to any other notice or legend otherwise required, use a notice similar to the following: Mark the title page with the following legend: This proposal or document includes sensitive information that NASA shall not disclose outside the Agency and its service providers that support management activities and administrative functions. To gain access to this sensitive information, a service provider’s contract must contain the clause at NFS 1852.237–72, Access to Sensitive Information. Consistent with this clause, the service provider shall not duplicate, use, or disclose the information in whole or in part for any purpose other than to perform the services specified in its contract. This restriction does not limit the Government’s right to use this information if it is obtained from another source without restriction. The information subject to this restriction is contained in pages [insert page numbers or other identification of pages]. VerDate Sep<11>2014 17:50 Jul 20, 2015 Jkt 235001 Mark each page of sensitive information the Contractor wishes to restrict with the following legend: Use or disclosure of sensitive information contained on this page is subject to the restriction on the title page of this proposal or document. (2) The Contracting Officer shall evaluate the facts supporting any claim that particular information is ‘‘sensitive.’’ This evaluation shall consider the time and resources necessary to protect the information in accordance with the detailed safeguards mandated by the clause at 1852.237–72, Access to Sensitive Information. However, unless the Contracting Officer decides, with the advice of Center counsel, that reasonable grounds exist to challenge the Contractor’s claim that particular information is sensitive, NASA and its service providers and their employees shall comply with all of the safeguards contained in paragraph (d) of this clause. (d) To receive access to sensitive information needed to assist NASA in accomplishing management activities and administrative functions, the service provider must be operating under a contract that contains the clause at 1852.237–72, Access to Sensitive Information. This clause obligates the service provider to do the following: (1) Comply with all specified procedures and obligations, including the Organizational Conflicts of Interest Avoidance Plan, which the contract has incorporated as a compliance document. (2) Utilize any sensitive information coming into its possession only for the purpose of performing the services specified in its contract. (3) Safeguard sensitive information coming into its possession from unauthorized use and disclosure. (4) Allow access to sensitive information only to those employees that need it to perform services under its contract. (5) Preclude access and disclosure of sensitive information to persons and entities outside of the service provider’s organization. (6) Train employees who may require access to sensitive information about their obligations to utilize it only to perform the services specified in its contract and to safeguard it from unauthorized use and disclosure. (7) Obtain a written affirmation from each employee that he/she has received and will comply with training on the authorized uses and mandatory protections of sensitive information needed in performing this contract. (8) Administer a monitoring process to ensure that employees comply with all reasonable security procedures, report any breaches to the Contracting Officer, and implement any necessary corrective actions. (e) When the service provider will have primary responsibility for operating an information technology system for NASA that contains sensitive information, the service provider’s contract shall include the clause at 1852.204–76, Security Requirements for Unclassified Information Technology Resources. The Security Requirements clause requires the service provider to implement an Information PO 00000 Frm 00027 Fmt 4700 Sfmt 4700 43033 Technology Security Plan to protect information processed, stored, or transmitted from unauthorized access, alteration, disclosure, or use. Service provider personnel requiring privileged access or limited privileged access to these information technology systems are subject to screening using the standard National Agency Check (NAC) forms appropriate to the level of risk for adverse impact to NASA missions. The Contracting Officer may allow the service provider to conduct its own screening, provided the service provider employs substantially equivalent screening procedures. (f) This clause does not affect NASA’s responsibilities under the Freedom of Information Act. (g) The Contractor shall insert this clause, including this paragraph (g), suitably modified to reflect the relationship of the parties, in all subcontracts that may require the furnishing of sensitive information. (End of clause) [FR Doc. 2015–17717 Filed 7–20–15; 8:45 am] BILLING CODE 7510–13–P DEPARTMENT OF COMMERCE National Oceanic and Atmospheric Administration 50 CFR Part 622 [Docket No. 140611492–5605–02] RIN 0648–BE30 Fisheries of the Caribbean, Gulf of Mexico, and South Atlantic; SnapperGrouper Fishery Off the Southern Atlantic States; Regulatory Amendment 20 National Marine Fisheries Service (NMFS), National Oceanic and Atmospheric Administration (NOAA), Commerce. ACTION: Final rule. AGENCY: NMFS issues regulations to implement Regulatory Amendment 20 to the Fishery Management Plan for the Snapper-Grouper Fishery of the South Atlantic Region (FMP) (Regulatory Amendment 20), as prepared and submitted by the South Atlantic Fishery Management Council (Council). This final rule revises the snowy grouper annual catch limits (ACLs), commercial trip limit, and recreational fishing season. The purpose of this rule is to help achieve optimum yield (OY) and prevent overfishing of snowy grouper while enhancing socio-economic opportunities within the snappergrouper fishery. DATES: This rule is effective August 20, 2015. ADDRESSES: Electronic copies of the regulatory amendment, which includes SUMMARY: E:\FR\FM\21JYR1.SGM 21JYR1

