Skip to main content
HTML

TAR

Part Number: 1252

Transportation Acquisition Regulations

PART 1252—SOLICITATION PROVISIONS AND C ONTRACT CLAUSES

PART 1252—SOLICITATION PROVISIONS AND C ONTRACT CLAUSES

Authority: 5 U.S.C. 301; 41 U.S.C. 1121(c)(3); 41 U.S.C. 1702; and 48 CFR 1.301 through 1.304.

Source: 87 FR 61159, Oct. 7, 2022, unless otherwise noted.

Subpart 1252.1—Instructions for Using Provisions and Clauses

1252.101-70 Using this part.

Subpart 1252.2—Text of Provisions and Clauses

1252.201-70 Contracting Officer's Representative.

1252.204-70 Contractor Personnel Security and Agency Access.

1252.209-70 Organizational and Consultant Conflicts of Interest.

1252.209-71 Limitation of Future Contracting.

1252.211-70 Index for Specifications.

1252.216-70 Evaluation of Offers Subject to an Economic Price Adjustment Clause.

1252.216-71 Determination of Award Fee.

1252.216-72 Award Fee Plan.

1252.216-73 Distribution of Award Fee.

1252.216-74 Settlement of Letter Contract.

1252.217-70 Guarantee.

1252.217-71 Delivery and Shifting of Vessel.

1252.217-72 Performance.

1252.217-73 Inspection and Manner of Doing Work.

1252.217-74 Subcontracts.

1252.217-75 Lay Days.

1252.217-76 Liability and Insurance.

1252.217-77 Title.

1252.217-78 Discharge of Liens.

1252.217-79 Delays.

1252.217-80 Department of Labor Safety and Health Regulations for Ship Repair.

1252.222-70 Strikes or Picketing Affecting Timely Completion of the Contract Work.

1252.222-71 Strikes or Picketing Affecting Access to a DOT Facility.

1252.222-72 Contractor Cooperation in Equal Employment Opportunity and Anti-Harassment Investigations.

1252.223-70 Removal or Disposal of Hazardous Substances—Applicable Licenses and Permits.

1252.223-71 Accident and Fire Reporting.

1252.223-72 Protection of Human Subjects.

1252.223-73 Seat Belt Use Policies and Programs.

1252.228-70 Loss of or Damage to Leased Aircraft.

1252.228-71 Fair Market Value of Aircraft.

1252.228-72 Risk and Indemnities.

1252.228-73 Command of Aircraft.

1252.228-74 Notification of Payment Bond Protection.

1252.231-70 Date of Incurrence of Costs.

1252.232-70 Electronic Submission of Payment Requests.

1252.232-71 Limitation of Government's Obligation.

1252.235-70 Research Misconduct.

1252.235-71 Technology Transfer.

1252.236-70 Special Precautions for Work at Operating Airports.

1252.237-70 Qualifications of Contractor Employees.

1252.237-71 Certification of Data.

1252.237-72 Prohibition on Advertising.

1252.237-73 Key Personnel.

1252.239-70 Security Requirements for Unclassified Information Technology Resources.

1252.239-71 Information Technology Security Plan and Accreditation.

1252.239-72 Compliance with Safeguarding DOT Sensitive Data Controls.

1252.239-73 Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.

1252.239-74 Safeguarding DOT Sensitive Data and Cyber Incident Reporting.

1252.239-75 DOT Protection of Information About Individuals, PII, and Privacy Risk Management Requirements.

1252.239-76 Cloud Computing Services.

1252.239-77 Data Jurisdiction.

1252.239-78 Validated Cryptography for Secure Communications.

1252.239-79 Authentication, Data Integrity, and Non-Repudiation.

1252.239-80 Audit Record Retention for Cloud Service Providers.

1252.239-81 Cloud Identification and Authentication (Organizational Users) Multi-Factor Authentication.

1252.239-82 Identification and Authentication (Non-Organizational Users).

1252.239-83 Incident Reporting Timeframes.

1252.239-84 Media Transport.

1252.239-85 Personnel Screening—Background Investigations.

1252.239-86 Boundary Protection—Trusted Internet Connections.

1252.239-87 Protection of Information at Rest.

1252.239-88 Security Alerts, Advisories, and Directives.

1252.239-89 Technology Modernization.

1252.239-90 Technology Upgrades/Refreshment.

1252.239-91 Records Management.

1252.239-92 Information and Communication Technology Accessibility Notice.

1252.239-93 Information and Communication Technology Accessibility.

1252.242-70 Dissemination of Information—Educational Institutions.

1252.242-71 Contractor Testimony.

1252.242-72 Dissemination of Contract Information.

1252.242-74 Contract Audit Support.

Subpart 1252.3—Provision and Clause Matrix

1252.301 Solicitation provisions and contract clauses (matrix).

Subpart 1252.1—Instructions for Using Provisions and Clauses

1252.101-70 Using this part.

TAR provisions or clauses that supplement the FAR shall follow the following numbering conventions in accordance with FAR 52.101(b)(2)(i):

(a) Agency-prescribed provisions and clauses permitted by TAR and used on a standard basis (i.e., normally used in two or more solicitations or contracts regardless of contract type) shall be prescribed and contained in the TAR. Operating Administrations (OAs) desiring to use a provision or a clause on a standard basis shall submit a request containing a copy of the clause(s), justification for its use, and evidence of legal counsel review to the Office of the Senior Procurement Executive in accordance with 1201.304 for possible inclusion in the TAR (see FAR 52.101(b)(2)(i)(A)).

(b) Provisions and clauses used on a one-time basis (i.e., non-standard provisions and clauses) may be approved by the contracting officer, unless a higher level is designated by the OA (see FAR 52.101(b)(2)(i)(C)). This authority is permitted subject to—

(1) Evidence of legal counsel review in the contract file;

(2) Inserting these clauses in the appropriate sections of the uniform contract format; and

(3) Ensuring the provisions and clauses do not deviate from the requirements of the FAR and TAR.

Subpart 1252.2—Text of Provisions and Clauses

1252.201-70 Contracting Officer's Representative.

As prescribed in 1201.604–70, insert the following clause:

Contracting Officer's Representative (NOV 2022)

(a) The Contracting Officer may designate Government personnel to act as the Contracting Officer's Representative (COR) to perform functions under the contract such as review and/or inspection and acceptance of supplies, services, including construction, and other functions of a technical nature. The Contracting Officer will provide a written notice of such designation to the Contractor within five working days after contract award or for construction, not less than five working days prior to giving the contractor the notice to proceed. The designation letter will set forth the authorities and limitations of the COR under the contract.

(b) The Contracting Officer cannot authorize the COR or any other representative to sign documents (i.e., contracts, contract modifications, etc.) that require the signature of the Contracting Officer.

(End of clause)

1252.204-70 Contractor Personnel Security and Agency Access.

As prescribed in 1204.1303, insert the following clause:

Contractor Personnel Security and Agency Access (NOV 2022)

(a) Definitions. As used in this clause—

Agency access means access to DOT facilities, sensitive information, information systems or other DOT resources.

Applicant means a contractor employee for whom the Contractor applies for a DOT identification card.

Contractor employee means a prime contractor and subcontractor employee who requires agency access to perform work under a DOT contract.

Identification card (or “ID card”) means a government issued or accepted identification card such as a Personal Identity Verification (PIV) card, a PIV-Interoperable (PIV–I) card from an authorized PIV–1 issuer, or a non-PIV card issued by DOT, or a nonPIV card issued by another Federal agency and approved by DOT. PIV and PIV–1 cards have physical and electronic attributes that other (non-PIV) ID cards do not have.

Issuing office means the DOT entity that issues identification cards to contractor employees.

Local security servicing organization means the DOT entity that provides security services to the DOT organization sponsoring the contract.

(b) Risk and sensitivity level designations. For contracts requiring access to DOT facilities, sensitive information, information systems or other DOT resources, contractor employees will be required to complete background investigations, identity proofing, and government identification card application procedures to determine suitability for access. DOT will assign a risk and sensitivity level designation to the overall contract and/or to contractor employee positions by category, group or individual. The risk and sensitivity level designations will be the basis for determining the level of personnel security processing required for contractor employees. The following risk and sensitivity level designations and associated level of processing are required, and each level includes the prior levels—

(1) Low risk level: National Agency Check with Written Inquiries (NACI);

(2) Moderate risk level: Minimum Background Investigation (MBI); and

(3) High risk level: Background Investigation.

(c) Security clearances. Contractor employees may also be required to obtain security clearances (i.e., Confidential, Secret, or Top Secret). National Security work designated “special sensitive,” “critical sensitive,” or “non-critical sensitive,” will determine the level of clearance required for contractor employees. Personnel security clearances for national security contracts in DOT will be processed according to the Department of Defense National Industrial Security Program Operating Manual (NISPOM).

(d) Pre-screening of contractor employees. The Contractor must pre-screen individuals designated for employment under any DOT contract by verifying minimal suitability requirements to ensure that only candidates that appear to meet such requirements are considered for contract employment, and to mitigate the burden on the Government of conducting background investigations on objectionable applicants. The Contractor must exercise due diligence in pre-screening all employees prior to submission to DOT for agency access. DOT may decline to grant agency access to a contractor employee for reasons including, but not limited to—

(1) Conviction of a felony, a crime of violence, or a misdemeanor involving moral turpitude;

(2) Falsification of information entered on forms or of other documents submitted;

(3) Improper conduct including criminal, infamous, dishonest, immoral, or notoriously disgraceful conduct or other conduct adverse to the Government regardless of whether the conduct is directly related to the contract; and

(4) Any behavior judged to pose a potential threat to DOT facilities, sensitive information, information systems or other resources.

(e) Citizenship status. The Contractor must monitor a non-citizen's continued authorization for employment in the United States. The Contractor must provide documentation to the Contracting Officer or the Contracting Officer's Representative (COR) during the background investigation process that validates that the E-Verify requirement has been met for each contractor employee.

(f) Background investigation and adjudication. A contractor employee must have a favorable adjudication of background investigation before DOT will issue an ID card to the contractor employee granting access to DOT facilities, sensitive information, information systems or other DOT resources. DOT may accept favorable adjudications of background investigations from other Federal agencies when applicants have held PIV cards issued by those agencies with no break in service. DOT may also accept PIV–I (Interoperable) cards issued by an authorized PIV–1 issuer as evidence of identity. A favorable adjudication does not preclude DOT from initiating a new investigation when deemed necessary. At a minimum, the FBI National Criminal History Check (fingerprint check) must be favorably completed before a DOT identification card can be issued. Each Contractor must use the Office of Personnel Management's (OPM) e-QIP system to complete any required investigative forms. Instructions for obtaining fingerprints will be provided by the COR or Contracting Officer. The DOT Office of Security, M–40, or a DOT organization delegated authority by M–40, is responsible for adjudicating the suitability of contractor employees.

(g) Agency access denied. Upon contract award, DOT will initiate the agency access procedure for all contractor employees requiring access to DOT facilities, sensitive information, information systems and other DOT resources for contract performance. DOT may deny agency access to any individual about whom an adverse suitability determination is made. Failure to submit the required security information or to truthfully answer all questions shall constitute grounds for denial of access. The Contractor must not provide agency access to contractor employees until the COR or Contracting Officer provides notice of approval, which is authorized only by the DOT Office of Security (M–40) or a DOT organization delegated authority by M–40. Where a proposed contractor employee is denied agency access by the Government or, if for any reason a proposed application is withdrawn by the Contractor during the agency access process, the additional costs and administrative burden for conducting additional background investigations caused by a lack of effective prescreening or planning on the part of the Contractor may be considered as part of the Contractor's overall performance evaluation.

(h) Identification card application process. The COR will be the DOT ID card Sponsor and point of contact for the Contractor's application for a DOT ID card. The COR shall review and approve the DOT ID card application before an ID card is issued to the applicant. An applicant may be issued either a Personal Identity Verification (PIV) card that meets the standards of Homeland Presidential Security Directive (HSPD–12), or an applicant may be issued a non-PIV card. Generally, a non-PIV card will be issued for contracts that expire in six months or less, including option periods. The COR may request the issuing office to waive the six-month eligibility requirement when it is in DOT's interest for contract performance. The following applies—

(1) PIV card. The applicant must complete a DOT on-line application for a PIV card;

(2) Non-PIV card. The applicant must complete and submit a hard copy of Form 1681 to the COR/Sponsor; and

(3) Regardless of the type of card to be issued (PIV or non-PIV), the applicant must appear in person to provide two forms of identity source documents in original form to DOT. The identity source documents must come from the list of acceptable documents included in Form F–9, OMB No. 1115–0136, Employment Eligibility Verification. At least one document must be a valid State or Federal government-issued picture identification. For a PIV card, the applicant may be required to appear in-person a second time for enrollment and activation.

(i) Identification card custody and control. The Contractor is responsible for the custody and control of all forms of government identification issued by DOT to contractor employees for access to DOT facilities, sensitive information, information systems and other DOT resources. The Contractor shall:

(1) Provide a listing of personnel for whom an identification (ID) card is requested to the COR or PM who will provide a copy of the listing to the card issuing office. This may include Contractor and subcontractor personnel. Follow issuing office directions for submittal of an application package(s).

(2) While visiting or performing work on a DOT facility, as specified by the issuing office, PM or COR, ensure that contractor employees prominently display their ID card.

(3) Immediately notify the COR or, if the COR is unavailable, the Contracting Officer when a contractor employee's status changes and no longer requires agency access (e.g., employee's transfer, completion of a project, retirement, removal from work on the contract, or termination of employment) that may affect the employee's eligibility for access to the facility, sensitive information, or resources.

(4) Promptly deliver to the issuing office: (a) all ID cards assigned to an employee who no longer requires access to the facility; and (b) all expired ID cards within five (5) days of their expiration or all cards at time of contract termination, whichever occurs first.

(5) Immediately report any lost or stolen ID cards to the issuing office and follow its instructions.

(i) The Contractor is responsible for maintaining and safeguarding the DOT ID card upon issuance to the contractor employee. The Contractor must ensure that contractor employees comply with DOT requirements concerning the renewal, loss, theft, or damage of an ID card. The Contractor must immediately notify the COR or, if the COR is unavailable, the Contracting Officer when an ID card is lost, stolen or damaged.

(ii) Failure to comply with the requirements for custody and control of DOT ID cards may result in withholding final payment or contract termination based on the potential for serious harm caused by inappropriate access to DOT facilities, sensitive information, information systems or other DOT resources.

(iii) Specific actions and activities are required in certain events—

(A) Renewal. A contractor employee's DOT issued ID card is valid for a maximum of three years or until the contract expiration date (including option periods), whichever occurs first. The renewal process should begin six weeks before the PIV card expiration date. If a PIV card is not renewed before it expires, the contractor employee will be required to sign-in daily for facility access and may have limited access to information systems and other resources.

(B) Lost/stolen. Immediately upon detection, the Contractor or contractor employee must report a lost or stolen DOT ID card to the COR, or if the COR is unavailable, the Contracting Officer, the issuing office, or the local servicing security organization. The Contractor must submit an incident report within 48 hours, through the COR or, if the COR is unavailable, the Contracting Officer, the issuing office, or the local security servicing organization describing the circumstances of the loss or theft. The Contractor must also report a lost or stolen PIV card through the DOT on-line registration system. If the loss or theft is reported by the Contractor to the local police, a copy of the police report must be provided to the COR or Contracting Officer. From the date of notification to DOT, the Contractor must wait three days before getting a replacement ID card. During the 3-day wait period, the contractor employee must sign in daily for facility access.

(C) Replacement. An ID card will be replaced if it is damaged, contains incorrect data, or is lost or stolen for more than 3 days, provided there is a continuing need for agency access to perform work under the contract.

(D) Surrender of ID cards. Upon notification that routine access to DOT facilities, sensitive information, information systems or other DOT resources is no longer required, the Contractor must surrender the DOT issued ID card to the COR, or if the COR is unavailable, the Contracting Officer, the issuing office, or the local security servicing organization in accordance with agency procedures.

(j) Flow down of clause. The Contractor is required to include this clause in any subcontracts at any tier that require the subcontractor or subcontractor's employees to have access to DOT facilities, sensitive information, information systems or other resources.

(End of clause)

1252.209-70 Organizational and Consultant Conflicts of Interest.

As prescribed in 1209.507–270(a), the contracting officer shall insert a clause substantially as follows in solicitations and contracts:

Organizational and Consultant Conflicts of Interest (NOV 2022)

(a) An offeror shall identify in its proposal, quote, bid or any resulting contract, any potential or actual Organizational and Consultant Conflicts of Interest (OCCI) as described in FAR subpart 9.5. This includes actual or potential conflicts of interests of proposed subcontractors. If an offeror identifies in its proposal, quote, bid or any resulting contract, a potential or actual conflict of interests the offeror shall submit an Organizational and Consultant Conflicts of Interest Plan (OCCIP) to the contracting officer. The OCCIP shall describe how the offeror addresses potential or actual conflicts of interest and identify how they will avoid, neutralize, or mitigate present or future conflicts of interest.

(b) Offerors must consider whether their involvement and participation raises any OCCI issues, especially in the following areas when:

(1) Providing systems engineering and technical direction.

(2) Preparing specifications or work statements and/or objectives.

(3) Providing evaluation services.

(4) Obtaining access to proprietary information.

(c) If a prime contractor or subcontractor breaches any of the OCCI restrictions, or does not disclose or misrepresents any relevant facts concerning its conflict of interest, the government may take appropriate action, including terminating the contract, in additional to any remedies that may be otherwise permitted by the contract or operation of law.

