Data Integrators, Inc.

Decision

Matter of: Data Integrators, Inc.

File: B-410517

Date: December 29, 2014

DIGEST

Protest that agency improperly rejected protester’s low bid for printing after finding that the company was not responsible is denied where the record, as a whole, shows that the agency reasonably found the protester did not demonstrate that it could meet the solicitation’s security requirements.

Data Integrators, Inc., of Fredericksburg, Virginia, protests the award of a contract under invitation for bids (IFB) No. 102-S by the Government Printing Office (GPO) to Harland Clarke d/b/a Scantron Survey Services. Data Integrators argues that it submitted the lowest bid, but that the GPO rejected its bid after unreasonably determining that Data Integrators was not a responsible contractor.

We deny the protest.

BACKGROUND

The GPO issued IFB No. 102-S on June 24, 2014, seeking bids to print and mail Department of Labor, Bureau of Labor Statistics (BLS) Annual Refiling Survey (ARS) forms packages. The contractor will also be required to receive and process the responses, including “scanning responses’ barcodes; creation and transfer of data response files from scanning; and packaging and shipping of returned responses.” IFB at 9. The IFB contemplated the award of a single, fixed-price indefinite-delivery/indefinite-quantity contract, with economic price adjustments, with a 1-year base period and up to four 1-year options. Id. at 1.

As relevant here, most of the production activity involves access to information BLS has determined to be sensitive and confidential. For this reason, the solicitation contained security requirements, including the following:

Production Area - The contractor must provide a secure area(s) dedicated to the processing and storage of data for the “Survey Forms” (either a separate facility dedicated to this product or a walled‑in limited access area within the contractor’s existing facility). Access to the area(s) shall be limited to security-trained employees involved in the production of Survey Forms designated as authorized persons as defined within Attachment 4.

IFB at 6.

Based on Data Integrator’s bid, as well as additional correspondence provided by the protester on August 20, after bid opening, the contracting officer found that although Data Integrators submitted the bid that offered the lowest evaluated price, the protester was not a responsible bidder for the award.[1] Agency Report (AR), Tab 6, Determination and Findings, at 1. Specifically, the contracting officer found that Data Integrators failed to establish that it met the security requirements laid out in the solicitation because it did not offer a dedicated separate facility or a walled-in limited access area. Id. The contracting officer concluded that while Data Integrators stated that the work would be done by security trained employees, its production area was, in fact, accessible to all employees and visitors accompanied by an employee. Id.; Contracting Officer’s Statement at 1. In this regard, Data Integrators offered to stage and hold printed materials in a “cordoned off area on the production floor with a separate CCTV camera until a print order is complete.” Contracting Officer Statement at 1; Protest, exh. 3, Data Integrator’s Bid, at 11. The agency also noted that the floor plan provided by Data Integrators failed to show the equipment to be used and the printing and finishing locations. Contracting Officer Statement at 2; Protest, exh. 3, Data Integrator’s Bid, at 11.

The contracting officer noted as well that Data Integrators had recently defaulted on another GPO contract, contract No. 327-S, for reasons including its inability to meet security requirements. AR, Tab 6, Determination and Findings, at 1. In this regard an onsite survey conducted on July 22, 2014, in connection with contract No. 327-S, showed that, although the work was required to be performed in an area secured and separate from the rest of the facility, the performance area was “only delineated by masking tape on the floor and plastic balusters with plastic chains attached.” AR, Tab 5, Program 327-S Test Report, at 3. The report also noted that temporary employees performed some of the work, which was not permitted under the contract. Id. The contracting officer concluded that this information further justified finding the protester nonresponsible for award here. AR, Tab 6, Determination and Findings, at 1.

The contracting officer notified Data Integrators that it had been found to be not responsible, and its bid had not been accepted. Protest, Tab 16, Letter from GPO to Data Integrators (Aug. 22, 2014). The agency stated that it found Data Integrators nonresponsible because it did not “demonstrate[ ] its ability” to provide a secure area “dedicated to the processing and storage of data” for the survey forms. Id. The agency then issued a purchase order to the second-lowest bidder under the IFB, Harland Clarke. AR, Tab 7, Contract Review Board Action (Aug. 22, 2014). This protest to our Office followed.

DISCUSSION

Data Integrators argues that GPO unreasonably found that it was not a responsible contractor. For the reasons discussed below, we conclude that the contracting officer reasonably determined that Data Integrators’ failure to meet the security requirements laid out in the IFB rendered the firm nonresponsible.