Agencies

[Federal Register Volume 80, Number 139 (Tuesday, July 21, 2015)]
[Rules and Regulations]
[Pages 43031-43033]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-17717]


=======================================================================
-----------------------------------------------------------------------

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

48 CFR Parts 1837 and 1852

RIN 2700-AE01 and 2700-AE09


NASA Federal Acquisition Regulation Supplement; Correction

AGENCY: National Aeronautics and Space Administration.

ACTION: Correcting amendments.

-----------------------------------------------------------------------

SUMMARY: The National Aeronautics and Space Administration (NASA) 
published a final rule in the Federal Register on Thursday, March 12, 
2015 (80 FR 12935), as part of the NASA Federal Acquisition Regulation 
Supplement (NFS) regulatory review. That document (80 FR 12835) 
inadvertently removed sections of the NFS that relate to access and 
release of sensitive information in the performance of advisory and 
assistance services in NFS parts 1837 and 1852. This document corrects 
the final rule by reinstating these original sections of the 
regulation.

DATES: Effective: July 21, 2015.

FOR FURTHER INFORMATION CONTACT: Marilyn J. Seppi, NASA, Office of 
Procurement, Contract and Grant Policy Division, via email at 
marilyn.j.seppi-1@nasa.gov, or telephone (202) 358-0447.

SUPPLEMENTARY INFORMATION:

I. Background

    NASA published a final rule in the Federal Register on March 12, 
2015, inadvertently removing from the Code of Federal Regulations (CFR) 
those sections of the NASA FAR Supplement that contained information 
related to access and release of sensitive information while performing 
contracted advisory and assistance contracts. As published, the rule 
contains errors due to inadvertent deletion of text that needs to be 
corrected. Specifically, in amendatory instruction 49 on page 12944 of 
that final rule, NFS sections 1837.203-70, 1837.203-71, and 1837.203-72 
were erroneously deleted and need to be restored. In addition, in 
amendatory instruction 94 on page 12953 of the final rule, the 
associated clauses at NFS 1852.237-72 and 1852.237-73 were also removed 
in error and need to be restored. NASA is not altering these policies 
and regulations, but rather, correcting an inadvertent deletion. This 
document corrects the final rule by revising these sections.

List of Subject in 48 CFR Parts 1837 and 1852

    Government procurement.

Cynthia Boots,
Alternate Federal Register Liaison.

    Accordingly, 48 CFR parts 1837 and 1852 are amended as follows:

PART 1837--SERVICE CONTRACTING

0
1. The authority citation for part 1837 is revised to read as follows:

    Authority: 51 U.S.C. 20113(a) and 48 CFR chapter 1.


0
2. Revise subpart 1837.2 to read as follows:
Subpart 1837.2--Advisory and Assistance Services
Sec.
1837.203 Policy.
1837.203-70 Providing contractors access to sensitive information.
1837.303-71 Release of contractors' sensitive information.
1837.203-72 NASA contract clauses.

Subpart 1837.2--Advisory and Assistance Services


1837.203  Policy.

    (c) Advisory and assistance services of individual experts and 
consultants shall normally be obtained by appointment rather than by 
contract (see NPR 3300.1, Appointment of Personnel To/From NASA, 
Chapter 4, Employment of Experts and Consultants).