(End of clause)

1252.209-71 Limitation of Future Contracting.

As prescribed in 1209.507–270(b), the contracting officer shall insert a clause substantially as follows in solicitations and contracts:

Limitation of Future Contracting (NOV 2022)

(a) The Contracting Officer has determined that this acquisition may give rise to a potential organizational conflict of interest. Accordingly, prospective offerors are encouraged to review FAR subpart 9.5—Organizational Conflicts of Interest.

(b) The nature of this conflict is [describe the conflict].

(c) The restrictions upon future contracting are as follows:

(1) If the Contractor, under the terms of this contract, or through the performance of tasks pursuant to this contract, is required to develop specifications or statements of work that are to be incorporated into a solicitation, the Contractor shall be ineligible to perform the work described in that solicitation as a prime or first-tier subcontractor under an ensuing government contract. This restriction shall remain in effect for a reasonable time, as agreed to by the Contracting Officer and the Contractor, sufficient to avoid unfair competitive advantage or potential bias (this time shall in no case be less than the duration of the initial ensuing contract).

(2) To the extent that the work under this contract requires access to proprietary, business confidential, or financial data of other companies, and if these data remain proprietary or confidential, the Contractor shall protect such data from unauthorized use and disclosure and agrees not to use the data to compete with those other companies.

(End of clause)

1252.211-70 Index for Specifications.

As prescribed in 1211.204–70, insert the following clause:

Index for Specifications (NOV 2022)

If an index or table of contents is furnished in connection with specifications, such index or table of contents is for convenience only. Its accuracy and completeness is not guaranteed, and it is not a part of the specification. In case of discrepancy between the index or table of contents and the specifications, the specifications shall govern.

(End of clause)

1252.216-70 Evaluation of Offers Subject to an Economic Price Adjustment Clause.

As prescribed in 1216.203–470, insert the following provision:

Evaluation of Offers Subject to an Economic Price Adjustment Clause (NOV 2022)

Offers shall be evaluated without an amount for an economic price adjustment being added. Offers will be rejected that—(1) increase the ceiling stipulated; (2) limit the downward adjustment; or (3) delete the economic price adjustment clause. If the offer stipulates a ceiling lower than that included in the solicitation, the lower ceiling will be incorporated into any resulting contract.

(End of provision)

1252.216-71 Determination of Award Fee.

As prescribed in 1216.406–70(a), insert the following clause:

Determination of Award Fee (NOV 2022)

(a) The Government shall evaluate Contractor performance at the end of each specified evaluation period to determine the amount of award. The contractor agrees that the amount of award and the award fee determination methodology are unilateral decisions to be made at the sole discretion of the Government.

(b) Contractor performance shall be evaluated according to the Award Fee Plan. The Contractor shall be periodically informed of the quality of its performance and areas in which improvements are expected.

(c) The contractor shall be promptly advised, in writing, of the determination and reasons why the award fee was or was not earned. The Contractor may submit a performance self-evaluation for each evaluation period. The amount of award is at the sole discretion of the Government but any self-evaluation received within___(insert number) days after the end of the current evaluation period will be given such consideration, as may be deemed appropriate by the Government.

(d) The amount of award fee that can be awarded in each evaluation period is limited to the amounts set forth at___(identify location of award fee amounts). Award fee that is not earned in an evaluation period cannot be reallocated to future evaluation periods.

(End of clause)

1252.216-72 Award Fee Plan.

As prescribed in 1216.406–70(b), insert the following clause:

Award Fee Plan (NOV 2022)

(a) An Award Fee Plan shall be unilaterally established by the Government based on the criteria stated in the contract and used for the determination of award fee. This plan shall include the criteria used to evaluate each area and the percentage of award fee, if any, available for each area. A copy of the plan shall be provided to the Contractor___(insert number) calendar days prior to the start of the first evaluation period.

(b) The criteria contained within the Award Fee Plan may relate to:

(1) Technical (including schedule) requirements, if appropriate; (2) Management; and (3) Cost.

(c) The Award Fee Plan may, consistent with the contract, be revised unilaterally by the Government at any time during the period of performance. Notification of such changes shall be provided to the Contractor___(insert number) calendar days prior to the start of the evaluation period to which the change will apply.

(End of clause)

1252.216-73 Distribution of Award Fee.

As prescribed in 1216.406–70(c), insert the following clause:

Distribution of Award Fee (NOV 2022)

(a) The total amount of award fee available under this contract is assigned according to the following evaluation periods and amounts—

Evaluation Period:

Available Award Fee:

[Contracting Officer insert appropriate information]

(b) After the Contractor has been paid 85 percent of the base fee and potential award fee, the Government may withhold further payment of the base fee and award fee until a reserve is set aside in an amount that the Government considers necessary to protect its interest. This reserve shall not exceed 15 percent of the total base fee and potential award fee or $150,000, whichever is less. Thereafter, base fee and award fee payments may continue.

(c) In the event of contract termination, either in whole or in part, the amount of award fee available shall represent a pro-rata distribution associated with evaluation period activities or events as determined by the Government.

(d) The Government will promptly make payment of any award fee upon the submission by the Contractor to the Contracting Officer's Representative, of a public voucher or invoice in the amount of the total fee earned for the period evaluated. Payment may be made without using a contract modification.

(End of clause)

1252.216-74 Settlement of Letter Contract.

As prescribed in 1216.603–4, insert the following clause:

Settlement of Letter Contract (NOV 2022)

(a) This contract constitutes the definitive contract contemplated by issuance of letter contract___[insert number] dated___[insert effective date]. It supersedes the letter contract and its modification number(s)___[insert number(s)] and, to the extent of any inconsistencies, governs.

(b) The cost(s) and fee(s), or price(s), established in this definitive contract represents full and complete settlement of letter contract___[insert number] and modification number(s)___[insert number(s)]. Payment of the agreed upon fee or profit withheld pending definitization of the letter contract, may commence immediately at the rate and times stated within this contract.

(End of clause)

1252.217-70 Guarantee.

As prescribed at 1217.7001(a), insert the following clause:

Guarantee (NOV 2022)

(a) In the event any work performed or materials furnished by the Contractor prove defective or deficient within 60 days from the date of redelivery of the vessel(s), the Contractor, as directed by the Contracting Officer and at its own expense, shall correct and repair the deficiency in accordance with the contract terms and conditions.

(b) If the Contractor or any subcontractor has a guarantee for work performed or materials furnished that exceeds the 60-day period, the Government shall be entitled to rely upon the longer guarantee until its expiration.

(c) With respect to any individual work item identified as incomplete at the time of redelivery of the vessel(s), the guarantee period shall run from the date the item is completed.

(d) If practicable, the Government shall give the Contractor an opportunity to correct the deficiency.

(1) If the Contracting Officer determines it is not practicable or is otherwise not advisable to return the vessel(s) to the Contractor, or the Contractor fails to proceed with the repairs promptly, the Contracting Officer may direct that the repairs be performed elsewhere, at the Contractor's expense.

(2) If correction and repairs are performed by other than the Contractor, the Contracting Officer may discharge the Contractor's liability by making an equitable deduction in the price of the contract.

(e) The Contractor's liability shall extend for an additional 90-day guarantee period on those defects or deficiencies that the Contractor corrected.

(f) At the option of the Contracting Officer, defects and deficiencies may be left uncorrected. In that event, the Contractor and Contracting Officer shall negotiate an equitable reduction in the contract price. Failure to agree upon an equitable reduction shall constitute a dispute under the Disputes clause of this contract.

(End of clause)

1252.217-71 Delivery and Shifting of Vessel.

As prescribed at 1217.7001(b), insert the following clause:

Delivery and Shifting of Vessel (NOV 2022)

The Government shall deliver the vessel to the Contractor at his place of business. Upon completion of the work, the Government shall accept delivery of the vessel at the Contractor's place of business. The Contractor shall provide, at no additional charge, upon 24 hours' advance notice, a tug or tugs and docking pilot, acceptable to the Contracting Officer, to assist in handling the vessel between (to and from) the Contractor's plant and the nearest point in a waterway regularly navigated by vessels of equal or greater draft and length. While the vessel is in the hands of the Contractor, any necessary towage, cartage, or other transportation between ship and shop or elsewhere, which may be incident to the work herein specified, shall be furnished by the Contractor without additional charge to the Government.

(End of clause)

1252.217-72 Performance.

As prescribed at 1217.7001(b), insert the following clause:

Performance (NOV 2022)

(a) Upon the award of the contract, the Contractor shall promptly start the work specified and shall diligently prosecute the work to completion. The Contractor shall not start work until the contract has been awarded except in the case of emergency work ordered by the Contracting Officer in writing.

(b) The Government shall deliver the vessel described in the contract at the time and location specified in the contract. Upon completion of the work, the Government shall accept delivery of the vessel at the time and location specified in the contract.

(c) The Contractor shall without charge—

(1) Make available to personnel of the vessel while in dry dock or on a marine railway, sanitary lavatory and similar facilities at the plant acceptable to the Contracting Officer;

(2) Supply and maintain suitable brows and gangways from the pier, dry dock, or marine railway to the vessel;

(3) Treat salvage, scrap or other ship's material of the Government resulting from performance of the work as items of Government-furnished property, in accordance with clause 52.245–1, Government Property;

(4) Perform, or pay the cost of, any repair, reconditioning or replacement made necessary as the result of the use by the Contractor of any of the vessel's machinery, equipment or fittings, including, but not limited to, winches, pumps, rigging, or pipe lines; and

(5) Furnish suitable offices, office equipment and telephones at or near the site of the work for the Government's use.

(d) The contract will state whether dock and sea trials are required to determine whether the Contractor has satisfactorily performed the work.

(1) If dock and sea trials are required, the vessel shall be under the control of the vessel's commander and crew.

(2) The Contractor shall not conduct dock and sea trials not specified in the contract without advance approval of the Contracting Officer. Dock and sea trials not specified in the contract shall be at the Contractor's expense and risk.

(3) The Contractor shall provide and install all fittings and appliances necessary for dock and sea trials. The Contractor shall be responsible for care, installation, and removal of instruments and apparatus furnished by the Government for use in the trials.

(End of clause)

1252.217-73 Inspection and Manner of Doing Work.

As prescribed at 1217.7001(b), insert the following clause:

Inspection and Manner of Doing Work (NOV 2022)

(a) The Contractor shall perform work in accordance with the contract, any drawings and specifications made a part of the job order, and any change or modification issued under the Changes clause.

(b)

(1) Except as provided in paragraph (b)(2) of this clause, and unless otherwise specifically provided in the contract, all operational practices of the Contractor and all workmanship, material, equipment, and articles used in the performance of work under this contract shall be in accordance with the best commercial marine practices and the rules and requirements of all appropriate regulatory bodies including, but not limited to the American Bureau of Shipping, the U.S. Coast Guard, and the Institute of Electrical and Electronic Engineers, in effect at the time of Contractor's submission of offer, and shall be intended and approved for marine use.

(2) When Navy specifications are specified in the contract, the Contractor shall follow Navy standards of material and workmanship. The solicitation shall prescribe the Navy standard whenever applicable.

(c) The Government may inspect and test all material and workmanship at any time during the Contractor's performance of the work.

(1) If, prior to delivery, the Government finds any material or workmanship is defective or not in accordance with the contract, in addition to its rights under the Guarantee clause, the Government may reject the defective or nonconforming material or workmanship and require the Contractor to correct or replace it at the Contractor's expense.

(2) If the Contractor fails to proceed promptly with the replacement or correction of the material or workmanship, the Government may replace or correct the defective or nonconforming material or workmanship and charge the Contractor the excess costs incurred.

(3) As specified in the contract, the Contractor shall provide and maintain an inspection system acceptable to the Government.

(4) The Contractor shall maintain complete records of all inspection work and shall make them available to the Government during performance of the contract and for 90 days after the completion of all work required.

(d) The Contractor shall not permit any welder to work on a vessel unless the welder is, at the time of the work, qualified to the standards established by the U.S. Coast Guard, American Bureau of Shipping, or Department of the Navy for the type of welding being performed. Qualifications of a welder shall be as specified in the contract.

(e) The Contractor shall—

(1) Exercise reasonable care to protect the vessel from fire;

(2) Maintain a reasonable system of inspection over activities taking place in the vicinity of the vessel's magazines, fuel oil tanks, or storerooms containing flammable materials.

(3) Maintain a reasonable number of hose lines ready for immediate use on the vessel at all times while the vessel is berthed alongside the Contractor's pier or in dry dock or on a marine railway;

(4) Unless otherwise provided in the contract, provide sufficient security patrols to reasonably maintain a fire watch for protection of the vessel when it is in the Contractor's custody;

(5) To the extent necessary, clean, wash, and steam out or otherwise make safe, all tanks under alteration or repair.

(6) Furnish the Contracting Officer a “gas-free” or “safe-for-hotwork” certificate before any hot work is done on a tank;

(7) Treat the contents of any tank as Government property in accordance with clause 52.245–1, Government Property; and

(8) Dispose of the contents of any tank only at the direction, or with the concurrence, of the Contracting Officer.

(9) Be responsible for the proper closing of all openings to the vessel's underwater structure upon which work has been performed. The Contractor additionally must advise the COR of the status of all valve closures and openings for which the Contractor's workers were responsible.

(f) Except as otherwise provided in the contract, when the vessel is in the custody of the Contractor or in dry dock or on a marine railway and the temperature is expected to go as low as 35 Fahrenheit, the Contractor shall take all necessary steps to—

(1) Keep all hose pipe lines, fixtures, traps, tanks, and other receptacles on the vessel from freezing; and

(2) Protect the stern tube and propeller hubs from frost damage.

(g) The Contractor shall, whenever practicable—

(1) Perform the required work in a manner that will not interfere with the berthing and messing of Government personnel attached to the vessel; and

(2) Provide Government personnel attached to the vessel access to the vessel at all times.

(h) Government personnel attached to the vessel shall not interfere with the Contractor's work or workers.

(i)(1) The Government does not guarantee the correctness of the dimensions, sizes, and shapes set forth in any contract, sketches, drawings, plans, or specifications prepared or furnished by the Government, unless the contract requires that the Contractor perform the work prior to any opportunity to inspect.

(2) Except as stated in paragraph (i)(1) of this clause, and other than those parts furnished by the Government, and the Contractor shall be responsible for the correctness of the dimensions, sizes, and shapes of parts furnished under this contract.

(j) The Contractor shall at all times keep the site of the work on the vessel free from accumulation of waste material or rubbish caused by its employees or the work. At the completion of the work, unless the contract specifies otherwise, the Contractor shall remove all rubbish from the site of the work and leave the immediate vicinity of the work area “broom clean.”

(End of clause)

1252.217-74 Subcontracts.

As prescribed at 1217.7001(b), insert the following clause:

Subcontracts (NOV 2022)

(a) Nothing contained in the contract shall be construed as creating any contractual relationship between any subcontractor and the Government. The divisions or sections of the specifications are not intended to control the Contractor in dividing the work among subcontractors or to limit the work performed by any trade.

(b) The Contractor shall be responsible to the Government for acts and omissions of its own employees, and of subcontractors and their employees. The Contractor shall also be responsible for the coordination of the work of the trades, subcontractors, and material men.

(c) The Contractor shall, without additional expense to the Government, employ specialty subcontractors where required by the specifications.

(d) The Government or its representatives will not undertake to settle any differences between the Contractor and its subcontractors, or any differences between subcontractors.

(End of clause)

1252.217-75 Lay Days.

As prescribed at 1217.7001(c), insert the following clause:

Lay Days (NOV 2022)

(a) Lay day time will be paid by the Government at the Contractor's stipulated bid price for this item of the contract when the vessel remains on the dry dock or marine railway as a result of any change that involves work in addition to that required under the basic contract.

(b) No lay day time shall be paid until all items of the basic contract for which a price was established by the Contractor and for which docking of the vessel was required have been satisfactorily completed and accepted.

(c) Days of hauling out and floating, whatever the hour, shall not be paid as lay day time, and days when no work is performed by the Contractor shall not be paid as lay day time.

(d) Payment of lay day time shall constitute complete compensation for all costs, direct and indirect, to reimburse the Contractor for use of dry dock or marine railway.

(End of clause)

1252.217-76 Liability and Insurance.

As prescribed at 1217.7001(b), insert the following clause:

Liability and Insurance (NOV 2022)

(a) The Contractor shall exercise its best efforts to prevent accidents, injury, or damage to all employees, persons, and property, in and about the work, and to the vessel or part of the vessel upon which work is done.

(b) Loss or damage to the vessel, materials, or equipment.

(1) Unless otherwise directed or approved in writing by the Contracting Officer, the Contractor shall not carry insurance against any form of loss or damage to the vessel(s) or to the materials or equipment to which the Government has title or which have been furnished by the Government for installation by the Contractor. The Government assumes the risks of loss of and damage to that property.

(2) The Government does not assume any risk with respect to loss or damage compensated for by insurance or otherwise or resulting from risks with respect to which the Contractor has failed to maintain insurance, if available, as required or approved by the Contracting Officer.

(3) The Government does not assume risk of and will not pay for any costs of the following:

(i) Inspection, repair, replacement, or renewal of any defects in the vessel(s) or material and equipment due to—

(A) Defective workmanship performed by the Contractor or its subcontractors;

(B) Defective materials or equipment furnished by the Contractor or its subcontractors; or

(C) Workmanship, materials, or equipment which do not conform to the requirements of the contract, regardless of whether the defect is latent or whether the nonconformance is the result of negligence.

