What is Decree No. 260 / 2016 Coll.?

Decree No. 260 / 2016 Coll., laying down more detailed conditions concerning electronic instruments, electronic procurement operations and certificates of conformity — Ordinance on more detailed conditions for electronic instruments, electronic procurement operations and certificates of conformity.

When it became Decree No. 260 / 2016 Coll. effectiveness?

Decree No. 260 / 2016 Coll. became effective 01.10.2016.

Is Decree No. 260 / 2016 Coll. still valid?

Yes, Decree No. 260 / 2016 Coll. is still valid and effective.

How many times was it Decree No. 260 / 2016 Coll. amended?

Decree No. 260 / 2016 Coll. has 3 time versions of the text.

Decree No. 260 / 2016 Coll. - Ordinance on more detailed conditions fo...

260

DECLARATION

of 21 July 2016

laying down more detailed conditions concerning electronic instruments, electronic procurement operations and certificates of conformity

According to Section 213 (3) of Act No. 134 / 2016 Coll., on Public Procurement ("the Act '), the Ministry of Local Development provides:

§ 1

Subject matter

(1) This Decree provides

(a) the conditions for the provision and access of documents and information by electronic means;

(b) conditions of service by means of an electronic instrument;

(c) conditions for the submission, receipt and opening of tenders, requests to participate and proposals in the design competition by means of an electronic instrument;

(d) requirements for electronic procurement operations;

(e) requirements for recording electronic operations;

(f) the conditions for issuing the certificate of conformity;

(g) the particulars and validity of the certificate of conformity;

(h) requirements for the functional characteristics of the electronic instrument and the environment in which the electronic instrument is to be operated in relation to the certification of the electronic instrument; and

(i) the technical details of the contracting authority's profile.

(2) This decree applies to legal relations which are not covered by the directly applicable European Union regulation on trust services for electronic transact1).

§ 2

Definition of terms

For the purposes of this decree:

(a) by a certification audit, the process of attesting the conformity of an electronic instrument carried out by a conformity assessment body accredited by a national accreditation body on the basis of another legislation or by a directly applicable European Union Regulation in the field of accreditation and supervision (2) (hereinafter referred to as the certifying authority);

(b) by certification rules, a summary of the conditions and assumptions under which the certification audit will be carried out, established by the certifying authority;

(c) by a public key certificate, a data message that links the contracting authority's public key to the contracting authority in a credible manner, serves to transmit the public key and may serve to verify the identity of the contracting authority and the address of its website;

(d) time information to record the date and time of the electronic operation, indicating the hour, minute and second;

(e) by an electronic address, a place for receiving messages under the electronic instrument;

(f) a functional summary of the functional characteristics of the electronic instrument used for the implementation of electronic operations, as defined in the Annex to this Decree;

(g) the conditions under which the electronic instrument is operated, as set out in the Annex to this Decree,

(h) the contracting authority's private key is unique electronic data which clearly correspond to the contracting authority's public key and serve the contracting authority to unencrypt the content of the tender;

(i) the system state of the state in which the electronic tool is located at a given moment and which may be of value

1. in service;

2. out of service;

3. the limitation of functionality which does not allow the implementation of electronic actions which can otherwise be implemented by means of an electronic instrument;

(j) the contracting authority's public key unique electronic data which clearly correspond to the contracting authority's private key and serve the supplier to encrypt the content of the tender.

§ 3

Conditions for the provision and access to documents and information on the contracting authority's profile

(1) The contracting authority shall ensure that, in an appropriate form, everyone can ascertain his identity within the meaning of the directly applicable European Union law in the field of trust services for electronic transactions (3).

(2) Where the contracting authority publishes information, procurement documents or other documents on its contracting authority profile, it shall ensure that:

(a) have been protected against unauthorised change;

(b) are continuously accessible on the contracting authority's profile for a specified period; and

(c) they have been published without registration or any identification of the person who accedes to the information, procurement documents or other documents.

§ 4

Conditions for delivery via an electronic tool

(1) Delivering by means of an electronic tool is the moment when the data message is received to the electronic address of the addressee or recipients of the data message in the electronic tool.

