852.273-75 Security Requirements for Unclassified Information Technology Resources (Interim - Oct 2008)
Purpose: To inform the acquisition workforce that the use of VAAR clause 852.273-75, Security Requirements for Unclassified Information Technology Resources, is being suspended until further notice.
Dated: February 2, 2012
VAAR Section Impacted: 852.273-75
Effective Date: Immediately
Background: The Procurement Policy and Warrant Management Service is in the process of revising VAAR 852.273-75 and developing associated guidance because VA discovered that the clause was not properly codified and does not address the statutory requirement specific to liquidated damages, prescribed by 38 U.S.C. §5725, Contracts for data processing or maintenance. To address this issue, VA is suspending the use of VAAR 852.273-75, and will use the language from VA Handbook 6500.6, Contract Security, Appendix C, as appropriate.
Action Required: Per VA Handbook 6500.6, Contracting Officers (COs) shall consult with their respective Information Security Officer, Privacy Officer, and Office of General Counsel (OGC) to determine whether a contract will require a contractor and/or third party to use, store, generate, modify or transmit VA-owned Sensitive Personal Information.
If so, COs shall include applicable requirements from the Information System Security and Privacy Language expressed in VA Handbook 6500.6 (Appendix C)(attached), under the Terms and Conditions section of the contract.
Questions: Contract interpretation, drafting, or meaning questions should be directed to OGC Professional Group V, William Korth, Staff Attorney via e-mail at email@example.com.
For questions or concerns regarding this Acquisition Policy Flash, please contact Eyvonne Mallett, Senior Procurement Analyst, at firstname.lastname@example.org.