GPO awards contracts under the authority of the GPO Printing Procurement Regulation (PPR). In a policy analogous to the Federal Acquisition Regulation responsibility requirements, the PPR provides that GPO contracts may be awarded to “responsible prospective contractors only.” PPR ch. 1, § 5.1. The PPR also states that the burden is on the prospective contractor to affirmatively demonstrate that it is responsible, either through the satisfactory performance on prior similar contracts or by presenting evidence of its ability to satisfy the contract requirements. Id. § 5.5.

In our cases addressing the responsibility determinations made by GPO, our Office has held that a contracting officer is vested with broad discretion in exercising his or her business judgment in making a nonresponsibility determination. Document Printing Serv., Inc., B-256654, B-257051, July 8, 1994, 94-2 CPD ¶ 13 at 3. Our Office generally will not disturb a nonresponsibility determination unless a protester can show either that the procuring agency had no reasonable basis for the determination or that it acted in bad faith. Id. In our review of nonresponsibility determinations, we consider only whether the negative determination was reasonably based on the information available to the contracting officer at the time it was made. IPI Graphics, B-286830, B-286838, Jan. 9, 2001, 2001 CPD ¶ 12 at 3 (protest denied where record of protester’s failures to meet printing quality requirements in recent contracts were a reasonable basis for nonresponsibility determination by GPO).

As discussed above, the contracting officer identified concerns regarding Data Integrator’s proposed security plan. Although the protester’s bid stated that sensitive data would be received in server room that was controlled with a cipher lock, and that “[s]ensitive material is stored in a locked area that is only accessible by authorized personnel,” the bid also explained that the finished materials would be handled as follows: “Finished materials will need to be staged and held until a print order is complete. This staging area will be a cordoned off area on the production floor with a separate [closed circuit television] camera.” Protest, exh. 3, Data Integrator’s Bid, at 11.

The contracting officer found that because the finished materials would be held in a cordoned-off area of the production floor, to which all employees and escorted visitors would have access, the security plan did not comply with the solicitation requirements. AR, Tab 6, Determination and Findings, at 1. The contracting officer also found that, based on information from a preaward survey for contract No. 327‑S, the protester did not have “a separate or walled secured area large enough to produce and store the materials” in compliance with the security requirements. Id. The contracting officer noted that although the protester provided a floor plan, it did not clearly show the equipment that would be used or how printed and finished materials would be secured. See id.; Contracting Officer’s Statement at 2.

Data Integrators contends that its August 20 post bid opening exchanges with GPO demonstrated the company’s compliance with the security requirements. The protester notes that its letter provided additional information regarding its server room, and also stated that “another room accessed by two cipher locks will be dedicated to any processing that is needed outside of the server room.” Protest, exh. 10, Letter from Data Integrators to GPO (Aug. 20, 2014), at 1.

We do not agree with the protester that its description of its security processes in the August 20 letter clearly explained that all of the work would be performed in a secured area, as required by the IFB. In this regard, while the initial bid explained that the finished product would be held in a cordoned-off area on the production floor, to which all employees and escorted visitors had access, the August 20 letter did not address this matter. Additionally, as the agency found, the floor plan provided by the protester did not clearly explain the size for the area where the work would be performed, nor did it clearly explain the work process or that it would be conducted entirely within the secure rooms.[2] On this record, we find no basis to sustain the protest.

Data Integrators also argues that GPO should not have relied on survey information from another contract in making responsibility determination. The record here shows, however, that the cordon approach appeared similar to the approach set forth in the protester’s bid. Additionally, the survey information stated that Data Integrators did not have a secure space that was large enough to produce and store the materials as required by the solicitation. As the PPR provides, a contracting officer may consider “any other known documentation which will offer assistance in the decision-making process,” including performance on other contracts. PPR ch. 1, § 5.5; see also The Standard Register Co., B-289579, Mar. 5, 2002, 2002 CPD ¶ 54 at 3 (citing broad discretion for GPO contracting officers to consider past performance information regarding other contracts in responsibility determinations). We therefore think that the CO reasonably considered the survey from the other contract in the responsibility determination here.

Finally, Data Integrators also argues that it has used its secure server room to perform contracts for other agencies, such as the Social Security Administration, “with no problems.” Comments at 2. As our Office has held, each procurement stands on its own, and an agency is not required to defer to evaluations or findings regarding responsibility made in different procurements. Securiguard, Inc. et al., B‑254392 et al., Feb. 9, 1994, 94-1 CPD ¶ 92 at 7. Moreover, the PPR states that GPO must, for each contract award, find the contractor responsible based on the available information. PPR §§ 5.1, 5.5; see also FAR subpart 9.1. On this record, we conclude GPO’s nonresponsibility regarding Data Integrators was reasonable.

The protest is denied.

Susan A. Poling
General Counsel