NASA Federal Acquisition Regulation Supplement; Correction, 43031-43033 [2015-17717]
Download as PDF
Federal Register / Vol. 80, No. 139 / Tuesday, July 21, 2015 / Rules and Regulations
§ 1.1911
Demand for payment.
*
*
*
*
*
(d) The Commission may, as
circumstances and the nature of the debt
permit, include in demand letters such
items as the Commission’s willingness
to discuss alternative methods of
payment; its policies with respect to the
use of credit bureaus, debt collection
centers, and collection agencies; the
Commission’s remedies to enforce
payment of the debt (including
assessment of interest, administrative
costs and penalties, administrative
garnishment, the use of collection
agencies, Federal salary offset, tax
refund offset, administrative offset, and
litigation); the requirement that any debt
delinquent for more than 120 days be
transferred to the Department of the
Treasury for collection; and, depending
on applicable statutory authority, the
debtor’s entitlement to consideration of
a waiver. Where applicable, the debtor
will be provided with a period of time
(normally not more than 15 calendar
days) from the date of the demand in
which to exercise the opportunity to
request a review.
*
*
*
*
*
■ 3. Revise § 1.1912(b)(1) to read as
follows:
§ 1.1912
offset.
Collection by administrative
*
*
*
*
*
(b) Mandatory centralized
administrative offset. (1) The
Commission is required to refer past
due, legally enforceable nontax debts
which are over 120 days delinquent to
the Treasury for collection by
centralized administrative offset. Debts
which are less than 120 days delinquent
also may be referred to the Treasury for
this purpose. See FCCS for debt
certification requirements.
*
*
*
*
*
■ 4. Revise § 1.1917(c) to read as
follows:
§ 1.1917 Referrals to the Department of
Justice and transfer of delinquent debt to
the Secretary of Treasury.
asabaliauskas on DSK5VPTVN1PROD with RULES
*
*
*
*
*
(c) All non-tax debts of claims owed
to the Commission that have been
delinquent for a period of 120 days shall
be transferred to the Secretary of the
Treasury. Debts which are less than 120
days delinquent may also be referred to
the Treasury. Upon such transfer the
Secretary of the Treasury shall take
appropriate action to collect or
terminate collection actions on the debt
or claim. A debt is past-due if it has not
been paid by the date specified in the
Commission’s initial written demand for
VerDate Sep<11>2014
16:53 Jul 20, 2015
Jkt 235001
payment or applicable agreement or
instrument (including a postdelinquency payment agreement) unless
other satisfactory payment arrangements
have been made.
[FR Doc. 2015–17288 Filed 7–20–15; 8:45 am]
BILLING CODE 6712–01–P
NATIONAL AERONAUTICS AND
SPACE ADMINISTRATION
48 CFR Parts 1837 and 1852
43031
removed in error and need to be
restored. NASA is not altering these
policies and regulations, but rather,
correcting an inadvertent deletion. This
document corrects the final rule by
revising these sections.
List of Subject in 48 CFR Parts 1837 and
1852
Government procurement.
Cynthia Boots,
Alternate Federal Register Liaison.
RIN 2700–AE01 and 2700–AE09
Accordingly, 48 CFR parts 1837 and
1852 are amended as follows:
NASA Federal Acquisition Regulation
Supplement; Correction
PART 1837—SERVICE CONTRACTING
National Aeronautics and
Space Administration.
ACTION: Correcting amendments.
AGENCY:
The National Aeronautics and
Space Administration (NASA)
published a final rule in the Federal
Register on Thursday, March 12, 2015
(80 FR 12935), as part of the NASA
Federal Acquisition Regulation
Supplement (NFS) regulatory review.
That document (80 FR 12835)
inadvertently removed sections of the
NFS that relate to access and release of
sensitive information in the
performance of advisory and assistance
services in NFS parts 1837 and 1852.
This document corrects the final rule by
reinstating these original sections of the
regulation.
DATES: Effective: July 21, 2015.
FOR FURTHER INFORMATION CONTACT:
Marilyn J. Seppi, NASA, Office of
Procurement, Contract and Grant Policy
Division, via email at marilyn.j.seppi-1@
nasa.gov, or telephone (202) 358–0447.
SUPPLEMENTARY INFORMATION:
SUMMARY:
1. The authority citation for part 1837
is revised to read as follows:
■
Authority: 51 U.S.C. 20113(a) and 48 CFR
chapter 1.