(2) A record of the electronic operation referred to in Section 7 shall be issued of the electronic delivery via the electronic tool.

§ 5

Encryption and submission of tenders in electronic form

(1) The provisions of this Order relating to the tender shall apply mutatis mutandis to the preliminary offer, the application for participation, the application for inclusion in the qualification system, the application for participation or the proposal for a design contest and the submission of auction values.

(2) The contracting authority shall publish an electronic address for submission in the form or in the invitation to tender, the details of which are laid down in Annex 6 to the law.

(3) Tenders shall be protected in an electronic instrument by encryption their contents in accordance with the requirements laid down in this Decree. This does not apply in the case of auction values, provided that the confidentiality of the content of the offer is ensured in accordance with this decree.

(4) The contracting authority shall ensure that:

(a) the contracting authority's public key intended to encrypt the content of the tenders corresponds to the contracting authority's private key;

(b) it was not possible to forge a public key certificate without making disproportionate efforts;

(c) it was not possible to forge the private key of the contracting entity without making disproportionate efforts; and

(d) the private key of the contracting authority has been secured against loss and unauthorised access throughout the period of validity of the corresponding public key certificate.

(5) A procuring entity shall provide suppliers with a public key certificate to encrypt the content of the offer through its procuring entity profile or, where appropriate, by electronic tool website or by post upon request.

(6) Where a time limit is set for the submission of a tender, the contracting authority shall ensure that the tender submitted to the address referred to in paragraph 2:

(a) have been further processed in accordance with this Order before the expiry of the time limit and stored unchanged until it has been opened; at the same time, information shall be sent to the supplier at his electronic address that his offer has been accepted; and

(b) after the expiry of the time limit, they have been designated as having been submitted after the time limit, and at the same time they have been sent to the supplier at his electronic address for notification of that fact.

(7) The submission of a tender shall be accompanied by a record of the time information referred to in Article 8 in the electronic instrument.

§ 6

Conditions for unencryption of tenders

(1) Before opening tenders, the contracting authority or persons authorised to open tenders shall ensure unencryption of the content of tenders using the private key of the contracting authority.

(2) The contracting authority shall ensure that the unencryption and opening of tenders using the contracting authority's private key are carried out by authorised persons in such a way that:

(a) unencryption and opening has always been carried out with the participation of two or more authorised persons;

(b) it was not possible to use the contracting authority's private key to decrypt tenders in any way other than with the participation of authorised persons.

(3) The contracting authority shall ensure that the electronic tool does not allow the unencryption and opening of the tender before the deadline set for its opening. The time of unencryption and opening of the supply shall be recorded in the electronic tool in accordance with Section 7.

(4) The contracting authority shall ensure that the tender is kept in the encrypted form in which it was delivered to the contracting authority after it has been opened. At the same time, the contracting authority shall store the offer in unencrypted form or in any other way that allows access to the content of the offer throughout the period provided for in Section 216 (1) of the Act, irrespective of the validity of the encryption certificate.

§ 7

Acquisition of records on electronic operations

(1) The contracting authority shall ensure that records of electronic operations carried out, any other activities and system status of the electronic instrument are made. This record shall include at least:

(a) identification of the electronic act or other activities of the electronic instrument;

(b) the time of execution of the electronic act referred to in Article 8;

(c) a clear identification of the person who carried out the electronic operation;

(d) a clear identification of the automated activity carried out by the electronic operation;

(e) a record of the possible error of the electronic act;

(f) a record of the system status of the electronic instrument, where the electronic instrument has been out of operation or the functionality has been reduced, which has made it impossible to carry out electronic actions that can otherwise be implemented through the electronic instrument.

(2) The entry referred to in paragraph 1 (e) and (f) shall contain at least a description of the condition and the time information on the beginning and end of the condition referred to in Article 8.

(3) The records shall be protected from unauthorised access, alteration and destruction in the electronic instrument.

§ 8

Recording of time information

(1) The time information recorded in the electronic tool must be provided by an operating system linked to a source reproducing the world coordinated UTC time in the Czech Republic.

(2) The synchronisation of the time measured by the operating system referred to in paragraph 1 with the coordinated world time shall be carried out at least once every 24 hours during the procurement procedure.

