[Code of Federal Regulations]

[Title 48, Volume 1]

[Revised as of October 1, 2005]

From the U.S. Government Printing Office via GPO Access

[CITE: 48CFR39.105]



[Page 770-771]

 

            TITLE 48--FEDERAL ACQUISITION REGULATIONS SYSTEM

 

                CHAPTER 1--FEDERAL ACQUISITION REGULATION

 

PART 39_ACQUISITION OF INFORMATION TECHNOLOGY--Table of Contents

 

                          Subpart 39.1_General

 

Sec. 39.105  Privacy.



    Agencies shall ensure that contracts for information technology 

address protection of privacy in accordance with the Privacy Act (5 

U.S.C. 552a) and part 24. In addition, each agency shall ensure that 

contracts for the design, development, or operation of a system of 

records using commercial information technology services or information 

technology support services include the following:

    (a) Agency rules of conduct that the contractor and the contractor's 

employees shall be required to follow.



[[Page 771]]



    (b) A list of the anticipated threats and hazards that the 

contractor must guard against.

    (c) A description of the safeguards that the contractor must 

specifically provide.

    (d) Requirements for a program of Government inspection during 

performance of the contract that will ensure the continued efficacy and 

efficiency of safeguards and the discovery and countering of new threats 

and hazards.