2. Revise subpart 1837.2 to read as
follows:
■
Subpart 1837.2—Advisory and Assistance
Services
Sec.
1837.203 Policy.
1837.203–70 Providing contractors access
to sensitive information.
1837.303–71 Release of contractors’
sensitive information.
1837.203–72 NASA contract clauses.
Subpart 1837.2—Advisory and
Assistance Services
1837.203
Policy.
(c) Advisory and assistance services of
individual experts and consultants shall
normally be obtained by appointment
rather than by contract (see NPR 3300.1,
Appointment of Personnel To/From
NASA, Chapter 4, Employment of
Experts and Consultants).
I. Background
1837.203–70 Providing contractors access
to sensitive information.
NASA published a final rule in the
Federal Register on March 12, 2015,
inadvertently removing from the Code
of Federal Regulations (CFR) those
sections of the NASA FAR Supplement
that contained information related to
access and release of sensitive
information while performing
contracted advisory and assistance
contracts. As published, the rule
contains errors due to inadvertent
deletion of text that needs to be
corrected. Specifically, in amendatory
instruction 49 on page 12944 of that
final rule, NFS sections 1837.203–70,
1837.203–71, and 1837.203–72 were
erroneously deleted and need to be
restored. In addition, in amendatory
instruction 94 on page 12953 of the final
rule, the associated clauses at NFS
1852.237–72 and 1852.237–73 were also
(a)(1) As used in this subpart,
‘‘sensitive information’’ refers to
information that the contractor has
developed at private expense or that the
Government has generated that qualifies
for an exception to the Freedom of
Information Act, which is not currently
in the public domain, may embody
trade secrets or commercial or financial
information, and may be sensitive or
privileged, the disclosure of which is
likely to have either of the following
effects: To impair the Government’s
ability to obtain this type of information
in the future; or to cause substantial
harm to the competitive position of the
person from whom the information was
obtained. The term is not intended to
resemble the markings of national
security documents as in sensitivesecret-top secret.
PO 00000
Frm 00025
Fmt 4700
Sfmt 4700
E:\FR\FM\21JYR1.SGM
21JYR1
asabaliauskas on DSK5VPTVN1PROD with RULES
43032
Federal Register / Vol. 80, No. 139 / Tuesday, July 21, 2015 / Rules and Regulations
(2) As used in this subpart, ‘‘requiring
organization’’ refers to the NASA
organizational element or activity that
requires specified services to be
provided.
(3) As used in this subpart, ‘‘service
provider’’ refers to the service contractor
that receives sensitive information from
NASA to provide services to the
requiring organization.
(b)(1) To support management
activities and administrative functions,
NASA relies on numerous service
providers. These contractors may
require access to sensitive information
in the Government’s possession, which
may be entitled to protection from
unauthorized use or disclosure.
(2) As an initial step, the requiring
organization shall identify when needed
services may entail access to sensitive
information and shall determine
whether providing access is necessary
for accomplishing the Agency’s mission.
The requiring organization shall review
any service provider requests for access
to information to determine whether the
access is necessary and whether the
information requested is considered
‘‘sensitive’’ as defined in paragraph
(a)(1) of this section.
(c) When the requiring organization
determines that providing specified
services will entail access to sensitive
information, the solicitation shall
require each potential service provider
to submit with its proposal a
preliminary analysis of possible
organizational conflicts of interest that
might flow from the award of a contract.
After selection, or whenever it becomes
clear that performance will necessitate
access to sensitive information, the
service provider must submit a
comprehensive organizational conflicts
of interest avoidance plan.
(d) This comprehensive plan shall
incorporate any previous studies
performed, shall thoroughly analyze all
organizational conflicts of interest that
might arise because the service provider
has access to other companies’ sensitive
information, and shall establish specific
methods to control, mitigate, or
eliminate all problems identified. The
contracting officer, with advice from
Center counsel, shall review the plan for
completeness and identify to the service
provider substantive weaknesses and
omissions for necessary correction.
Once the service provider has corrected
the substantive weaknesses and
omissions, the contracting officer shall
incorporate the revised plan into the
contract, as a compliance document.
