Panoptic Enterprises' FEDERAL CONTRACTS DISPATCH
DATE: June 27, 2002
SUBJECT: National Aeronautics and Space Administration Federal Acquisition Regulation (FAR) Supplement (NFS) Class Deviation to Major Breach of Safety or Security Clause
SOURCE: Procurement Information Circular (PIC) 02-11, June 24, 2002
ACTION: Class Deviation
SYNOPSIS: NASA is issuing a class deviation that adds an Alternate I to NFS 1852.223-75, Major Breach of Safety or Security, for use in contracts with educational or other non-profit institutions and contracts for commercial items. Also, this provides guidance on the use of NFS 1852.223-75.
EDITOR'S NOTE: For more on the initial adoption of NFS 1852.223-75, see the June 13, 2000, FEDERAL CONTRACTS DISPATCH "National Aeronautics and Space Administration Federal Acquisition Regulation Supplement (NFS); Risk Management."
For more on recent changes to NFS 1852.223-75, see the February 20, 2002, FEDERAL CONTRACTS DISPATCH "National Aeronautics and Space Administration Federal Acquisition Regulation (FAR) Supplement (NFS); Major Breach of Security."
EFFECTIVE DATE: PIC 02-11 is effective June 24, 2002, and it will remain in effect until canceled or superseded.
FOR FURTHER INFORMATION CONTACT: Jeff Cullen, NASA Headquarters Office of Procurement, Contract Management Division (Code HK), Washington, DC 20546; telephone: 202-358-1784; or by e-mail: firstname.lastname@example.org.
SUPPLEMENTAL INFORMATION: Since July 13, 2000, NFS 1852.223-75 has been required in solicitations and contracts with an estimated value of $500,000 or more. Paragraph (a) of the clause states, "A major breach of safety may constitute a breach of contract that entitles the government to exercise any of its rights and remedies applicable to material parts of this contract, including termination for default." Paragraph (b) makes the same statement about "a major breach of security". However, contracts with educational or other nonprofit institutions and contracts for commercial items do not include a "termination for default" clause - they include either a "termination for convenience" or a "termination for cause" clause. Therefore, a NFS class deviation has been developed for use in contracts with educational or other nonprofit institutions and contracts for commercial items that removes "for default" from these two paragraphs.
In addition, PIC 02-11 provides guidance on the applicability and implementation of NFS 1852.223-75. Among the more noteworthy guidance provide are the following:
- Paragraph (a) defines a "major breach of safety" as "an act or omission of the contractor that consists of an accident, incident, or exposure resulting in a fatality or mission failure; or in damage to equipment or property equal to or greater than $1 million." The guidance states that:
- The clause does not only apply to government-owned property accountable under the contract, but to any equipment or property that the contractor may damage while performing work directly related to the contract.
- The $1 million is calculated per individual incident.
- The $1 million is the repair or replacement cost.
- Paragraph (b) defines a "major breach of security" as "an act or omission by the Contractor that results in compromise of classified information, illegal technology transfer, workplace violence resulting in criminal conviction, sabotage, compromise or denial of information technology services, equipment or property damage from vandalism greater than $250,000, or theft greater than $250,000." The guidance states that:
- The "compromise of classified information" criterion only applies if the contract includes FAR 52.204-2, Security Requirements.
- "Illegal technology transfer" is clarified with the statement "technology transfer is addressed by various statutes and is enforced by the Bureau of Export Administration (BXA) under the Department of Commerce. The BXA also administers the Export Administration Regulation (EAR)...There are 10 general prohibitions listed in the EAR; if you violate any of the 10 general prohibitions, or engage in other conduct contrary to the Export Administration Act...you will be subject to the sanctions described in that part." (EDITOR'S NOTE: BXA changed its name to "Bureau of Industry and Security" on April 18, 2002. Its website is http://www.bxa.doc.gov/.)
- "Violence" is defined by the Occupational Safety and Health Administration (OSHA) as "any physical assault, threatening behavior, or verbal abuse occurring in the work setting."
- "Sabotage" is not program specific; whether sabotage has occurred would depend on the circumstances of the individual case after investigation by the appropriate authorities; and no person need be convicted, or identified, for the contractor to be liable under the clause. However, the investigation would have to determine that adequate security countermeasures were not in place or that contractor negligence facilitated the sabotage.
- The Information Technology Laboratory, National Institute of Standards and Technology defines "compromise of information technology services" as "the unauthorized disclosure, modification, substitution, or use of sensitive data"; and describes "denial of information technology services" as the "hogging," damaging, or destroying of information technology resources so they cannot be used by legitimate users.
- "Equipment or property damage" would depend on the individual case, but would be dependent on negligence on the part of the contractor or a lack of prudent security. The damage would be based on actual replacement or repair cost to the government.
- "Theft" does not apply only to government-owned property, but to any property, whether it is the government's or other contractors'.
FOR FURTHER INFORMATION CONTACT: Panoptic Enterprises at 703-451-5953 or by e-mail to Panoptic@FedGovContracts.com.
Copyright 2002 by Panoptic Enterprises. All Rights Reserved.
Return to the Dispatches Library.
Return to the Main Page.