48 C.F.R. § 824.103

Current through September 30, 2024
Section 824.103 - Procedures
(c) The contracting officer shall reference the following documents in solicitations and contracts that require the design, development, or operation of a system of records-
(1) VA Handbook 6500.6, Contract Security;
(2) VA Handbook 6508.1, Procedures for Privacy Threshold Analysis and Privacy Impact Assessment;
(3) VA Handbook 6510, VA Identity and Access Management-
(i) The contracting officer will ensure that statements of work or performance work statements that require the design, development, or operation of a system of records include procedures to follow in the event of a Personally Identifiable Information (PII) breach; and
(ii) The contracting officer shall ensure that Government surveillance plans for contracts that require the design, development, or operation of a system of records include monitoring of the contractor's adherence to Privacy Act/PII regulations. The assessing official should document contractor-caused breaches or other incidents related to PII in past performance reports. Such incidents include instances in which the contractor did not adhere to Privacy Act/PII contractual requirements.

48 C.F.R. §824.103

84 FR 45681, Aug. 30, 2019
84 FR 45681, 9/30/2019