TeamViewer - Subscription Renewal
| Location: | Ohio |
|---|---|
| Posted: | Jan 27, 2026 |
| Due: | Feb 11, 2026 |
| Agency: | State Government of Ohio |
| Type of Government: | State & Local |
| Category: |
|
| Solicitation No: | SRC0000036599 |
| Publication URL: | To access bid details, please log in. |
| Solicitation ID: | SRC0000036599 |
| Solicitation Name: | TeamViewer - Subscription Renewal |
| Original Begin Date: | 1/27/2026 11:53:28 AM |
| Begin Date: | 1/27/2026 11:53:28 AM |
| End Date: | 2/11/2026 4:00:00 PM |
| Inquiry End Date: | 2/10/2026 5:00:00 PM |
| Commodity: | Maintenance or support fees |
| MBE Set Aside: | MBE Set Aside |
| Agency: | DDD106010 ITS DDS OFFICE FRAN1 |
| Solicitation Status: | Open for Bidding |
| Solicitation Type: | Quick Quote |
Solicitation General Information
|
In an MBE set-aside solicitation, only those bidders/suppliers with an active MBE certification at the time the solicitation closes can submit a response
|
|||
|
Solicitation ID
SRC0000036599
|
|||
|
Solicitation Name
TeamViewer - Subscription Renewal
|
RFx Type
Quick Quote
|
||
|
Lot #
1
|
Solicitation Status
Open for Bidding
|
||
|
Round #
1
|
MBE Set Aside
|
||
|
Begin Date
1/27/2026 11:53:28 AM (ET)
|
Amendment?
|
||
|
End Date
2/11/2026 4:00:00 PM (ET)
|
Inquiry End Date
2/10/2026 5:00:00 PM
|
||
|
Summary
This quote is for the Ohio Department of Developmental Disabilities
Shipping will need to come directly to: State of Ohio: Dept. of Developmental Disabilities Information Technology Services Attn; Kim Lewis 30 E. Broad St., 13th Floor Columbus, Ohio 43215 Contact Information: Kim Lewis 614-369-4083 Qty 1 – TeamViewer Tensor Basic – Subscription Renewal 5 Tensor Agents 2,500 Managed Devices |
Predecessor Contract
|
||
|
Process
RFQ – TeamViewer Tensor Basic – Subscription Renewal
|
|||
|
Ship To
P003547 DDD Information Tech Systems 30 East Broad St 13th FL Columbus
|
|||
1 Record(s)
|
0 Record(s)
|
Solicitation Documents
1 Record(s)
|
Attachment Preview
DATA SECURITY AND PRIVACY TERMS
These Data Security and Privacy Terms (“Terms”) describe the responsibilities for the Contractor relating
to State information security and privacy standards and requirements for all proposed solutions, whether
cloud, on-premises, or hybrid based. These Terms applies to all work and services across all environments,
and State of Ohio (“State”) and Contractor locations (e.g., cloud (Software as a Service, Platform as a
Service, or Infrastructure as a Service), on-premises, or hybrid) along with the computing elements that the
Contractor will perform, provide, occupy, or utilize in performing the work, and any Contractor access to
State resources in conjunction with the delivery of work.
The Contractor must comply with the State IT Security Policies and Standards and these Terms and must
accept the security and privacy requirements outlined in these Terms in their entirety, as they apply to the
services being provided to the State. The Contractor will be responsible for maintaining information security
in any environments under the Contractor’s management in accordance with State IT Security Policies and
Standards.
These Terms apply to the following:
A. Major and minor projects, upgrades, updates, fixes, patches, and other software and systems
inclusive of all State elements or elements under the Contractor’s responsibility utilized by the
State.
B. Any systems development, integration, operations, and maintenance activities performed by the
Contractor.
C. Any authorized change orders, statements of work, renewals, or amendments to the Contract.
D. Contractor locations, equipment, and personnel that access State systems, networks, or State Data
directly or indirectly.
E. Any Contractor personnel that have access to State Data.
These Terms are in addition to the Contract terms and conditions. In the event of a conflict between the
Contract and these Terms, the most stringent standard will prevail.
Definitions
1. Contractor for purposes of these Terms, includes subcontractors or other personnel under the
authority or control of the Contractor performing the work or providing the services under this Contract.