(ii) Loss, damage, liability, or expense caused by, resulting from, or incurred as a consequence of any delay or disruption, willful misconduct or lack of good faith by the Contractor or any of its representatives that have supervision or direction of—

(A) All or substantially all of the Contractor's business; or

(B) All or substantially all of the Contractor's operation at any one plant.

(4) As to any risk that is assumed by the Government, the Government shall be subrogated to any claim, demand or cause of action against third parties that exists in favor of the Contractor. If required by the Contracting Officer, the Contractor shall execute a formal assignment or transfer of the claim, demand, or cause of action.

(5) No party other than the Contractor shall have any right to proceed directly against the Government or join the Government as a codefendant in any action.

(6) Notwithstanding the foregoing, the Contractor shall bear the first $5,000 of loss or damage from each occurrence or incident, the risk of which the Government would have assumed under the provision of this paragraph (b).

(c) Indemnification. The Contractor indemnifies the Government and the vessel and its owners against all claims, demands, or causes of action to which the Government, the vessel or its owner(s) might be subject as a result of damage or injury (including death) to the property or person of anyone other than the Government or its employees, or the vessel or its owner, arising in whole or in part from the negligence or other wrongful act of the Contractor, or its agents or employees, or any subcontractor, or its agents or employees.

(1) The Contractor's obligation to indemnify under this paragraph shall not exceed the sum of $300,000 as a consequence of any single occurrence with respect to any one vessel.

(2) The indemnity includes, without limitation, suits, actions, claims, costs, or demands of any kind, resulting from death, personal injury, or property damage occurring during the period of performance of work on the vessel or within 90 days after redelivery of the vessel. For any claim, etc., made after 90 days, the rights of the parties shall be as determined by other provisions of this contract and by law. The indemnity applies to death occurring after 90 days where the injury was received during the period covered by the indemnity.

(d) Insurance.

(1) The Contractor shall, at its own expense, obtain and maintain the following insurance—

(i) Casualty, accident, and liability insurance, as approved by the Contracting Officer, insuring the performance of its obligations under paragraph (c) of this clause.

(ii) Workers Compensation Insurance (or its equivalent) covering the employees engaged on the work.

(2) The Contractor shall ensure that all subcontractors engaged on the work obtain and maintain the insurance required in paragraph (d)(1) of this clause.

(3) Upon request of the Contracting Officer, the Contractor shall provide evidence of the insurance required by paragraph (d) of this clause.

(e) The Contractor shall not make any allowance in the contract price for the inclusion of any premium expense or charge for any reserve made on account of self-insurance for coverage against any risk assumed by the Government under this clause.

(f) The Contractor shall give the Contracting Officer written notice as soon as practicable after the occurrence of a loss or damage for which the Government has assumed the risk.

(1) The notice shall contain full details of the loss or damage.

(2) If a claim or suit is later filed against the Contractor as a result of the event, the Contractor shall immediately deliver to the Government every demand, notice, summons, or other process received by the Contractor or its employees or representatives.

(3) The Contractor shall cooperate with the Government and, upon request, shall assist in effecting settlements, securing and giving evidence, obtaining the attendance of witnesses, and the conduct of suits. The Government shall reimburse the Contractor for expenses incurred in this effort, other than the cost of maintaining the Contractor's usual organization.

(4) The Contractor shall not, except at its own expense, voluntarily make any payments, assume any obligation, or incur any expense other than what would be imperative for the protection of the vessel(s) at the time of the event.

(g) In the event of loss of or damage to any vessel(s), material, or equipment which may result in a claim against the Government under the insurance provisions of this contract, the Contractor shall promptly notify the Contracting Officer of the loss or damage. The Contracting Officer may, without prejudice to any right of the Government, either—

(1) Order the Contractor to proceed with replacement or repair, in which event the Contractor shall effect the replacement or repair;

(i) The Contractor shall submit to the Contracting Officer a request for reimbursement of the cost of the replacement or repair together with whatever supporting documentation the Contracting Officer may reasonably require, and shall identify the request as being submitted under the Insurance clause of this contract.

(ii) If the Government determines that the risk of the loss or damage is within the scope of the risks assumed by the Government under this clause, the Government will reimburse the Contractor for the reasonable allowable cost of the replacement or repair, plus a reasonable profit (if the work or replacement or repair was performed by the Contractor) less the deductible amount specified in paragraph (b) of this clause.

(iii) Payments by the Government to the Contractor under this clause are outside the scope of and shall not affect the pricing structure of the contract, and are additional to the compensation otherwise payable to the Contractor under this contract; or

(2) Decide that the loss or damage shall not be replaced or repaired and in that event, the Contracting Officer shall—

(i) Modify the contract appropriately, consistent with the reduced requirements reflected by the unreplaced or unrepaired loss or damage; or

(ii) Terminate the repair of any part or all of the vessel(s) under the Termination for Convenience of the Government clause of this contract.

(End of clause)

1252.217-77 Title.

As prescribed at 1217.7001(b), insert the following clause:

Title (NOV 2022)

(a) Unless otherwise provided, title to all materials and equipment to be incorporated in a vessel in the performance of this contract shall vest in the Government upon delivery at the location specified for the performance of the work.

(b) Upon completion of the contract, or with the approval of the Contracting Officer during performance of the contract, all Contractor-furnished materials and equipment not incorporated in, or placed on, any vessel, shall become the property of the Contractor, unless the Government has reimbursed the Contractor for the cost of the materials and equipment.

(c) The vessel, its equipment, movable stores, cargo, or other ship's materials shall not be considered Government-furnished property.

(End of clause)

1252.217-78 Discharge of Liens.

As prescribed at 1217.7001(b), insert the following clause:

Discharge of Liens (NOV 2022)

(a) The Contractor shall immediately discharge or cause to be discharged, any lien or right in rem of any kind, other than in favor of the Government, that exists or arises in connection with work done or materials furnished under this contract.

(b) If any such lien or right in rem is not immediately discharged, the Government, at the expense of the Contractor, may discharge, or cause to be discharged, the lien or right.

(End of clause)

1252.217-79 Delays.

As prescribed at 1217.7001(b), insert the following clause:

Delays (NOV 2022)

When during the performance of this contract the Contractor is required to delay work on a vessel temporarily, due to orders or actions of the Government respecting stoppage of work to permit shifting the vessel, stoppage of hot work to permit bunkering, stoppage of work due to embarking or debarking passengers and loading or discharging cargo, and the Contractor is not given sufficient advance notice or is otherwise unable to avoid incurring additional costs on account thereof, an equitable adjustment shall be made in the price of the contract pursuant to the “Changes” clause.

(End of clause)

1252.217-80 Department of Labor Safety and Health Regulations for Ship Repair.

As prescribed at 1217.7001(b), insert the following clause:

Department of Labor Safety and Health Regulations for Ship Repair (NOV 2022)

Nothing contained in this contract shall relieve the Contractor of any obligations it may have to comply with—

(a) The Occupational Safety and Health Act of 1970 (29 U.S.C. 651, et seq.);

(b) The Occupational Safety and Health Standards for Shipyard Employment (29 CFR part 1915); or

(c) Any other applicable Federal, State, and local laws, codes, ordinances, and regulations.

(End of clause)

1252.222-70 Strikes or Picketing Affecting Timely Completion of the Contract Work.

As prescribed in 1222.101–71(a), insert the following clause:

Strikes or Picketing Affecting Timely Completion of the Contract Work (NOV 2022)

Notwithstanding any other provision hereof, the Contractor is responsible for delays arising out of labor disputes, including but not limited to strikes, if such strikes are reasonably avoidable. A delay caused by a strike or by picketing which constitutes an unfair labor practice is not excusable unless the Contractor takes all reasonable and appropriate action to end such a strike or picketing, such as the filing of a charge with the National Labor Relations Board, the use of other available Government procedures, and the use of private boards or organizations for the settlement of disputes.

(End of clause)

1252.222-71 Strikes or Picketing Affecting Access to a DOT Facility.

As prescribed in 1222.101–71(b), insert the following clause:

Strikes or Picketing Affecting Access to a DOT Facility (NOV 2022)

If the Contracting Officer notifies the Contractor in writing that a strike or picketing—(a) Is directed at the Contractor or subcontractor or any employee of either; and (b) Impedes or threatens to impede access by any person to a DOT facility where the site of the work is located, the Contractor shall take all appropriate action to end such strike or picketing, including, if necessary, the filing of a charge of unfair labor practice with the National Labor Relations Board or the use of other available judicial or administrative remedies.

(End of clause)

1252.222-72 Contractor Cooperation in Equal Employment Opportunity and Anti-Harassment Investigations.

As prescribed in 1222.810–70, insert the following clause:

Contractor Cooperation in Equal Employment Opportunity and Anti–harassment Investigations (NOV 2022)

(a) Definitions. As used in this clause—

Complaint means a formal or informal complaint that has been filed with DOT management, DOT agency Equal Employment Opportunity (EEO) officials, the Equal Employment Opportunity Commission (EEOC), the Office of Federal Contract Compliance Programs (OFCCP) or a court of competent jurisdiction.

Contractor employee means all current Contractor employees who work or worked under this contract. The term also includes current employees of subcontractors who work or worked under this contract. In the case of Contractor and subcontractor employees who worked under this contract, but who are no longer employed by the Contractor or subcontractor, or who have been assigned to another entity within the Contractor's or subcontractor's organization, the Contractor shall provide DOT with that employee's last known mailing address, email address, and telephone number, if that employee has been identified as a witness in an EEO or Anti-Harassment complaint or investigation.

Good faith cooperation means, but is not limited to, making Contractor employees available, with the presence or assistance of counsel as deemed appropriate by the Contractor, for:

(1) Formal and informal interviews by EEO counselors, the OFCCP, or other Agency officials processing EEO or Anti-Harassment complaints;

(2) Formal or informal interviews by EEO investigators charged with investigating complaints of unlawful discrimination filed by Federal employees;

(3) Reviewing and signing appropriate affidavits or declarations summarizing statements provided by such Contractor employees during EEO or Anti-Harassment investigations;

(4) Producing documents requested by EEO counselors, EEO investigators, OFCCP investigators, Agency employees, or the EEOC in connection with a pending EEO or Anti-Harassment complaint; and

(5) Preparing for and providing testimony in depositions or in hearings before the Merit Systems Protection Board, EEOC, OFCCP, and U.S. District Court.

(b) Cooperation with investigations. In addition to complying with the clause at FAR 52.222–26, Equal Opportunity, the Contractor shall, in good faith, cooperate with the Department of Transportation in investigations of EEO complaints processed pursuant to 29 CFR part 1614 and internal Anti-Harassment investigations.

(c) Compliance. Failure on the part of the Contractor or its subcontractors to comply with the terms of this clause may be grounds for the Contracting Officer to terminate this contract for default or for cause in accordance with the termination clauses in the contract.

(d) Subcontract flowdown. The Contractor shall include the provisions of this clause in all subcontract solicitations and subcontracts awarded, at any tier, under this contract.

(End of clause)

1252.223-70 Removal or Disposal of Hazardous Substances—Applicable Licenses and Permits.

As prescribed in 1223.303, insert the following clause:

Removal or Disposal of Hazardous Substances—Applicable Licenses and Permits (NOV 2022)

The Contractor has__or does not have__[Contractor check applicable response] all licenses and permits required by Federal, State, and local laws to perform hazardous substance(s) removal or disposal services. If the Contractor does not currently possess these documents, it must obtain all requisite licenses and permits within___[Contracting Officer insert number] calendar days after date of award. The Contractor shall provide evidence of said documents to the Contracting Officer or designated Government representative prior to commencement of work under the contract.

(End of clause)

1252.223-71 Accident and Fire Reporting.

As prescribed in 1223.7000(a), insert the following clause:

Accident and Fire Reporting (NOV 2022)

(a) The Contractor shall report to the Contracting Officer any accident or fire occurring at the site of the work which causes—

(1) A fatality or as much as one lost workday on the part of any employee of the Contractor or subcontractor at any tier;

(2) Damage of $1,000 or more to Government-owned or leased property, either real or personal;

(3) Damage of $1,000 or more to Contractor or subcontractor owned or leased motor vehicles or mobile equipment; or

(4) Damage for which a contract time extension may be requested.

(b) Accident and fire reports required by paragraph (a) of this section shall be accomplished by the following means:

(1) Accidents or fires resulting in a death, hospitalization of five or more persons, or destruction of Government-owned or leased property (either real or personal), the total value of which is estimated at $100,000 or more, shall be reported immediately by telephone to the Contracting Officer or his/her authorized representative and shall be confirmed in writing within 24 hours to the Contracting Officer. Such report shall state all known facts as to extent of injury and damage and as to cause of the accident or fire.

(2) Other accident and fire reports required by paragraph (a) of this section may be reported by the Contractor using a state, private insurance carrier, or Contractor accident report form which provides for the statement of—

(i) The extent of injury; and

(ii) The damage and cause of the accident or fire.

Such report shall be mailed or otherwise delivered to the Contracting Officer within 48 hours of the occurrence of the accident or fire.

(c) The Contractor shall assure compliance by subcontractors at all tiers with the requirements of this clause.

(End of clause)

1252.223-72 Protection of Human Subjects.

As prescribed in 1223.7000(b), insert the following clause:

Protection of Human Subjects (NOV 2022)

(a) The Contractor shall comply with 49 CFR part 11, DOT's regulations for the protection of human subjects participating in activities supported directly or indirectly by contracts from DOT. In addition, the Contractor shall comply with any DOT Operating Administration (OA)-specific policies and procedures on the protection of human subjects.

(b) To demonstrate compliance with the subject DOT regulations and to protect human subjects, the Contractor shall ensure the following:

(1) The Contractor shall establish and maintain a committee competent to review projects and activities that involve human subjects.

(2) The committee shall be assigned responsibility to determine, for each activity planned and conducted, that—

(i) The rights and welfare of subjects are adequately protected;

(ii) The risks to subjects are outweighed by potential benefits; and

(iii) The informed consent of subjects shall be obtained by methods that are adequate and appropriate.

(3) Committee reviews shall be conducted with objectivity and in a manner to ensure the exercise of independent judgment of the members. Members shall be excluded from review of projects or activities in which they have an active role or a conflict of interests.

(4) Continuing constructive communication between the committee and the project directors must be maintained as a means of safeguarding the rights and welfare of subjects.

(5) Facilities and professional attention required for subjects who may suffer physical, psychological, or other injury as a result of participating in an activity shall be provided.

(6) The committee shall maintain records of committee review of applications and active projects, of documentation of informed consent, and of other documentation that may pertain to the selection, participation, and protection of subjects. Detailed records shall be maintained of circumstances of any review that adversely affects the rights or welfare of the individual subjects. Such materials shall be made available to DOT upon request.

(7) The retention period of such records and materials shall be as specified at FAR 4.703.

(c) Periodic reviews shall be conducted by the Contractor to assure, through appropriate administrative overview, that the practices and procedures designed for the protection of the rights and welfare of subjects are being effectively applied.

(d) If the Contractor has or maintains a relationship with a Department of Health and Human Services approved Institutional Review Board (IRB) which can appropriately review this contract in accordance with the technical requirements and any applicable OA policies and procedures that apply, that IRB will be considered acceptable for the purposes of this contract.

(End of clause)

1252.223-73 Seat Belt Use Policies and Programs.

As prescribed in 1223.7000(c), insert the following clause:

Seat Belt Use Policies and Programs (NOV 2022)

In accordance with Executive Order 13043, Increasing Seat Belt Use in the United States, dated April 16, 1997, the Contractor is encouraged to adopt and enforce on-the-job seat belt use policies and programs for its employees when operating company-owned, rented, or personally-owned vehicles. The National Highway Traffic Safety Administration (NHTSA) is responsible for providing leadership and guidance in support of this Presidential initiative. For information on how to implement such a program or for statistics on the potential benefits and cost-savings to your company or organization, please visit the Click it or Ticket seat belt safety section of NHTSA's website at https://www.nhtsa.gov/campaign/click-it-or-ticket and https://www.nhtsa.gov/risky-driving/seat-belts.

(End of clause)

1252.228-70 Loss of or Damage to Leased Aircraft.

As prescribed in 1228.306–70(a), insert the following clause:

Loss of or Damage to Leased Aircraft (NOV 2022)

(a) Except normal wear and tear, the Government assumes all risk of loss of, or damage to, the leased aircraft during the term of this lease while the aircraft is in the possession of the Government.

(b) In the event of damage to the aircraft, the Government, at its option, shall make the necessary repairs with its own facilities or by contract, or pay the Contractor the reasonable cost of repair of the aircraft.

(c) In the event the aircraft is lost or damaged beyond repair, the Government shall pay the Contractor a sum equal to the fair market value of the aircraft at the time of such loss or damage, which value may be specifically agreed to in clause 1252.228–71, Fair Market Value of Aircraft, less the salvage value of the aircraft. However, the Government may retain the damaged aircraft or dispose of it in its discretion. In that event, the Contractor will be paid the fair market value of the aircraft as stated in the clause.

(d) The Contractor agrees that the contract price does not include any cost attributable to hull insurance or to any reserve fund it has established to protect its interest in the aircraft. If, in the event of loss or damage to the leased aircraft, the Contractor receives compensation for such loss or damage in any form from any source, the amount of such compensation shall be credited to the Government in determining the amount of the Government's liability.

(e) In the event of loss of or damage to the aircraft, the Government shall be subrogated to all rights of recovery by the Contractor against third parties for such loss or damage and the Contractor shall promptly assign such rights in writing to the Government.

(End of clause)

1252.228-71 Fair Market Value of Aircraft.