1837.203-70  Providing contractors access to sensitive information.

    (a)(1) As used in this subpart, ``sensitive information'' refers to 
information that the contractor has developed at private expense or 
that the Government has generated that qualifies for an exception to 
the Freedom of Information Act, which is not currently in the public 
domain, may embody trade secrets or commercial or financial 
information, and may be sensitive or privileged, the disclosure of 
which is likely to have either of the following effects: To impair the 
Government's ability to obtain this type of information in the future; 
or to cause substantial harm to the competitive position of the person 
from whom the information was obtained. The term is not intended to 
resemble the markings of national security documents as in sensitive-
secret-top secret.

[[Page 43032]]

    (2) As used in this subpart, ``requiring organization'' refers to 
the NASA organizational element or activity that requires specified 
services to be provided.
    (3) As used in this subpart, ``service provider'' refers to the 
service contractor that receives sensitive information from NASA to 
provide services to the requiring organization.
    (b)(1) To support management activities and administrative 
functions, NASA relies on numerous service providers. These contractors 
may require access to sensitive information in the Government's 
possession, which may be entitled to protection from unauthorized use 
or disclosure.
    (2) As an initial step, the requiring organization shall identify 
when needed services may entail access to sensitive information and 
shall determine whether providing access is necessary for accomplishing 
the Agency's mission. The requiring organization shall review any 
service provider requests for access to information to determine 
whether the access is necessary and whether the information requested 
is considered ``sensitive'' as defined in paragraph (a)(1) of this 
section.
    (c) When the requiring organization determines that providing 
specified services will entail access to sensitive information, the 
solicitation shall require each potential service provider to submit 
with its proposal a preliminary analysis of possible organizational 
conflicts of interest that might flow from the award of a contract. 
After selection, or whenever it becomes clear that performance will 
necessitate access to sensitive information, the service provider must 
submit a comprehensive organizational conflicts of interest avoidance 
plan.
    (d) This comprehensive plan shall incorporate any previous studies 
performed, shall thoroughly analyze all organizational conflicts of 
interest that might arise because the service provider has access to 
other companies' sensitive information, and shall establish specific 
methods to control, mitigate, or eliminate all problems identified. The 
contracting officer, with advice from Center counsel, shall review the 
plan for completeness and identify to the service provider substantive 
weaknesses and omissions for necessary correction. Once the service 
provider has corrected the substantive weaknesses and omissions, the 
contracting officer shall incorporate the revised plan into the 
contract, as a compliance document.
    (e) If the service provider will be operating an information 
technology system for NASA that contains sensitive information, the 
operating contract shall include the clause at 1852.204-76, Security 
Requirements for Unclassified Information Technology Resources, which 
requires the implementation of an Information Technology Security Plan 
to protect information processed, stored, or transmitted from 
unauthorized access, alteration, disclosure, or use.
    (f) NASA will monitor performance to assure any service provider 
that requires access to sensitive information follows the steps 
outlined in the clause at 1852.237-72, Access to Sensitive Information, 
to protect the information from unauthorized use or disclosure.


1837.203-71  Release of contractors' sensitive information.

    Pursuant to the clause at 1852.237-73, Release of Sensitive 
Information, offerors and contractors agree that NASA may release their 
sensitive information when requested by service providers in accordance 
with the procedures prescribed in 1837.203-70 and subject to the 
safeguards and protections delineated in the clause at 1852.237-72, 
Access to Sensitive Information. As required by the clause at 1852.237-
73, or other contract clause or solicitation provision, contractors 
must identify information they claim to be ``sensitive'' submitted as 
part of a proposal or in the course of performing a contract. The 
contracting officer shall evaluate all contractor claims of sensitivity 
in deciding how NASA should respond to requests from service providers 
for access to information.


1837.203-72  NASA contract clauses.

    (a) The contracting officer shall insert the clause at 1852.237-72, 
Access to Sensitive Information, in all solicitations and contracts for 
services that may require access to sensitive information belonging to 
other companies or generated by the Government.
    (b) The contracting officer shall insert the clause at 1852.237-73, 
Release of Sensitive Information, in all solicitations, contracts, and 
basic ordering agreements.