(e) If the service provider will be
operating an information technology
system for NASA that contains sensitive
information, the operating contract shall
VerDate Sep<11>2014
17:50 Jul 20, 2015
Jkt 235001
include the clause at 1852.204–76,
Security Requirements for Unclassified
Information Technology Resources,
which requires the implementation of
an Information Technology Security
Plan to protect information processed,
stored, or transmitted from
unauthorized access, alteration,
disclosure, or use.
(f) NASA will monitor performance to
assure any service provider that requires
access to sensitive information follows
the steps outlined in the clause at
1852.237–72, Access to Sensitive
Information, to protect the information
from unauthorized use or disclosure.
1837.203–71 Release of contractors’
sensitive information.
Pursuant to the clause at 1852.237–73,
Release of Sensitive Information,
offerors and contractors agree that
NASA may release their sensitive
information when requested by service
providers in accordance with the
procedures prescribed in 1837.203–70
and subject to the safeguards and
protections delineated in the clause at
1852.237–72, Access to Sensitive
Information. As required by the clause
at 1852.237–73, or other contract clause
or solicitation provision, contractors
must identify information they claim to
be ‘‘sensitive’’ submitted as part of a
proposal or in the course of performing
a contract. The contracting officer shall
evaluate all contractor claims of
sensitivity in deciding how NASA
should respond to requests from service
providers for access to information.
1837.203–72
NASA contract clauses.
(a) The contracting officer shall insert
the clause at 1852.237–72, Access to
Sensitive Information, in all
solicitations and contracts for services
that may require access to sensitive
information belonging to other
companies or generated by the
Government.
(b) The contracting officer shall insert
the clause at 1852.237–73, Release of
Sensitive Information, in all
solicitations, contracts, and basic
ordering agreements.
PART 1852—SOLICITATION
PROVISIONS AND CONTRACT
CLAUSES
3. The authority citation for part 1852
continues to read as follows:
■
Authority: 51 U.S.C. 20113(a) and 48 CFR
chapter 1.
4. In subpart 1852.2, add sections
1852.237–72 and 1852.237–73 to read as
follows:
■
PO 00000
Frm 00026
Fmt 4700
Sfmt 4700
1852.237–72
Information.
Access to Sensitive
As prescribed in 1837.203–72(a),
insert the following clause:
ACCESS TO SENSITIVE
INFORMATION
(JUNE 2005)
(a) As used in this clause, ‘‘sensitive
information’’ refers to information that a
contractor has developed at private expense,
or that the Government has generated that
qualifies for an exception to the Freedom of
Information Act, which is not currently in
the public domain, and which may embody
trade secrets or commercial or financial
information, and which may be sensitive or
privileged.
(b) To assist NASA in accomplishing
management activities and administrative
functions, the Contractor shall provide the
services specified elsewhere in this contract.
(c) If performing this contract entails access
to sensitive information, as defined above,
the Contractor agrees to—
(1) Utilize any sensitive information
coming into its possession only for the
purposes of performing the services specified
in this contract, and not to improve its own
competitive position in another procurement.
(2) Safeguard sensitive information coming
into its possession from unauthorized use
and disclosure.
(3) Allow access to sensitive information
only to those employees that need it to
perform services under this contract.
(4) Preclude access and disclosure of
sensitive information to persons and entities
outside of the Contractor’s organization.
(5) Train employees who may require
access to sensitive information about their
obligations to utilize it only to perform the
services specified in this contract and to
safeguard it from unauthorized use and
disclosure.
(6) Obtain a written affirmation from each
employee that he/she has received and will
comply with training on the authorized uses
and mandatory protections of sensitive
information needed in performing this
contract.
(7) Administer a monitoring process to
ensure that employees comply with all
reasonable security procedures, report any
breaches to the Contracting Officer, and
implement any necessary corrective actions.
(d) The Contractor will comply with all
procedures and obligations specified in its
Organizational Conflicts of Interest
Avoidance Plan, which this contract
incorporates as a compliance document.
(e) The nature of the work on this contract
may subject the Contractor and its employees
to a variety of laws and regulations relating
to ethics, conflicts of interest, corruption, and
other criminal or civil matters relating to the
award and administration of government
contracts. Recognizing that this contract
establishes a high standard of accountability
and trust, the Government will carefully
review the Contractor’s performance in
relation to the mandates and restrictions
found in these laws and regulations.