(3) Time synchronisation must be ensured even in the event of a transient second.

§ 9

Certificate of conformity

(1) The certifying authority shall assess the conformity of the electronic instrument with regard to the functionality of the electronic instrument and the environment in which the electronic instrument is operated. The detailed requirements concerning the functional characteristics of the electronic instrument and the environment in which the electronic instrument is to be operated are set out in the Annex to this Decree.

(2) Electronic instruments are divided into electronic instruments meeting the requirements for conformity assessment purposes of the electronic instrument in terms of functionality

(a) the profile of the contracting authority;

(b) for the electronic execution of procurement procedures;

(c) electronic auction;

(d) for framework agreements;

(e) for a dynamic purchasing system;

(f) for electronic implementation of design contests;

(g) for an electronic catalogue.

(3) The certificate of conformity shall contain at least:

(a) the identification details of the certifying authority which issued the certificate of conformity;

(b) the applicant's identification data and the person's identification number, if allocated to the applicant;

(c) the trade description and version of the electronic instrument;

(d) an indication of the groups of electronic instruments broken down in accordance with paragraph 2 for which the electronic instrument has been certified;

(e) the date of issue of the certificate of conformity,

(f) the period of validity of the certificate of conformity; and

(g) the signature of the person authorised to act on behalf of the certifying authority.

(4) The certificate of conformity is issued by the certifying authority in paper form or in electronic form, in the Czech language. The certificate of conformity shall demonstrate that, to the extent of the functional characteristics and the data contained in the certificate of conformity, the electronic instrument complies with the requirements laid down by the law and this decree.

§ 10

Conditions for issuing a certificate of conformity

(1) The applicant shall submit an application for a certificate of conformity to the certifying authority. The applicant shall demonstrate in the application and subsequent certification audit the conformity of the electronic instrument with the requirements laid down by law in relation to the functionality of the electronic instrument and in relation to the environment in which the electronic instrument is operated. The conformity of an electronic instrument shall be demonstrated by the applicant if the electronic instrument meets at least the requirements set out in the Annex to this Regulation.

(2) Where an electronic instrument has a valid certificate of conformity in relation to functionality and in relation to the environment and is operated by a person other than the applicant to whom the certificate of conformity has been issued, that other person, as an applicant, shall only demonstrate to the certifying authority compliance with the environmental requirements.

(3) The certifying authority shall issue a certificate of conformity for an electronic instrument where the conformity of the electronic instrument has been established with the requirements set out in the Annex to this Regulation, to the extent that the conformity has been established. The certifying authority shall not be authorised to issue a certificate of conformity for an electronic instrument in addition to the application for a certificate of conformity.

§ 11

Forms of application for a certificate of conformity

(1) In the application for a certificate of conformity, the applicant shall indicate his identification data and identification number of the person, if assigned to the applicant.

(2) Where the applicant for a certificate of conformity is a person who is not the manufacturer of an electronic instrument, the applicant shall enter in the application for a certificate of conformity the manufacturer's identification data to the extent specified in paragraph 1.

(3) In the application for the issue of a certificate of conformity, the applicant shall indicate the trade mark and the version of the electronic instrument and shall indicate in accordance with Section 9 (2) the scope of the required certification of the functional characteristics of the electronic instrument.

(4) In the case of an application for a certificate of conformity in relation to the functionality of the electronic instrument in the Annex to the application, the applicant shall submit:

(a) a description of the fulfilment of the general and specific requirements for the functional characteristics of the electronic instrument as set out in the Annex to this Regulation;

(b) a user manual describing the procedure for the implementation of the various types of procedures under the law as set out in Part II of the Annex to this Decree in the electronic instrument certification scheme in relation to the scope of its functionality; and

(c) draft test scenarios to verify the functional characteristics of the different types of procedures under the law as set out in Part II of the Annex to this Decree in the electronic instrument certification scheme in relation to the scope of its functionality.

(5) In the case of an application for the issue of a certificate of conformity in relation to the environment in which the electronic instrument is operated, the applicant shall submit in the Annex to the application a description of the fulfilment of the environmental requirements of the electronic instrument as set out in Part XI of the Annex to this Regulation.