2. Personally Identifiable Information means information that can be used directly or in combination
with other information to identify a particular individual. It includes:
A. A name, identifying number, symbol, or other identifier assigned to a person,
B. Any information that describes anything about a person,
C. Any information that indicates actions done by or to a person,
D. Any information that indicates that a person possesses certain personal characteristics,
E. The definitions of “personal information” in Revised Code chapters 1347.01, 1347.04 through
1347.99, and
F. The various other definitions of “personal information” throughout the Ohio Revised Code.
3. Security Event has the meaning set forth in Section 7 of these Terms.
4. Security Incident has the meaning set forth in Section 7 of these Terms.
5. State Data means all data and information provided by, created by, created for, or related to the
activities of the State and any information from, to, or related to all persons that conduct business or
personal activities with the State, including, but not limited to Sensitive Data.
6. Sensitive Data means any type of data that presents a high or moderate degree of risk if released,
disclosed, modified, or deleted without authorization. There is a high degree of risk when unauthorized
release or disclosure is contrary to a legally mandated confidentiality requirement. There may be a
Data Security and Privacy Terms
Page 1 of 18
Version 1.0 - 03/24
moderate risk and potentially a high risk in cases of information for which an agency has discretion
under the law to release data, particularly when the release must be made only according to agency
policy or procedure.
Sensitive Data includes, but is not limited to:
A. Personally Identifiable Information (PII);
B. Family Educational Rights and Privacy Act (20 U.S.C. § 1232g);
C. Federal Tax Information (FTI) under IRS Publication 1075 - Tax Information Security Guidelines for
federal, state, and local agencies;
D. Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act
(45 CFR Part 160 and Subparts A, C, and E of Part 164); United States Code 42 U.S.C. 1320d
through 1320d-9 (HIPAA); and Code of Federal Regulations for Public Health and Public Welfare:
42 C.F.R. 431.300, 431.302, 431.305, 431.306, 435.945, 45 C.F.R. 164.502(e) and 164.504(e);
E. Criminal Justice Information (CJI) under the Federal Bureau of Investigation’s Criminal Justice
Information Services (CJIS) Security Policy available at https://le.fbi.gov/cjis-division/cjis-security-
policy-resource-center;
F. Payment Card Industry Data Security Standards;
G. Social Security Administration (SSA) Data which is data received by the State from the Social
Security Administration in accordance with the current Computer Matching and Privacy Protection
Act between the State of Ohio and the Social Security Administration; and
H. Other types of information not associated with an individual such as security and infrastructure
records, trade secrets, and business bank account information.
7. State IT Security Policies and Standards means the policies and standards available at
https://das.ohio.gov/technology-and-strategy/information-security-privacy/information-security-
governance.
Requirements
1. The Contractor’s Responsibilities Generally
The Contractor is responsible for maintaining the security of information in accordance with the applicable
security baseline of the current published version of the National Institute of Standards and Technology
(“NIST”) Special Publication (“SP”) 800-53, “Security and Privacy Controls for Federal Information Systems
and Organizations,” (“NIST 800-53”) commensurate with the type of State Data involved in the Contract as
communicated by the State. If the State is providing the network layer, the Contractor must be responsible
for maintaining the security of the information in environment elements that are accessed, utilized,
developed, or managed by the Contractor. In either scenario, the Contractor must implement information
security policies, standards, and capabilities as set forth in the Contract, adhere to State IT Security Policies
and Standards, and use procedures in a manner that does not diminish established State capabilities and
standards. All work performed by the Contractor, all deliverables provided by the Contractor, and all
environments utilized to perform the Contractor’s work must comply with State IT Security Policies and
Standards. The Contractor’s information security and technology responsibilities with respect to the work
and services the Contractor is providing to the State include the following, where applicable:
A. Support State IT security policies, standards and procedures development and maintenance
activities. Assist in the implementation of associated security procedures with the State’s review
and approval, including physical access requirements, User ID approval procedures, and a Security
Incident action and response plan.
B. Support implementation and compliance monitoring as per State IT Security Policies and
Standards.
C. Upon identification of a potential issue with maintaining an “as provided” State infrastructure
element in accordance with a more stringent State level security policy, the Contractor must identify
Data Security and Privacy Terms
Page 2 of 18
Version 1.0 - 03/24
and communicate the nature of the issue to the State, and, if possible, outline potential remedies
for consideration by the State.
2. Protection and Handling of State Data
Contractor shall maintain an Information Security Program (“ISP”) made up of policies, procedures,
technical and organizational safeguards, and training designed to protect State Data against unauthorized
loss, destruction, alteration, access, or disclosure. To protect State Data, the Contractor must use due
diligence to ensure computer and telecommunications systems and services involved in storing, using, or
transmitting State Data are secure and to protect State Data from unauthorized disclosure, modification,
use or destruction. To accomplish this, the Contractor must adhere to the following requirements regarding
State Data in addition to the confidentiality requirements in the Contract:
A. Assume all State Data is both confidential and critical for State operations.
B. Maintain, in confidence, State Data it may obtain, maintain, process, or otherwise receive from or
through the State during, and pursuant to, the provisions of the Contract and these Terms.
