Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF DECEMBER 18, 2014 FBO #4772
SOURCES SOUGHT

70 -- SSA COMMENT FIELD DISGUISE

Notice Date
12/16/2014
 
Notice Type
Sources Sought
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
Social Security Administration, Office of Budget, Finance, Quality and Management, Office of Acquisition and Grants, 1540 Robert M. Ball Building, 6401 Security Boulevard, Baltimore, Maryland, 21235, United States
 
ZIP Code
21235
 
Solicitation Number
SSA-RFI-15-0025
 
Archive Date
1/6/2015
 
Point of Contact
Alexandria Gordon, Phone: 4109651510
 
E-Mail Address
alexandria.gordon@ssa.gov
(alexandria.gordon@ssa.gov)
 
Small Business Set-Aside
N/A
 
Description
NOTE: This is an RFI, and, as such, is for informational and planning purposes only. This is NOT A solicitation or announcement for quotes or proposals. The Government will not reimburse vendors for any costs associated with providing information in response to this RFI or any follow-up information requests. The Government will not accept any telephone calls, or requests for a solicitation at this time. In order to protect the procurement integrity of any future procurement that may arise from this announcement, the Government will not provide information regarding technical points of contact. The Government will not make appointments for presentations. If interested, please see the Action Item section below for further instructions on how to respond to this RFI. PURPOSE: Inform industry of a potential future requirement to isolate and sanitize Personally Identifiable Information/Federal Tax Information (PII/FTI) data located in Compuware's Workbench product offering. BACKGROUND: Composite processing is an important feature of File-AID Data Privacy and is designed to process data in a field and identify values within that data and disguise each part of the composite value appropriately. SSA desires to utilize composite processing. Composite Definition Composite processing shall identify values within the source data value; these identified values are called data items. Each data item is identified independently based on the rules coded within the data item definition. Values can be identified as being a data item if they match a value in a list of values or a pattern in a list of patterns. Additional options allow data items to be identified as data that starts in a certain position, precedes or follows a value, has a specific length, etc. The composite definition includes rules for processing a data field to locate the potential data items. Each composite definition is created to process a certain type of data value and shall be coded to locate whatever data is needed from the original data value. SSA has multiple data stores that contain Comment fields that have unsanitized data interspersed. This data will be Social Security Numbers (SSNs), Client Names, Employer Names, Addresses, Phone Numbers, Employer Identification Numbers (EINs) and Bank Account numbers. SSA has three translation tables that are used for translation of SSN, Name and Address. The translation tables and the data records contain an additional key field called CASE-SSN. This is used for translation. For these data files, SSA would like to develop a mechanism to scan the Comment field, if present and replace strings that appear in the three translation tables for the matching Case-SSN. Social Security Administration (SSA) uses the Compuware commercial off the shelf (COTS) products - Data Solutions and the new Workbench product - to isolate and sanitize Personally Identifiable Information/Federal Tax Information (PII/FTI) data, such as SSN, Bank Account numbers, phone numbers, email addresses and employer identification numbers (EINs). SSA has a need to modify the Compuware COTS software products to enhance the name and address santization capability. SCOPE: Compuware's Workbench processing shall be enhanced to provide the following functionality listed below. The five requirements are defined below. 1. Variable list support 2. Composite rule logic 3. COMPRESS function 4. Legacy encrypt for character data 5. Call encrypt from custom function Variable list support This requirement shall add support for variable lists or arrays. A list of values is required when more than one value is to be processed using the same variable. Variable list support shall be available in rule logic, a new parameter types list of strings and list of numbers shall be available in custom functions. Composite rule logic The requirement SSA has is to process a comment field and disguise values within the comment that is almost exactly what composite processing was designed to handle. SSA has a need to change the values used to identify a data item each time the case changes. In addition, SSA needs to be able to process the source value prior to composite processing to compress excessive whitespace and handle punctuation variations, if needed. COMPRESS function A COMPRESS function is required to apply to the comment source the value prior to composite processing. This function would be coded to compress consecutive whitespace. If the compression is generic, the function should be written by the Contractor and included in the product. Legacy encrypt for character data SSA has been disguising EIN using the current File-AID/Data Solutions ENCRYPT. SSA would like to move from using imbedded criteria to using dynamic privacy rules. The requirement for making the transition successful is that the result of executing the new encrypt functionality shall be identical to the result SSA are currently getting from the imbedded rules. This consistence is required because not all of the test data is refreshed at the same time due to each application being of different refresh cycles. The test data may contain data which was disguised by imbedded rules and data that is disguised by Dynamic Privacy Rules (DPR) and there cannot be any possibility of getting different values for the same source values since that could cause duplication of values already assigned. In all cases, the EIN is stored in a field defined as PIC X(9) and the File-AID/Data Solutions ENCRYPT technique is used. A field mask is also included to only encrypt the last 7 digits. Call encrypt from a custom function SSA has a requirement to call the legacy encrypt functionality described above in requirement number 4 from a custom function. The DPR technique for Encryption includes the option to use a custom encryption routine. The Contractor shall write a custom encryption routine to return consistent results that are currently achieved using the File-AID/Data Solutions ENCRYPT technique. ACTION ITEM: Interested parties believing they have the capability to offer suitable supplies and services must submit sufficient information (to include your business size status) to allow SSA to determine the availability and technical capability of qualified businesses with experience integrating and customizing one or more automated tools. In your capability statements, provide narrative responses (no more than 5 pages) addressing the bulleted items above, and information supporting your experience(s) and qualifications in previous work pertinent to this effort. Interested vendors must indicate if they are able to provide these services under an existing vehicle, such a through the General Services Administration's Federal Supply Schedules Program, other Governmentwide Agency Contract, or through other commercial sources. Submit your responses via email to Alexandria Gordon, Contract Specialist, at Alexandria.Gordon@ssa.gov NO LATER THAN NOON, EASTERN STANDARD TIME ON December 22, 2014. Facsimile responses are not acceptable. Please reference SSA-RFI-15-0025 in the email subject line. The file size limitation for e-mail attachments is 5 megabytes.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/SSA/DCFIAM/OAG/SSA-RFI-15-0025 /listing.html)
 
Place of Performance
Address: Social Security Administration, Office of Acquisition and Grants, 1540 Robert M. Ball Building, 6401 Security Boulevard, Baltimore, Maryland, 21235, United States
Zip Code: 21235
 
Record
SN03597480-W 20141218/141216234719-cb6b4a9568312267adde1b549d02f869 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.