Common use of HHS-Controlled Facilities and Information Systems Security Clause in Contracts

HHS-Controlled Facilities and Information Systems Security. a. To perform the work specified herein, Contractor personnel are expected to have routine (1) physical access to an HHS-controlled facility; (2) physical access to an HHS-controlled information system; (3) access to sensitive HHS data or information, whether in an HHS-controlled information system or in hard copy; or (4) any combination of circumstances (1) through (3). b. To gain routine physical access to an HHS-controlled information system, and/or access to sensitive data or information, the Contractor and its employees shall comply with Homeland Security Presidential Directive (HSPD)-12, Policy for a Common Identification Standard for Federal Employees and Contractors; Office of Management and Budget Memorandum (M-05-24); and Federal Information Processing Standards Publication (FIPS PUB) Number 201; and with the personal identity verification and investigations procedures contained in the following documents: 1. HHS Information Security Program Policy (▇▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/about/agencies/asa/ocio/cybersecurity/index.html) 2. HHS Office of Security and Drug Testing, Personnel Security/Suitability Handbook, dated February 1, 2005 (▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/4docs/HHS- NatnlSecInfoManual_2005.pdf) 3. HHS HSPD-12 Policy Document, v. 2.0 (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇.▇▇▇/sites/▇▇▇▇▇▇▇▇▇▇.▇▇▇/files/omb/memoranda/2005/m 05-24.pdf)

HHS-Controlled Facilities and Information Systems Security. a. To perform the work specified herein, Contractor personnel are expected to have routine (1) physical access to an HHS-controlled facility; (2) physical access to an HHS-controlled information system; (3) access to sensitive HHS data or information, whether in an HHS-controlled information system or in hard copy; or (4) any combination of circumstances (1) through (3). b. To gain routine physical access to an HHS-controlled information system, and/or access to sensitive data or information, the Contractor and its employees shall comply with Homeland Security Presidential Directive (HSPD)-12, Policy for a Common Identification Standard for Federal Employees and Contractors; Office of Management and Budget Memorandum (M-05-– 24); and Federal Information Processing Standards Publication (FIPS PUB) Number 201; and with the personal identity verification and investigations procedures contained in the following documents: 1. HHS HHS-OCIO Information Systems Security Program and Privacy Policy (▇▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/about/ocio/agencies/asa/ocio/cybersecurity/index.html) policy/#Security)‌‌‌‌‌‌‌ 2. HHS Office of Security and Drug Testing, Personnel Security/Suitability Handbook, dated February 1, 2005 (▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/4docs/HHS- NatnlSecInfoManual_2005.pdf) 3. HHS HSPD-12 Policy Document, v. 2.0 (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇.▇▇▇/sites/▇▇▇▇▇▇▇▇▇▇.▇▇▇/files/sites/default/files/omb/memoranda/2005assets/m 05-24.pdf)omb/memoranda/fy200 5/m05-24.pdf)‌‌

HHS-Controlled Facilities and Information Systems Security. a. To perform the work specified herein, Contractor personnel are expected to have routine (1) physical access to an HHS-controlled facility; (2) physical access to an HHS-controlled information system; (3) access to sensitive HHS data or information, whether in an HHS-controlled information system or in hard copy; or (4) any combination of circumstances (1) through (3). b. To gain routine physical access to an HHS-controlled information system, and/or access to sensitive data or information, the Contractor and its employees shall comply with Homeland Security Presidential Directive (HSPD)-12, Policy for a Common Identification Standard for Federal Employees and Contractors; Office of Management and Budget Memorandum (M-05-24); and Federal Information Processing Standards Publication (FIPS PUB) Number 201; and with the personal identity verification and investigations procedures contained in the following documents: 1. HHS Information Security Program Policy (▇▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/about/ocio/agenciespolicy/asa/ocio/cybersecurity/index.htmlhhs- ocio-2011-0003.html) 2. HHS Office of Security and Drug Testing, Personnel Security/Suitability Handbook, dated February 1, 2005 (▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/4docs.▇▇▇/security/HHS- NatnlSecInfoManual_2005.pdfossi/documents/pssh.pdf) 3. HHS HSPD-12 Policy Document, v. 2.0 (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇.▇▇▇/sites/▇▇▇▇▇▇▇▇▇▇.▇▇▇/files/sites/default/files/omb/memoranda/2005assets/m 05-24.pdfomb/memoranda/fy200 5/m05-24.pdf )

HHS-Controlled Facilities and Information Systems Security. a. To perform the work specified herein, Contractor personnel are expected to have routine (1) physical access to an HHS-controlled facility; (2) physical access to an HHS-controlled information system; (3) access to sensitive HHS data or information, whether in an HHS-controlled information system or in hard copy; or (4) any combination of circumstances (1) through (3). b. To gain routine physical access to an HHS-controlled information system, and/or access to sensitive data or information, the Contractor and its employees shall comply with Homeland Security Presidential Directive (HSPD)-12, Policy for a Common Identification Standard for Federal Employees and Contractors; Office of Management and Budget Memorandum (M-05-24); and Federal Information Processing Standards Publication (FIPS PUB) Number 201; and with the personal identity verification and investigations procedures contained in the following documents: 1. HHS Information Security Program Policy (▇▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/about/agencies/asa/ocio/cybersecurity/index.html) 2. HHS Office of Security and Drug Testing, Personnel Security/Suitability Handbook, dated February 1, 2005 (▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/4docs/HHS- NatnlSecInfoManual_2005.pdf) ) 3. HHS HSPD-12 Policy Document, v. 2.0 (▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇.▇▇▇/sites/▇▇▇▇▇▇▇▇▇▇.▇▇▇/files/omb/memoranda/2005/m 05-24.pdf) 4. Information regarding background checks/badges (▇▇▇▇://▇▇▇▇▇▇▇.▇▇▇.▇▇▇/background/index.asp)