Code of Federal Regulations (Last Updated: April 5, 2024) |
Title 48 - Federal Acquisition Regulations System |
Chapter 3 - Health and Human Services |
SubChapter F - Special Categories of Contracting |
Part 339 - Acquisition of Information Technology |
Subpart 339.71 - Information Security Management |
§ 339.7101 - Policy.
Latest version.
-
HHS is responsible for implementing an information security program to ensure that its information systems and associated facilities, as well as those of its contractors, provide a level of security commensurate with the risk and magnitude of harm that could result from the loss, misuse, disclosure, or modification of the information contained in those systems. Each system's level of security shall protect the integrity, confidentiality, and availability of the information and comply with all security and privacy-related laws and regulations.