The General Services Administration has decided to streamline the way it provides identity protection services, rebranding a special item number (SIN) to focus on mitigation and data breach detection on the Professional Services Schedule.
In a Jan. 19 request for information, GSA’s Office of Professional Services and Human Capital Categories announced its intention to change SIN 520-20’s focus from that of its current role of Comprehensive Protection Solutions — which provides customized products for credit monitoring services, risk assessment and mitigation services, independent risk analysis and data breach analysis — to one that focuses on identity protection and data breach response.
Read the RFI
“This redefined SIN will require industry to have the ability to provide an integrated total solution of services that include identity monitoring, identity theft insurance, safeguarding and restoration services, breach mitigation and forensic services,” the RFI said. “If this SIN is awarded, firms will then have the ability to offer all or part of the services listed.”
GSA is looking for industry comment on the impact of rebranding 520-20 and modifying the language of SIN 520-16, which provides Business Information Services and 520-17, which provides Risk Mitigation Services.
Under the new SIN, companies seeking to provide any identity protection services will first have to meet the requirements of 520-20.
The rebranded SIN will include a firm-fixed-price per impacted individual, per month for all services covered under 520-20 — barring any changes at the task order level.
GSA would also encourage contractors to provide line-item pricing for individual services that could be ordered independently under the SIN in the event of a breach.
Industry stakeholders have until 5 p.m. on Feb. 21 to offer input on the proposed changes to 520-20, its pricing structure and the effect on current contracts.
For more information, contact GSA at