As prescribed in 1535.007-70(d), insert the following clause:
Data Security for Federal Insecticide, Fungicide, and Rodenticide Act Confidential Business Information (DEC 1997)
The Contractor shall handle Federal Insecticide, Fungicide, and Rodenticide Act (FIFRA) confidential business information (CBI) in accordance with the contract clause entitled “Treatment of Confidential Business Information” and “Screening Business Information for Claims of Confidentiality,” the provisions set forth below, and the Contractor's approved detailed security plan.
(a) The Project Officer (PO) or his/her designee, after a written determination by the appropriate program office, may disclose FIFRA CBI to the contractor necessary to carry out the work required under this contract. The Contractor shall protect all FIFRA CBI to which it has access (including CBI used in its computer operations) in accordance with the following requirements:
(1) The Contractor and Contractor's employees shall follow the security procedures set forth in the FIFRA Information Security Manual. The manual may be obtained from the Project Officer (PO) or the Chief, Information Services Branch (ISB), Program Management and Support Division, Office of Pesticide Programs (OPP) (H7502C), U.S. Environmental Protection Agency, 1200 Pennsylvania Ave., NW., Washington, DC 20460.
(2) The Contractor and Contractor's employees shall follow the security procedures set forth in the Contractor's security plan(s) approved by EPA.
(3) Prior to receipt of FIFRA CBI by the Contractor, the Contractor shall ensure that all employees who will be cleared for access to FIFRA CBI have been briefed on the handling, control, and security requirements set forth in the FIFRA Information Security Manual.
(4) The Contractor Document Control Officer (DCO) shall obtain a signed copy of the FIFRA “Contractor Employee Confidentiality Agreement” from each of the Contractor's employees who will have access to the information before the employee is allowed access.
(b) The Contractor agrees that these requirements concerning protection of FIFRA CBI are included for the benefit of, and shall be enforceable by, both EPA and any affected business having a proprietary interest in the information.
(c) The Contractor understands that CBI obtained by EPA under FIFRA may not be disclosed except as authorized by the Act, and that any unauthorized disclosure by the Contractor or the Contractor's employees may subject the Contractor and the Contractor's employees to the criminal penalties specified in FIFRA (7 U.S.C. 136h(f)). For purposes of this contract, the only disclosures that EPA authorizes the Contractor to make are those set forth in the clause entitled “Treatment of Confidential Business Information.”
(d) The Contractor agrees to include the provisions of this clause, including this paragraph (d), in all subcontracts awarded pursuant to this contract that require the furnishing of CBI to the subcontractor.
(e) At the request of EPA or at the end of the contract, the Contractor shall return to the EPA PO or his/her designee all documents, logs, and magnetic media which contain FIFRA CBI. In addition, each Contractor employee who has received FIFRA CBI clearance will sign a “Confidentiality Agreement for Contractor Employees Upon Relinquishing FIFRA CBI Access Authority.” The Contractor DCO will also forward those agreements to the EPA PO or his/her designee, with a copy to the CO, at the end of the contract.
(f) If, subsequent to the date of this contract, the Government changes the security requirements, the CO shall equitably adjust affected provisions of this contract, in accordance with the “Changes” clause when:
(1) The Contractor submits a timely written request for an equitable adjustment; and
(2) The facts warrant an equitable adjustment.
(End of clause)
[61 FR 14266, Apr. 1, 1996, as amended at 62 FR 38478, July 18, 1997; 63 FR 418, Jan. 6, 1998; 65 FR 47325, Aug. 2, 2000]