(6) In the case referred to in Paragraph 10 (2), a copy of the valid certificate of conformity or a copy of the valid electronic certificate of conformity issued for the electronic instrument shall be annexed to the application for the certificate of conformity.

§ 12

Validity of certificates of conformity

(1) Where the applicant demonstrates to the certifying authority the conformity of the electronic instrument with the requirements for the functional characteristics of the electronic instrument, the certificate of conformity shall be valid for 6 years from the date of issue in accordance with Article 9 (2).

(2) Where the applicant demonstrates to the certifying authority the conformity of the electronic instrument with the requirements laid down for the environment in which the electronic instrument is or is to be operated, the certificate of conformity shall be valid for 3 years from the date of its issue, within the scope of the information contained in the certificate of conformity relating to the environment. The expiry of that period shall be without prejudice to the validity of the certificate of conformity within the scope of the data relating to the functional characteristics of the electronic instrument.

(3) The validity of the certificate of conformity certifying compliance with the requirements for the functional characteristics of the electronic instrument may be extended for a further 6 years at the request of the applicant and for compliance with the requirements for the environment for a further 3 years, including repeatedly.

(4) Where there is a change in the functional characteristics or environment of the electronic instrument compared to the functional characteristics or environment of the electronic instrument on the basis of which the certificate of conformity has been issued, and this change could result in a change of compliance with the requirements laid down in the legislation to the extent specified, the applicant shall notify the certifying authority within 15 days of the date on which the change took place, at the same time as submitting a draft of the corrective measures. Otherwise, the certifying authority shall withdraw the certificate of conformity or change its scope if the change in the features or conditions of the operation of the electronic instrument so permits.

(5) The certifying authority shall also withdraw or amend the certificate of conformity where the applicant:

(a) does not meet the conditions for issuing a certificate of conformity; or

(b) use as evidence for the issue of a certificate of conformity documents or information which have proved to be false or incomplete.

(6) The certificate of conformity shall be withdrawn by the certifying authority for other reasons at the request of the applicant in writing.

(7) The applicant shall be entitled to submit a proposal to amend the scope of the certificate of conformity. In that case, the applicant shall only demonstrate to the certifying authority compliance with the requirements of the amendment.

§ 13

Transitional provision

Conformity certificates issued pursuant to Decree No. 9 / 2011 Coll., laying down more detailed conditions concerning electronic instruments and acts made electronically in the award of public contracts and details relating to the certificate of conformity, are only applicable for the purposes of completing the procedure under Act No. 137 / 2006 Coll., on public contracts, as effective until the date of entry into force of Act No. 134 / 2016 Coll., on the award of public contracts.

§ 14

Efficacy

This Decision shall enter into force on 1 October 2016.

Minister:

Ing. Šlechtová v. r.

Annex to Decree No. 260 / 2016 Coll.

SPECIFICATIONS OF REQUIREMENTS FOR CONFORMITY OF ELECTRONIC INSTRUMENTS

I. List of abbreviations and terms used

Zákon	Zákon č. 134/2016 Sb., o zadávání veřejných zakázek
Pracovník	zaměstnanec žadatele nebo i jiná osoba, která se podílí na provozování elektronického nástroje
Automaticky provedený elektronický úkon	elektronický úkon ve vztahu k zadávacímu řízení provedený elektronickým nástrojem
Otevřený formát	formát podle § 18 odst. 2 vyhlášky č. 168/2016 Sb., o uveřejňování formulářů pro účely zákona o zadávání veřejných zakázek a náležitostech profilu zadavatele
PKI	Public Key Infrastructure: v kryptografii označení infrastruktury správy a distribuce veřejných klíčů z asymetrické kryptografie
Zabezpečený dokument	dokument s omezeným přístupem podle stanovených přístupových oprávnění
Oprávněná osoba	statutární orgán zadavatele nebo jím pověřená osoba na základě plné moci či vnitřních předpisů

II. Preliminary provisions

In order to obtain a certificate of conformity, the applicant for certification of an electronic instrument must provide information on himself and on the electronic instrument in accordance with Section 11 of this Decree and demonstrate compliance with:

1. the general requirements referred to in Part III, irrespective of the functionality of the electronic instruments for which the applicant applies for a certificate of conformity,

2. the specific requirements under Parts IV to X, to the extent that the functionalities of the electronic instrument referred to in Section 9 (2) of this Decree, for which the applicant applies for a certificate of conformity,

3. the environmental requirements of Part XI, regardless of the extent to which the functionality of the electronic instrument is sought by the applicant for a certificate of conformity.