As prescribed in 1228.306–70(a), insert the following clause:

Fair Market Value of Aircraft (NOV 2022)

For purposes of clause 1252.228–70, Loss of or Damage to Leased Aircraft, the fair market value of the aircraft to be used in the performance of this contract shall be the lesser of the two values set out in paragraphs (a) and (b) below—

(a) $___; [Contracting Officer insert value] or

(b) If the Contractor has insured the same aircraft against loss or destruction in connection with other operations, the amount of such insurance coverage on the date of the loss or damage for which the Government may be responsible under this contract.

(End of clause)

1252.228-72 Risk and Indemnities.

As prescribed in 1228.306–70(a) and (d), insert the following clause:

Risk and Indemnities (NOV 2022)

The Contractor hereby agrees to indemnify and hold harmless the Government, its officers and employees from and against all claims, demands, damages, liabilities, losses, suits and judgments (including all costs and expenses incident thereto) which may be suffered by, accrue against, be charged to or recoverable from the Government, its officers and employees by reason of injury to or death of any person other than officers, agents, or employees of the Government or by reason of damage to property of others of whatsoever kind (other than the property of the Government, its officers, agents or employees) arising out of the operation of the aircraft. In the event the Contractor holds or obtains insurance in support of this covenant, evidence of insurance shall be delivered to the Contracting Officer.

(End of clause)

1252.228-73 Command of Aircraft.

As prescribed in 1228.306–70(d), insert the following clause:

Command of Aircraft (NOV 2022)

During the performance of a contract for out-service flight training for DOT, whether the instruction to DOT personnel is in leased, contractor-provided, or Government-provided aircraft, contractor personnel shall always, during the entirety of the course of training and during operation of the aircraft, remain in command of the aircraft. At no time shall other personnel be permitted to take command of the aircraft.

(End of clause)

1252.228-74 Notification of Payment Bond Protection.

As prescribed in guidance at 1228.106–470, insert the following clause:

Notification of Payment Bond Protection (NOV 2022)

(a) The prime contract is subject to the Bonds statute (historically referred to as the Miller Act) (40 U.S.C. chapter 31, subchapter III), under which the prime contractor has obtained a payment bond. This payment bond may provide certain unpaid employees, suppliers, and subcontractors a right to sue the bonding surety under the Bonds statute for amounts owned for work performed and materials delivery under the prime contract.

(b) Persons believing that they have legal remedies under the Bonds statute should consult their legal advisor regarding the proper steps to take to obtain these remedies. This notice clause does not provide any party any rights against the Federal Government, or create any relationship, contractual or otherwise, between the Federal Government and any private party.

(c) The surety which has provided the payment bond under the prime contract is: [Contracting Officer fill-in prime contractor's surety information]

(Name)

(Street Address)

(City, State, Zip Code)

(Contact & Tel. No.)

(d) Subcontract flowdown requirements. This clause shall be flowed down to all subcontractors. Prime contractors shall insert this notice clause in all first-tier subcontracts and shall require the clause to be subsequently flowed down by all first-tier subcontractors to all their subcontractors, at any tier. This notice contains information pertaining to the surety that provided the payment bond under the prime contract and is required to be inserted in its entirety to include the information set forth in paragraph (c).

(End of clause)

1252.231-70 Date of Incurrence of Costs.

As prescribed in 1231.205–3270(b), insert the following clause:

Date of Incurrence of Costs (NOV 2022)

The Contractor shall be entitled to reimbursement for costs incurred on or after__ [Contracting Officer insert date] in an amount not to exceed $__ [Contracting Officer insert amount] that, if incurred after this contract had been entered into, would have been reimbursable under this contract.

(End of clause)

1252.232-70 Electronic Submission of Payment Requests.

As prescribed in 1232.7005, insert the following clause:

Electronic Submission of Payment Requests (NOV 2022)

(a) Definitions. As used in this clause—

(1) Contract financing payment has the meaning given in FAR 32.001.

(2) Payment request means a bill, voucher, invoice, or request for contract financing payment or invoice payment with associated supporting documentation. The payment request must comply with the requirements identified in FAR 32.905(b), “Content of Invoices,” this clause, and the applicable Payment clause included in this contract.

(3) Electronic form means an automated system transmitting information electronically according to the accepted electronic data transmission methods and formats identified in paragraph (c) of this clause. Facsimile, email, and scanned documents are not acceptable electronic forms for submission of payment requests.

(4) Invoice payment has the meaning given in FAR 32.001.

(b) Electronic payment requests. Except as provided in paragraph (e) of this clause, the contractor shall submit payment requests in electronic form. Purchases paid with a Governmentwide commercial purchase card are considered to be an electronic transaction for purposes of this rule, and therefore no additional electronic invoice submission is required.

(c) Processing system. The Department of Transportation utilizes the DELPHI system for processing invoices. The DELPHI module for submitting invoices is called iSupplier. Access to DELPHI is granted with electronic authentication of credentials (name & valid email address) utilizing the GSA credentialing platform login.gov. Vendors submitting invoices are required to submit invoices via iSupplier (DELPHI) and authenticated via www.login.gov.

(d) Invoice requirements. To receive payment and in accordance with the Prompt Payment Act, all invoices submitted as attachments in iSupplier (DELPHI) shall contain the following:

(1) Invoice number and invoice date.

(2) Period of performance covered by invoice.

(3) Contract number and title.

(4) Task/Delivery Order number and title (if applicable).

(5) Amount billed (by CLIN), current and cumulative.

(6) Total ($) of billing.

(7) Cumulative total billed for all contract work to date.

(8) Name, title, phone number, and mailing address of person to be contacted in the event of a defective invoice.

(9) Travel. If the contract includes allowances for travel, all invoices which include charges pertaining to travel expenses will catalog a breakdown of reimbursable expenses with the appropriate receipts to substantiate the travel expenses.

(e) Payment system registration. All persons accessing the iSupplier (DELPHI) will be required to have their own unique user ID and password and be credentialed through login.gov.

(1) Electronic authentication. See www.login.gov for instructions.

(2) To create a www.login.gov account, the user will need a valid email address and a working phone number. The user will create a password and then www.login.gov will reply with an email confirming the email address.

(3) iSupplier (DELPHI) registration instructions: New users should navigate to: http://einvoice.esc.gov to establish an account. Users are required to log in to iSupplier (DELPHI) every 45 days to keep it active.

(4) Training on DELPHI. To facilitate use of DELPHI, comprehensive user information is available at http://einvoice.esc.gov.

(5) Account Management. Vendors are responsible to contact their assigned COR when their firm's points of contacts will no longer be submitting invoices, so they can be removed from the system.

(f) Waivers. For contractors/vendors who are unable to utilize DOT's DELPHI system, waivers may be considered by DOT on a case-by-case basis. Vendors should contact their Contracting Officer's Representative (COR) for procedures.

(g) Exceptions and alternate payment procedures. If, based on one of the circumstances set forth in 1232.7002(a) or (b), and the contracting officer directs that payment requests be made by mail, the contractor shall submit payment requests by mail through the United States Postal Service to the designated agency office. If alternate payment procedures are authorized, the Contractor shall include a copy of the Contracting Officer's written authorization with each payment request. If DELPHI is succeeded by later technology, the Contracting Officer will supply the Contractor with the latest applicable electronic invoicing instructions.

(End of clause)

1252.232-71 Limitation of Government's Obligation.

As prescribed in 1232.770–7, insert the following clause:

Limitation of Government's Obligation (NOV 2022)

(a) Funding is not currently available to fully fund this contract due to the Government operating under a continuing resolution (CR). The item(s) listed in the table below are being incrementally funded as described below. The funding allotted to these item(s) is presently available for payment and allotted to this contract. This table will be updated by a modification to the contract when additional funds, if any, are made available to this contract.

Contract line item No. (CLIN) CLIN total price Funds allotted to the CLIN Funds required for complete funding of the CLIN
$ $ $
$ $ $
$ $ $
$ $ $
Totals $ $ $

(b) For the incrementally funded CLIN(s) identified in paragraph (a) of this clause, the Contractor agrees to perform up to the point at which the total amount payable by the Government, including any invoice payments to which the Contractor is entitled and reimbursement of authorized termination costs in the event of termination of those CLIN(s) for the Government's convenience, does not exceed the total amount currently obligated to those CLIN(s). The Contractor is not authorized to continue work on these item(s) beyond that point. The Government will not be obligated—in any event—to reimburse the Contractor in excess of the amount allotted to the CLIN(s) of the contract regardless of anything to the contrary in any other clause, including but not limited to the clause entitled “Termination for Convenience of the Government” or paragraph (l) entitled “Termination for the Government's Convenience” of the clause at FAR 52.212–4,“Commercial Terms and Conditions—Commercial Products and Commercial Services.”

(c) Notwithstanding paragraph (h) of this clause, the Contractor shall notify the Contracting Officer in writing at least 30 days prior to the date when, in the Contractor's best judgment, the work will reach the point at which the total amount payable by the Government, including any cost for termination for convenience, will approximate 85 percent of the total amount then allotted to the contract for performance of the item(s) identified in paragraph (a) of this clause. The notification shall state the estimated date when that point will be reached and an estimate of additional funding, if any, needed to continue performance. The notification shall also advise the Contracting Officer of the estimated amount of additional funds required for the timely performance of the item(s) funded pursuant to this contract. If after such notification additional funds are not allotted by the date identified in the Contractor's notification, or by an agreed upon substitute date, the Contracting Officer will terminate any item(s) for which additional funds have not been allotted, pursuant to the terms of this contract authorizing termination for the convenience of the Government. Failure to make the notification required by this paragraph, whether for reasons within or beyond the Contractor's control, will not increase the maximum amount payable to the Contractor under paragraphs (a) and (b) of this clause.

(d) The Government may, at any time prior to termination, allot additional funds for the performance of the item(s) identified in paragraph (a) of this clause.

(e) The termination provisions of paragraphs (a) through (h) of this clause do not limit the rights of the Government under the clause entitled “Default” or paragraph (m) entitled “Termination for Cause,” of the clause at FAR 52.212–4, “Commercial Terms and Conditions—Commercial Products and Commercial Services.” The provisions of this clause are limited to the work and allotment of funds for the item(s) set forth in paragraph (a) of this clause. This clause no longer applies once the contract is fully funded.

(f) Nothing in this clause affects the right of the Government to terminate this contract pursuant to the Government's termination for convenience terms set forth in this contract.

(g) Nothing in this clause shall be construed as authorization of voluntary services whose acceptance is otherwise prohibited under 31 U.S.C. 1342.

(h) The parties contemplate that the Government will allot funds to this contract from time to time as the need arises and as funds become available. There is no fixed schedule for providing additional funds.

(End of clause)

1252.235-70 Research Misconduct.

As prescribed in 1235.070–1, insert the following clause:

Research Misconduct (NOV 2022)

(a) Definitions. As used in this clause—

Adjudication means the process of reviewing recommendations from the investigation phase and determining appropriate corrective actions.

Complainant means the person who makes an allegation of research misconduct or the person who cooperates with an inquiry or investigation.

DOT Oversight Organization is the Department of Transportation (DOT) operating administration or Secretarial office sponsoring or managing Federally-funded research.

Evidence includes, but is not limited to, research records, transcripts, or recordings of interviews, committee correspondence, administrative records, grant applications and awards, manuscripts, publications, expert analyses, and electronic data.

Fabrication means making up data or results and recording or reporting them.

Falsification means manipulating research materials, equipment, or processes, or changing or omitting data or results such that the research is not accurately represented in the research record.

Inquiry means preliminary information gathering and fact-finding to determine if an allegation, or apparent instance of research misconduct, warrants an investigation.

Investigation means formal collection and evaluation of information and facts to determine if research misconduct can be established, to assess its extent and consequences, and to recommend appropriate action.

Plagiarism means the appropriation of another person's ideas, processes, results, or words without giving appropriate credit. Research misconduct does not include honest error or differences of opinion.

Research and Technology Coordinating Council (RTCC) is the lead DOT entity for coordination of all actions related to allegations of research misconduct. The respondent in a research misconduct finding may appeal through the RTCC to the Deputy Secretary of Transportation.

Research institution includes any Contractor conducting research under DOT-funded contractual instruments, contracts, and similar instruments.

Research misconduct means fabrication, falsification, or plagiarism, in proposing, performing, or reviewing research, or in reporting research results. Research misconduct does not include honest error or difference of opinion.

Research record means the record of data or results that embody the facts resulting from scientific inquiry, and includes, but is not limited to, research proposals, laboratory records, both physical and electronic, progress reports, abstracts, theses, oral presentations, internal reports, and journal articles.

Respondent means the person against whom an allegation of research misconduct has been made, or the person whose actions are the focus of the inquiry or investigation.

(b) General guidelines.

(1) Confidentiality. DOT organizations, including research organizations, are required to safeguard the confidentiality of the inquiry, investigation and decision-making processes, including maintaining complete confidentiality of all records and identities of respondents and complainants.

(2) Retaliation prohibited. If a complainant who has reported possible research misconduct alleges retaliation on the part of DOT organization management, the report will be addressed by management officials who will conduct an inquiry into the allegations followed by an appropriate management action.

(3) Separation of phases. DOT organizations and research organizations must ensure the separation of the Inquiry, Investigation and Determination Phases of this process.

(4) In general, DOT organizations must strive to protect the interests of the Federal Government and the public in carrying out this process.

(c) Elements to support a finding of research misconduct. Research institutions (including Contractors) that receive DOT funds shall respond to allegations of research misconduct. The following elements describe the type of behavior, level of intent, and burden of proof required to support a finding of research misconduct:

(1) There must be a significant departure from the accepted practices of the relevant research community;

(2) The misconduct must have been committed intentionally, knowingly, or recklessly; and

(3) The allegation must be proven by a preponderance of the evidence.

(d) DOT Oversight Organization Investigation. The DOT oversight organization may proceed with its own investigation at any time if:

(1) DOT determines the research institution is not prepared to handle the allegation in a manner consistent with this policy.

(2) DOT involvement is needed to protect the public interest, including public health and safety.

(3) The allegation involves an entity of sufficiently small size (or an individual) that it cannot sufficiently conduct the investigation itself.

(4) The DOT oversight organization may take, or cause to be taken, interim administrative actions (including special certifications, assurances, or other administrative actions) when deemed appropriate to protect the welfare of human and animal subjects of research, prevent inappropriate use of Federal funds, or otherwise protect the public interest and safety.

(e) Investigating research misconduct. Research institutions, or in limited circumstances discussed in paragraph (d) the DOT Oversight Organization shall use the following procedures to investigate allegations of research misconduct:

(1) Inquire promptly into the research misconduct allegation and complete an initial inquiry within 60 calendar days after receipt of the allegation.

(2) Notify the Contracting Officer immediately, in writing, when an inquiry results in a determination that an investigation is warranted, and promptly begin an investigation.

(3) Ensure the objectivity and expertise of the individuals selected to review allegations and conduct investigations.

(4) Conduct the investigation according to established internal procedures and complete it within 120 calendar days of completing the initial inquiry.

(5) Document the investigation. Include documentation that—

(i) Describes the allegation(s);

(ii) Lists the investigators;

(iii) Describes the methods and procedures used to gather information and evaluate the allegation(s);

(iv) Summarizes the records and data compiled, states the findings, and explains the supporting reasons and evidence;

(v) States the potential impact of any research misconduct; and

(vi) Describes and explains any institutional sanctions or corrective actions recommended or imposed as appropriate within its jurisdiction and as consistent with other relevant laws.

(6) Provide the respondent (the person against whom an allegation of research misconduct has been made) with a reasonable opportunity (e.g., 30 calendar days) to review and respond to the investigation report. The respondent's written comments or rebuttal will be made part of the investigative record.

(7) Within 30 calendar days after completion of an investigation, forward investigative reports, documentation, and respondent's response to the Contracting Officer who will coordinate with the DOT oversight organization(s) sponsoring and/or monitoring the federally-funded research.

(8) Time extensions. Contractors should request time extensions as needed from the Contracting Officer of the appropriate DOT oversight organization. The Contracting Officer has discretion to waive time requirements for good cause.

(f) Activity sanctions or corrective actions. Upon receipt of the investigative reports from the contractor, the DOT oversight organization, in conjunction with the Contracting Officer, will review the report, and determine the appropriate administrative action to be taken. In deciding what actions to take, the oversight organizations should consider: the severity of the misconduct; the degree to which the misconduct was knowing, intentional, or reckless; and whether it was an isolated event or part of a pattern. Sanctions or corrective actions may range as follows—

(1) Minimal restrictions—such as a letter of reprimand, additional conditions on awards, requiring third-party certification of accuracy or compliance with particular policies, regulations, guidelines, or special terms and conditions;

(2) Moderate restrictions—such as limitations on certain activities or expenditures under an active award or special reviews of requests for funding; or

(3) More severe restrictions—such as termination of an active award or government-wide suspension or debarment.

(g) Appeals and final administrative action.

(1) The Federal Acquisition Regulation governs in all matters pertaining to termination of the contract and suspension/debarment.

(2) In all other cases, the Contractor may appeal the sanction or corrective action through the DOT Research and Technology Coordinating Council (RTCC) to the Deputy Secretary of Transportation, in writing within 30 calendar days after receiving written notification of the research misconduct finding and associated administrative action(s). The Contractor shall mail a copy of the appeal to the Contracting Officer.

(3) If there is no request for appeal within 30 calendar days, the administrative actions of the oversight organization shall be final.

(4) If a request for appeal is received by the RTCC within the 30-calendar day limit, the Deputy Secretary may have the RTCC review the appeal and make recommendations.

(5) The RTCC on behalf of the Deputy Secretary will normally inform the appellant of the final decision on an appeal within 60 calendar days of receipt. This decision will then be the final DOT administrative action.

