General Services Administration
System for Award Management (SAM) (February 19, 2013, 78 FR 11648)
The General Services Administration (GSA) Federal Acquisition Service (FAS) is the owner of the system. The system is hosted, operated, and maintained by contractors. Records are maintained in an electronic form on servers housed at the contractors' facilities within the United States. Contact the system manager for additional information.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
SAM currently has two functional areas which cover individuals. In the Entity Management functional area, SAM covers individuals who are sole proprietors and register to do business with the Government as sole proprietors. For purposes of this system of records notice, individuals with records in the Entity Management functional area will be referred to as “entity” or “entities”. In the exclusion portion of the Performance Information functional area, SAM covers individuals who are excluded or disqualified under certain circumstances, including but not limited to the following: A Federal agency's action under the Common Rules on Non-procurement suspension and debarment, or otherwise declared ineligible from receiving certain Federal assistance and/or benefits; individuals debarred, suspended, proposed for debarment, or otherwise declared ineligible from participating in Federal procurement programs; individuals barred or suspended from acting as sureties for bid and performance bond activity in procurement programs; individuals barred from entering the United States; and individuals that may be subject to sanctions pursuant to 31 CFR Parts 500-599 and subparts thereunder.
CATEGORIES OF RECORDS IN THE SYSTEM:
Since SAM combined several Governmentwide systems, it has multiple functional areas. In the Entity Management functional area, SAM contains records that capture information users voluntarily provide about their entity as part of the process to register to do business with the Federal Government, including the entity legal business name, entity email address, entity telephone number, entity Taxpayer Identification Number (TIN), and entity address. In the case of a sole proprietor, tax laws allow them to use their Social Security Number (SSN) as their TIN if they do not have a separate Employer Identification Number (EIN). The TIN (whether it be an EIN or an SSN) is not publicly available data. In the exclusion portion of the Performance Information functional area, SAM contains records entered by Federal agency suspension and debarment officials, some of which may be records on individuals. Exclusion records on individuals contain certain information that will never be displayed publicly, e.g. street address information, as well as the SSN or TIN. Agencies disclose the SSN of an individual to verify the identity of an individual, only if permitted under the Privacy Act of 1974 and, if appropriate, the Computer Matching and Privacy Protection Act of 1988, as codified in 5 U.S.C. 552(a).
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
For the Entity Management functional area of SAM, the authorities for collecting the information and maintaining the system are the Federal Acquisition Regulation (FAR) Subparts 4.11 and 52.204 and 2 CFR, Subtitle A, Chapter I, and Part 25, as well as 40 U.S.C. 121(c). For the exclusions portion of the Performance Information functional area, the authorities for collecting the information and maintaining the system are FAR Subparts 9.4 and 28.2, Executive Order 12549 (February 18, 1986), Executive Order 12689 (August 16, 1989).
GSA proposes to establish a new system of records subject to the Privacy Act of 1974 (as amended), 5 U.S.C. 552a. The System for Award Management (SAM) consolidates functions that were previously handled by the Central Contractor Registration (CCR) system, Excluded Parties List System (EPLS), and Online Representations and Certifications Application (ORCA). SAM provides the capability to manage information about entities wishing to do business with the Federal Government, and maintain information about those entities to ensure that entities seeking to do business with the Federal Government have not been debarred, suspended, or otherwise excluded from doing business. SAM maintains this Governmentwide system of records to enable Federal agencies to determine who is registered to do business with the Federal Government, and to identify individuals who have been excluded from participating in Federal procurement and non-procurement (financial or non-financial assistance and benefits programs), throughout the Federal Government. In some instances a record may demonstrate that an exclusion applies only to the agency taking the action, and therefore does not have Governmentwide effect. The purpose of these exclusions is to protect the Government from non-responsible contractors and individuals, ensure proper management throughout the Federal government, and protect the integrity of Federal activities.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
System information may also be used:
a. By contracting officers and other Federal, state, local or tribal government employees involved in procuring goods and services with federal funds or administering Federal financial assistance programs or benefits to determine a party's eligibility status to participate in Federal procurement and non-procurement programs.
b. By a Federal, state, local, tribal, or foreign agency responsible for investigating, prosecuting, enforcing, or carrying out a statue, rule, regulation or order where records clearly indicate, or when seen with other records indicate, a violation of civil or criminal law or regulation, when the information is needed to perform a Federal duty or to decide the issues.
c. By a Federal, state, local, or tribal agency, financial institution or a healthcare or industry provider that administers federal financial or non-financial assistance programs or benefits, when the information is needed to determine eligibility.
d. By an expert, consultant, contractor, Federal, state, local, or tribal agency, or financial institution, when the information is needed to perform a Federal duty.