PART 1852--SOLICITATION PROVISIONS AND CONTRACT CLAUSES

0
3. The authority citation for part 1852 continues to read as follows:

    Authority: 51 U.S.C. 20113(a) and 48 CFR chapter 1.


0
4. In subpart 1852.2, add sections 1852.237-72 and 1852.237-73 to read 
as follows:


1852.237-72  Access to Sensitive Information.

    As prescribed in 1837.203-72(a), insert the following clause:

ACCESS TO SENSITIVE INFORMATION

    (JUNE 2005)

    (a) As used in this clause, ``sensitive information'' refers to 
information that a contractor has developed at private expense, or 
that the Government has generated that qualifies for an exception to 
the Freedom of Information Act, which is not currently in the public 
domain, and which may embody trade secrets or commercial or 
financial information, and which may be sensitive or privileged.
    (b) To assist NASA in accomplishing management activities and 
administrative functions, the Contractor shall provide the services 
specified elsewhere in this contract.
    (c) If performing this contract entails access to sensitive 
information, as defined above, the Contractor agrees to--
    (1) Utilize any sensitive information coming into its possession 
only for the purposes of performing the services specified in this 
contract, and not to improve its own competitive position in another 
procurement.
    (2) Safeguard sensitive information coming into its possession 
from unauthorized use and disclosure.
    (3) Allow access to sensitive information only to those 
employees that need it to perform services under this contract.
    (4) Preclude access and disclosure of sensitive information to 
persons and entities outside of the Contractor's organization.
    (5) Train employees who may require access to sensitive 
information about their obligations to utilize it only to perform 
the services specified in this contract and to safeguard it from 
unauthorized use and disclosure.
    (6) Obtain a written affirmation from each employee that he/she 
has received and will comply with training on the authorized uses 
and mandatory protections of sensitive information needed in 
performing this contract.
    (7) Administer a monitoring process to ensure that employees 
comply with all reasonable security procedures, report any breaches 
to the Contracting Officer, and implement any necessary corrective 
actions.
    (d) The Contractor will comply with all procedures and 
obligations specified in its Organizational Conflicts of Interest 
Avoidance Plan, which this contract incorporates as a compliance 
document.
    (e) The nature of the work on this contract may subject the 
Contractor and its employees to a variety of laws and regulations 
relating to ethics, conflicts of interest, corruption, and other 
criminal or civil matters relating to the award and administration 
of government contracts. Recognizing that this contract establishes 
a high standard of accountability and trust, the Government will 
carefully review the Contractor's performance in relation to the 
mandates and restrictions found in these laws and regulations. 
Unauthorized uses or disclosures of sensitive information may result 
in termination of this

[[Page 43033]]

contract for default, or in debarment of the Contractor for serious 
misconduct affecting present responsibility as a government 
contractor.
    (f) The Contractor shall include the substance of this clause, 
including this paragraph (f), suitably modified to reflect the 
relationship of the parties, in all subcontracts that may involve 
access to sensitive information.


(End of clause)


1852.237-73  Release of Sensitive Information.

    As prescribed in 1837.203-72(b), insert the following clause:

RELEASE OF SENSITIVE INFORMATION

    (JUNE 2005)