Unauthorized uses or disclosures of sensitive
information may result in termination of this
E:\FR\FM\21JYR1.SGM
21JYR1
Federal Register / Vol. 80, No. 139 / Tuesday, July 21, 2015 / Rules and Regulations
contract for default, or in debarment of the
Contractor for serious misconduct affecting
present responsibility as a government
contractor.
(f) The Contractor shall include the
substance of this clause, including this
paragraph (f), suitably modified to reflect the
relationship of the parties, in all subcontracts
that may involve access to sensitive
information.
(End of clause)
1852.237–73
Information.
Release of Sensitive
As prescribed in 1837.203–72(b),
insert the following clause:
RELEASE OF SENSITIVE
INFORMATION
asabaliauskas on DSK5VPTVN1PROD with RULES
(JUNE 2005)
(a) As used in this clause, ‘‘sensitive
information’’ refers to information, not
currently in the public domain, that the
Contractor has developed at private expense,
that may embody trade secrets or commercial
or financial information, and that may be
sensitive or privileged.
(b) In accomplishing management activities
and administrative functions, NASA relies
heavily on the support of various service
providers. To support NASA activities and
functions, these service providers, as well as
their subcontractors and their individual
employees, may need access to sensitive
information submitted by the Contractor
under this contract. By submitting this
proposal or performing this contract, the
Contractor agrees that NASA may release to
its service providers, their subcontractors,
and their individual employees, sensitive
information submitted during the course of
this procurement, subject to the enumerated
protections mandated by the clause at
1852.237–72, Access to Sensitive
Information.
(c)(1) The Contractor shall identify any
sensitive information submitted in support of
this proposal or in performing this contract.
For purposes of identifying sensitive
information, the Contractor may, in addition
to any other notice or legend otherwise
required, use a notice similar to the
following:
Mark the title page with the following
legend:
This proposal or document includes
sensitive information that NASA shall not
disclose outside the Agency and its service
providers that support management activities
and administrative functions. To gain access
to this sensitive information, a service
provider’s contract must contain the clause at
NFS 1852.237–72, Access to Sensitive
Information. Consistent with this clause, the
service provider shall not duplicate, use, or
disclose the information in whole or in part
for any purpose other than to perform the
services specified in its contract. This
restriction does not limit the Government’s
right to use this information if it is obtained
from another source without restriction. The
information subject to this restriction is
contained in pages [insert page numbers or
other identification of pages].
VerDate Sep<11>2014
17:50 Jul 20, 2015
Jkt 235001
Mark each page of sensitive information
the Contractor wishes to restrict with the
following legend:
Use or disclosure of sensitive information
contained on this page is subject to the
restriction on the title page of this proposal
or document.
(2) The Contracting Officer shall evaluate
the facts supporting any claim that particular
information is ‘‘sensitive.’’ This evaluation
shall consider the time and resources
necessary to protect the information in
accordance with the detailed safeguards
mandated by the clause at 1852.237–72,
Access to Sensitive Information. However,
unless the Contracting Officer decides, with
the advice of Center counsel, that reasonable
grounds exist to challenge the Contractor’s
claim that particular information is sensitive,
NASA and its service providers and their
employees shall comply with all of the
safeguards contained in paragraph (d) of this
clause.
(d) To receive access to sensitive
information needed to assist NASA in
accomplishing management activities and
administrative functions, the service provider
must be operating under a contract that
contains the clause at 1852.237–72, Access to
Sensitive Information. This clause obligates
the service provider to do the following:
(1) Comply with all specified procedures
and obligations, including the Organizational
Conflicts of Interest Avoidance Plan, which
the contract has incorporated as a
compliance document.
(2) Utilize any sensitive information
coming into its possession only for the
purpose of performing the services specified
in its contract.
(3) Safeguard sensitive information coming
into its possession from unauthorized use
and disclosure.
(4) Allow access to sensitive information
only to those employees that need it to
perform services under its contract.
(5) Preclude access and disclosure of
sensitive information to persons and entities
outside of the service provider’s organization.
(6) Train employees who may require
access to sensitive information about their
obligations to utilize it only to perform the
services specified in its contract and to
safeguard it from unauthorized use and
disclosure.
(7) Obtain a written affirmation from each
employee that he/she has received and will
comply with training on the authorized uses
and mandatory protections of sensitive
information needed in performing this
contract.
(8) Administer a monitoring process to
ensure that employees comply with all
reasonable security procedures, report any
breaches to the Contracting Officer, and
implement any necessary corrective actions.
