GSA tailors procurement vehicle to cover data breaches, identity protection
A General Services Administration procurement vehicle is getting a makeover account for the growing pervasiveness of data breaches.
GSA officials said Sept. 20 that the agency would rebrand special item number 520-20 as its official Data Breach Response and Identity Protection Services offering on the Professional Services Schedule.
GSA uses SINs to differentiate particularly popular categories of products or services on its various schedules. For instance, on IT Schedule 70, there are SINs for Health IT products, cloud and Highly Adaptive Cybersecurity Services.
SIN 520-20 currently includes credit monitoring services, risk assessment and mitigation services, independent risk analysis and data breach analysis, but GSA officials said in a post on the agency’s Interact site that the move provides industry more flexibility and agencies the ability to tailor the services they need.
“For example, an ordering office may have a suspected breach but due to the uncertainty may only want to seek credit monitoring services that doesn’t require call center support, identity restoration, etc. They will now have the ability to obtain specifically what is needed for their immediate situation,” Stephanie Kenitzer, professional services category community manager, said in the post.
The rebranded SIN will offer “identity monitoring and notification of Personally Identifiable Information and Protected Health Information, identity theft insurance and identity restoration services, and protect (safeguard) the confidentiality of PII and PHI.”
Kenitzer said the SIN 520-20 changes would occur during the next solicitation refresh, which is projected to take place the middle of October.
GSA will swap its identity protection services from current blanket purchase agreements to SIN 520-20 once it gets a competitive number of service vendors on schedule.