[Code of Federal Regulations]
[Title 48, Volume 7]
[Revised as of October 1, 2007]
From the U.S. Government Printing Office via GPO Access
[CITE: 48CFR3004.470-2]

[Page 69-70]
 
            TITLE 48--FEDERAL ACQUISITION REGULATIONS SYSTEM
 
     CHAPTER 30--DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY 
                      ACQUISITION REGULATION (HSAR)
 
Sec. 3004.470-2  Policy.

    (a) DHS's policies and procedures on contractor personnel security 
requirements are set forth in various management directives (MDs). MD 
11042.1, Safeguarding Sensitive But Unclassified (For Official Use only) 
Information describes how contractors must handle sensitive but 
unclassified information. MD 4300.1, entitled Information Technology 
Systems Security, and the DHS Sensitive Systems Handbook, prescribe the 
policies and procedures on security for Information Technology 
resources. Compliance with these policies and

[[Page 70]]

procedures, any replacement publications, or any other current or future 
DHS policies and procedures covering contractors specifically is 
required in all contracts that require access to facilities, IT 
resources or sensitive information.
    (b) The contractor must not use or redistribute any DHS information 
processed, stored, or transmitted by the contractor except as specified 
in the contract.