[Code of Federal Regulations]
[Title 48, Volume 1]
[Revised as of October 1, 2003]
From the U.S. Government Printing Office via GPO Access
[CITE: 48CFR39.105]

[Page 746]
 
            TITLE 48--FEDERAL ACQUISITION REGULATIONS SYSTEM
 
                CHAPTER 1--FEDERAL ACQUISITION REGULATION
 
PART 39_ACQUISITION OF INFORMATION TECHNOLOGY--Table of Contents
 
                          Subpart 39.1_General
 
Sec.  39.105  Privacy.

    Agencies shall ensure that contracts for information technology 
address protection of privacy in accordance with the Privacy Act (5 
U.S.C. 552a) and part 24. In addition, each agency shall ensure that 
contracts for the design, development, or operation of a system of 
records using commercial information technology services or information 
technology support services include the following:
    (a) Agency rules of conduct that the contractor and the contractor's 
employees shall be required to follow.
    (b) A list of the anticipated threats and hazards that the 
contractor must guard against.
    (c) A description of the safeguards that the contractor must 
specifically provide.
    (d) Requirements for a program of Government inspection during 
performance of the contract that will ensure the continued efficacy and 
efficiency of safeguards and the discovery and countering of new threats 
and hazards.