FAR Rule Addresses Safeguarding of Contractor Information Systems

 

The Department of Defense, General Services Administration, and National Aeronautics and Space Administration are proposing to amend the Federal Acquisition Regulation to address the safeguarding of contractor information systems. A proposed rule would add a new subpart (FAR Subpart 4.17) and contract clause (FAR 52.204-xx) for the basic safeguarding of contractor information systems. Under new FAR 4.1702, Applicability, the rule would apply to commercial items and commercial-off-the-shelf items when a contractor's information system contains non-public information provided by or generated for the government that will reside on or transit through contractor information systems. The rule may be applied under the simplified acquisition threshold if the contracting officer determines inclusion of the clause is appropriate. Under the new clause, the protective measures must be applied to public computers and web sites, transmitting electronic information, transmitting voice and fax information, physical and electronic barriers, sanitization, intrusion protection, and transfer limitations. DoD, GSA, and NASA considered comments on a related DoD rule ( ¶70,020.301) in drafting the proposed rule. A complete listing of the FAR provisions impacted by the rule appears in the regulation table below. Comments referencing FAR Case 2011-020 are due October 23, 2012. For the text of the rule, see ¶70,006.270.

































































































































































































 






 

 

(The news featured above is a selection from the news covered in the Government Contracts Report Letter, which is published weekly and distributed to subscribers of the Government Contracts Reporter. )