The scope of certification of the conformity of the electronic instrument in relation to the scope of functionality of the electronic instrument is given in the electronic instrument certification scheme in relation to the scope of its functionality. The certification shall always be carried out for electronic operations defined by the functionalities indicated by the applicant in the application for certification.

Certification of the electronic tool in relation to the scope of its functionality

Druh postupu podle zákona		Požadované funkcionality elektronických nástrojů podle § 9 odst. 2 této vyhlášky
Uveřejňování informací a dokumentů na profilu zadavatele podle § 214 zákona		1 - elektronické nástroje splňující požadavky na profil zadavatele
Zadávací řízení podle § 3 zákona	zjednodušené podlimitní řízení	1 - elektronické nástroje splňující požadavky na profil zadavatele 2 - elektronické nástroje splňující požadavky pro elektronickou realizaci zadávacích řízení
	otevřené řízení
	užší řízení
	jednací řízení s uveřejněním
	jednací řízení bez uveřejnění
	řízení se soutěžním dialogem
	řízení o inovačním partnerství
	koncesní řízení
	řízení pro zadání veřejné zakázky ve zjednodušeném režimu
Zvláštní postupy podle části šesté zákona	rámcová dohoda	1 - elektronické nástroje splňující požadavky na profil zadavatele 2 - elektronické nástroje splňující požadavky pro elektronickou realizaci zadávacích řízení 4 - elektronické nástroje splňující požadavky pro rámcové dohody
	dynamický nákupní systém	1 - elektronické nástroje splňující požadavky na profil zadavatele 2 - elektronické nástroje splňující požadavky pro elektronickou realizaci zadávacích řízení 5 - elektronické nástroje splňující požadavky pro dynamický nákupní systém
	soutěž o návrh	1 - elektronické nástroje splňující požadavky na profil zadavatele 6 - elektronické nástroje splňující požadavky pro elektronickou realizaci soutěží o návrh
Hodnocení nabídek s využitím elektronické aukce podle § 120 a 121 zákona		3 - elektronické nástroje splňující požadavky pro elektronickou aukci
Předložení nabídky formou elektronického katalogu podle § 215 zákona		7 - elektronické nástroje splňující požadavky pro elektronický katalog

Upon verification of the accuracy of the documentation submitted, the certifying authority shall carry out on-site physical verification of compliance with the claims in the documentation with the real functionality of the electronic instrument.

The certifying authority carrying out the certification of electronic instruments shall have the right to require their completion in case of doubt as to the adequacy of the supporting documents submitted.

III. General technical requirements for functional characteristics for all electronic instruments (0)

The general technical requirements shall be the minimum level that an electronic instrument must meet. The electronic tool can ensure that individual requirements are met by more technologically advanced solutions / measures. The verification of the conformity of the electronic instrument will always be carried out by the certifying authority in the field of compliance with the general technical requirements, as well as in the area of requirements for individual groups of electronic instruments, while accepting more advanced solutions / measures.

Time recording of electronic action (0.A)

The electronic tool shall ensure that the recording of the electronic operation time is carried out by attaching an electronic time stamp to the data message.

Recording of an electronic record (0.B)

The electronic tool shall ensure that all records of electronic operations include:

1. a clear identification of the specific operation within the contracting authority's organisation;

2. the identification of the person who has carried out the electronic act in the case of an action taken by a particular natural person and not an act carried out automatically by an electronic instrument (e.g. receipt of tenders);

3. a record that the electronic operation carried out has been made by an automated electronic tool;

4. a record of information on the non-standard outcome of an operation in order to collect all necessary supporting documents for the purpose of tracing the cause of the error and evaluating the impact of the error if an error occurred when the operation occurred; and

5. recording the electronic operation time according to section 0.A.

Management of access under procurement procedures (0.C)

The electronic instrument shall ensure that access management under procurement procedures is recorded and carried out in accordance with Section 7 (1) (c) of this Decree by one of the following variants:

For the profile of the contracting entity:

1. access management requirements are set only for contracting entities within the scope of the acquisition of records of an electronic act as referred to in Section 0.B.;

For other procurement procedures:

1. the authentication and authorization of the acceding person is based on the entering name and password. Before issuing the name and password for the acceding person, the contracting authority shall verify that they are requested by the authorised person and shall clearly demonstrate its entitlement to the applicant. A procuring entity shall not issue names and passwords for acceding persons to a person who does not prove that he is an authorised person. The contracting authority must ensure that the distribution of the name and password to acceding persons is carried out in a reasonably safe manner,

2. the authentication and authorization of the acceding person is based on the public key certificate of the acceding person; or

3. the authentication and authorization of the acceding person is also based on other technologies; However, it must always be carried out in a demonstrable, reasonably safe manner and clearly identify the person who carried out the electronic operation.

Use of open data message formats (0.D)

The electronic tool shall ensure that the format of the data messages that are exchanged during the procurement procedures is an open data message format.

Maintenance of public procurement documentation (0.E)

The electronic tool shall ensure that the procurement documentation is kept in a controlled access data repository. Access management must follow the rules of section 0.C. The electronic tool must ensure that an electronic time stamp is attached to the documentation when the documentation is stored in the data repository.

Public procurement documents which have been submitted in encrypted form or contain confidential information shall be stored in a controlled access data repository. Access management must follow the rules of section 0.C. Documents may be stored in encrypted form. Where documents are stored in encrypted form (based on PKI technology), the contracting entity shall safely keep the private key of the contracting entity corresponding to the public key of the contracting entity to which the document has been encrypted. The period of retention of the private key of the contracting authority shall correspond to the time of retention of the documents. At the same time, the contracting authority shall store the document in unencrypted form or in any other way that allows access to the contents of the document throughout the period provided for in Section 216 (1) of the Act, irrespective of the validity of the encryption certificate.

The electronic tool must enable the complete export of all:

1. record files,

2. automatically generated documents,

3. hand-inserted documents,

4. data messages,

5. structured data according to Annex 8 to Decree No. 168 / 2016 Coll., on publishing forms for the purposes of the Public Procurement Act and the requirements of the profile of the contracting authority; and

6th metadata.

The exported end-of-contract file shall take the form of one set in zipper, car or 7z format, equipped with a qualified electronic time stamp and shall include a description of the exported structure to the extent necessary for further automated processing by electronic tools or information systems.

Ensuring non-discrimination (0.F)

The electronic instrument must be operated in such an environment and in such a way that the use of the electronic instrument is not conditional on the use of commonly unavailable or costly technologies, which would result in the exclusion of a supplier from participation in procurement procedures.

Disclosure of information for the use of the electronic tool (0.G)

The electronic instrument shall enable contracting entities to provide suppliers who are interested in participating in procurement procedures with all technical information, including any encryption and encryption necessary for communication by electronic means, in particular for electronic submission of tenders, throughout the period of use of the electronic instrument.

The contracting authority shall ensure that the information for the use of the electronic tool is up to date and available from or on the initial page of the contracting entity profile.

Provision of technical support and service of electronic tool (0.H)

Citation	Decree No. 260 / 2016 Coll., laying down more detailed conditions concerning electronic instruments, electronic procurement operations and certificates of conformity
Regulation Type	Order
Author	-
Collection	Code of Laws

Date of Promulgation	08.08.2016
Effective from	01.10.2016
Effective until	-
Status	Valid

Decree No. 260 / 2016 Coll.

Ordinance on more detailed conditions for electronic instruments, electronic procurement operations and certificates of conformity

Contents

§ 1

§ 2

§ 3

§ 4

§ 5

§ 6

§ 7

§ 8

§ 9

§ 10

§ 11

§ 12

§ 13

§ 14

Contents

Comments 0

Regulation Information

Partner Websites

Favorites

Browsing History