C. Use and permit its employees, officers, agents, and subcontractors to use any State Data received
from the State solely to perform its obligations under the Contract.
D. Not sell, rent, lease, disclose, or permit its employees, officers, agents, and sub-contractors to sell,
rent, lease, or disclose, any such State Data to any third party, except as permitted under the
Contract or required by applicable law, regulation, or court order.
E. Take all commercially reasonable steps to (a) protect the confidentiality of State Data received from
the State and (b) establish and maintain physical, technical, and administrative safeguards to
prevent unauthorized access by third parties to State Data received by the Contractor from the
State.
F. Apply appropriate risk management techniques to balance the need for security measures against
the sensitivity of State Data.
G. Ensure that internal security policies, plans, and procedures address the basic security elements
of confidentiality, integrity, and availability of State Data, and periodically review and update these
policies, plans, and procedures as needed.
All State Data at rest in systems supporting the Contractor’s services must reside within the contiguous
United States with a minimum of two data center facilities at two different and distant geographic locations
and be handled in accordance with the requirements of these Terms at all Contractor locations.
If the Contractor will be handling Sensitive Data, the State may require additional documentation such as
the Contractor’s information security policies and procedures, contingency plans, or incident response
plans, a Privacy Impact Assessment (PIA), FIPS-199 compliance documentation, a NIST-compliant System
Security Plan (SSP), and Plans of Action and Milestones (POA&M) documentation.
3. Security Standards and Warranties
All solutions shall operate at the moderate level baseline as defined in the current published version of
NIST 800-53, be consistent with Federal Information Security Management Act, 44 U.S.C. § 3551 et seq.
(“FISMA 2014”) requirements, and offer a customizable and extendable capability based on open-
standards APIs that enable integration with third party applications.
Contractor’s information security program protects State Data by aligning with NIST 800-53 to implement
an industry security and privacy standard including, at a minimum:
Data Security and Privacy Terms
Page 3 of 18
Version 1.0 - 03/24
A. Security and confidentiality of State Data.
B. Protection against anticipated threats or hazards to the security or integrity of State Data.
C. Protection against the unauthorized access to, disclosure of, or use of State Data.
D. Give access to State Data only to those individual employees, officers, agents, and sub-contractors
who need to know such information in connection with the performance of the obligations under
the Contract.
E. Cooperate with any attempt by the State to monitor compliance with the foregoing obligations as
reasonably requested by the State.
F. Promptly destroy or return to the State, in a format designated by the State, all State Data received
from or through the State upon completion of the work under the Contract or upon termination or
expiration of the Contract.
G. Maintain appropriate and effective business continuity and disaster recovery plans to ensure
resiliency of State Data and business operations.
H. Maintain a privacy policy that includes, at a minimum, processes for the State to obtain individual
privacy consent for the use of PII, at the determination of the State, and to respond to individuals’
requests to access, correct, and delete their PII unless otherwise expressly agreed to in the
Contract. All PII, including PII that has been de-identified, is considered State Data and
Confidential Information under this Contract.
Contractor must scan all source code for vulnerabilities, including before and after any source code changes
are made, and must promptly remediate any and all vulnerabilities and provide the State with patches to
address the vulnerabilities at no cost to the State. Contractor must follow best practices for application code
review and the most current version of the Open Source Foundation for Application Security (OWASP) top
10.
In addition to the warranties provided and pursuant to the terms of the warranties section of the Contract
(i.e., notification, correction, and indemnification), Contractor warrants that its software and/or service are
free from any and all defects in materials, workmanship, and design. Contractor warrants that the software
is free from any and all viruses, malware, and other harmful or malicious code.
4. Permitted Disclosure to Third Parties
Disclosure of State Data is permitted as set forth in the Contract. Additionally, disclosure of State Data is
also permitted when required by applicable law, regulation, court order or subpoena. If the Contractor or
any of its representatives are ordered or requested to disclose any information provided by the State,
whether Sensitive Data or otherwise, pursuant to court or administrative order, subpoena, summons, or
other legal process or otherwise believes that disclosure is required by any law, ordinance, rule or
regulation, the Contractor must notify the State within 24 hours of receipt of the order or request in order
for the State to seek a protective order or take other appropriate action, as desired. The Contractor must
also cooperate in the State’s efforts to obtain a protective order or other reasonable assurance that
confidential treatment will be accorded the information provided by the State.
