NASA to guard contractor information

NASA to guard contractor information

Saying it no longer has enough employees to safeguard contractors' confidential information, NASA today proposed changes to safeguard the proprietary data when it must be disclosed to non-NASA support workers.

The changes were part of a proposed rule published in the Federal Register. Comments on the changes are due by Feb. 3 via e-mail to [email protected]

The proposed rule requires that:

  • NASA must disclose to bidders when a job will require access to confidential information.

  • Bidders must summarize their potential organizational conflicts of interest from having access to other contractors' confidential information. Each bidder's analysis will be considered in selecting a contractor.

  • The winning contractor must develop a conflict-of-interest avoidance plan that identifies potential problems and proposes methods to control or eliminate them. It must also include plans for corrective action if the contractor fails to protect confidential information from unauthorized use or disclosure.

  • If the contractor will operate an IT system for NASA that contains confidential information, the contract must include an IT security plan to protect that information from unauthorized access, disclosure or use.

  • Contractors must identify confidential information submitted in a proposal or in performance of a contract.

NASA spends about 85 percent of its appropriations through contracts. Because it is increasingly reliant on support staff to perform functions such as invoice processing, contract closeout processing and system administration, it must find new ways to disclose confidential information to those third-party service providers while ensuring security, the proposed rule said.

Current protections detailed in the Federal Acquisition Regulation are not sufficient, the proposed rule said.

The FAR requires that when one service provider gains access to other companies' proprietary information, the service provider must enter into agreements to protect the information from unauthorized use or disclosure, and refrain from using it for any purpose other than that for which it was furnished.

NASA officials said these existing protections are unworkable because of the huge volume of third-party agreements that would have to be monitored, likely by contractor personnel.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected