DOCUMENT
R -- Document Translation Re-Compete - Attachment
- Notice Date
- 7/11/2016
- Notice Type
- Attachment
- NAICS
- 541930
— Translation and Interpretation Services
- Contracting Office
- Department of Veterans Affairs;Health Administration Center;3773 Cherry Creek Drive North, Suite 450;Denver CO 80209
- ZIP Code
- 80209
- Solicitation Number
- VA74116Q0095
- Archive Date
- 7/26/2016
- Point of Contact
- Pedro Arritola
- Small Business Set-Aside
- N/A
- Description
- Agency: Department of Veterans Affairs Office: SAO East, Program Contract Office Notice Type:Posted Date: Sources SoughtJuly 11, 2016 Response Date: July 18, 2016 Original Set Aside: N/A Classification Code: R608 Support-Administrative: Translation and Interpreting NAICS Code: 541930 Translation and Interpretation Services Synopsis: THIS IS NOT A SOLICITATION. This is a Request for Information (RFI)/Sources Sought notice issued in accordance with FAR 15.201(e) to conduct market research. This RFI is issued solely for information and planning purposes - it does not constitute a Request for Quote (RFQ) - or a promise to issue a RFQ in the future. This request for information does not commit the Government to contract for any supply or services whatsoever. The Department of Veterans Affairs (VA) is not, at this time, seeking proposals and will not accept unsolicited costs incurred in response to this RFI; all costs associated with responding to this RFI will be solely at the interested vendor's expense. Not responding to this RFI does not preclude participation in any future RFQ, if any is issued. Any information submitted by respondents to this RFI is strictly voluntary. All submissions become Government property and will NOT be returned. This announcement is based upon the best information available and is subject to future modification. Contracting Office Address Department of Veterans Affairs (VA), Health Administration Center (HAC) 3773 Cherry Creek Dr. North, Denver, CO, 80209 Point of Contact: Pedro Arritola, Pedro.Arritola2@va.gov Overview: The Chief Business Office Purchased Care (CBOPC) is looking to establish a Contract with a Contractor to provide translations of all original documentation submitted to the claims processing center that supports Medical Insurance and health benefit programs for Veterans, spouses and children of permanently and totally disabled Veterans living in the United States and foreign countries. Document Translation Services shall be translated by standard or exotic words. The Contractor shall ensure word counts and costs are provided for standard and exotic language translations. The Contractor shall assist the Veterans Health Administration (VHA) in continuing its mission to implement standard and exotic language translations. Please respond to this RFI if your company can perform this requirement in accordance with FAR Part 52.219-14 Limitations on Subcontracting (Nov 2011). As prescribed in 19.508(e) or 19.811-3(e), insert the following clause: Limitations on Subcontracting (Nov 2011) (a) This clause does not apply to the unrestricted portion of a partial set-aside. (b) Applicability. This clause applies only to- (1) Contracts that have been set aside or reserved for small business concerns or 8(a) concerns; (2) Part or parts of a multiple-award contract that have been set aside for small business concerns or 8(a) concerns; and (3) Orders set aside for small business or 8(a) concerns under multiple-award contracts as described in 8.405-5 and 16.505(b)(2)(i)(F). (c) By submission of an offer and execution of a contract, the Offeror/Contractor agrees that in performance of the contract in the case of a contract for- (1) Services (except construction). At least 50 percent of the cost of contract performance incurred for personnel shall be expended for employees of the concern. (2) Supplies (other than procurement from a nonmanufacturer of such supplies). The concern shall perform work for at least 50 percent of the cost of manufacturing the supplies, not including the cost of materials. (3) General construction. The concern will perform at least 15 percent of the cost of the contract, not including the cost of materials, with its own employees. (4) Construction by special trade contractors. The concern will perform at least 25 percent of the cost of the contract, not including the cost of materials, with its own employees. (End of clause) Specific Response Instructions: Please submit your RFI response in accordance with the following: 1) No more than 25 pages (excluding transmittal page). Include the name, email address and phone number of the appropriate representative of your company; 2) Submit your response via email to Pedro.Arritola2@va.gov 3) Submit your response by 3:00 P.M. (EST) on July 18, 2016; 4) Mark your response as "Proprietary Information" if the information is considered business sensitive. 5) NO MARKETING MATERIALS ARE ALLOWED AS PART OF THIS RFI. The government will not review any other information or attachments included, that are in excess of the page limit. Information Requested from Industry: In response to the RFI, interested contractors shall submit the following information: 1.Company Information / Socio-Economic Status 1.Provide the company size and POC information. 2.VA has identified the appropriate North American Industry Classification System (NAICS) Code 541930 Translation and Interpretation Services, which has a size standard of $7.5 Million for this RFI. Please identify and explain any other NAICS codes your company believes would better represent the predominated work included in the attached PWS. 3.Indicate whether your company, subcontractors, teaming partners, joint ventures have a Federal Socio-Economic Status, e.g., Small Business, Service-Disabled Veteran Owned Small Business, Veteran Owned Small business, Women-Owned Small Business, Disadvantaged Small business, and Hub Zone. If Service Disabled or Veteran Owned Small business, is your company and or partners registered in VA's VetBiz repository? 2.Background/Past Experience - Provide the following information on a maximum of three similar projects dealing with the services listed in the PWS. All projects referenced must have been completed within the last three years for which the responder was a prime or subcontractor. 1.The name, address, and value of each project. 2.The Prime Contract Type, Firm Fixed-Price, Cost Reimbursement or Time and Material 3.The name, telephone and address of the owner of each project 4.A description of each project, including difficulties and successes 5.Your company's role and services provided for each project. 3.Capabilities/Qualifications - Overview of proposed solution(s). Include a description of the capabilities/qualification/skills your company possesses for each of the below statements: 1.Assessment of capabilities to perform requirements noted in the RFI. 2.Assessment of the types of changes required to accomplish the goals. 3.Approach to be utilized to develop necessary changes to the systems to meet the organizational goals 4.Draft schedule to complete necessary changes. 4.Teaming Arrangements - Description of Teaming Partners, Joint Ventures that your company would consider to perform work. 5.Price Information - Provide your commercial price history and rough order of magnitude for the same or similar products/solutions. 6.Other Market Information - Provide any other relative information. 7.Other Federal Experience - Identify the federal contract vehicles 8.GSA Contract information, if applicable - Provide GSA contract number with dates of contract. DRAFT PWS Below: PERFORMANCE WORK STATEMENT Chief Business Office Purchased Care Document Translation Services 1. Scope: The Chief Business Office Purchased Care (CBOPC) is looking to establish a Contract with a Contractor to provide translations of all original documentation submitted to the claims processing center that supports Medical Insurance and health benefit programs for Veterans, spouses and children of permanently and totally disabled Veterans living in the United States and foreign countries. Document Translation Services shall be translated by standard or exotic words. The Contractor shall ensure word counts and costs are provided for standard and exotic language translations. The Contractor shall assist the Veterans Health Administration (VHA) in continuing its mission to implement standard and exotic language translations. The Contractor shall work with the Program Office (PO) and Contracting Officer Representative (COR) to provide translations of all original documentation. At no time shall the Contractor direct, change, or engage in the formulation of VHA policy. The VHA is solely responsible to review the Contractor's recommendations and to make decisions concerning the formulation of policy. 2. Background: The CBOPC has provides Medical Insurance and health benefit programs for Veterans as well as spouses and children of permanently and totally disabled Veterans living in the United States and foreign countries. The VHA currently utilizes a Contractor to provide translations of all original documentation to the CBOPC that is processed by the Document Control Data Management Department (DCDM). Standard and Exotic languages will be translated and submitted to the CBOPC electronically via Notepad or Microsoft Word 2010 on the Veterans Affairs (VA) Network. 3. Period of Performance (POP): The POP shall be from the date of award for a one (1) twelve (12) month base period-year period, and four (4) consecutive twelve (12) month option years. 4. Place of Performance: The majority of the work shall take place within a secure Veterans Affairs Network shared drive via CITRIX Access Gateway (CAG) located in the Contiguous United States (CONUS) in accordance with (IAW) the Performance Work Statement (PWS). No work at any Government site shall take place on Federal holidays or weekends, unless directed by the Contracting Officer (CO). 5. Tasks: The Contractor shall: 5.1 Obtain clearance thru VA Security Process to get access to VA network via CITRIX Access Gateway (CAG). 5.2 Obtain CAG access, and maintain personnel hardware and software that at a minimum meet CAG standards to view documents and perform translations. 5.3 Provide electronic and legible translations for Standard and Exotic languages listed below: Standard Languages Spanish and German Exotic Languages Include but not limited to: Afrikaans, Akan, Albanian, Amharic, Arabic, Armenian, Ashante, Assyrian, Azerbaijani, Azeri, Bajuni, Bambara, Basque, Behdini, Belorussian, Bengali, Berber, Bosnian, Bravanese, Bulgarian, Burmese, Cakchiquel, Cambodian, Cantonese, Catalan, Chaldean, Chamorro, Chao-chow, Chavacano, Chin, Chuukese, Cree, Croatian, Czech, Dakota, Danish, Dari, Dinka, Diula, Dutch, Estonian, Ewe, Farsi, Fijian, Hindi, Finnish, Flemish, French, French Canadian, Fukienese, Fula, Fulani, Fuzhou, Ga, Gaddang, Gaelic, Gaelic-Irish, Gaelic-Scottish, Georgian, Gorani, Greek, Gujarati, Haitian Creole, Hakka, Hakka-Chinese, Hassaniyya, Hausa, Hebrew, Hindi, Hmong, Hungarian, Ibanag, Ibo, Icelandic, Igbo, Italian, Locano, Indonesian, Inuktitut, Jakartanese, Japanese, Javanese, Kanjobal, Karen, Kashmiri, Kikuyu, Kinyarwanda, Kirundi, Korean, Kosovan, Kotokoli, Kpelle, Krio, Kurdish, Kurmanji, Lakota, Laotian, Latvian, Lingala, Lithuanian, Luganda, Luo, Lusoga, Luxembourgeois, Maay, Macedonian, Malagasy, Malay, Malayalam, Malinke, Mandarin, Mandingo, Mandinka, Marathi, Mashalleses, Mien, Mina, Mirpuri, Mixteco, Moldavan, Mongolian, Montenegrin, Navajo, Neapolitan, Nepali, Nigerian, Norwegian, Nuer, Oromo, Pahari, Pampangan, Pashto, Patois, Pidgin English, Polish, Portuguese, Creole, Pothwari, Pulaar, Punjabi, Putian, Quichua, Romanian, Russian, Samoan, Sango, Serbian, Shanghainese, Shona, Sichuan, Sicilian, Sindhi, Sinhalese, Slovak, Slovenian, Somali, Soninke, Sorani, Sudanese Arabic, Susu, Swahili, Swedish, Sylhetti, Tagalog, Taiwanese, Tamil, Telugu, Thai, Tibetan, Tigre, Tigrinya, Toishanese, Tongan, Toucouleur, Tshilbua, Turkish, Twi, Ukrainian, Urdu, Uyghur, Uzbek, Vietnamese, Visayan, Wenzhou, Wolof, Yiddish, Yoruba, and Yupik. 5.4 Access and view PDF version of documents to be translated on VA network shared drive called Pending Translations. 5.5 Access CBOPC Imaging Archive (Stellent) to view other documents that require translations by VA's Program Document Identifier (PDI) number 5.6 Provide clear and basic English translation of all documents submitted on behalf of the CBOPC 5.7 Provide document translations from English into another language upon request by the COR 5.8 Perform all translations in Notepad or Microsoft Word 2010 while logged into CAG 5.9 Save all electronic translations on a VA network drive folder called Completed Translations by control document name or Program Document Identifier (PDI) number 5.10 Maintain an electronic control sheet; tracking word count and cost via Microsoft Excel. This sheet will be saved on the same VA network drive. 5.11 Have Contractor Point of Contact (POC) provide written notification to the COR three (3) business days prior to the deliverable date for any translated documents that cannot meet the required due date. Written notifications shall: 5.11.1 Include the new deliverable date 5.11.2 Cite reasons for the delay 5.11.3 Contractor Point of Contact will email written notification to COR. 5.12 Ensure all electronic translations are returned in a reasonable time frame (5-7 business days) 5.13 Submit monthly invoice for review to the COR in Microsoft Excel that provides control numbers, PDI numbers, word count, and cost. 5.14 Provide the COR with a listing of total documents translated by language on monthly basis. 5.15 Submit final monthly invoice electronically for payment via: Electronic Payment Request http://www.fsc.va.gov/einvoice.asp 6. Key General Requirements and Assumptions: The Contractor shall: 6.1 Adhere to VA security and network requirements as outlined in Section C - General Security Requirements 6.2 Indicate ability to maintain continuous VA network connection via CAG. Indicate ability to access CBOPC Imaging Archive (Stellent) as well as identified VA network drives. 6.3 Understand that they will not receive paper copies of documents to translate 6.4 Understand that any documents requiring translation will not be emailed to them. 6.5 Indicate ability to access Notepad or Microsoft Word 2010 to provide translations. 6.6 Indicate ability to maintain electronic control sheet; tracking word count and cost via Microsoft Excel and save on VA network drive. 6.7 Provide CBOPC point of contact, as well as back-ups, for the coordination of activities associated with the development and implementation of contract. 6.8 Meet and maintain yearly VA training requirements for Privacy Training and Rules of Behavior. 7. Section- 508 Compliance: In December 2000, the Architectural and Transportation Barriers Compliance Board (Access Board), pursuant to Section 508(2) (A) of the Rehabilitation Act Amendments of 1998, established Information Technology accessibility standards for the Federal Government. 7.1 Section 508(a)(1) requires that when Federal departments or agencies develop, procure, maintain, or use Electronic and Information Technology (EIT), they shall ensure that the EIT allows individuals with disabilities who are Federal employees to have access to and use of information and data that is comparable to the access to and use of the information and data by Federal employees who are not individuals with disabilities; and individuals with disabilities who are members of the public seeking information or services from a Federal department or agency to have access to and use of information and data that is comparable to the access to and use of the information and data by such members of the public who are not individuals with disabilities. 7.2 The Contractor shall comply with the following technical standards: 7.2.1 - 1194.21 - Software Applications and Operating Systems 7.2.2 - 1194.22 - Web Based Intranet and Internet Information and Applications 7.2.3 - 1194.23 - Telecommunication Products 7.2.4 - 1194.24 - Video and Multimedia Products 7.2.5 - 1194.25 - Self Contained Closed products 7.2.6 - 1194.26 - Desktop and Portable Computers 7.2.7 - 1194.31 - Functional Performance Criteria 7.2.8 - 1194.41 - Information, Documentation and Support 7.3 In order to validate conformance to the above standards the COR shall complete the VA's Section 508 Determination and Findings Document. 7.3.1 The VA's Section 508 PO has developed a Conformance Validation Statement (CVS). 7.3.2 The CVS shall be completed by the responsible requiring/procurement official as part of their market research to validate the conformance of the E&IT project ((See Section ten (10) in the Section 508 Determination and Findings Document)). 7.4. If at any time the responsible requiring/procurement official finds that an exception shall apply, the Contractor shall complete and have the Section 508 EIT Exceptions Certification Document signed by the VA Section 508 Coordinator. Once the E&IT is determined to meet all applicable Section 508 standards, the E&IT is validated by the VA's Section 508 PO in the Department's Section 508 Testing and Training Center using the information provided by the CVS. 7.5 In the case the VA decides to purchase an application, product or service that cannot be validated for Section 508 prior to purchase, the Contractor agrees to accept all costs for ensuring conformance working with the A Section 508 PO. For future releases or upgrades all steps using the CVS are required and upon validation a signed approval shall be given to the VA Point of Contact (POC) from the VA Section 508 Coordinator. 7.6 Section 508 information is available at http://www.section508.gov/. 7.7 The VA Directive and Handbook 6221, Accessible Electronic and Information Technology are posted at: http://www.va.gov/oit/ea/section508/policy.asp. 8. Reporting Requirements: The Contractor shall: 8.1 Provide a monthly summary to the COR; identifying inconsistencies and irregularities that impact ongoing deliverables. 8.2 Propose modifications to the reporting requirements to the COR. 8.3 Explain, in writing, to the COR (if for any reason a deliverable cannot be met within the scheduled time frame or adherence to the established schedules cannot be met) the following: 8.3.1 Reasons for the delay 8.3.2 Modified delivery date 8.3.3 Impact on the overall project 8.3.4 A revised project plan with all adjusted dates 8.4 The COR shall brief the incident to the CO, who shall issue a response pursuant to applicable regulations. 9. Level of Effort: The Performance Requirements Summary Matrix below includes performance standards. The Government shall use these standards to determine Contractor performance and shall compare Contractor performance to the Acceptable Quality Level (AQL) in table 11a and 11b. 10. Performance Standards: ObjectivesMeasuresStandards Each deliverable shall be priced independently and billed according to described Contract Line Item Number (CLIN) structure and within the described standard PWS 11Review and acceptance by the Government Deliverables provided IAW the Government approved standard/frequency standard Documentation shall be comprehensive, accurate, and written in a format and text that is understandable to a wide range of users Each non-priced deliverable shall ensure word counts and costs are provided for standard and exotic language translations completed within the described standard PWS 12Review and acceptance by the Government Deliverables provided IAW the Government approved standard/frequency standard Documentation shall be comprehensive, accurate, and written in a format and text that is understandable to a wide range of users and within the described monthly accuracy standard 11. Deliverables Specific to This Order: Each deliverable shall be priced independently and billed as for each: 11.1 Monthly pricing for Standard word translations processed each month 11.2 Monthly pricing for Exotic word translations processed each month 11a. Deliverables Specific to This Order: Each deliverable shall be priced independently and billed as follows: DeliverableStandard/FrequencyMedium/FormatSubmit To Monthly pricing for Standard word translations processed each month PWS 11.1 Ninety eight percent (98%) monthly accuracy The Contractor shall provide a Monthly Report for review Electronically in Notepad or Microsoft Word 2010 COR Monthly pricing for Exotic word translations processed each month PWS 11.2 Ninety eight percent (98%) monthly accuracy The Contractor shall provide a Monthly Report for reviewElectronically in Notepad or Microsoft Word 2010 COR 12. Deliverable Sub-Tasks Specific to This Order: The Contractor shall provide translations of all original documentation submitted to the claims processing center that shall be translated by standard or exotic words with a ninety eight percent (98%) monthly accuracy. The Contractor shall provide an electronic Monthly Report to the COR. The following performance metrics are associated with this deliverable. 12.1 Obtain clearance thru VA Security Process to get access to VA network via CITRIX Access Gateway (CAG). 12.2 Obtain CAG access, and maintain personnel hardware and software that at a minimum meet CAG standards to view documents and perform translations. 12.3 Provide electronic and legible translations for Standard and Exotic languages listed below: 12.4 Access and view PDF version of documents to be translated on VA network shared drive called Pending Translations. 12.5 Access CBOPC Imaging Archive (Stellent) to view other documents that require translations by VA's Program Document Identifier (PDI) number 12.6 Provide clear and basic English translation of documents submitted on behalf of the CBOPC 12.7 Provide document translations from English into another language upon request by the COR 12.8 Perform all translations in Notepad or Microsoft Word 2010 while logged into CAG 12.9 Save all electronic translations on a VA network drive folder called Completed Translations by control document name or Program Document Identifier (PDI) number 12.10 Maintain an electronic control sheet; tracking word count and cost via Microsoft Excel. This sheet will be saved on the same VA network drive. 12.11 Have Contractor Point of Contact (POC) provide written notification to the COR three (3) business days prior to the deliverable date for any translated documents that cannot meet the required due date. Written notifications shall: 12.11.1 Include the new deliverable date 12.11.2 Cite reasons for the delay 12.11.3 Contractor Point of Contact will email written notification to COR. 12.12 Ensure all electronic translations are returned in a reasonable time frame (5-7 business days) 12.13 Submit monthly invoice for review to the COR in Microsoft Excel that provides control numbers, PDI numbers, word count, and cost. 12.14 Provide the COR with a listing of total documents translated by language on monthly basis. 12.15 Submit final monthly invoice electronically for payment via: Electronic Payment Request http://www.fsc.va.gov/einvoice.asp 12a. Deliverable Sub-Tasks Specific to This Order: The below performance metrics are associated with this deliverable: DeliverableStandard/FrequencyMedium/FormatSubmit To Obtain clearance thru VA Security Process to get access to VA Network via CAG PWS 5.1 & 12.1Applies for all contractors working on the contractElectronicCOR Obtain CAG access & maintain personnel hardware/software that a minimum meet CAG standards to view and perform translations PWS 5.2 & 12.2Applies for all contractors working on the contractElectronicCOR Provide electronic and legible translations for Standard and Exotic languages. PWS 5.3 & 12.3Ninety eight percent (98%) monthly accuracy The Contractor shall provide a Monthly Report for ReviewElectronically in Notepad or Microsoft Word 2010COR Access & view PDF versions of documents to be translated on VA network shared drive called Pending Translations PWS 5.4 & 12.4Applies for all contractors working on the contractElectronicCOR DeliverableStandard/FrequencyMedium/FormatSubmit To Access CBOPC Imaging Archive (Stellent) to view documents requiring translation by VA Program Document Identifier (PDI)number PWS 5.5 & 12.5Applies for all contractors working on the contractElectronicCOR Provide clear and basic English translation of documents submitted on behalf of the CBOPC PWS 5.6 & 12.6Ninety eight percent (98%) monthly accuracy The Contractor shall provide translations for each document requiring translationElectronically in Notepad or Microsoft Word 2010 COR Provide document translations from English into another language upon request by the COR PWS 5.7 & 12.7Ninety eight percent (98%) monthly accuracyElectronically in Notepad or Microsoft Word 2010 COR Save all electronic translations on a VA network drive folder called Completed Translations by control document name or Program Document Identifier (PDI) number. PWS 5.9 & 12.9Applies for all contractors working on the contractElectronicCOR Maintain an electronic control sheet; tracking word count and cost via Microsoft Excel. This sheet will be saved on the same VA network drive. PWS 5.10 & 12.10Updated by Contractor POC after completion of translationsElectronicCOR DeliverableStandard/FrequencyMedium/FormatSubmit To Have Contractor Point of Contact (POC) provide written notification to the COR three (3) business days prior to the deliverable date for any translated documents that cannot meet the required due date. Written notifications shall: 5.11.1 Include the new deliverable date 5.11.2 Cite reasons for delay 5.11.3 Contractor Point of Contact will email written notification to COR PWS 5.11 & 12.11When deliverable cannot be metElectronicCOR Ensure all electronic translations are returned in a reasonable time frame (5-7 business days) PWS 5.12 & 12.12Ninety eight percent (98%) monthly accuracyElectronicCOR Submit monthly invoice for review to the COR in Microsoft Excel that provides control numbers, PDI numbers, word count, and cost. PWS 5.13 & 12.13End of monthElectronicCOR Provide the COR with a listing of total documents translated by language on monthly basis. PWS 5.14 & 12.14End of month; Maybe be submitted at the same time of Final Monthly invoiceElectronicCOR DeliverableStandard/FrequencyMedium/FormatSubmit To Submit final monthly invoice electronically for payment via electronic request. PWS 5.15 & 12.15End of MonthElectronicVIA Electronic Payment Request http://www.fsc.va.gov/einvoice.asp 13. Government Responsibilities: The Government shall: 13.1 Provide documents to be translated. 13.2 Request system access for Contractor to access CITRIX Access Gateway (CAG), CBOPC network drives, and Imaging Archive System. 13.3 Provide training to Contractor Point of Contact (POC) on how to use CBOPC Imaging Archive System (Stellent) 14. Security Requirements: The Contractor shall: 14.1 Not divulge or disclose information received and/or discussed regarding data considered proprietary to other Contractors collaborating on or with this effort. 14.2 Be required to complete yearly mandated VA privacy and security training. 14.3 Be required to negotiate agreements with commercial system Contractor's relating to non-disclosure of Contractor-proprietary information. 14.3.1 If the Contractor uses copyright or otherwise licensed software in any deliverable under this order, the Contractor shall secure unlimited use rights for the Government. 14.3.2 Forward all software licenses on to the Government within thirty (30) business days after completion of the tasks. 14.4 Limit access to the minimum number of employees necessary to perform tasks that are considered sensitive or proprietary in nature. 14.5 Contact the COR, if the Contractor is uncertain of the sensitivity of any information obtained. 14.6 Indoctrinate all personnel employed by the Contractor and any Sub-Contractors involved on their roles and responsibilities for proper handling and nondisclosure of sensitive Government or proprietary information. 14.7 Not engage in any other action, venture or employment wherein sensitive information shall be used for the profit of any party other than those furnishing the information. 14.8 Comply with VA and VHA Security requirements. 14.9 Have or obtain a National Agency Check with Inquiries Clearance (NACI). 15. Information System Hosting, Operation, Maintenance or Use: Outsourcing (Contractor facility, equipment or staff) of systems or network operations, telecommunications services, or other managed services requires certification and accreditation (authorization) (C&A) of the Contractor's systems in accordance with VA Handbook 6500.3, Certification and Accreditation and/or the VA Office of Cyber Security (OCS) Certification PO. Government-owned (facility or equipment) Contractor-operated systems, third (3rd) party or business partner networks require memorandums of understanding and interconnection agreements (MOU-ISA) which detail what data types are shared, who has access, and the appropriate level of security controls for all systems connected to VA networks. 15. Travel: Travel is not required. 16. Inspections and Acceptance: All reports shall be approved by the COR. 17. Contract Award Meeting: The Contractor shall not commence performance on the tasks described in the PWS until the CO has conducted a kick off meeting or has advised the Contractor that a kick off meeting has been waived. The Government shall not reimburse the Contractor for any expenses associated with preparing for or executing a kick-off meeting. 18. Changes to the PWS: Any changes to this PWS shall be authorized and approved only through written correspondence from the CO. A copy of each change shall be kept in a project folder along with any other products of the project. Costs incurred by the Contractor, through the actions of parties other than the CO, shall be borne by the Contractor alone. 19. Security and Privacy - Information and Records: The Contractor shall: 19.1 Return all information and records provided to Contractor by the VA, in whatever medium, as well as all information and documents, including drafts, emails, back-up copies, hand-written notes and copies that contain such information and records gathered or created by Contractor (collectively referred to as "VA information") in the performance of this Contract, regardless of storage media, are the exclusive property of the VA. The Contractor shall not retain any property interest in these materials and shall not use them for any purpose other than performance of this Contract. 19.2 Provide, upon completion or termination of the Contract, all copies of any VA information that it used during work it performed of the Task Order or certify that it any/all information it obtained has destroyed. Where immediate return or destruction of the information is not practicable, the Contractor shall return and/or destroy the information within thirty (30) business days of completion or termination of the Contract. All provisions of this Contract concerning the security and protection of VA information that is the subject to this Contract shall continue to apply to the VA information for as long as the Contractor retains it, regardless of whether the Contract has been completed or terminated. 19.3 Not destroy, prior to termination or completion of this Contract, any VA information received from the VA, gathered and/or created in the performance of the Task Order without prior written approval by the VA. 19.4 Receive, gather, store, backup, maintain, use, disclose and/or dispose of VA information only in accordance with the terms of the Task Order and any applicable federal, VA, confidentiality, security laws, regulations or policies. 19.5 Not make copies of VA information except as necessary to perform duties required of the Task Order or to preserve electronic information stored on Contractor electronic storage media for restoration in case any electronic equipment or data used by the Contractor needs to be restored to an operating state. 19.6 Provide access only to VA information to employees, Sub-Contractors, and affiliates to: 19.6.1 The extent necessary to perform the services specified of the Task Order. 19.6.2 Perform necessary maintenance functions for electronic storage or transmission media necessary for performance of the Task Order. 19.6.3 Individuals who first satisfy the same conditions, requirements and restrictions that are comparable VA employees shall meet in order to have access to the same VA information. 19.6.4 Restrictions include the same level of Background Investigations, where applicable. 19.7 Store, transport or transmit VA information only in an encrypted form, using an encryption application that meets the requirements of Federal Information Processing Standards (FIPS) 140-2 or is approved for use by the VA. 19.8 Only use or disclose, except for uses and disclosures of VA information authorized by this Contract for performance of the Contract in response to an order of a court of competent jurisdiction, or with VA's prior written authorization. The Contractor shall refer all requests for, demands for production of, or inquiries about, VA information to the VA for response. 19.9 Include the statement, "Contractor shall not release information protected by either 38 USC 5705 or 7332 in response to a court order, and shall immediately refer such court orders to VA for response," if VA information subject to the Task Order includes information protected by 38 USC 7332 or 5705. 19.10 Promptly notify the VA, prior to any disclosure pursuant to a court order, of a court order upon its receipt by the Contractor. 19.10.1 Notify the COR by phone and provide the VA a copy of the court order by fax or e-mail within one (1) business day. 19.10.2 If the Contractor cannot notify the VA before being compelled to produce the information under court order, the Contractor shall notify the VA of the disclosure as soon as practical and provide a copy of the court order, a description of the records provided pursuant to the court order, and to whom the Contractor provided the records to under the court order. 19.10.3 The notice shall include the following information to the extent that the Contractor knows it, if it does not show on the face of the court order: the records disclosed pursuant to the order, to whom, where, when, and for what purpose, and any other information that the Contractor reasonably believes is relevant to the disclosure. 19.10.4 If the VA determines that it is appropriate to seek retrieval of information released pursuant to a court order before Contractor notified the VA of the court order, Contractor shall assist the VA in attempting to retrieve VA information involved. 19.11 Inform the VA, by the most expeditious method available to Contractor, of any incident of suspected or actual access to, or disclosure, disposition, alteration or destruction of, VA information not authorized under this Contract ("incident") within one (1) hour of learning of the incident. 19.11.1 An incident includes the transmission, storage or access of VA information by Contractor or Sub-Contractor employees in violation of applicable VA confidentiality and security requirements. 19.11.2 To the extent known by the Contractor, the Contractor's notice to the VA shall identify the information involved, the circumstances surrounding the incident (including to whom, how, when, and where the VA information was placed at risk or compromised), and any other information that the Contractor considers relevant. 19.12 Simultaneously report the incident to the appropriate law enforcement entities or jurisdiction. The Contractor, its employees, and its Sub-Contractors and their employees shall cooperate with the VA and any law enforcement authority responsible for the investigation and prosecution of any possible criminal law violations associated with any incident. 19.13 Cooperate with the VA in any civil litigation to recover VA information, to obtain monetary or other compensation from a third (3rd) party for damages arising from any incident, or to obtain injunctive relief against any third (3rd) party arising from, or related to, the incident. 19.13.1 In addition to notifying the COR, the VA shall provide the Contractor with the name, title, telephone number, fax number and email address of the VA official to whom the Contractor shall provide all notices required by this Task Order. 19.13.2 The VA has the right during normal business hours to inspect the Contractor's facility, information technology systems and storage and transmission equipment, and software utilized to perform the Contract to ensure that the Contractor is providing for the security of VA data and computer systems in accordance with the terms of this Contract. 19.14 Receive, gather, store, backup, maintain, use, disclose and/or dispose of VA information only in compliance with all applicable FIPS and Special Publications (SP) issued by the National Institute of Standards and Technology (NIST) concerning VA information that is the subject of this Contract. If NIST issues or updates an applicable FIPS or SP after execution of this Contract, the parties agree to negotiate in good faith to implement the FIPS or SP in this Contract. 19.15 Provide appropriate administrative, technical, and physical safeguards to ensure the confidentiality and security of the Veteran's data and to prevent unauthorized use or access to it. 19.15.1 Sensitive VA information shall not be transmitted by remote access unless VA approved protection mechanisms are used. 19.15.2 All encryption modules used to protect VA data shall be validated by NIST to meet the current version of FIPS 140 (See http://csrc.nist.gov/cryptval/140-1/1401val.htm for a complete list of validated cryptographic modules). 19.15.3 Only approved encryption solutions using validated modules shall be used when protecting data during transmission. 19.15. 4 Additional security controls are required to guard VA sensitive information stored on computers used outside VA facilities. 19.15. 5 All VA data shall be stored in an encrypted partition on the hard drive and shall be encrypted with FIPS 140 validated software. 19.15.6 The application shall be capable of key recovery and a copy of the encryption keys shall be stored in multiple secure locations. 19.15.7 The Contractor agrees that the data shall not be physically moved or transmitted in any way from the site without first being encrypted and obtaining prior written approval from the VA data owner. 19.15.8 A determination by VA that the Contractor has violated any of the information confidentiality and security provisions of this Contract, including a violation of any applicable FIPS or SP, shall be a basis for VA to terminate the Contract for cause. 19.15.9 If anyone performing this Contract, including employees of Sub-Contractors, accesses VA computer systems or data in the performance of the Contract, the VA shall monitor and record all such access activity. 19.15.10 If VA monitoring reveals any information of suspected or potential criminal law violations; the VA shall refer the matter to the appropriate law enforcement authorities for investigation. 19.16 Inform its employees and other individuals performing any part of this Contract that VA shall monitor their actions in accessing or attempting to access VA computer systems and the possible consequences to them for improper access, whether successful or not. 19.17 Ensure that any Sub-Contractors or others acting on behalf of or for the Contractor in performing any part of this Contract inform their employees, associates or others acting on their behalf that VA shall monitor their access activities. Execution of this Contract and any Sub-Contract or agreement that constitutes consent to VA monitoring. 19.18 Ensure that all individuals who shall access VA data or systems in performing the Contract are appropriately trained in the applicable VA confidentiality and security requirements. The Contractor shall document those who have completed the VA training. The Contractor shall contact the COR regarding access to the required VA training. 19.19 Mitigate, to the extent practicable, any harmful effect on individuals whose VA information was accessed or disclosed in an incident. 19.20 Require Sub-Contractors, agents, affiliates or others to whom Contractor provides access to VA information for the performance of this Contract to agree to the same VA information confidentiality and security restrictions and conditions that apply to the Contractor before providing access. 20. Protection of Individual Privacy: The Contractor shall: 20.1 Abide by FAR clauses 52.224-1 and 52.224.2. 20.2 Abide by FAR clauses 52.239-1 for Privacy or Security Safeguards. 20.3 Not publish or disclose in any manner, without the CO's written consent, the details of any safeguards either designed or developed by the Contractor under this Contract or otherwise provided by the Government. 20.3.1 To the extent required to carry out a program of inspection to safeguard against threats and hazards to the security, integrity, and confidentiality of Government data, the Contractor shall afford the Government access to the Contractor's facilities, installations, technical capabilities, operations, documentation, records, and databases. 20.3.2 If new or unanticipated threats or hazards are discovered by either the Government or the Contractor, or if existing safeguards have ceased to function, the discoverer shall immediately bring the situation to the attention of the other party 20.4 Utilize only employees, Sub-Contractors or agents who are physically located within a jurisdiction subject to the laws of the U.S. 20.5 Ensure that it does not use or disclose Personal Health Information (PHI) received from a Covered Entity in any way that shall remove the PHI from such jurisdiction. 20.6 Ensure that its employees, Sub-Contractors and agents do not use or disclose PHI received from Covered Entity in any way that shall remove the PHI from such jurisdiction. 20.7 Ensure, if the work of the Contractor is deemed to meet the definition of research from the HHS Office of Human Research Protections (OHRP) as well as the Common Rule (38 CFR 16), then the Contractor as well as any Sub-Contractors or collaborating institutions shall be covered under Federal Wide Assurances (FWA) or other assurances acceptable to the VA, and the research protocol shall be reviewed and approved by the Contractor's Institutional Review Board (IRB) of record as well as by IRBs of the collaborating institutions. 20.7.1 Sub-Contractors engaged in research shall also hold FWA's or be covered by the Contractor's FWA. If all the entities engaged in research are covered under one FWA with a common IRB of record then it would not be necessary to involve more than one IRB. 20.7.2 At its discretion the VA shall submit the research protocol prior to its initiation for review to a VA ad-hoc peer-review committee. This review shall be conducted to ensure that the research incorporates or takes into consideration all VA and Veteran specific concerns and issues that shall impact on the scientific rigor of the study. 20.7.3 All subjects enrolled in the research shall receive protections equivalent or greater as those required by VHA policies including VHA Handbook 1200.5 including appendixes and other applicable VHA 1200 series handbooks. If vulnerable subjects shall be entered into the research, appropriate safeguards shall be in place. 20.7.4 If the research project is eligible for a Certificate of Confidentiality, one shall be obtained from NIH (http://grants.nih.gov/grants/policy/coc) 20.7.5 Recruitment of Veteran's into research projects shall follow the recruitment plan as approved by the IRB. 20.7.5.1 The plan shall require that initial contact with the Veteran be in person or by letter prior to any telephone contact. 20.7.5.2 If a letter is sent to the Veteran it shall provide a telephone number of other means that the Veteran can use to verity the validity of the contact and the study. Social security numbers shall not be requested during a phone contact. 20.7.6 All investigators and research staff interacting with research subjects or working with identifiable health information shall receive training in the ethical conduct of human subject's research that is equivalent to or exceeds the requirement for VA investigators and research staff. (See handbook VHA 1200.5 for the Requirements for Protections of Human Subjects in Research that is available at http://www1.va.gov/vhapublications/ViewPublication.asp?pub_ID=418). 21. Information System Security: The Contractor shall: 21.1 Ensure adequate LAN/Internet, data, information, and system security in accordance with VA standard operating procedures and standard Contract language, conditions laws, and regulations. 21.1.1. Firewall and web servers shall meet or exceed the Government minimum requirements for security. 21.1.2 All Government data shall be protected behind an approved firewall. 21.1.3 Any security violations or attempted violations shall be reported to the VA project manager and the VHA Headquarters Information Security Officer as soon as possible. 21.2 Follow all applicable VA policies and procedures governing information security, especially those that pertain to certification accreditation. 22. Information System Design and Development: Information systems are designed or developed for or on behalf of VA at non-VA facilities shall comply with all VA policies developed in accordance with the Federal Information Security Management Act (FISMA), HIPAA, NIST, and related VA security and privacy control requirements for Federal Information Systems. This includes standards for the protection of electronic PHI, outlines in 45 C.F.R. Part 164, Subpart C, information and system security categorization level designations in accordance with FIPS 199 and FIPS 200 with implementation of all baseline security controls commensurate with the FIPS 199 System Security Categorization (reference Appendix A of VA Handbook 6500, VA information Security Program). During the development cycle, a privacy impact assessment shall be completed, provided the COR, and approved by the VA Privacy Service in accordance with VA Privacy Impact Assessment Handbook 6500.3. The security controls shall be designated, developed, approved by the VA, and implemented in accordance with the provisions of the VA Security System development life cycle as outlined in NIST Special Publication 800-37 and VA Handbook 6500. The Contractor shall be required to design, develop, and operate a System of Records or individuals to accomplish an agency function subject to the Privacy Act of 1974, (as amended), Public Law 93-579, December 31, 1974 (5 U.S.C. 552a) and applicable agency regulations. Violation of the Privacy Act may involve the imposition of criminal and civil penalties. 23. Security Training: The Contractor's employees and Sub-Contractors shall (in addition to other VA specific training): 23.1 Complete the VA's on-line Security Awareness Training Course and the Privacy Awareness Training Course annually. 23.2 Provide signed certifications of completion to the CO during each year of the Contract. 24. Contractor Responsibility: All Contractor employees who require access to VA computer systems are subject to a Background Investigation and shall receive a favorable adjudication from the VA Security and Investigations Center (SIC) (07C). The level of background security investigation shall be in accordance with VA Directive 0710 dated September 10, 2004 and is available at: http://www.va.gov/pubs/asp/edsdirec.asp (VA Handbook 0710, Appendix A, Table 1-3). 24.1 Obtain appropriate Background Investigation forms shall be provided upon Task Order award, and shall completed and returned to the VA Security and Investigations Center (07C) within thirty (30) business days for processing. Contractors shall be notified by 07C when the Background Investigation has been completed and adjudicated. These requirements are also applicable to all Sub-Contractor personnel requiring the same access. 24.2 If a Background Investigation is not completed prior to the start date of the Task Order, the employee shall work on the Contract while the security clearance is being processed, but the Contractor shall be responsible for the actions of those individuals they provide to perform work for the VA. In the event that damage arises from work performed by Contractor personnel, under the auspices of the Contract, the Contractor shall be responsible for resources necessary to remedy the incident. 24.3 The investigative history for Contractor personnel working under this Contract shall be maintained in the databases of either the Office of Personnel Management (OPM) or the Defense Industrial Security Clearance Organization (DISCO). Should the Contractor use a Contractor other than OPM or Defense Security Service (DSS) to conduct investigations, the investigative company shall be certified by OPM/DSS to conduct Contractor investigations. 