VA RFI: Privacy Impact Assessment

Notice ID: 36C10B21Q0026

“VA Privacy Service works to achieve the mission of the Department while minimizing the impact on individual privacy.  A Privacy Threshold Analysis (PTA) and a Privacy Impact Assessment (PIA) are used to identify and assess the risks and ramifications of using IT in collecting, maintaining, and disseminating personal information from the public in identifiable form. This promotes greater protection of relevant IT systems. The VA privacy compliance program is a critical part of the Privacy Service’s ability to integrate privacy into the IT environment of VA.”

“The Contractor shall provide technical and administrative support for the Office of Information Security (OIS), VA Privacy Service to conduct analysis of PTA and PIA submissions to ensure compliance in accordance with Section 208 of the E-Government Act of 2002, which requires all Federal agencies to conduct PIAs for all new and substantially changed IT systems that collect, maintain, or disseminate PII and/or PHI.  The Contractor shall ensure the PIA submitting office (Information System Owner) responsible for the system complies with established OMB Guidance, VA directives, and privacy and regulatory procedures (refer to Section 2.0).  The PTA and PIA submissions can be submitted by VA Administrations and Staff Offices throughout the Period of Performance and can come in the form of PIA, or PTA submissions.  The Contractor shall review, verify and assess each PTA or PIA submission for conformance with privacy and related regulatory requirements.  All contractors shall also possess Certified Information Privacy Professional (CIPP) certification.”

“This request for information (RFI) is issued solely to determine the availability of Vendor Information Pages (VIP) verified Service-Disabled Veteran-Owned Small Businesses (SDVOSBs) and Veteran Owned Small Businesses (VOSBs) that are capable of providing the services…”

Read more here.



Please enter your comment!
Please enter your name here