(h) Criminal or civil fraud violations. When the DOT oversight organization concludes an investigation with a determination of research misconduct, the DOT Office of the Senior Procurement Executive may notify any other sources of research that provide support to the respondent. If criminal or civil fraud violations may have occurred, the oversight organization should promptly refer the matter to the DOT Inspector General, the Department of Justice or other appropriate investigative body. The DOT oversight organization, in conjunction with the Contracting Officer will notify the respondent in writing of its action, sanctions to be imposed if applicable, and the DOT appeal procedures.

(i) Subcontract flowdown. The Contractor shall include the substance of this clause in all subcontracts that involve research.

(End of clause)

1252.235-71 Technology Transfer.

As prescribed in 1235.011–70, insert the following clause:

Technology Transfer (NOV 2022)

(a) The Contractor, in accordance with the provisions in the attached Statement of Work, will develop a Technology Transfer Plan to be approved by___[Fill-in: Contracting Officer to fill-in the cognizant DOT/OA] prior to the initiation of any work under this contract and shall execute the approved plan throughout the conduct of this Agreement. Such plan shall include, at a minimum—

(1) A description of the problem and technical solutions being researched, including any potential or identified technology developments that are the intended output of or which may be derived from the research;

(2) A list identifying and categorizing by interest potential stakeholders in the outputs of the research to be performed;

(3) A plan for engaging the identified potential stakeholders to determine interest in and obtain suggested refinements to the research, before and during the conduct of this contract, to enhance the likelihood of adoption/implementation of the research outputs. Such engagement activities shall comprise communicating research status to identified stakeholders, soliciting their feedback; disseminating research outputs, and identifying whether the outputs were adopted/implemented;

(4) A proposed delivery or demonstration activity (e.g., conference presentation of a final report, demonstration of software, or demonstration of tangible output);

(5) A draft plan for the commercialization of any research outputs, including the specific identification of stakeholders most likely to be interested in the commercialization of the research outputs;

(6) The identification of the specific methods and channels for dissemination of the research outputs (e.g., publication, licensing to a third party, or manufacture and sale); and

(7) A plan for tracking and reporting the research outputs, outcomes, and impacts to [Fill-in: Contracting Officer to fill in the cognizant DOT/OA].

(b) The Contractor shall provide to___[Fill-in: Contracting Officer to fill-in the cognizant DOT/OA] at least once every six months, or as an attachment to any more frequent research progress reports, a Technology Transfer Report addressing and updating each element of their approved Technology Transfer Plan. Such report shall include—

(1) An updated description of the problem and technical solution(s) being researched, particularly where any revisions to the research are based on feedback from a stakeholder engagement;

(2) A summary of overall technology transfer progress;

(3) An updated listing of interested stakeholders and an identification of their potential role (e.g., research sponsor, potential end-user, or regulator);

(4) A listing of the stakeholders engaged since the most recently submitted Technology Transfer Report;

(5) The identification of any additional stakeholder engagement activity (including the mechanism used to engage the stakeholder) and the results of such activity;

(6) The conduct and results of any delivery/demonstration activity occurring since the most recently submitted Report update, including the identification of any stakeholder participants;

(7) An acknowledgement of the submission of any technical or progress report that would satisfy the Public Access requirement and whether such submissions are properly represented in the USDOT Research Hub and the National Transportation Library; and

(8) Any information on instances of any use of an output of research conducted under this contract.

(End of clause)

1252.236-70 Special Precautions for Work at Operating Airports.

As prescribed in 1236.570, insert the following clause:

Special Precautions for Work at Operating Airports (NOV 2022)

(a) When work is to be performed at an operating airport, the Contractor must arrange its work schedule so as not to interfere with flight operations. Such operations will take precedence over construction convenience. Any operations of the Contractor that would otherwise interfere with or endanger the operations of aircraft shall be performed only at times and in the manner directed by the Contracting Officer. The Government will make every effort to reduce the disruption of the Contractor's operation.

(b) Unless otherwise specified by local regulations, all areas in which construction operations are underway shall be marked by yellow flags during daylight hours and by red lights at other times. The red lights along the edge of the construction areas within the existing aprons shall be the electric type of not less than 100 watts intensity placed and supported as required. All other construction markings on roads and adjacent parking lots may be either electric or battery type lights. These lights and flags shall be placed to outline the construction areas and the distance between any two flags or lights shall not be greater than 25 feet. The Contractor shall provide adequate watch to maintain the lights in working condition at all times other than daylight hours. The hour of beginning and the hour of ending of daylight will be determined by the Contracting Officer.

(c) All equipment and material in the construction areas or when moved outside the construction area shall be marked with airport safety flags during the day and when directed by the Contracting Officer, with red obstruction lights at nights. All equipment operating on the apron, taxiway, runway, and intermediate areas after darkness hours shall have clearance lights in conformance with instructions from the Contracting Officer. No construction equipment shall operate within 50 feet of aircraft undergoing fuel operations. Open flames are not allowed on the ramp except at times authorized by the Contracting Officer.

(d) Trucks and other motorized equipment entering the airport or construction area shall do so only over routes determined by the Contracting Officer. Use of runways, aprons, taxiways, or parking areas as truck or equipment routes will not be permitted unless specifically authorized for such use. Flag personnel shall be furnished by the Contractor at points on apron and taxiway for safe guidance of its equipment over these areas to assure right of way to aircraft. Areas and routes used during the contract must be returned to their original condition by the Contractor. The maximum speed allowed at the airport shall be established by airport management. Vehicles shall be operated to be under safe control at all times, weather and traffic conditions considered. Vehicles must be equipped with head and tail lights during the hours of darkness.

(End of clause)

1252.237-70 Qualifications of Contractor Employees.

As prescribed in 1237.110–70(a), insert the following clause:

Qualifications of Contractor Employees (NOV 2022)

(a) Definition. Sensitive information, as used in this clause, means any information that is proprietary data or, if subject to unauthorized access, modification, loss, or misuse, could adversely affect the national interest, the conduct of Federal programs, or the privacy of individuals specified in The Privacy Act, 5 U.S.C. 552a, but has not been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept secret in the interest of national defense or foreign policy.

(b) Work under this contract may involve access to DOT facilities or sensitive information or resources (e.g., information technology including computer systems). To protect sensitive information, which shall not be disclosed by the contractor unless authorized in writing by the Contracting Officer, the Contractor shall provide training to any contractor employees authorized to access sensitive information, and upon request of the Government, provide information to assist the Government in determining an individual's suitability to have authorization.

(c) The Contracting Officer may require dismissal from work under this contract of those employees deemed incompetent, careless, insubordinate, unsuitable, or otherwise objectionable, or whose continued employment is deemed contrary to the public interest or inconsistent with the best interest of national security.

(d) Contractor employees working on this contract must complete such forms as may be necessary for security or other reasons, including the conduct of background investigations to determine suitability. Completed forms shall be submitted as directed by the Contracting Officer. Upon the Contracting Officer's Representative (COR) or Program Manager's (PM) request, the Contractor's employees shall be fingerprinted or subject to other investigations as required.

(e) The Contractor shall ensure that contractor employees working on this contract are citizens of the United States of America or non-citizens who have been lawfully admitted for permanent residence or employment (indicated by immigration status) as evidenced by U.S. Citizenship and Immigration Services (USCIS) documentation.

(f) Subcontract flow-down requirement. The Contractor shall include this clause, including this paragraph (f), in subcontracts whenever this clause is included in the prime contractor's contract.

(End of clause)

1252.237-71 Certification of Data.

As prescribed in 1237.7003, insert the following provision:

Certification of Data (NOV 2022)

(a) The offeror represents and certifies that to the best of its knowledge and belief, the information and/or data (e.g., company profile; qualifications; background statements; brochures) submitted with its offer is current, accurate, and complete as of the date of its offer.

(b) The offeror understands that any inaccurate data provided to the Department of Transportation may subject the offeror, its subcontractors, its employees, or its representatives to:

(1) prosecution for false statements pursuant to 18 U.S.C. 1001 and/or; (2) enforcement action for false claims or statements pursuant to the Program Fraud Civil Remedies Act of 1986, 31 U.S.C. 3801–3812 and 49 CFR part 31 and/or; (3) termination for default or for cause under any contract resulting from its offer and/or; (4) debarment or suspension.

(c) The offeror agrees to obtain a similar certification from its subcontractors and submit such certification(s) with its offer.

Signature:

Date:

Typed Name and Title:

Company Name:

This certification concerns a matter within the jurisdiction of an agency of the United States and the making of a false, fictitious, or fraudulent certification may render the maker subject to prosecution under 18 U.S.C. 1001.

(End of provision)

1252.237-72 Prohibition on Advertising.

As prescribed in 1213.7101 and 1237.7003, insert the following clause:

Prohibition on Advertising (NOV 2022)

The contractor or its representatives (including training instructors) shall not advertise or solicit business from attendees for private, non-Government training during contracted-for training sessions. This prohibition extends to unsolicited oral comments, distribution or sales of written materials, and/or sales of promotional videos or audio tapes. The contractor agrees to insert this clause in its subcontracts.

(End of clause)

1252.237-73 Key Personnel.

As prescribed in 1237.110–70(b), insert the following clause:

Key Personnel (NOV 2022)

(a) The personnel as specified below are considered essential to the work being performed under this contract and may, with the consent of the contracting parties, be changed during the course of the contract by adding or deleting personnel, as appropriate.

(b) Before removing, replacing, or diverting any of the specified individuals, the Contractor shall notify the contracting officer, in writing, before the change becomes effective. The Contractor shall submit information to support the proposed action to enable the contracting officer to evaluate the potential impact of the change on the contract. The Contractor shall not remove or replace personnel under this contract until the Contracting Officer approves the change in writing. The key personnel under this contract are:

[Contracting Officer insert specified key personnel]

(End of clause)

1252.239-70 Security Requirements for Unclassified Information Technology Resources.

As prescribed in 1239.106–70, insert the following clause:

Security Requirements for Unclassified Information Technology Resources (NOV 2022)

(a) The Contractor shall be responsible for information technology security for all systems connected to a Department of Transportation (DOT) network or operated by the Contractor for DOT, regardless of location. This clause is applicable to all or any part of the contract that includes information technology resources or services in which the Contractor has physical or electronic access to DOT information that directly supports the mission of DOT. The term “information technology,” as used in this clause, means any equipment or interconnected system or subsystem of equipment, including telecommunications equipment, that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. This includes both major applications and general support systems as defined by OMB Circular A–130. Examples of tasks that require security provisions include—

(1) Hosting of DOT e-Government sites or other IT operations;

(2) Acquisition, transmission, or analysis of data owned by DOT with significant replacement cost should the contractor's copy be corrupted; and

(3) Access to DOT general support systems/major applications at a level beyond that granted the general public, e.g., bypassing a firewall.

(b) The Contractor shall develop, provide, implement, and maintain an IT Security Plan. This plan shall describe the processes and procedures that the Contractor will follow to ensure appropriate security of IT resources developed, processed, or used under this contract. The plan shall describe those parts of the contract to which this clause applies. The Contractor's IT Security Plan shall comply with applicable Federal Laws that include, but are not limited to, 40 U.S.C. 11331, the Federal Information Security Management Act (FISMA) of 2002, and the E-Government Act of 2002. The plan shall meet IT security requirements in accordance with Federal and DOT policies and procedures, as amended during the term of this contract, which include, but are not limited to the following:

(1) OMB Circular A–130, Managing Information as a Strategic Resource;

(2) National Institute of Standards and Technology (NIST) Guidelines;

(3) DOT CIO IT Policy (CIOP) compendium and associated guidelines;

(4) DOT Order 1630.2C, Personnel Security Management; and

(5) DOT Order 1351.37, Departmental Cyber Security Policy.

(c) Within 30 days after contract award, the contractor shall submit the IT Security Plan to the DOT Contracting Officer for review. This plan shall detail the approach contained in the offeror's proposal or sealed bid. Upon acceptance by the Contracting Officer, the Plan shall be incorporated into the contract by contract modification.

(d) Within six (6) months after contract award, the Contractor shall submit written proof of IT Security accreditation to the Contracting Officer. Such written proof may be furnished either by the Contractor or by a third party. Accreditation shall be in accordance with DOT policy available from the Contracting Officer upon request. The Contractor shall submit along with this accreditation a final security plan, risk assessment, security test and evaluation, and disaster recovery plan/continuity of operations plan. The accreditation and accompanying documents, to include a final security plan, risk assessment, security test and evaluation, and disaster recovery/continuity of operations plan, upon acceptance by the Contracting Officer, will be incorporated into the contract by contract modification.

(e) On an annual basis, the Contractor shall verify in writing to the Contracting Officer that the IT Security Plan remains valid.

(f) The Contractor shall ensure that the official DOT banners are displayed on all DOT systems (both public and private) operated by the Contractor that contain Privacy Act information before allowing anyone access to the system. The DOT CIO will make official DOT banners available to the Contractor.

(g) The Contractor shall screen all personnel requiring privileged access or limited privileged access to systems operated by the Contractor for DOT or interconnected to a DOT network in accordance with DOT Order 1630.2C Personnel Security Management, as amended.

(h) The Contractor shall ensure that its employees performing services under this contract receive annual IT security training in accordance with OMB Circular A–130, FISMA, and NIST requirements, as amended, with a specific emphasis on rules of behavior.

(i) The Contractor shall provide the Government access to the Contractor's and subcontractors' facilities, installations, operations, documentation, databases and personnel used in performance of the contract. The Contractor shall provide access to enable a program of IT inspection (to include vulnerability testing), investigation, and audit (to safeguard against threats and hazards to the integrity, availability and confidentiality of DOT data or to the function of information technology systems operated on behalf of DOT), and to preserve evidence of computer crime.

(j) The Contractor shall incorporate and flow down the substance of this clause to all subcontracts that meet the conditions in paragraph (a) of this clause.

(k) The Contractor shall immediately notify the Contracting Officer when an employee who has access to DOT information systems or data terminates employment.

(End of clause)

1252.239-71 Information Technology Security Plan and Accreditation.

As prescribed in 1239.106–70, insert the following provision:

Information Technology Security Plan and Accreditation (NOV 2022)

All offers submitted in response to this solicitation shall address the approach for completing the security plan and accreditation requirements in clause 1252.239–70, Security Requirements for Unclassified and Sensitive Information Technology Resources.

(End of provision)

1252.239-72 Compliance with Safeguarding DOT Sensitive Data Controls.

As prescribed in TAR 1239.7003(a), insert the following clause:

Compliance With Safeguarding DOT Senitive Data Controls (NOV 2022)

(a) The Contractor shall implement security requirements contained in clause 1252.239–74, Safeguarding DOT Sensitive Data and Cyber Incident Reporting, for all DOT sensitive data on all Contractor information systems that support the performance of this contract.

(b) Contractor information systems not part of an information technology service or system operated on behalf of the Government as part of this contract are not subject to the provisions of this clause.

(c) By submission of this offer, the Offeror represents that it will implement the security requirements specified by National Institute of Standards and Technology (NIST) Special Publication (SP) 800–171, Revision 2, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” at https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final that are in effect at the time the solicitation is issued or as authorized by the contracting officer.

(d) If the Offeror proposes to vary from any security requirements specified by NIST SP 800–171, Rev. 2 in effect at the time the solicitation is issued or as authorized by the Contracting Officer, the Offeror shall submit to the Contracting Officer, for consideration by the DOT Chief Information Officer (CIO), a written explanation of—

(1) Why a particular security requirement is not applicable; or

(2) How the Contractor will use an alternative, but equally effective, security measure to satisfy the requirements of NIST SP 800–171, Rev. 2.

(e) The Office of the DOT CIO will evaluate offeror requests to vary from NIST SP 800–171, Rev. 2 requirements and inform the Offeror in writing of its decision before contract award. The Contracting Officer will incorporate accepted variance(s) from NIST SP 800–171, Rev. 2 into any resulting contract.

(End of clause)

1252.239-73 Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.

As prescribed in 1239.7003(b), insert the following clause:

Limitations on the Use or Disclosure of Third–Party Contractor Reported Cyber Incident Information (NOV 2022)

(a) Definitions. As used in this clause—

Compromise means disclosure of information to unauthorized persons, or a violation of the security policy of a system, whereby without authorization information is disclosed, modified, destroyed, lost, or copied to unauthorized media—whether intentionally or unintentionally.

DOT sensitive data means unclassified information that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Governmentwide policies, and is—

(1) Marked or otherwise identified in the contract, task order, or delivery order and provided to the Contractor by or on behalf of DOT in support of the performance of the contract; or

(2) Collected, developed, received, transmitted, used, or stored by or on behalf of the Contractor in support of the performance of the contract.

Cyber incident means actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein.

Information system means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

Media means physical devices or writing surfaces including, but not limited to, magnetic tapes, optical disks, magnetic disks, large-scale integration memory chips, and printouts onto which DOT sensitive data is recorded, stored, or printed within a covered contractor information system.

DOT technical information means recorded information, regardless of the form or method of the recording, of a scientific or technical nature (including computer software documentation). The term does not include computer software or data incidental to contract administration, such as financial and/or management information. Examples of technical information include research and engineering data, engineering drawings, and associated lists, specifications, standards, process sheets, manuals, technical reports, technical orders, catalog-item identifications, data sets, studies and analyses and related information, and computer software executable code and source code.

(b) Restrictions.

(1) The Contractor agrees that the following conditions apply to any information it receives or creates in the performance of this contract derived from a third-party's reporting of a cyber incident, pursuant to TAR clause, 1252.239–74, Safeguarding DOT Sensitive Data and Cyber Incident Reporting (or derived from such information obtained under that clause):

(2) The Contractor shall access and use the information only for the purpose of furnishing advice or technical assistance directly to the Government in support of the Government's activities related to clause 1252.239–74, Safeguarding DOT Sensitive Data and Cyber Incident Reporting, and shall not be used for any other purpose.

(3) The Contractor shall protect the information against unauthorized release or disclosure.

(4) The Contractor shall ensure that its employees are subject to use and non-disclosure obligations consistent with this clause prior to the employees being provided access to or use of the information.

(5) The third-party contractor that reported the cyber incident is a third-party beneficiary of the non-disclosure agreement between the Government and Contractor, as required by paragraph (b)(3) of this clause.

(6) A breach of these obligations or restrictions may subject the Contractor to—

(i) Criminal, civil, administrative, and contractual penalties and other appropriate remedies; and

(ii) Civil actions for damages and other appropriate remedies by the third party that reported the cyber incident, as a third-party beneficiary of this clause.

(c) Subcontract flowdown requirement. The Contractor shall include this clause, including this paragraph (c), in subcontracts, or similar contractual instruments, for services that include support for the Government's activities related to safeguarding covered DOT sensitive data and cyber incident reporting, including subcontracts for commercial products or commercial services, without alteration, except to identify the parties.

(End of clause)

1252.239-74 Safeguarding DOT Sensitive Data and Cyber Incident Reporting.

As prescribed in 1239.7003(c), insert the following clause:

Safeguarding DOT Sensitive Data and Cyber Incident Reporting (NOV 2022)

(a) Definitions. As used in this clause—

Adequate security means protective measures that are commensurate with the consequences and probability of loss, misuse, or unauthorized access to, or modification of information against the probability of occurrence.

Compromise means disclosure of information to unauthorized persons, or a violation of the security policy of a system, whereby without authorization information is disclosed, modified, destroyed, lost, or copied to unauthorized media—whether intentionally or unintentionally.

Contractor attributional/proprietary information means information that identifies the Contractor(s), whether directly or indirectly, by the grouping of information that can be traced back to the Contractor(s) (e.g., program description, facility locations), personally identifiable information, trade secrets, commercial or financial information, or other commercially sensitive information not customarily shared outside of a company.

Covered contractor information system means an unclassified information system owned or operated by or for a Contractor and that processes, stores, or transmits DOT sensitive data.

DOT sensitive data means unclassified information that requires safeguarding or dissemination controls pursuant to and consistent with law, regulation, and Government-wide policies, and is—

(1) Marked or otherwise identified in the contract, task order, or delivery order and provided to the Contractor by or on behalf of DOT in support of the performance of the contract; or

(2) Collected, developed, received, transmitted, used, or stored by or on behalf of the Contractor in support of the performance of the contract.

Cyber incident means actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein.

Federal record as defined in 44 U.S.C. 3301, includes all recorded information, regardless of form or characteristics, made or received by a Federal agency under Federal law or in connection with the transaction of public business and preserved or appropriate for preservation by that agency or its legitimate successor as evidence of the organization, functions, policies, decisions, procedures, operations, or other activities of the United States Government or because of the informational value of data in them. The term Federal record—

(1) Includes all DOT records;

(2) Does not include personal materials;

(3) Applies to records created, received, or maintained by Contractors pursuant to a DOT contract; and

(4) May include deliverables and documentation associated with deliverables.

Forensic analysis means the practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.

Information system means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

Malicious software means computer software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. This definition includes a virus, worm, Trojan horse, or other code-based entity that infects a host, as well as spyware and some forms of adware.

Media means physical devices or writing surfaces including, but not limited to, magnetic tapes, optical disks, magnetic disks, large-scale integration memory chips, and printouts onto which DOT sensitive data is recorded, stored, or printed within a covered contractor information system.

Operationally critical support means supplies or services designated by the Government as critical for airlift, sealift, intermodal transportation services, or logistical support that is essential to the mobilization, deployment, or sustainment of the Armed Forces in a contingency operation.

Spillage security incident means an incident that results in the transfer of classified or unclassified information onto an information system not accredited (i.e., authorized) for the appropriate security level.

Technical information means recorded information, regardless of the form or method of the recording, of a scientific or technical nature (including computer software documentation). The term does not include computer software or data incidental to contract administration, such as financial and/or management information, regardless of whether or not the clause is incorporated in this solicitation or contract. Examples of technical information include research and engineering data, engineering drawings, and associated lists, specifications, standards, process sheets, manuals, technical reports, technical orders, catalog-item identifications, data sets, studies and analyses and related information, and computer software executable code and source code.

(b) Adequate security. The Contractor shall provide adequate security on all covered contractor information systems. To provide adequate security, the Contractor shall implement, at a minimum, the following information security protections:

(1) For covered Contractor information systems that are part of an information technology (IT) service or system operated on behalf of the Government, the following security requirements apply:

(i) Cloud computing services shall be subject to the security requirements specified in the clause 1252.239–76, Cloud Computing Services, of this contract.

(ii) Any other such IT service or system (i.e., other than cloud computing) shall be subject to the security requirements specified elsewhere in this contract.

(2) For covered Contractor information systems that are not part of an IT service or system operated on behalf of the Government and therefore are not subject to the security requirement specified at paragraph (b)(1) of this clause, the following security requirements apply:

(i) Except as provided in paragraph (b)(2)(iv) of this clause, the contractor information system shall be subject to the security requirements in National Institute of Standards and Technology (NIST) Special Publication (SP) 800–171, Revision 2, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” (available via the internet at https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final) in effect at the time the solicitation is issued or as authorized by the Contracting Officer.

(ii) The Contractor shall implement NIST SP 800–171, Rev. 2, no later than 30 days after the award of this contract. The Contractor shall notify Contract Officer of any security requirements specified by NIST SP 800–171, Rev. 2 not implemented within 30 days of time of contract award.

(iii) If the Offeror proposes to vary from any security requirements specified by NIST SP 800–171, Rev. 2 in effect at the time the solicitation is issued or as authorized by the Contracting Officer, the Offeror shall submit to the Contracting Officer, for consideration by the DOT Chief Information Officer (CIO), a written explanation of—

(A) Why a particular security requirement is not applicable; or

(B) How the Contractor will use an alternative, but equally effective, security measure to satisfy the requirements of NIST SP 800–171, Rev. 2.

(iv) The Office of the DOT CIO will evaluate offeror requests to vary from NIST SP 800–171, Rev. 2 requirements and inform the Offeror in writing of its decision before contract award. The Government will incorporate accepted variance(s) from NIST SP 800–171, Rev. 2 into any resulting contract.

(v) The Contractor need not implement any security requirement adjudicated by an authorized representative of the DOT CIO to be nonapplicable, or have an alternative, but equally effective, security measure that may be implemented in its place.

(vi) If the DOT CIO has previously adjudicated the contractor's requests indicating that a requirement is not applicable or that an alternative security measure is equally effective, a copy of that approval shall be provided to the Contracting Officer when the Contractor requests its recognition under this contract

(3) If the Contractor intends to use an external cloud service provider to store, process, or transmit any DOT sensitive data in performance of this contract, the Contractor shall require and ensure that the cloud service provider meets security requirements equivalent to those established by the Government for the Federal Risk and Authorization Management Program (FedRAMP) Moderate baseline (https://www.fedramp.gov/resources/documents/) and that the cloud service provider complies with requirements in paragraphs (c) through (h) of this clause for cyber incident reporting, malicious software, media preservation and protection, access to additional information and equipment necessary for forensic analysis, and cyber incident damage assessment.

(4) The Contractor will apply other information systems security measures when the Contractor reasonably determines that information systems security measures, in addition to those identified in paragraphs (b)(1) and (b)(2) of this clause, may be required to provide adequate security in a dynamic environment or to accommodate special circumstances (e.g., medical devices) and any individual, isolated, or temporary deficiencies based on an assessed risk or vulnerability. These measures may be addressed in a system security plan, as required by, clause 1252.239–70, Security Requirements for Unclassified Information Technology Resources.

(c) Cyber incident reporting requirement.

(1) When the Contractor discovers a cyber incident that affects a covered contractor information system or the DOT sensitive data residing therein, or that affects the contractor's ability to perform the requirements of the contract that are designated as operationally critical support and identified in the contract, the Contractor shall—

(i) Conduct a review for evidence of compromise of DOT sensitive data, including, but not limited to, identifying compromised computers, servers, specific data, and user accounts. This review shall also include analyzing covered contractor information system(s) that were part of the cyber incident, as well as other information systems on the Contractor's network(s), that may have been accessed as a result of the incident in order to identify compromised DOT sensitive data or whether the incident affects the Contractor's ability to provide operationally critical support; and

(ii) Rapidly report cyber incidents to DOT Security Operations Center (SOC) 24x7x365 at phone number: 571–209–3080 (Toll Free: 1–866–580–1852).

(d) Cyber incident report. The cyber incident report shall be treated as information created by or for DOT and shall include, at a minimum, the required elements in paragraph (c)(1)(i).

(e) Spillage. Upon notification by the Government of a spillage, or upon the Contractor's discovery of a spillage, the Contractor shall cooperate with the Contracting Officer to address the spillage in compliance with DOT policy.

(f) Malicious software. When the Contractor or subcontractors discover and isolate malicious software in connection with a reported cyber incident, the Contractor shall submit the malicious software to DOT in accordance with instructions provided by the Contracting Officer. Do not send the malicious software to the Contracting Officer.

(g) Media preservation and protection. When a Contractor discovers a cyber incident has occurred, the Contractor shall preserve and protect images of all known affected information systems identified in paragraph (c)(1)(i) of this clause and all relevant monitoring/packet capture data for at least 90 days from the submission of the cyber incident report to allow DOT to request the media or decline interest.

(h) Access to additional information or equipment necessary for forensic analysis. Upon request by DOT, the Contractor shall provide DOT with access to additional information or equipment that is necessary to conduct a forensic analysis.

(i) Cyber incident damage assessment activities. If DOT elects to conduct a damage assessment, the Contracting Officer will request that the Contractor provide all of the damage assessment information gathered in accordance with paragraph (c) of this clause.

(j) DOT safeguarding and use of Contractor attributional/proprietary information. The Government shall protect against the unauthorized use or release of information obtained from the Contractor (or derived from information obtained from the Contractor) under this clause that includes Contractor attributional/proprietary information, including such information submitted in accordance with paragraph (c). To the maximum extent practicable, the Contractor shall identify and mark attributional/proprietary information. In making an authorized release of such information, the Government will implement appropriate procedures to minimize the Contractor attributional/proprietary information that is included in such authorized release consistent with applicable law.

(k) Use and release of Contractor attributional/proprietary information not created by or for DOT. Information that is obtained from the Contractor (or derived from information obtained from the Contractor) under this clause that is not created by or for DOT is authorized to be released outside of DOT—

(1) To entities with missions that may be affected by such information;

(2) To entities that may be called upon to assist in the diagnosis, detection, or mitigation of cyber incidents;

(3) To Government entities that conduct counterintelligence or law enforcement investigations;

(4) To a support services contractor (“recipient”) that is directly supporting Government activities under a contract that includes the clause at 1252.239–73, Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information; or

(5) With Contractor's consent; or

(6) As otherwise required by law.

(l) Use and release of Contractor attributional/proprietary information created by or for DOT. Information that is obtained from the Contractor (or derived from information obtained from the Contractor) under this clause that is created by or for DOT (including the information submitted pursuant to paragraph (c) of this clause) is authorized to be used and released outside of DOT for purposes and activities authorized by paragraph (j) of this clause, and for any other lawful Government purpose or activity, subject to all applicable statutory, regulatory, and policy based restrictions on the Government's use and release of such information.

(m) The Contractor shall conduct activities under this clause in accordance with applicable laws and regulations on the interception, monitoring, access, use, and disclosure of electronic communications and data.

(n) Other safeguarding or reporting requirements. The safeguarding and cyber incident reporting required by this clause in no way abrogates the Contractor's responsibility for other safeguarding or cyber incident reporting pertaining to its unclassified information systems as required by other applicable clauses of this contract, or as a result of other applicable Government statutory or regulatory requirements.

(o) Subcontract flowdown requirements. The Contractor shall—

(1) Include this clause, including this paragraph (o), in subcontracts, or similar contractual instruments, for operationally critical support, or for which subcontract performance will involve DOT sensitive data, including subcontracts for commercial products and commercial services, without alteration, except to identify the parties. The Contractor shall determine if the information required for subcontractor performance retains its identity as DOT sensitive data and will require protection under this clause, and, if necessary, consult with the Contracting Officer; and

(2) Require subcontractors to—

(i) Notify the prime Contractor (or next higher-tier subcontractor) when submitting a request to vary from a NIST SP 800–171, Rev. 2 security requirement to the Contracting Officer, in accordance with paragraph (b)(2)(iii) of this clause; and

(ii) Provide the incident report number, automatically assigned by DOT, to the prime Contractor (or next higher-tier subcontractor) as soon as practicable, when reporting a cyber incident to DOT as required in paragraph (c) of this clause.

(End of clause)

1252.239-75 DOT Protection of Information About Individuals, PII, and Privacy Risk Management Requirements.

As prescribed in 1239.7104, insert the following clause:

DOT Protection of Information About Individuals, PII, and Privacy Risk Management Requirements (NOV 2022)

(a) Compliance with standards. To the extent Contractor creates, maintains, acquires, discloses, uses, or has access to PII in furtherance of the contract, Contractor shall comply with all applicable Federal law, guidance, and standards and DOT policies pertaining to its protection. Contractor shall notify DOT in writing immediately upon the discovery that Contractor is no longer in compliance with DOT data protection standards with respect to any PII.

(b) Unanticipated threats. If new or unanticipated threats or hazards are discovered by either the Government or the Contractor, or if existing safeguards have ceased to function, the discoverer shall immediately bring the situation to the attention of the other party.

(c) Privacy Act. The Contractor will—

(1) Comply with the Privacy Act of 1974, 5 U.S.C. 552a, DOT implementing regulations (49 CFR part 10), and DOT policies issued under the Act in the design, development, and/or operation of any system of records on individuals to accomplish a DOT function when the contract specifically identifies the work that the Contractor is to perform.

(2) Include the Privacy Act notification contained in this contract in every solicitation and resulting subcontract and in every subcontract awarded without a solicitation, when the work statement in the proposed subcontract requires the redesign, development, and/or operation of a system of records on individuals that is subject to the Act; and

(3) Include this clause, including this paragraph (c), in all subcontracts awarded under this contract which requires the design, development, and/or operation of such a system of records.

(d) Privacy Act records. The Contractor shall not release records subject to the Privacy Act except by the direction of the DOT, regardless of whether DOT or the Contractor maintains the records.

(e) Confidentiality agreement. Contractor agrees to execute a confidentiality agreement protecting PII, when necessary, and further agrees not to appropriate such PII for its own use or to disclose such information to third parties unless specifically authorized by DOT in writing.

(f) Surrender of records. If at any time during the term of the Contract any part of PII, in any form, that Contractor obtains from or on behalf of DOT ceases to be required by Contractor for the performance of its obligations under the Contract, or upon termination of the Contract, whichever occurs first, Contractor shall, within ten (10) business days, notify DOT and securely return such PII to DOT, or, at DOT's written request destroy, un-install and/or remove all copies of such PII in Contractor's possession or control, or such part of the PII which relates to the part of the Contract which is terminated, or the part no longer required, as appropriate, and certify to DOT that the requested action has been completed.

(g) NIST FIPS 140–2. At a minimum, the Contractor shall protect all PII created, collected, used, maintained, or disseminated on behalf of the Department using controls consistent with Federal Information Processing Standard Publication 199 (FIPS 199) moderate confidentiality standards, unless otherwise authorized by the DOT Chief Privacy Officer.

(h) Protection of sensitive information. The Contractor shall comply with Government and DOT guidance for protecting PII.

(i) Breach. The Contractor shall bear all costs, losses, and damages resulting from the Contractor's breach of these clauses. Contractor agrees to release, defend, indemnify, and hold harmless DOT for claims, losses, penalties, and damages and costs to the extent arising out of Contractor's, or its subcontractor's, negligence, unauthorized use or disclosure of PII and/or Contractor's, or its subcontractor's, breach of its obligations under these clauses.

(j) Breach reporting. Contractors shall report breaches involving PII directly to DOT at (202) 385–4357 or 1–(866)–466–5221 within two (2) hours of discovery. Contractor shall provide the incident number automatically assigned by DOT for all breaches reported by the Contractor or any subcontractors to the Contracting Officer.

(k) Applicability. Contractor shall inform all principals, officers, employees, agents and subcontractors engaged in the performance of this contract of the obligations contained in these clauses.

(l) Training. To the extent necessary and/or required by law, the Contractor shall provide training to employees, agents, and subcontractors to promote compliance with these clauses. The Contractor is liable for any breach of these clauses by any of its principals, officers, employees, agents, and subcontractors.

(m) Subcontractor engagement. When the Contractor engages a subcontractor in connection with its performance under the contract, and the Contractor provides such subcontractor access to PII, the Contractor shall provide the Contracting Officer with prompt notice of the identity of the subcontractor and the extent of the role that the subcontractor will play in connection with the performance of the contract. This obligation is in addition to any limitations of subcontracting and consent to subcontract requirements identified elsewhere in the clauses and provisions of this contract.