    (a) As used in this clause, ``sensitive information'' refers to 
information, not currently in the public domain, that the Contractor 
has developed at private expense, that may embody trade secrets or 
commercial or financial information, and that may be sensitive or 
privileged.
    (b) In accomplishing management activities and administrative 
functions, NASA relies heavily on the support of various service 
providers. To support NASA activities and functions, these service 
providers, as well as their subcontractors and their individual 
employees, may need access to sensitive information submitted by the 
Contractor under this contract. By submitting this proposal or 
performing this contract, the Contractor agrees that NASA may 
release to its service providers, their subcontractors, and their 
individual employees, sensitive information submitted during the 
course of this procurement, subject to the enumerated protections 
mandated by the clause at 1852.237-72, Access to Sensitive 
Information.
    (c)(1) The Contractor shall identify any sensitive information 
submitted in support of this proposal or in performing this 
contract. For purposes of identifying sensitive information, the 
Contractor may, in addition to any other notice or legend otherwise 
required, use a notice similar to the following:
    Mark the title page with the following legend:
    This proposal or document includes sensitive information that 
NASA shall not disclose outside the Agency and its service providers 
that support management activities and administrative functions. To 
gain access to this sensitive information, a service provider's 
contract must contain the clause at NFS 1852.237-72, Access to 
Sensitive Information. Consistent with this clause, the service 
provider shall not duplicate, use, or disclose the information in 
whole or in part for any purpose other than to perform the services 
specified in its contract. This restriction does not limit the 
Government's right to use this information if it is obtained from 
another source without restriction. The information subject to this 
restriction is contained in pages [insert page numbers or other 
identification of pages].
    Mark each page of sensitive information the Contractor wishes to 
restrict with the following legend:
    Use or disclosure of sensitive information contained on this 
page is subject to the restriction on the title page of this 
proposal or document.
    (2) The Contracting Officer shall evaluate the facts supporting 
any claim that particular information is ``sensitive.'' This 
evaluation shall consider the time and resources necessary to 
protect the information in accordance with the detailed safeguards 
mandated by the clause at 1852.237-72, Access to Sensitive 
Information. However, unless the Contracting Officer decides, with 
the advice of Center counsel, that reasonable grounds exist to 
challenge the Contractor's claim that particular information is 
sensitive, NASA and its service providers and their employees shall 
comply with all of the safeguards contained in paragraph (d) of this 
clause.
    (d) To receive access to sensitive information needed to assist 
NASA in accomplishing management activities and administrative 
functions, the service provider must be operating under a contract 
that contains the clause at 1852.237-72, Access to Sensitive 
Information. This clause obligates the service provider to do the 
following:
    (1) Comply with all specified procedures and obligations, 
including the Organizational Conflicts of Interest Avoidance Plan, 
which the contract has incorporated as a compliance document.
    (2) Utilize any sensitive information coming into its possession 
only for the purpose of performing the services specified in its 
contract.
    (3) Safeguard sensitive information coming into its possession 
from unauthorized use and disclosure.
    (4) Allow access to sensitive information only to those 
employees that need it to perform services under its contract.
    (5) Preclude access and disclosure of sensitive information to 
persons and entities outside of the service provider's organization.
    (6) Train employees who may require access to sensitive 
information about their obligations to utilize it only to perform 
the services specified in its contract and to safeguard it from 
unauthorized use and disclosure.
    (7) Obtain a written affirmation from each employee that he/she 
has received and will comply with training on the authorized uses 
and mandatory protections of sensitive information needed in 
performing this contract.
    (8) Administer a monitoring process to ensure that employees 
comply with all reasonable security procedures, report any breaches 
to the Contracting Officer, and implement any necessary corrective 
actions.
    (e) When the service provider will have primary responsibility 
for operating an information technology system for NASA that 
contains sensitive information, the service provider's contract 
shall include the clause at 1852.204-76, Security Requirements for 
Unclassified Information Technology Resources. The Security 
Requirements clause requires the service provider to implement an 
Information Technology Security Plan to protect information 
processed, stored, or transmitted from unauthorized access, 
alteration, disclosure, or use. Service provider personnel requiring 
privileged access or limited privileged access to these information 
technology systems are subject to screening using the standard 
National Agency Check (NAC) forms appropriate to the level of risk 
for adverse impact to NASA missions. The Contracting Officer may 
allow the service provider to conduct its own screening, provided 
the service provider employs substantially equivalent screening 
procedures.
    (f) This clause does not affect NASA's responsibilities under 
the Freedom of Information Act.
    (g) The Contractor shall insert this clause, including this 
paragraph (g), suitably modified to reflect the relationship of the 
parties, in all subcontracts that may require the furnishing of 
sensitive information.


(End of clause)

[FR Doc. 2015-17717 Filed 7-20-15; 8:45 am]
BILLING CODE 7510-13-P
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.