(e) When the service provider will have
primary responsibility for operating an
information technology system for NASA
that contains sensitive information, the
service provider’s contract shall include the
clause at 1852.204–76, Security
Requirements for Unclassified Information
Technology Resources. The Security
Requirements clause requires the service
provider to implement an Information
PO 00000
Frm 00027
Fmt 4700
Sfmt 4700
43033
Technology Security Plan to protect
information processed, stored, or transmitted
from unauthorized access, alteration,
disclosure, or use. Service provider
personnel requiring privileged access or
limited privileged access to these information
technology systems are subject to screening
using the standard National Agency Check
(NAC) forms appropriate to the level of risk
for adverse impact to NASA missions. The
Contracting Officer may allow the service
provider to conduct its own screening,
provided the service provider employs
substantially equivalent screening
procedures.
(f) This clause does not affect NASA’s
responsibilities under the Freedom of
Information Act.
(g) The Contractor shall insert this clause,
including this paragraph (g), suitably
modified to reflect the relationship of the
parties, in all subcontracts that may require
the furnishing of sensitive information.
(End of clause)
[FR Doc. 2015–17717 Filed 7–20–15; 8:45 am]
BILLING CODE 7510–13–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
50 CFR Part 622
[Docket No. 140611492–5605–02]
RIN 0648–BE30
Fisheries of the Caribbean, Gulf of
Mexico, and South Atlantic; SnapperGrouper Fishery Off the Southern
Atlantic States; Regulatory
Amendment 20
National Marine Fisheries
Service (NMFS), National Oceanic and
Atmospheric Administration (NOAA),
Commerce.
ACTION: Final rule.
AGENCY:
NMFS issues regulations to
implement Regulatory Amendment 20
to the Fishery Management Plan for the
Snapper-Grouper Fishery of the South
Atlantic Region (FMP) (Regulatory
Amendment 20), as prepared and
submitted by the South Atlantic Fishery
Management Council (Council). This
final rule revises the snowy grouper
annual catch limits (ACLs), commercial
trip limit, and recreational fishing
season. The purpose of this rule is to
help achieve optimum yield (OY) and
prevent overfishing of snowy grouper
while enhancing socio-economic
opportunities within the snappergrouper fishery.
DATES: This rule is effective August 20,
2015.
ADDRESSES: Electronic copies of the
regulatory amendment, which includes
SUMMARY:
E:\FR\FM\21JYR1.SGM
21JYR1
Agencies
[Federal Register Volume 80, Number 139 (Tuesday, July 21, 2015)]
[Rules and Regulations]
[Pages 43031-43033]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-17717]
=======================================================================
-----------------------------------------------------------------------
NATIONAL AERONAUTICS AND SPACE ADMINISTRATION
48 CFR Parts 1837 and 1852
RIN 2700-AE01 and 2700-AE09
NASA Federal Acquisition Regulation Supplement; Correction
AGENCY: National Aeronautics and Space Administration.
ACTION: Correcting amendments.
-----------------------------------------------------------------------
SUMMARY: The National Aeronautics and Space Administration (NASA)
published a final rule in the Federal Register on Thursday, March 12,
2015 (80 FR 12935), as part of the NASA Federal Acquisition Regulation
Supplement (NFS) regulatory review. That document (80 FR 12835)
inadvertently removed sections of the NFS that relate to access and
release of sensitive information in the performance of advisory and
assistance services in NFS parts 1837 and 1852. This document corrects
the final rule by reinstating these original sections of the
regulation.
DATES: Effective: July 21, 2015.
FOR FURTHER INFORMATION CONTACT: Marilyn J. Seppi, NASA, Office of
Procurement, Contract and Grant Policy Division, via email at
marilyn.j.seppi-1@nasa.gov, or telephone (202) 358-0447.
SUPPLEMENTARY INFORMATION:
I. Background
NASA published a final rule in the Federal Register on March 12,
2015, inadvertently removing from the Code of Federal Regulations (CFR)
those sections of the NASA FAR Supplement that contained information
related to access and release of sensitive information while performing
contracted advisory and assistance contracts. As published, the rule
contains errors due to inadvertent deletion of text that needs to be
corrected. Specifically, in amendatory instruction 49 on page 12944 of
that final rule, NFS sections 1837.203-70, 1837.203-71, and 1837.203-72
were erroneously deleted and need to be restored. In addition, in
amendatory instruction 94 on page 12953 of the final rule, the
associated clauses at NFS 1852.237-72 and 1852.237-73 were also removed
in error and need to be restored. NASA is not altering these policies
and regulations, but rather, correcting an inadvertent deletion. This
document corrects the final rule by revising these sections.
List of Subject in 48 CFR Parts 1837 and 1852
Government procurement.
Cynthia Boots,
Alternate Federal Register Liaison.
Accordingly, 48 CFR parts 1837 and 1852 are amended as follows:
PART 1837--SERVICE CONTRACTING
0
1. The authority citation for part 1837 is revised to read as follows:
Authority: 51 U.S.C. 20113(a) and 48 CFR chapter 1.
0
2. Revise subpart 1837.2 to read as follows:
Subpart 1837.2--Advisory and Assistance Services
Sec.
1837.203 Policy.
1837.203-70 Providing contractors access to sensitive information.
1837.303-71 Release of contractors' sensitive information.
1837.203-72 NASA contract clauses.
Subpart 1837.2--Advisory and Assistance Services
1837.203 Policy.
(c) Advisory and assistance services of individual experts and
consultants shall normally be obtained by appointment rather than by
contract (see NPR 3300.1, Appointment of Personnel To/From NASA,
Chapter 4, Employment of Experts and Consultants).
1837.203-70 Providing contractors access to sensitive information.
(a)(1) As used in this subpart, ``sensitive information'' refers to
information that the contractor has developed at private expense or
that the Government has generated that qualifies for an exception to
the Freedom of Information Act, which is not currently in the public
domain, may embody trade secrets or commercial or financial
information, and may be sensitive or privileged, the disclosure of
which is likely to have either of the following effects: To impair the
Government's ability to obtain this type of information in the future;
or to cause substantial harm to the competitive position of the person
from whom the information was obtained. The term is not intended to
resemble the markings of national security documents as in sensitive-
secret-top secret.
[[Page 43032]]
(2) As used in this subpart, ``requiring organization'' refers to
the NASA organizational element or activity that requires specified
services to be provided.
(3) As used in this subpart, ``service provider'' refers to the
service contractor that receives sensitive information from NASA to
provide services to the requiring organization.
(b)(1) To support management activities and administrative
functions, NASA relies on numerous service providers. These contractors
may require access to sensitive information in the Government's
possession, which may be entitled to protection from unauthorized use
or disclosure.
(2) As an initial step, the requiring organization shall identify
when needed services may entail access to sensitive information and
shall determine whether providing access is necessary for accomplishing
the Agency's mission. The requiring organization shall review any
service provider requests for access to information to determine
whether the access is necessary and whether the information requested
is considered ``sensitive'' as defined in paragraph (a)(1) of this
section.
(c) When the requiring organization determines that providing
specified services will entail access to sensitive information, the
solicitation shall require each potential service provider to submit
with its proposal a preliminary analysis of possible organizational
conflicts of interest that might flow from the award of a contract.
After selection, or whenever it becomes clear that performance will
necessitate access to sensitive information, the service provider must
submit a comprehensive organizational conflicts of interest avoidance
plan.
(d) This comprehensive plan shall incorporate any previous studies
performed, shall thoroughly analyze all organizational conflicts of
interest that might arise because the service provider has access to
other companies' sensitive information, and shall establish specific
methods to control, mitigate, or eliminate all problems identified. The
contracting officer, with advice from Center counsel, shall review the
plan for completeness and identify to the service provider substantive
weaknesses and omissions for necessary correction. Once the service
provider has corrected the substantive weaknesses and omissions, the
contracting officer shall incorporate the revised plan into the
contract, as a compliance document.
(e) If the service provider will be operating an information
technology system for NASA that contains sensitive information, the
operating contract shall include the clause at 1852.204-76, Security
Requirements for Unclassified Information Technology Resources, which
requires the implementation of an Information Technology Security Plan
to protect information processed, stored, or transmitted from
unauthorized access, alteration, disclosure, or use.
(f) NASA will monitor performance to assure any service provider
that requires access to sensitive information follows the steps
outlined in the clause at 1852.237-72, Access to Sensitive Information,
to protect the information from unauthorized use or disclosure.
1837.203-71 Release of contractors' sensitive information.
Pursuant to the clause at 1852.237-73, Release of Sensitive
Information, offerors and contractors agree that NASA may release their
sensitive information when requested by service providers in accordance
with the procedures prescribed in 1837.203-70 and subject to the
safeguards and protections delineated in the clause at 1852.237-72,
Access to Sensitive Information. As required by the clause at 1852.237-
73, or other contract clause or solicitation provision, contractors
must identify information they claim to be ``sensitive'' submitted as
part of a proposal or in the course of performing a contract. The
contracting officer shall evaluate all contractor claims of sensitivity
in deciding how NASA should respond to requests from service providers
for access to information.
1837.203-72 NASA contract clauses.
(a) The contracting officer shall insert the clause at 1852.237-72,
Access to Sensitive Information, in all solicitations and contracts for
services that may require access to sensitive information belonging to
other companies or generated by the Government.
(b) The contracting officer shall insert the clause at 1852.237-73,
Release of Sensitive Information, in all solicitations, contracts, and
basic ordering agreements.
PART 1852--SOLICITATION PROVISIONS AND CONTRACT CLAUSES
0
3. The authority citation for part 1852 continues to read as follows:
Authority: 51 U.S.C. 20113(a) and 48 CFR chapter 1.
0
4. In subpart 1852.2, add sections 1852.237-72 and 1852.237-73 to read
as follows:
1852.237-72 Access to Sensitive Information.
As prescribed in 1837.203-72(a), insert the following clause:
ACCESS TO SENSITIVE INFORMATION
(JUNE 2005)
(a) As used in this clause, ``sensitive information'' refers to
information that a contractor has developed at private expense, or
that the Government has generated that qualifies for an exception to
the Freedom of Information Act, which is not currently in the public
domain, and which may embody trade secrets or commercial or
financial information, and which may be sensitive or privileged.
(b) To assist NASA in accomplishing management activities and
administrative functions, the Contractor shall provide the services
specified elsewhere in this contract.
(c) If performing this contract entails access to sensitive
information, as defined above, the Contractor agrees to--
(1) Utilize any sensitive information coming into its possession
only for the purposes of performing the services specified in this
contract, and not to improve its own competitive position in another
procurement.
(2) Safeguard sensitive information coming into its possession
from unauthorized use and disclosure.
(3) Allow access to sensitive information only to those
employees that need it to perform services under this contract.
(4) Preclude access and disclosure of sensitive information to
persons and entities outside of the Contractor's organization.
(5) Train employees who may require access to sensitive
information about their obligations to utilize it only to perform
the services specified in this contract and to safeguard it from
unauthorized use and disclosure.
(6) Obtain a written affirmation from each employee that he/she
has received and will comply with training on the authorized uses
and mandatory protections of sensitive information needed in
performing this contract.
(7) Administer a monitoring process to ensure that employees
comply with all reasonable security procedures, report any breaches
to the Contracting Officer, and implement any necessary corrective
actions.
(d) The Contractor will comply with all procedures and
obligations specified in its Organizational Conflicts of Interest
Avoidance Plan, which this contract incorporates as a compliance
document.
(e) The nature of the work on this contract may subject the
Contractor and its employees to a variety of laws and regulations
relating to ethics, conflicts of interest, corruption, and other
criminal or civil matters relating to the award and administration
of government contracts. Recognizing that this contract establishes
a high standard of accountability and trust, the Government will
carefully review the Contractor's performance in relation to the
mandates and restrictions found in these laws and regulations.
Unauthorized uses or disclosures of sensitive information may result
in termination of this
[[Page 43033]]
contract for default, or in debarment of the Contractor for serious
misconduct affecting present responsibility as a government
contractor.
(f) The Contractor shall include the substance of this clause,
including this paragraph (f), suitably modified to reflect the
relationship of the parties, in all subcontracts that may involve
access to sensitive information.
(End of clause)
1852.237-73 Release of Sensitive Information.
As prescribed in 1837.203-72(b), insert the following clause:
RELEASE OF SENSITIVE INFORMATION
(JUNE 2005)
(a) As used in this clause, ``sensitive information'' refers to
information, not currently in the public domain, that the Contractor
has developed at private expense, that may embody trade secrets or
commercial or financial information, and that may be sensitive or
privileged.