(n) Subcontract flowdown requirements. Contractors shall flow down this clause to all subcontracts and purchase orders or other agreements and require that subcontractors incorporate this clause in their subcontracts, appropriately modified for identification of the parties. The Contractor shall enforce the terms of the clause, including action against its subcontractors, their employees and associates, or third-parties, for noncompliance. All subcontractors given access to any PII must agree to—

(1) Abide by the clauses set forth herein, including, without limitation, provisions relating to compliance with data privacy standards for the Protection of Data about Individuals, Breach Notification Controls, and Notice of Security and/or Privacy Incident;

(2) Restrict use of PII only for subcontractor's internal business purposes and only as necessary to render services to Contractor in connection with Contractor's performance of its obligations under the contract;

(3) Certify in writing, upon completion of services provided by a subcontractor, that the subcontractor has returned to the Contractor all records containing PII within 30 days of subcontractor's completion of services to Contractor. Failure of subcontractor to return all records containing PII within this period will be reported to DOT as a privacy incident; and

(4) Report breaches involving PII directly to DOT at (202) 385–4357 or 1-(866)-466–5221 within two (2) hours of discovery. Subcontractors shall provide the incident report number automatically assigned by DOT to the prime contractor. Lower-tier subcontractors, likewise, shall report the incident report number automatically assigned by DOT to their higher-tier subcontractor until the prime contractor is reached. Contractor shall provide the DOT incident number to the Contracting Officer.

(End of clause)

1252.239-76 Cloud Computing Services.

As prescribed in 1239.7204(a), insert the following clause:

Cloud Computing Services (NOV 2022)

(a) Definitions. As used in this clause—

Authorizing official, as described in Appendix B of DOT Order 1350.37, Departmental Cybersecurity Policy, means the senior Federal official or executive with the responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation.

Cloud computing means a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This includes other commercial terms, such as on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. It also includes commercial offerings for software-as-a-service, infrastructure-as-a-service, and platform-as-a-service.

Compromise means disclosure of information to unauthorized persons, or a violation of the security policy of a system, whereby without authorization information is disclosed, modified, destroyed, lost, or copied to unauthorized media—whether intentionally or unintentionally.

Cyber incident means actions taken through the use of computer networks that result in a compromise or an actual or potentially adverse effect on an information system and/or the information residing therein.

Government data means any information, document, media, or material regardless of physical form or characteristics, that is created or obtained by the Government in the course of official Government business.

Government-related data means any information, document, media, or material regardless of physical form or characteristics that is created or obtained by a Contractor through the storage, processing, or communication of Government data. This does not include contractor's business records e.g., financial records, legal records etc. or data such as operating procedures, software coding, or algorithms that are not uniquely applied to the Government data.

Information system means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

Media means physical devices or writing surfaces including, but not limited to, magnetic tapes, optical disks, magnetic disks, large-scale integration memory chips, and printouts onto which information is recorded, stored, or printed within an information system.

Spillage security incident means an incident that results in the transfer of classified information onto an information system not accredited (i.e., authorized) for the appropriate security level.

(b) Cloud computing security requirements. The requirements of this clause are applicable when using cloud computing to provide information technology services in the performance of the contract.

(1) If the Contractor indicated in its offer that it does not anticipate the use of cloud computing services in the performance of a resultant contract, and after the award of this contract, the Contractor proposes to use cloud computing services in the performance of the contract, the Contractor shall obtain approval from the Contracting Officer prior to utilizing cloud computing services in performance of the contract.

(2) The Contractor shall implement and maintain administrative, technical, and physical safeguards and controls with the security level and services required in accordance with the DOT Order 1351.37, Departmental Cybersecurity Policy, and the requirements of DOT Order 1351.18, Departmental Privacy Risk Management Policy (the versions of each that in effect at the time the solicitation is issued or as authorized by the Contracting Officer), unless notified by the Contracting Officer that this requirement has been waived by the DOT Chief Information Officer.

(3) The Contractor shall maintain all Government data not physically located on DOT premises within the United States, the District of Columbia, and all territories and possessions of the United States, unless the Contractor receives written notification from the Contracting Officer to use another location, in accordance with DOT Policy.

(4) DOT will determine the security classification level for the cloud system in accordance with Federal Information Processing Standard 199; the Contractor will then apply the appropriate set of impact baseline controls as required in the FedRAMP Cloud Computing Security Requirements Baseline document to ensure compliance with security standards. The FedRAMP baseline controls are based on NIST Special Publication 800–53, Revision 5, Security and Privacy Controls for Information Systems and Organizations, Security Control Baselines and also includes a set of additional controls for use within systems providing cloud services to the Federal government.

(5) The Contractor shall maintain a security management continuous monitoring environment that meets or exceeds the requirements in the Reporting and Continuous Monitoring section of this contract/task order ___ [Fill-in: Contracting Officer enter the requirements document paragraph reference number] based upon the latest edition of FedRAMP Cloud Computing Security Requirements Baseline and FedRAMP Continuous Monitoring Requirements.

(6) The Contractor shall be responsible for the following privacy and security safeguards:

(i) To the extent required to carry out the FedRAMP assessment and authorization process and FedRAMP continuous monitoring, to safeguard against threats and hazards to the security, integrity, and confidentiality of any non-public Government data collected and stored by the Contractor, the Contractor shall provide the Government access to the Contractor's facilities, installations, technical capabilities, operations, documentation, records, and databases.

(ii) The Contractor shall also comply with any additional FedRAMP and DOT Orders containing cybersecurity and privacy policies.

(7) The Government may perform manual or automated audits, scans, reviews, or other inspections of the vendor's IT environment being used to provide or facilitate services for the Government. In accordance with the Federal Acquisition Regulation (FAR) clause 52.239–1, Privacy or Security Safeguards, the Contractor shall provide the Government access to Contractor's facilities, installations, technical capabilities, operations, documentation, records and databases to carry out a program of inspection. Contractors shall provide access within two hours of notification by the Government. The program of inspection shall include, but is not limited to—

(i) Authenticated and unauthenticated operating system/network vulnerability; scans;

(ii) Authenticated and unauthenticated web application vulnerability scans;

(iii) Authenticated and unauthenticated database application vulnerability scans; and

(8) Automated scans can be performed by Government personnel, or agents acting on behalf of the Government, using Government operated equipment, and Government specified tools.

(9) If new or unanticipated threats or hazards are discovered by either the Government or the Contractor, or if existing safeguards have ceased to function, the discoverer shall immediately bring the situation to the attention of the other party.

(10) If the vendor chooses to run its own automated scans or audits, results from these scans may, at the Government's discretion, be accepted in lieu of Government performed vulnerability scans. In these cases, the Government will approve scanning tools and their configuration. In addition, the Contractor shall provide complete results of vendor-conducted scans to the Government.

(c) Limitations on access to and use and disclosure of Government data and Government-related data.

(1) The Contractor shall not access, use, or disclose Government data unless specifically authorized by the terms of this contract or a task order or delivery order issued hereunder.

(i) If authorized by the terms of this contract or a task order or delivery order issued hereunder, any access to, or use or disclosure of, Government data shall only be for purposes specified in this contract or task order or delivery order.

(ii) The Contractor shall ensure that its employees are subject to all such access, use, and disclosure prohibitions and obligations.

(iii) These access, use, and disclosure prohibitions and obligations shall survive the expiration or termination of this contract.

(2) The Contractor shall use Government-related data only to manage the operational environment that supports the Government data and for no other purpose unless otherwise permitted with the prior written approval of the Contracting Officer.

(d) Cloud computing services cyber incident reporting. The Contractor shall report all cyber incidents related to the cloud computing service provided under this contract. to DOT via the DOT Security Operations Center (SOC) 24 hours-a-day, 7 days-a-week, 365 days a year (24x7x365) at phone number: 571–209–3080 (Toll Free: 866–580–1852) within 2 hours of discovery.

(e) Spillage. Upon notification by the Government of a spillage, or upon the Contractor's discovery of a spillage, the Contractor shall cooperate with the Contracting Officer to address the spillage in compliance with agency procedures.

(f) Malicious software. The Contractor or subcontractor(s) that discovers and isolates malicious software in connection with a reported cyber incident shall submit the malicious software in accordance with instructions provided by the Contracting Officer.

(g) Media preservation and protection. When a Contractor discovers a cyber incident has occurred, the Contractor shall preserve and protect images of all known affected information systems identified in the cyber incident report (see paragraphs (b)(5) and (d) of this clause) and all relevant monitoring/packet capture data for at least 90 days from the submission of the cyber incident report to allow DOT to request the media or decline interest.

(h) Access to additional information or equipment necessary for forensic analysis. Upon request by DOT, the Contractor shall provide DOT with access to additional information or equipment that is necessary to conduct a forensic analysis.

(i) Cyber incident damage assessment activities. If DOT elects to conduct a damage assessment, the Contracting Officer will request that the Contractor provide all of the damage assessment information gathered in accordance with paragraph (b)(7) of this clause.

(j) Subcontract flowdown requirement. The Contractor shall include this clause, including this paragraph (j), in all subcontracts that involve or may involve cloud services, including subcontracts for commercial products or commercial services.

(End of clause)

1252.239-77 Data Jurisdiction.

As prescribed in 1239.7204(b), insert a clause substantially as follows:

Data Jurisdiction (NOV 2022)

The Contractor shall identify all data centers in which the data at rest or data backup will reside, including primary and replicated storage. The Contractor shall ensure that all data centers not physically located on DOT premises reside within the United States, the District of Columbia, and all territories and possessions of the United States, unless otherwise authorized by the DOT CIO. The Contractor shall provide a Wide Area Network (WAN), with a minimum of ___ [Contracting Officer fill-in: Insert specific number] data center facilities at ___ [Contracting Officer fill-in number] different geographic locations with at least ___ [Contracting Officer fill-in number] internet Exchange Point (IXP) for each price offering. The Contractor shall provide internet bandwidth at the minimum of ___ [Contracting Officer fill-in applicable gigabytes] GB.

(End of clause)

1252.239-78 Validated Cryptography for Secure Communications.

As prescribed in 1239.7204(c), insert a clause substantially as follows:

Validated Cryptography for Secure Communications (NOV 2022)

(a) The Contractor shall use only cryptographic mechanisms that comply with ___ [Contracting Officer insert FIPS 140–2 level #]. All deliverables shall be labeled ___ [Contracting Officer insert appropriate label such as “For Official Use Only” (FOUO) or other DOT-agency selected designation per document sensitivity].

(b) External transmission/dissemination of ___ [Contracting Officer fill-in: e.g., labeled deliverables] to or from a Government computer must be encrypted. Certified encryption modules must be used in accordance with ___ [Contracting Officer shall insert the standard, such as FIPS PUB 140–2, “Security requirements for Cryptographic Modules.”

(End of clause)

1252.239-79 Authentication, Data Integrity, and Non-Repudiation.

As prescribed in 1239.7204(d), insert a clause substantially as follows:

Authentication, Data Integrity, and Non-Repudiation (NOV 2022)

The Contractor shall provide a [Fill-in: Contracting Officer fill-in the “cloud service” name] system that implements ___ [Contracting Officer insert the required level (1–4) of FIPS 140–2 encryption standard] that provides for origin authentication, data integrity, and signer non-repudiation.

(End of clause)

1252.239-80 Audit Record Retention for Cloud Service Providers.

As prescribed in 1239.7204(e), insert the following clause:

Audit Record Retention for Cloud Service Providers (NOV 2022)

(a) The Contractor shall support a system in accordance with the requirement for Federal agencies to manage their electronic records in accordance with 36 CFR 1236.20 and 1236.22, including but not limited to capabilities such as those identified in DoD STD–5015.2 V3, Electronic Records Management Software Applications Design Criteria Standard, NARA Bulletin 2008–05, July 31, 2008, Guidance concerning the use of email archiving applications to store email, and NARA Bulletin 2010–05 September 08, 2010, Guidance on Managing Records in Cloud Computing Environments.

(b) The Contractor shall maintain records to retain functionality and integrity throughout the records' full lifecycle including—

(1) Maintenance of links between records and metadata; and

(2) Categorization of records to manage retention and disposal, either through transfer of permanent records to NARA or deletion of temporary records in accordance with NARA approved retention schedules.

(End of clause)

1252.239-81 Cloud Identification and Authentication (Organizational Users) Multi-Factor Authentication.

As prescribed in 1239.7204(f), insert the following clause:

Cloud Identification and Authentication (Organizational Users) Multi-Factor Authentication (NOV 2022)

The Contractor shall support a secure, multi-factor method of remote authentication and authorization to identified Government Administrators that will allow Government-designated personnel the ability to perform management duties on the system. The Contractor shall support multi-factor authentication in accordance with National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) Publication (PUB) Number 201–2, Personal Identity Verification (PIV) of Federal Employees and Contractors, and OMB implementation guidance for personal identity verification.

(End of clause)

1252.239-82 Identification and Authentication (Non-Organizational Users).

As prescribed in 1239.7204(g), insert the following clause:

Identification and Authentication (Non-Organizational Users) (NOV 2022)

The Contractor shall support a secure, multi-factor method of remote authentication and authorization to identified Contractor Administrators that will allow Contractor designated personnel the ability to perform management duties on the system as required by the contract.

(End of clause)

1252.239-83 Incident Reporting Timeframes.

As prescribed in 1239.7204(h), insert the following clause:

Incident Reporting Timeframes (NOV 2022)

(a) The Contractor shall report all computer security incidents to the DOT Security Operations Center (SOC) in accordance with Subpart 1239.70—Information Security and Incident Response Reporting.

(b) Contractors and subcontractors are required to report cyber incidents directly to DOT via the DOT SOC 24 hours-a-day, 7 days-a-week, 365 days a year (24x7x365) at phone number: 571–209–3080 (Toll Free: 866–580–1852) within 2 hours of discovery, regardless of the incident category. See 1252.239–74, Safeguarding DOT Sensitive Data and Cyber Incident Reporting.

(End of clause)

1252.239-84 Media Transport.

As prescribed in 1239.7204(i), insert a clause substantially as follows:

Media Transport (NOV 2022)

(a) The Contractor shall document activities associated with the transport of DOT information stored on digital and non-digital media and employ cryptographic mechanisms to protect the confidentiality and integrity of this information during transport outside of controlled areas. This applies to—

(1) Digital media containing DOT or other Federal agency or other sensitive or third-party provided information that requires protection must be encrypted using FIPS 140–2 [Contracting Officer insert required encryption mode, based on FIPS 199 risk category] when transported outside of controlled areas; and

(2) Nondigital media must be secured using the same policies and procedures as paper.

(b) Contractors shall ensure accountability for media containing DOT or other Federal agency or other sensitive or third-party provided information that is transported outside of controlled areas. This can be accomplished through appropriate actions such as logging and a documented chain of custody form.

(c) DOT or other Federal agency sensitive or third-party provided information that resides on mobile/portable devices (e.g., USB flash drives, external hard drives, and SD cards) must be encrypted using FIPS 140–2 [Contracting Officer insert the required encryption mode based on FIPS 199 risk category]. All Federal agency data residing on laptop computing devices must be protected with NIST-approved encryption software.

(End of clause)

1252.239-85 Personnel Screening—Background Investigations.

As prescribed in 1239.7204(j), insert the clause as follows:

Personnel Screening—Background Investigations (NOV 2022)

(a) Contractors shall provide support personnel who are U.S. persons maintaining a NACI clearance or greater in accordance with OMB memorandum M–05–24, Section C (see https://www.whitehouse.gov/wp-content/uploads/legacy_drupal_files/omb/memoranda/2005/m05-24.pdf).

(b) The Contractor shall furnish documentation reflecting favorable adjudication of background investigations for all personnel supporting the system. The Contractor shall also comply with Executive Order 12968, Access to Classified Information. DOT separates the risk levels for personnel working on Federal computer systems into three categories: low risk, moderate risk, and high risk. The Contractor is responsible for the cost of meeting all security requirements and maintaining assessment and authorization.

(c) The Contractor's employees with access to DOT systems containing sensitive information may be required to obtain security clearances (i.e., Confidential, Secret, or Top Secret). National Security work designated “special sensitive,” “critical sensitive,” or “non-critical sensitive,” will determine the level of clearance required for contractor employees. Personnel security clearances for national security contracts in DOT will be processed according to the Department of Defense National Industrial Security Program Operating Manual (NISPOM).

(d) The Contracting Officer, through the Contracting Officer's Representative (COR) or Program Manager will ensure that all required information is forwarded to the Federal Protective Service (FPS) in accordance with the DOT Policy. FPS will then contact each Applicant with instructions for completing required forms and releases for the type of personnel investigation requested.

(e) Applicants will not be reinvestigated if a prior favorable adjudication is on file with FPS, OPM or DoD, there has been no break in service, and the position is identified at the same or lower risk level. Once a favorable FBI Criminal History Check (Fingerprint Check) has been returned, Applicants may receive a DOT identity credential (if required) and initial access to information systems holding DOT information.

(End of clause)

1252.239-86 Boundary Protection—Trusted Internet Connections.

As prescribed in 1239.7204(k), insert the clause as follows:

Boundary Protection—Trusted Internet Connections (NOV 2022)

The Contractor shall ensure that Federal information, other than non-sensitive information, being transmitted from Federal government entities to external entities using cloud services is inspected by Trusted internet Connections (TIC) processes or the Contractor shall route all external connections through a Trusted internet Connection (TIC).

(End of clause)

1252.239-87 Protection of Information at Rest.

As prescribed in 1239.7204(l), insert the clause as follows:

Protection of Information at Rest and in Transit (NOV 2022)

The Contractor shall provide security mechanisms for handling data at rest and in transit in accordance with FIPS 140–2 ___ [Contracting officer insert encryption standard, based on NIST FIPS 199 categorization].

