Identity Protection Services (IPS) Multiple Award Blanket Purchase Agreement (BPA)

To ensure our federal customers have access to a pool of well qualified contractors capable of providing identity protection services to include data breach response and protection identity monitoring, GSA offers governmentwide Federal Supply Schedule (FSS), Blanket Purchase Agreements (BPAs), to provide theses services.

Under the BPAs, which are in effect until 2020, federal agencies have access to a variety of identity protection services (IPS) covering both routine protection services that include:

  • Consumer credit reports, address verification reports, and credit risk assessments; and
  • Recovery services involving suspected or actual breaches of sensitive personally identifiable information.

The IPS governmentwide multiple award BPAs are the preferred source in accordance with OMB Memo M-16-14. The BPAs provide identity monitoring data breach response and protection services for the federal government including:

  • Business information services;
  • Credit monitoring services;
  • Identity monitoring services;
  • Identity theft insurance;
  • Identity restoration services;
  • Website services; and
  • Call center services (related to these requirements).


Note that agencies can also secure comprehensive data breach response and identity protection services through the Professional Services Schedule: SIN 520-20. This SIN was redefined as Data Breach Response and Identity Protection Servicesin October 2017 to allow agencies to secure a total solution for IPS and allows the ordering office to tailor their scope for only selective segments of services found under this SIN. GSA is working with industry to expedite any incoming modifications and new offers for these type of services to meet customer demand.


Tiers of Experience

Two tiers of contractors are available under the BPAs:

  • Tier 1: Is awarded only to Contractors with experience in responding to data breaches impacting populations of significant size (benchmark of 21.5 million); and
  • Tier 2: Includes Contractors with general experience in providing routine data breach responses.

Tier 1 Contractors are included in Tier 2. Ordering Contracting Officers have the discretion to compete task orders (TO) at either Tier regardless of the impacted population size.

During the performance period of the BPAs, Tier 2 Contractors not selected as Tier 1 service providers can provide to the BPA Contracting Officer evidence of their experience in responding to data breaches impacting populations of significant size and based on that documentation, may be added to Tier 1.

Authorized Users

Any warranted Contracting Officer from authorized users of the Schedules program, within the scope of their delegated procurement authorities, may place orders against the BPA(s).

IPS BPA Ordering Period

Five years from September 01, 2015, through August 31, 2020. Orders (including order options) have their own period of performance. Any orders placed during the BPA ordering period may extend beyond that period (including the right to exercise order options) and be completed in accordance with the Contractor’s FSS FAR clause 52.216-22 paragraph (d).

Order Dollar Value Limitations

Unlike most ID/IQ Contracts, BPAs do not have a dollar value ceiling. Thus there is no dollar value limitation on the size of an order.

Small Business Credit

Agencies will receive small business credit when issuing orders to small business BPA holders. For BPAs based on a Contractor Teaming Arrangement (CTA), a small business team member may be designated as the CTA lead for any task order as applicable. Hence, all CTA members have been assigned BPA numbers for this purpose. Agencies are also authorized if applicable to set-aside orders for small business. See ordering procedures for further details.

IPS BPA Award Information

This IPS BPA Award Matrix [XLSX - 12 KB]provides a listing of all BPA holders.

The following is a list of each IPS BPA Award Package which includes BPA Scope, Terms, Conditions and Prices:

ID Experts

Ladlas Prince


IPS BPA Ordering Procedures

The IPS BPA Ordering Procedures [PDF - 271 KB] provide high level ordering guidance for customer agencies issuing task orders against these BPAs. General ordering procedures, small business set-aside procedures, and Federal Procurement Data System (FPDS) recording procedures necessary to correctly record awards to Contractor Teaming Arrangement (CTA) teams are addressed.

Use this IPS BPA Contractor Email List to email BPA Holders for RFQ/RFI purposes. If it does not populate the "to" field in your email client correctly, use this Contractor Email List [XLSX - 10 KB] to copy and paste in the “to” field of your email client.

IPS BPA Task Order Level Quote Instructions for Contractors

The IPS BPA Contractor TO Level Quote Instructions [PDF - 12 KB] provide information for BPA contractors competing for task orders issued against these BPAs. Pricing, team lead assignment and small business set-aside instructions are addressed.

OMB Memo

Category Management Policy 16-2: Providing Comprehensive Identity Protection Services, Identity Monitoring, and Data Breach Response (Issued July 1, 2016)


Email Professional Services

The shortcut to this page is

Last Reviewed: 2020-02-21