Part M824 - Protection of Privacy and Freedom of Information - Office of Acquisition and Logistics (OAL)
Attention A T users. To access the menus on this page please perform the following steps. 1. Please switch auto forms mode to off. 2. Hit enter to expand a main menu option (Health, Benefits, etc). 3. To enter and activate the submenu links, hit the down arrow. You will now be able to tab or arrow up or down through the submenu options to access/activate the submenu links.
Attention A T users. To access the combo box on this page please perform the following steps. 1. Press the alt key and then the down arrow. 2. Use the up and down arrows to navigate this combo box. 3. Press enter on the item you wish to view. This will take you to the page listed.
Menu
Menu
Veterans Crisis Line Badge
My healthevet badge

Office of Acquisition and Logistics (OAL)

 

Part M824 - Protection of Privacy and Freedom of Information

« VAAM Part M823 VAAM Table of Contents VAAM Part 825 »
 
Subpart M824.1—Protection of Individual Privacy
Sec.  
M824.102 General.
M824.103-70 Procedures for the Privacy Act.
Subpart M824.2—Freedom of Information Act
M824.203 Policy for Freedom of Information Act.

Subpart M824.1 - Protection of Individual Privacy

M824.102  General.

(a) Every two years the Office of Acquisition and Logistics will review a random sample of contracts that provide for the maintenance of a system of records on behalf of the agency to accomplish an agency function, in order to ensure that the wording of each contract makes the provisions of the Act binding on the contractor and his or her employees, pursuant to OMB Circular A-130, Appendix 1.

M824.103-70  Procedures for the Privacy Act.

(a) Contracting officers shall contact their Privacy Officer or Privacy Service designee for assistance and expertise on all matters related to privacy. Privacy Officer or Privacy Service designee information can be found at the Office of Privacy and Records Management website.

(b) The contracting officer shall review all purchase request documentation to determine whether the requirements of the Privacy Act of 1974 (5 U.S.C. 552a) are applicable. The program manager will be responsible for performing a Privacy Threshold Analysis and Privacy Impact Assessment in accordance with VA Handbook 6508.1, Procedures for Privacy Threshold Analysis and Privacy Impact Assessment, to review and assess the privacy implications of information contained in VA information technology (IT) systems, programs or projects.

(c) Applicability to System of Records. The Privacy Act requirements apply when a contract or order requires the contractor to design, develop, or operate any Privacy Act system of records on individuals to accomplish an agency function. When applicable, the contracting officer shall include the clauses at FAR 52.224-1, Privacy Act Notification, and 52.224-2, Privacy Act, as prescribed by FAR 24.104, in solicitations, contracts, or orders. In addition, the contracting officer shall include the clauses and other pertinent information specified in this subpart, in any modification which results in the Privacy Act requirements becoming applicable to a contract or order.

(d) Performance Work Statement or Statement of Work. The contracting officer shall ensure that the statement of work (SOW) or performance work statement (PWS) specifies the system(s) of records or proposed system(s) of records to which the Privacy Act and the implementing regulations are applicable or may be applicable.

(1) The contracting officer shall ensure that the contract SOW or PWS specifies the disposition to be made of the system(s) of records upon completion of contract performance in accordance with the Privacy Act and the Federal Records Act.

(2) The contract SOW or PWS may require the contractor to destroy the records, remove personal identifiers, or turn the records over to the contracting officer. If there is a legitimate need for a contractor to keep copies of the records after completion of a contract, the contractor must take measures, as approved by the contracting officer, to keep the records confidential and protect the individuals’ privacy.

(e) Requirement for a Federal Register “System Notice.” For any acquisition subject to Privacy Act requirements, the requiring activity prior to award shall prepare and have published in the Federal Register a “system notice,” describing the Department of Veterans Affairs intent to establish a new system of records on individuals, to make modifications to an existing system, or to disclose information in regard to an existing system. The requiring activity shall attach a copy of the system notice to the acquisition plan or other purchase request documentation. If a system notice is not attached, the contracting officer shall inquire about its status and shall obtain a copy from the requiring activity for inclusion in the contract file. If a notice for the system of records has not been published in the Federal Register, the contracting officer may proceed with the acquisition but shall not award the contract until the system notice is published and the contracting officer verifies its publication.

Subpart M824.2 - Freedom of Information Act

M824.203  Policy.

Contracting Officers or Contract Specialists shall provide unredacted responsive records to the cognizant Freedom of Information Act (FOIA) Officer per 38 C.F.R. § 1.555(a). As per page 7, paragraph e(4) of the FOIA Standard Operating Procedure, Contracting Officers or Contract Specialists must provide such within five (5) business days of the FOIA request.

« VAAM Part M823 VAAM Table of Contents VAAM Part 825 »