If, in the absence of a protective order, the Contractor is compelled as a matter of law to disclose the
information provided by the State, the Contractor may disclose to the party compelling disclosure only the
part of such information as is required by law to be disclosed (in which case, prior to such disclosure, the
Contractor must advise and consult with the State and its counsel as to the scope of such disclosure and
Data Security and Privacy Terms
Page 4 of 18
Version 1.0 - 03/24
the nature of wording of such disclosure) and must use commercially reasonable efforts to obtain
confidential treatment for the information disclosed.
The Contractor may disclose Confidential Information to the following people, subject to the requirements
of the Contract and these Terms:
A. To State or Federal auditors or regulators.
B. To service providers and agents of either party as permitted by law, provided that such service
providers and agents are subject to binding confidentiality obligations.
C. To the professional advisors of either party, provided that such advisors are obligated to maintain
the confidentiality of the information they receive.
5. Auditing
A. The Contractor must obtain an annual audit of the services being provided under this Contract that
meets the American Institute of Certified Public Accountants (AICPA) Statements on Standards for
Attestation Engagements (SSAE) No. 18, Service Organization Control 1 Type 2 and Service
Organization Control 2 Type 2. The audit must cover all operations pertaining to the services
covered by this Contract. The audit will be at the sole expense of the Contractor and the results
must be provided to the State within 30 days of Contractor’s receipt of its audit results each year.
B. The State may, at any time in its sole discretion, elect to perform a Security and Data Protection
Audit. This includes a thorough review of Contractor controls, security and privacy functions and
procedures, data storage and encryption methods, and backup and restoration processes. The
State may utilize a third-party contractor to perform such activities to demonstrate that all security,
privacy, and encryption requirements are met. The State will provide its request in writing and will
work with the Contractor to schedule time to conduct the audit.
C. At no cost to the State, the Contractor must immediately remedy any issues, material weaknesses,
or other items identified in each audit as they pertain to the services provided under this Contract.
6. Background Investigations of Contractor Personnel
The State of Ohio may conduct background investigations on Contractor personnel that may have access
to State Data or as otherwise deemed necessary by the State. Any person who (a) has been convicted at
any time of any criminal offense involving dishonesty, a breach of trust, money laundering, or who has
entered into a pre-trial diversion or similar program in connection with a prosecution for such offense, (b) is
named by the Office of Foreign Asset Control (OFAC) as a Specially Designated National, or (c) has been
convicted of a felony may not perform certain services under the Contract. Contractor personnel who will
have access to FTI or CJI must complete required background investigations that are favorably determined
prior to being permitted to access the information. In addition, existing Contractors whose personnel already
have access to FTI or CJI that have not completed the required background investigations within the last
five years must complete the required background investigations that are favorably adjudicated prior to
being permitted continued access to the information. If any Contractor personnel with existing access to
the information have an unfavorably adjudicated background investigation completed, the State may
terminate that personnel’s access to the information.
7. Security Incidents
A. Definitions. A security incident threatens the confidentiality, integrity, or availability of State
information resources. A “Security Incident” means there is a successful unauthorized access, use,
disclosure, modification, or destruction of information or interference with system operations in an
information system. A “Security Event” is any observable occurrence that is relevant to information
Data Security and Privacy Terms
Page 5 of 18
Version 1.0 - 03/24
This is the opportunity summary page. It provides an overview of this opportunity and a preview of the attached documentation.
Daily notification on new contract opportunities
With GovernmentContracts, you can:
- Find more opportunities and win more business
- Receive daily alerts for all new bid opportunities
- Get contract opportunities matched to your business
See also
...Project ID: GD 26-31 Title: Sprinkler System Periodic Testing, Inspections & Maintenance..., Inspections ...
Greater Dayton Regional Transit Authority
Bid Due: 6/16/2026
...maintenance service MBE Set Aside: MBE Set Aside Agency: COM650000 State Fire Marshal ...
State Government of Ohio
Bid Due: 6/16/2026
...): May 28, 2026, 10:00am 600 Longworth Drive, Dayton, OH 45402 Maintenance Conference ...
Greater Dayton Regional Transit Authority
Bid Due: 6/18/2026
...-Mandatory): May 28, 2026, 10:00am 600 Longworth Drive, Dayton, OH 45402 Maintenance Conference ...
Greater Dayton Regional Transit Authority
Bid Due: 6/18/2026
* Disclaimer: Information regarding bids, requests for proposals (RFPs), or requests for qualifications (RFQs) is provided on this website only for convenience and does not constitute official public notice. Persons wishing to respond to or inquire about bids, RFPs, or RFQs should contact the appropriate government department.