e. By an appeal, grievance, or formal complaints examiner, an equal employment opportunity investigator, an arbitrator, a union representative, or other official engaged in investigating or settling a grievance, complaint, or appeal filed by an employee, when the information is needed to decide the issues.
f. By a requesting Federal, state, local, or tribal agency, financial institution, or a healthcare or industry provider in connection with hiring or retaining an employee, issuing a security clearance, investigating an employee, clarifying a job, letting a contract, or issuing a license, grant, or other benefit by the requesting agency where the information is needed to decide on a Federal financial or non-financial assistance program or benefit.
g. By a member of Congress or to a congressional staff member in response to a request from the person who is the subject of the record, when the information is needed to perform a Federal duty.
h. By the Department of Justice when an agency, an agency employee, or the United States is a party to or has an interest in litigation, and the records are needed to pursue the litigation.
i. By a court or judicial body when an agency, an agency employee, or the United States is a party to or has an interest in litigation, and the records are needed to pursue the litigation.
j. By the Office of Personnel Management (OPM), the Office of Management and Budget (OMB), the Government Accountability Office (GAO) or the Interagency Suspension and Debarment Committee (ISDC) when the information is required for program evaluation purposes.
k. By the National Archives and Records Administration (NARA) for records management purposes.
l. By appropriate agencies, entities, and persons when (1) The Agency suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Agency has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by GSA or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with GSA's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
m. By the “Do Not Pay Program” which receives excluded parties information and affirmative criminal, civil, and administrative proceedings entries from entity registration records and displays it to Federal agencies for the purpose of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state in a state-administered, federally funded program. This transfer of information is authorized pursuant to the Improper Payments Elimination and Recovery Act of 2010, Executive Order 13520, and Presidential Memorandum dated June 18, 2010, which required agencies to review existing databases known collectively as the “Do Not Pay List” before the release of any Federal funds. The purpose of the “Do Not Pay List” is to help prevent, reduce and stop improper payments from being made, and to identify and mitigate fraud, waste and abuse.”
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:
Electronic records are stored on a secure server, backed up to tape media, and accessed only by authorized personnel.
System records are retrievable by searching against information in the record, including, but not limited to, the person's or entity's name, DUNS number, Social Security Number (SSN) and Taxpayer Identification Number (TIN). Searching for registration records by TIN is limited to Federal Government users. Searching for exclusion records by SSN or TIN requires an exact name match, just like in the legacy EPLS system.
System records are safeguarded in accordance with the requirements of the Privacy Act, the Computer Security Act, and the SAM System Security Plan. System roles are assigned with specific permissions to allow or prevent accessing certain information. Technical, administrative, and personnel security measures are implemented to ensure confidentiality and integrity of the system data that is stored, processed, and transmitted, including password protection and other appropriate security measures.
RETENTION AND DISPOSAL:
System records are retained and disposed of according to GSA records maintenance and disposition schedules, the requirements of the Recovery Board, and the National Archives and Records Administration. For the Entity Management functional area, SAM allows users to update and delete their own entity registration records. For the exclusions portion of the Performance Information functional area, electronic records of past exclusions are maintained permanently in the archive list for historical reference. Federal agencies reporting exclusion information in SAM should follow their agency's guidance and policies for disposition of paper records.
SYSTEM MANAGER(S) AND ADDRESS:
Integrated Award Environment Program Manager, Office of Integrated Award Environment, Federal Acquisition Service, U.S. General Services Administration, 2200 Crystal Drive, Arlington, Virginia 22202.
For the Entity Management functional area, individuals know that SAM contains a record on them because they created the record. For the exclusions portion of the Performance Management functional area, individuals receive prior notification that their names will be contained in SAM from the Federal agency that takes the action to exclude them from Federal procurement and non-procurement programs. An individual may retrieve exclusion records by accessing the SAM public portal, which displays publicly available information only. Individuals may also contact the system program manager to inquire about any records about the individual.
RECORD ACCESS PROCEDURES:
Since individuals create the entity registration record in SAM and can delete or amend the record, there should not be any questions about that entry. However, individuals can contact the system manager with questions about the operation of the Entity Management functional area. Requests from individuals to determine the specifics of an exclusion record included in SAM should be addressed to the Federal agency POC identified in the exclusion record.
CONTESTING RECORD PROCEDURES:
Individuals or entities registered in SAM can edit their own registration record information. To contest the content of an exclusion record, individuals should contact the Federal agency point of contact identified in the exclusion record. For GSA provided exclusion records, procedures for contesting the content of a record and appeal procedures can be found at 41 CFR 105-64.
RECORD SOURCE CATEGORIES:
Entity records are created by the person or entity wishing to do business with the government. Exclusion records are created by Federal agency suspension and debarment personnel.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
FEDERAL REGISTER HISTORY:
February 19, 2013, 78 FR 11648