39 CFR 501.3 - Postage Evidencing System provider qualification.
(a) Satisfy the Postal Service of its integrity and financial responsibility.
(c) As a condition of obtaining authorization under this section, the Postage Evidencing System provider's facilities used for the manufacture, distribution, storage, resetting, or destruction of postage meters and all facilities housing infrastructure supporting Postage Evidencing Systems will be subject to unannounced inspection by representatives of the Postal Service. If such facilities are outside the continental United States, the provider will be responsible for all reasonable and necessary travel-related costs incurred by the Postal Service to conduct the inspections. Travel-related costs are determined in accordance with Postal Service Handbook F-15, Travel and Relocation. At its discretion, the Postal Service may continue to fund routine inspections outside the continental United States as it has in the past, provided the costs are not associated with particular security issues related to a provider's Postage Evidencing System or supporting infrastructure, or with the start-up or implementation of a new plant or of a new or substantially changed manufacturing process.
(1) When conducting an inspection outside the continental United States, the Postal Service will make every effort to combine the inspection with other inspections in the same general geographic area in order to enable affected providers to share the costs. The Postal Service team conducting such inspections will be limited to the minimum number necessary to conduct the inspection. All air travel will be contracted for at the rates for official government business, when available, under such rules respecting class of travel as apply to those Postal Service representatives inspecting the facility at the time the travel occurs.
(2) If political or other impediments prevent the Postal Service from conducting security evaluations of Postage Evidencing System facilities in foreign countries, Postal Service approval of the activities conducted in such facilities may be suspended until such time as satisfactory inspections may be conducted.
(d) As the provider bears the ultimate responsibility to ensure customer information will not be compromised at any domestic or off shore locations, the provider (as well as its agent operating domestic or off shore locations) will not cause or permit data to be released other than for the operation of the third-party location. The provider shall notify its customer that data relating to its systems is being housed by a third-party location, and shall provide a copy thereof to the Postal Service of such notice to its customers. To the extent that any unauthorized release takes place, the vendor shall notify the Postal Service immediately upon discovery of any unauthorized use or disclosure of data or any other breach or improper disclosure of data of this agreement by the provider (as well as its agent operating the third-party location) and will cooperate with the Postal Service in every reasonable way to help the Postal Service regain possession of the data and prevent its further unauthorized use or disclosure. In the event that the Postal Service cannot regain possession of the data or prevent its further unauthorized use or disclosure, the provider shall indemnify the Postal Service from damages resulting from its (or such third-party) actions.
(e) Have, or establish, and keep under its active supervision and control adequate facilities for the control, distribution, and maintenance of PES and their replacement or secure disposal or destruction when necessary and appropriate.
Title 39 published on 2015-08-22
The following are ALL rules, proposed rules, and notices (chronologically) published in the Federal Register relating to 39 CFR Part 501 after this date.