(b) In accomplishing management activities and administrative
functions, NASA relies heavily on the support of various service
providers. To support NASA activities and functions, these service
providers, as well as their subcontractors and their individual
employees, may need access to sensitive information submitted by the
Contractor under this contract. By submitting this proposal or
performing this contract, the Contractor agrees that NASA may
release to its service providers, their subcontractors, and their
individual employees, sensitive information submitted during the
course of this procurement, subject to the enumerated protections
mandated by the clause at 1852.237-72, Access to Sensitive
Information.
(c)(1) The Contractor shall identify any sensitive information
submitted in support of this proposal or in performing this
contract. For purposes of identifying sensitive information, the
Contractor may, in addition to any other notice or legend otherwise
required, use a notice similar to the following:
Mark the title page with the following legend:
This proposal or document includes sensitive information that
NASA shall not disclose outside the Agency and its service providers
that support management activities and administrative functions. To
gain access to this sensitive information, a service provider's
contract must contain the clause at NFS 1852.237-72, Access to
Sensitive Information. Consistent with this clause, the service
provider shall not duplicate, use, or disclose the information in
whole or in part for any purpose other than to perform the services
specified in its contract. This restriction does not limit the
Government's right to use this information if it is obtained from
another source without restriction. The information subject to this
restriction is contained in pages [insert page numbers or other
identification of pages].
Mark each page of sensitive information the Contractor wishes to
restrict with the following legend:
Use or disclosure of sensitive information contained on this
page is subject to the restriction on the title page of this
proposal or document.
(2) The Contracting Officer shall evaluate the facts supporting
any claim that particular information is ``sensitive.'' This
evaluation shall consider the time and resources necessary to
protect the information in accordance with the detailed safeguards
mandated by the clause at 1852.237-72, Access to Sensitive
Information. However, unless the Contracting Officer decides, with
the advice of Center counsel, that reasonable grounds exist to
challenge the Contractor's claim that particular information is
sensitive, NASA and its service providers and their employees shall
comply with all of the safeguards contained in paragraph (d) of this
clause.
(d) To receive access to sensitive information needed to assist
NASA in accomplishing management activities and administrative
functions, the service provider must be operating under a contract
that contains the clause at 1852.237-72, Access to Sensitive
Information. This clause obligates the service provider to do the
following:
(1) Comply with all specified procedures and obligations,
including the Organizational Conflicts of Interest Avoidance Plan,
which the contract has incorporated as a compliance document.
(2) Utilize any sensitive information coming into its possession
only for the purpose of performing the services specified in its
contract.
(3) Safeguard sensitive information coming into its possession
from unauthorized use and disclosure.
(4) Allow access to sensitive information only to those
employees that need it to perform services under its contract.
(5) Preclude access and disclosure of sensitive information to
persons and entities outside of the service provider's organization.
(6) Train employees who may require access to sensitive
information about their obligations to utilize it only to perform
the services specified in its contract and to safeguard it from
unauthorized use and disclosure.
(7) Obtain a written affirmation from each employee that he/she
has received and will comply with training on the authorized uses
and mandatory protections of sensitive information needed in
performing this contract.
(8) Administer a monitoring process to ensure that employees
comply with all reasonable security procedures, report any breaches
to the Contracting Officer, and implement any necessary corrective
actions.
(e) When the service provider will have primary responsibility
for operating an information technology system for NASA that
contains sensitive information, the service provider's contract
shall include the clause at 1852.204-76, Security Requirements for
Unclassified Information Technology Resources. The Security
Requirements clause requires the service provider to implement an
Information Technology Security Plan to protect information
processed, stored, or transmitted from unauthorized access,
alteration, disclosure, or use. Service provider personnel requiring
privileged access or limited privileged access to these information
technology systems are subject to screening using the standard
National Agency Check (NAC) forms appropriate to the level of risk
for adverse impact to NASA missions. The Contracting Officer may
allow the service provider to conduct its own screening, provided
the service provider employs substantially equivalent screening
procedures.
(f) This clause does not affect NASA's responsibilities under
the Freedom of Information Act.
(g) The Contractor shall insert this clause, including this
paragraph (g), suitably modified to reflect the relationship of the
parties, in all subcontracts that may require the furnishing of
sensitive information.
(End of clause)
[FR Doc. 2015-17717 Filed 7-20-15; 8:45 am]
BILLING CODE 7510-13-P