(End of clause)

1252.239-88 Security Alerts, Advisories, and Directives.

As prescribed in 1239.7204(m), insert the clause as follows:

Security Alerts, Advisories, and Directives (NOV 2022)

The Contractor shall provide a list of its personnel, identified by name and role, who are assigned system administration, monitoring, and/or security responsibilities and who are designated to receive security alerts, advisories, and directives and individuals responsible for the implementation of remedial actions associated with them.

(End of clause)

1252.239-89 Technology Modernization.

As prescribed in 1239.7303(a), insert the following clause:

Technology Modernization (NOV 2022)

(a) Modernization approach. After issuance of the contract, the Government may solicit, and the Contractor is encouraged to propose independently, a modernization approach to the hardware, software, specifications, or other requirements of the contract. This modernization approach may be proposed to increase efficiencies (both system and process level), reduce costs, or strengthen the cyber security posture, or for any other purpose which presents an advantage to the Government. Furthermore, the modernization approach should, to the maximum extent practicable, align with how the commercial sector would solve the problem.

(b) Proposal requirements. As part of the proposed changes, the Contractor shall submit a price or cost proposal to the Contracting Officer for evaluation. Those proposed modernized improvements that are acceptable to the Government will be processed as modifications to the contract. At a minimum, the Contractor shall submit the following information with each proposal:

(1) A summary of how the modernized proposal aligns with the commercial sector approach and how the current approach is out of alignment/differs;

(2) A description of the difference between the existing contract requirement and the proposed change, and the comparative advantages and disadvantages of each;

(3) Itemized requirements of the contract that must be changed if the proposal is adopted and the proposed revision to the contract for each such change;

(4) An estimate of the changes in performance and price or cost, if any, that will result from adoption of the proposal;

(5) An evaluation of the effects the proposed changes would have on collateral costs to the Government, such as Government-furnished property costs, costs of related items, and costs of maintenance, operation and conversion (including Government application software);

(6) A statement of the schedule for contract modification adopting the proposal that maximizes benefits of the changes during the remainder of the contract, including supporting rationale; and

(7) Identification of impacts on contract cost and schedule. The Government is not liable for proposal preparation costs or for any delay in acting upon any proposal submitted pursuant to this clause.

(c) Withdrawal. The Contractor has a right to withdraw, in whole or in part, any proposal not adopted by contract modification within the period specified in the proposal. The decision of the Contracting Officer whether to accept any such proposal under this contract is final and not subject to the “Disputes” clause of this contract.

(d) Product testing. If the Government wishes to test and evaluate any item(s) proposed, the Contracting Officer will issue written directions to the Contractor specifying what item(s) will be tested, where and when the item(s) will be tested, to whom the item(s) is to be delivered, and the number of days (not to exceed 90 calendar days) that the item will be tested.

(e) Contract modification. The Contracting Officer may accept any proposal submitted pursuant to this clause by giving the Contractor written notice thereof. This written notice will be given by issuance of a modification to the contract. Until the Government issues a modification incorporating a proposal under this contract, the Contractor shall remain obligated to perform in accordance with the requirements, terms, and conditions of the existing contract.

(f) Change orders. If a proposal submitted pursuant to this clause is accepted and applied to this contract, the equitable adjustment increasing or decreasing the price or cost-plus-fixed-fee (CPFF) shall be in accordance with the procedures of the applicable “Changes” clause incorporated by reference in the contract. The resulting contract modification will state that it is made pursuant to this clause.

(End of clause)

1252.239-90 Technology Upgrades/Refreshment.

As prescribed in 1239.7303(b), insert the following clause:

Technology Upgrades/Refreshment (NOV 2022)

(a) Upgrade/refreshment approach. After issuance of the contract, the Government may solicit, and the Contractor is encouraged to propose independently, technology improvements to the hardware, software, specifications, or other requirements of the contract. These improvements may be proposed to save money, to improve performance, to save energy, to satisfy increased data processing requirements, or for any other purpose that presents a technological advantage to the Government. As part of the proposed changes, the Contractor shall submit a price or cost proposal to the Contracting Officer for evaluation. Those proposed technology improvements that are acceptable to the Government will be processed as modifications to the contract. As a minimum, the following information shall be submitted by the Contractor with each proposal:

(1) A description of the difference between the existing contract requirement and the proposed change, and the comparative advantages and disadvantages of each;

(2) Itemized requirements of the contract that must be changed if the proposal is adopted, and the proposed revision to the contract for each such change;

(3) An estimate of the changes in performance and price or cost, if any, that will result from adoption of the proposal;

(4) An evaluation of the effects the proposed changes would have on collateral costs to the Government, such as Government-furnished property costs, costs of related items, and costs of maintenance, operation and conversion (including Government application software);

(5) A statement of the time by which the contract modification adopting the proposal must be issued so as to obtain the maximum benefits of the changes during the remainder of the contract including supporting rationale; and

(6) Identification of any impacts to contract completion time or delivery schedule. The Government is not liable for proposal preparation costs or for any delay in acting upon any proposal submitted pursuant to this clause. The Contractor has a right to withdraw, in whole or in part, any proposal not adopted by contract modification within the period specified in the proposal. The decision of the Contracting Officer whether to accept any such proposal under this contract is final and not subject to the “Disputes” clause of this contract.

(b) Test and evaluation. If the Government wishes to test and evaluate any item(s) proposed, the Contracting Officer will issue written directions to the Contractor specifying what item(s) will be tested, where and when the item(s) will be tested, to whom the item(s) is to be delivered, and the number of days (not to exceed 90 calendar days) that the item will be tested. The Contracting Officer may accept any proposal submitted pursuant to this clause by giving the Contractor written notice thereof. This written notice will be given by issuance of a modification to the contract. Unless and until a modification is executed to incorporate a proposal under this contract, the Contractor shall remain obligated to perform in accordance with the requirements, terms and conditions of the existing contract. If a proposal submitted pursuant to this clause is accepted and applied to this contract, the equitable adjustment increasing or decreasing the price or CPFF shall be in accordance with the procedures of the applicable “Changes” clause incorporated by reference in Section I of the contract. The resulting contract modification will state that it is made pursuant to this clause.

(End of clause)

1252.239-91 Records Management.

As prescribed in 1239.7403, insert the following clause:

Records Management (NOV 2022)

(a) Definition.

Federal record, as defined in 44 U.S.C. 3301, means all recorded information, regardless of form or characteristics, made or received by a Federal agency under Federal law or in connection with the transaction of public business and preserved or appropriate for preservation by that agency or its legitimate successor as evidence of the organization, functions, policies, decisions, procedures, operations, or other activities of the United States Government or because of the informational value of data in them. The term Federal record:

(1) Includes all DOT records.

(2) Does not include personal materials.

(3) Applies to records created, received, or maintained by Contractors pursuant to a DOT contract.

(4) May include deliverables and documentation associated with deliverables.

(b) Requirements.

(1) Compliance. Contractor shall comply with all applicable records management laws and regulations, as well as National Archives and Records Administration (NARA) records policies, including but not limited to 44 U.S.C. chapters 21, 29, 31, and 33, NARA regulations at 36 CFR chapter XII, subchapter B, and those policies associated with the safeguarding of records covered by Privacy Act of 1974 (5 U.S.C. 552a). These policies include the preservation of all records, regardless of form or characteristics, mode of transmission, or state of completion.

(2) Applicability. In accordance with 36 CFR 1222.32, all data created for Government use and delivered to, or falling under, the legal control of the Government, are Federal records subject to the provisions of 44 U.S.C. chapters 21, 29, 31, and 33, the Freedom of Information Act (FOIA) (5 U.S.C. 552), as amended, and the Privacy Act of 1974 (5 U.S.C. 552a), as amended. Such Federal records shall be managed and scheduled for disposition only as permitted by the Federal Records Act, other relevant statutes or regulations, and DOT Order 1351.28, Departmental Records Management Policy.

(3) Records maintenance. While DOT records are in the Contractor's custody, the Contractor is responsible for preventing the alienation or unauthorized destruction of DOT records, including all forms of mutilation. Records may not be removed from the legal custody of DOT or destroyed except in accordance with the provisions of the agency records schedules and with the written concurrence of the DOT or Component Records Officer, as appropriate. Willful and unlawful destruction, damage or alienation of Federal records is subject to the fines and penalties imposed by 18 U.S.C. 2701. In the event of any unlawful or accidental removal, defacing, alteration, or destruction of records, the Contractor must report the event to the Contracting Officer in accordance with 36 CFR part 1230, Unlawful or Accidental Removal, Defacing, Alteration, or Destruction of Records, for reporting to NARA.

(4) Unauthorized disclosure. The Contractor shall notify the Contracting Officer within two hours of discovery of any inadvertent or unauthorized disclosures of information, data, documentary materials, records or equipment. Disclosure of non-public information is limited to authorized personnel with a need-to-know as described in the contract. The Contractor shall ensure that the appropriate personnel, administrative, technical, and physical safeguards are established to ensure the security and confidentiality of this information, data, documentary material, records and/or equipment. The Contractor shall not remove material from Government facilities or systems, or facilities or systems operated or maintained on the Government's behalf, without the express written permission of the Contracting Officer. When information, data, documentary material, records and/or equipment is no longer required, it shall be returned to DOT control or the Contractor must hold it until otherwise directed. Items returned to the Government shall be hand carried, mailed, emailed, or securely electronically transmitted to the Contracting Officer or address prescribed in the contract. Destruction of records is expressly prohibited unless in accordance with the contract.

(c) Non-public information. The Contractor shall not create or maintain any records containing any non-public DOT information that are not specifically authorized by the contract.

(d) Rights in data. Rights in data under this contract are set forth in clauses prescribed by FAR part 27 and included in this contract, (e.g., 52.227–14 Rights in Data—General). The Contractor must make any assertion of copyright in the data or other deliverables under this contract and substantiate such assertions. The Contractor must add or correct all limited rights, restricted rights, or copyright notices and take all other appropriate actions in accordance with the terms of this contract and the clauses included herein.

(e) Notification of third-party access requests. The Contractor shall notify the Contracting Officer promptly of any requests from a third party for access to Federal records, including any warrants, seizures, or subpoenas it receives, including those from another Federal, State, or local agency. The Contractor shall cooperate with the Contracting Officer to take all measures to protect Federal records, from any unauthorized disclosure.

(f) Training. All Contractor employees assigned to this contract who create, work with, or otherwise handle records are required to take DOT-provided records management training. The Contractor is responsible for confirming to the Contracting Officer that training, including initial training and any annual or refresher training, has been completed in accordance with agency policies.

(g) Subcontract flowdown requirements.

(1) The Contractor shall incorporate the substance of this clause, its terms and requirements including this paragraph (g), in all subcontracts under this contract, and require written subcontractor acknowledgment of same.

(2) Violation by a subcontractor of any provision set forth in this clause will be attributed to the Contractor.

(End of clause)

1252.239-92 Information and Communication Technology Accessibility Notice.

As prescribed in 1239.203–70(a), insert the following provision:

Information and Communication Technology Accessibility Notice (NOV 2022)

(a) Any offeror responding to this solicitation must comply with established DOT Information and Communication Technology (ICT) (formerly known as Electronic and Information (EIT)) accessibility standards. Information about Section 508 is available at https://www.section508.gov/.

(b) The Section 508 accessibility standards applicable to this solicitation are stated in the clause at 1252.239–93, Information and Communication Technology Accessibility. In order to facilitate the Government's determination whether proposed ICT supplies and services meet applicable Section 508 accessibility standards, offerors must submit appropriate Section 508 Checklists, in accordance with the checklist completion instructions. The purpose of the checklists is to assist DOT acquisition and program officials in determining whether proposed ICT supplies or information, documentation and services support conform to applicable Section 508 accessibility standards. The checklists allow offerors or developers to self-evaluate their supplies and document—in detail—whether they conform to a specific Section 508 accessibility standard, and any underway remediation efforts addressing conformance issues.

(c) Respondents to this solicitation must identify any exception to Section 508 requirements. If an offeror claims its supplies or services meet applicable Section 508 accessibility standards, and it is later determined by the Government, i.e., after award of a contract or order, that supplies or services delivered do not conform to the described accessibility standards, remediation of the supplies or services to the level of conformance specified in the contract will be the responsibility of the Contractor at its expense.

(End of provision)

1252.239-93 Information and Communication Technology Accessibility.

As prescribed in 1239.203–70(b), insert the following clause:

Information and Communication Technology Accessibility (NOV 2022)

(a) All Information and Communication Technology (ICT) supplies, information, documentation and services support developed, acquired, maintained or delivered under this contract or order must comply with the Information and Communication Technology (ICT) Standards and Guidelines (see 36 CFR parts 1193 and 1194). Information about Section 508 is available at https://www.section508.gov/.

(b) The Section 508 accessibility standards applicable to this contract or order are identified in the Specification, Statement of Work, or Performance Work Statement. If it is determined by the Government that ICT supplies and services provided by the Contractor do not conform to the described accessibility standards in the contract, remediation of the supplies or services to the level of conformance specified in the contract will be the responsibility of the Contractor at its own expense.

(c) The Section 508 accessibility standards applicable to this contract are: ___ [Contracting Officer inserts the applicable Section 508 accessibility standards].

(d) In the event of a modification(s) to this contract or order, which adds new ICT supplies or services or revises the type of, or specifications for, supplies or services, the Contracting Officer may require that the Contractor submit a completed Section 508 Checklist and any other additional information necessary to assist the Government in determining that the ICT supplies or services conform to Section 508 accessibility standards. If the Government determines that ICT supplies and services provided by the Contractor do not conform to the described accessibility standards in the contract, remediation of the supplies or services to the level of conformance specified in the contract will be the responsibility of the Contractor at its own expense.

(e) If this is an indefinite-delivery type contract, a Blanket Purchase Agreement or a Basic Ordering Agreement, the task/delivery order requests that include ICT supplies or services will define the specifications and accessibility standards for the order. In those cases, the Contractor may be required to provide a completed Section 508 Checklist and any other additional information necessary to assist the Government in determining that the ICT supplies or services conform to Section 508 accessibility standards. If it is determined by the Government that ICT supplies and services provided by the Contractor do not conform to the described accessibility standards in the provided documentation, remediation of the supplies or services to the level of conformance specified in the contract will be the responsibility of the Contractor at its own expense.

(End of clause)

1252.242-70 Dissemination of Information—Educational Institutions.

As prescribed in 1242.270(a), insert the following clause:

Dissemination of Information—Educational Institutions (NOV 2022)

(a) The Department of Transportation (DOT) desires widespread dissemination of the results of funded transportation research. The Contractor, therefore, may publish (subject to the provisions of the “Data Rights” and “Patent Rights” clauses of the contract) research results in professional journals, books, trade publications, or other appropriate media (a thesis or collection of theses should not be used to distribute results because dissemination will not be sufficiently widespread). All costs of publication pursuant to this clause shall be borne by the Contractor and shall not be charged to the Government under this or any other Federal contract.

(b) Any copy of material published under this clause must contain acknowledgment of DOT's sponsorship of the research effort and a disclaimer stating that the published material represents the position of the author(s) and not necessarily that of DOT. Articles for publication or papers to be presented to professional societies do not require the authorization of the Contracting Officer prior to release. However, two copies of each article shall be transmitted to the Contracting Officer at least two weeks prior to release or publication.

(c) Press releases concerning the results or conclusions from the research under this contract shall not be made or otherwise distributed to the public without prior written approval of the Contracting Officer.

(d) Publication under the terms of this clause does not release the Contractor from the obligation of preparing and submitting to the Contracting Officer a final report containing the findings and results of research, as set forth in the schedule of the contract.

(End of clause)

1252.242-71 Contractor Testimony.

As prescribed in 1242.270(b), insert the following clause:

Contractor Testimony (NOV 2022)

All requests for the testimony of the Contractor or its employees, and any intention to testify as an expert witness relating to: (a) any work required by, and/or performed under, this contract; or (b) any information provided by any party to assist the Contractor in the performance of this contract, shall be immediately reported to the Contracting Officer. Neither the Contractor nor its employees shall testify on a matter related to work performed or information provided under this contract, either voluntarily or pursuant to a request, in any judicial or administrative proceeding unless approved, in advance, by the Contracting Officer or required by a judge in a final court order.

(End of clause)

1252.242-72 Dissemination of Contract Information.

As prescribed in 1242.270(c), insert the following clause:

Dissemination of Contract Information (NOV 2022)

The Contractor shall not publish, permit to be published, or distribute for public consumption, any information, oral or written, concerning the results or conclusions made pursuant to the performance of this contract, without the prior written consent of the Contracting Officer. Two copies of any material proposed to be published or distributed shall be submitted to the Contracting Officer.

(End of clause)

1252.242-74 Contract Audit Support.

As prescribed in 1242.170, insert the following clause:

Contract Audit Support (NOV 2022)

The Government may at its sole discretion utilize certified public accountant(s) to provide contract audit services in lieu of the cognizant government audit agency to accomplish the contract administration requirements of FAR parts 32 and 42 under the terms and conditions of this contract. The audit services contractor reviewing the Contractor's accounting systems and data will perform this function in accordance with contract provisions which prohibit disclosure of proprietary financial data or use of such data for any purpose other than to perform the required audit services. The Contractor shall provide access to accounting systems, records, and data to the audit services contractor like that provided to the cognizant government auditor.

(End of clause)

Subpart 1252.3—Provision and Clause Matrix

1252.301 Solicitation provisions and contract clauses (matrix).

The TAR matrix is not published in the CFR. It is available on the Acquisition.gov website at https://www.acquisition.gov/TAR.