OMB reminds agencies to use BPA for credit monitoring services
- By Jason Miller
- Jan 05, 2007
Agencies that are victimized by a data breach of personal information should use a new blanket purchase agreement set up by the General Services Administration, according to a new Office of Management and Budget memo.
Karen Evans, OMB's administrator for e-government and IT, and Paul Denett, administrator of the Office of Federal Procurement Policy, co-signed a memo
to the heads of all agencies that requires agencies to use the BPA or justify to GSA and OMB why they did not.
The directive said if agencies do not use the BPA, they must notify GSA and Evans 10 days before they make the award to explain 'how the proposed contract offers a better value to the agency.' The notice should include pricing and terms and conditions of the potential award.
GSA then will review the contract to see if there is a way to improve the BPA.
the BPA to three vendors in August.
'The BPAs offer a variety of protection levels, depending on the degree of risk, vulnerability and exposure encountered, and supports a consistent approach to mitigating the adverse impacts of personal data loss,' the OMB memo said.
OMB also reminded agencies to follow the recommendations
of the President's Identity Theft Task Force to determine if credit monitoring services are needed.
OMB also included BPA ordering procedures with the memo.