25. Background Investigations: The position sensitivity impact for this effort has been designated as Low Risk and the level of Background Investigation is NACI at a cost of $392.00. Price is subject to change in accordance with OPM. 26. Contractor Responsibilities: The Contractor shall: 26.1 Bear the expense of obtaining Background Investigations. Please refer to the OPM website for further guidance at http://www.opm.gov/investigations/background-investigations. 26.2 Reimburse the VA within thirty (30) business days, if the investigation is conducted by the Office of Personnel Management (OPM) through the VA. 26.2.1 Background Investigations from investigating agencies other than OPM are permitted if the agencies possess an OPM and Defense Security Service certification. 26.2.2 The Contractor Cage Code number shall be provided to the Security and Investigations Center (07C), which shall confirm the information and advise the CO whether access to the computer systems can be authorized. 26.3 Prescreen all personnel requiring access to the computer systems to ensure they maintain a U.S. citizenship and are able to read, write, speak and understand the English language. 26.4 Provide a list of personnel names, Social Security Numbers, addresses to the COR utilizing Attachment C. 26.5 Withdraw personnel form working under the Task Order, who, when notified, have an unfavorable determination by the Government. Failure to comply with the Contractor personnel security requirements shall result in termination of the Contract for default. 26.6 Be responsible for the actions of all individuals provided to work for the VA under this Contract. In the event that damages arise from work performed by Contractor provided personnel, under the auspices of this Contract, the Contractor shall be responsible for all resources necessary to remedy the incident." 27. Government Responsibilities: The VA Security and Investigations Center (07C) shall provide the necessary forms to the Contractor or its employees after receiving a list of names and addresses. 27.1 Upon receipt, the VA Security and Investigations Center (07C) shall review the completed forms for accuracy and forward the forms to OPM to conduct the Background Investigation. 27.2 The VA facility shall pay for investigations conducted by the OPM in advance. In these instances, the Contractor shall reimburse the VA facility within thirty (30) business days. 27.3 The VA Security and Investigations Center (07C) shall notify the CO and Contractor after adjudicating the results of the Background Investigations received from OPM. 27.4 The CO shall ensure that the Contractor provides evidence that investigations have been completed or are in the process of being requested. 28. VA Internet and Intranet Standards: The Contractor shall adhere to and comply with VA Directive 6102 and VA Handbook 6102, Internet/Intranet Services, including applicable amendments and changes, if the Contractor's work includes managing, maintaining, establishing and presenting information on VA's Internet/Intranet Service Sites. This pertains, but is not limited to: creating announcements; collecting information; databases to be accessed, graphics and links to external sites. These documents contain information regarding: VA cookie use policy, privacy statements, Section 508 applicability, posting "Hot Topics", warning notices and editorial changes. 28.1 Internet/Intranet Services Directive 6102 is posted at: http://www.va.gov/pubs/directives/Information-Resources-Management-(IRM)/6102d.doc 28.2 Internet/Intranet Services Handbook 6102 is posted at: http://www.va.gov/pubs/handbooks/Information-Resources-Management-(IRM)/6102h.doc 28.3 Internet/Intranet Services Handbook 6102, Change 1, is posted at: http://www.va.gov/pubs/handbooks/Information-Resources-Management-(IRM)/61021h.doc 29. Invoicing Acceptance: All payments by the Government to the Contractor shall be made in accordance with Far Clause 52.232-34 - Payment by Electronic Funds Transfer - Other Than System for Award Management. All invoices shall be submitted in arrears. 30. Contract Termination: Pursuant to FAR Clause 52.249-2 - Termination for Convenience of the Government (Fixed Price), The Government may terminate performance of work under this contract in whole or, from time to time, in part if the Contracting Officer determines that a termination is in the Government's interest. The Contracting Officer shall terminate by delivering to the Contractor a Notice of Termination specifying the extent of termination and the effective date. The Contractor shall be paid only for the services rendered up to the point of receiving the termination notice, and then only to the extent that those services meet the requirements of this PWS. 31. Contract Administration: All inquiries and correspondence relative to the administration of the Contract shall be addressed to: ___________________________________ ___________________________________ ___________________________________ 32. Inspection and Acceptance: All reports shall be reviewed and approved by the COR. All reports are due thirty (30) calendar days after the Contract award date. 32.1 If a document or part of a document is not translated, COR will contact the vendor to have translated at no cost to the Government or CBOPC. 33. Quality Assurance: The Contractor shall develop and maintain an effective quality control program in accordance with their approved Management Oversight Plan (MOP) to ensure services are performed in accordance with the PWS. The Contractor shall develop and implement procedures to identify, prevent, and ensure non-recurrence of defective services. The Contractor's Quality Control Program (QCP) is the means to assure that the work complies with the requirement of the Contract. As a minimum, the Contractor shall develop QCP that address the areas identified in the Quality Assurance Surveillance Plan (QASP). 34. Performance Assessment: The Government shall evaluate the Contractor's performance under this Contract in accordance with the QASP in a separate document. This plan is primarily focused on what the Government shall do to ensure that the Contractor has performed in accordance with the performance standards. The QASP what shall be monitored, how monitoring shall take place, who shall conduct the monitoring, and how monitoring efforts and results shall be documented.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/VA/VAHAC741/VAHAC741/VA74116Q0095/listing.html)
- Document(s)
- Attachment
- File Name: VA741-16-Q-0095 VA741-16-Q-0095.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=2863499&FileName=VA741-16-Q-0095-000.docx)
- Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=2863499&FileName=VA741-16-Q-0095-000.docx
- Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
- File Name: VA741-16-Q-0095 VA741-16-Q-0095.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=2863499&FileName=VA741-16-Q-0095-000.docx)
- Record
- SN04177915-W 20160713/160711234851-a0da6a5121c83679590c73a1569e0b93 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |