- RMPR4P23 ;PHX/HNB -PRINT PURCHASE CARD FORM ;3/1/1996
- ;;3.0;PROSTHETICS;**3,153,166**;Feb 09, 1996;Build 2
- PRI ;ENTRY POINT FOR PRINTING PRIVACY ACT FOR 10-2421 AND 10-55 AND 2419
- W @IOF,!!,"Security Requirements Interim Guidance - January 2013 (Per Acquisition Policy"
- W !," Flash 12-04, dated 2/2/12, suspending VAAR clause 852.273-75)",!
- W !,"A. Any contractor and/or subcontractor retained to do work for VA under"
- W !,"this Contract that requires the access, use, storage, modification, or"
- W !,"transmission of VA Sensitive Personal Information (SPI) must follow and"
- W !,"adhere to the security controls, enhancements, compensating controls,"
- W !,"protocols, regulations, and VA directions as the Contracting Officer"
- W !,"(CO) shall direct, including, but not limited to those derived from the"
- W !,"Federal Information Security Management Act (FISMA), OMB Circular No."
- W !,"A-130, and VA Handbook 6500/6500.6. The contractor must report any data"
- W !,"breach according to the protocols and timeframes in HB 6500.",!
- PRI1 W !,"B. If any contractor/sub-contractor retained to do work for VA under"
- W !,"this Contract requires access, use, etc., of VA SPI as aforesaid, and if an"
- W !,"actionable data breach occurs because of the contractor/subcontractor's acts,"
- W !,"omissions, or negligence in following the VA-directed security controls,"
- W !,"enhancements, compensating controls, protocols, and/or measures, including,"
- W !,"but not limited to the sources above, the contractor/subcontractor is"
- W !,"further subject to the statutory requirement to assess liquidated damages"
- W !,"against contractors and/or subcontractors under 38 U.S.C. §5725 in the event"
- W !,"of a breach of Sensitive Personal Information (SPI)/Personally Identifiable"
- W !,"Information (PII). Said liquidated damages shall be assessed at $37.50"
- W !,"per affected Veteran or beneficiary. A breach in this context includes"
- W !,"the unauthorized acquisition, access, use, or disclosure of VA SPI which"
- W !,"compromises not only the information's security or privacy but that of the"
- W !,"Veteran or beneficiary as well as the potential exposure or wrongful"
- W !,"disclosure of such information as a result of a failure to follow proper"
- W !,"data security controls and protocols."
- Q
- --- Routine Detail --- with STRUCTURED ROUTINE LISTING ---[H[J[2J[HRMPR4P23 2354 printed Jan 18, 2025@03:34:04 Page 2
- RMPR4P23 ;PHX/HNB -PRINT PURCHASE CARD FORM ;3/1/1996
- +1 ;;3.0;PROSTHETICS;**3,153,166**;Feb 09, 1996;Build 2
- PRI ;ENTRY POINT FOR PRINTING PRIVACY ACT FOR 10-2421 AND 10-55 AND 2419
- +1 WRITE @IOF,!!,"Security Requirements Interim Guidance - January 2013 (Per Acquisition Policy"
- +2 WRITE !," Flash 12-04, dated 2/2/12, suspending VAAR clause 852.273-75)",!
- +3 WRITE !,"A. Any contractor and/or subcontractor retained to do work for VA under"
- +4 WRITE !,"this Contract that requires the access, use, storage, modification, or"
- +5 WRITE !,"transmission of VA Sensitive Personal Information (SPI) must follow and"
- +6 WRITE !,"adhere to the security controls, enhancements, compensating controls,"
- +7 WRITE !,"protocols, regulations, and VA directions as the Contracting Officer"
- +8 WRITE !,"(CO) shall direct, including, but not limited to those derived from the"
- +9 WRITE !,"Federal Information Security Management Act (FISMA), OMB Circular No."
- +10 WRITE !,"A-130, and VA Handbook 6500/6500.6. The contractor must report any data"
- +11 WRITE !,"breach according to the protocols and timeframes in HB 6500.",!
- PRI1 WRITE !,"B. If any contractor/sub-contractor retained to do work for VA under"
- +1 WRITE !,"this Contract requires access, use, etc., of VA SPI as aforesaid, and if an"
- +2 WRITE !,"actionable data breach occurs because of the contractor/subcontractor's acts,"
- +3 WRITE !,"omissions, or negligence in following the VA-directed security controls,"
- +4 WRITE !,"enhancements, compensating controls, protocols, and/or measures, including,"
- +5 WRITE !,"but not limited to the sources above, the contractor/subcontractor is"
- +6 WRITE !,"further subject to the statutory requirement to assess liquidated damages"
- +7 WRITE !,"against contractors and/or subcontractors under 38 U.S.C. 5725 in the event"
- +8 WRITE !,"of a breach of Sensitive Personal Information (SPI)/Personally Identifiable"
- +9 WRITE !,"Information (PII). Said liquidated damages shall be assessed at $37.50"
- +10 WRITE !,"per affected Veteran or beneficiary. A breach in this context includes"
- +11 WRITE !,"the unauthorized acquisition, access, use, or disclosure of VA SPI which"
- +12 WRITE !,"compromises not only the information's security or privacy but that of the"
- +13 WRITE !,"Veteran or beneficiary as well as the potential exposure or wrongful"
- +14 WRITE !,"disclosure of such information as a result of a failure to follow proper"
- +15 WRITE !,"data security controls and protocols."
- +16 QUIT