Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF SEPTEMBER 14, 2016 FBO #5409
DOCUMENT

D -- Omnicell Pandora Software Support, License and Upgrades - Attachment

Notice Date
9/12/2016
 
Notice Type
Attachment
 
NAICS
511210 — Software Publishers
 
Contracting Office
Department of Veterans Affairs;Ann Arbor Healthcare System;Network Contracting Office 10;2215 Fuller Road;Ann Arbor MI 48105
 
ZIP Code
48105
 
Solicitation Number
VA25016N0713
 
Response Due
9/14/2016
 
Archive Date
12/22/2016
 
Point of Contact
Thomas Auten
 
E-Mail Address
5-3938<br
 
Small Business Set-Aside
Total Small Business
 
Description
The Department of Veterans Affairs, Network Contracting Office 10, 24 Frank Lloyd Wright Drive, Lobby M, Suite 2200, Ann Arbor, MI 48105, intends to solicit offers to provide Omnicell Pandora Software Support as listed below. The contractor shall meet all requirements listed below. The Omnicell Pandora Software Support shall be performed for the VA Ann Arbor Healthcare System, 2215 Fuller Rd, Ann Arbor, MI 48105. Contractors that can provide this requirement and meets the requirements below are requested to send their 1. Company Name, 2. DUNS number, 3. Business size under NAICS 511210, and 4. If the item(s) are available on a FSS contract or not and the FSS contract number if it is available on contract, 5. Notification if they are a VETBIZ registered VOSB/SDVOSB or not. This Sources Sought will close on 9/14/2016 at 3PM EDST. Please e-mail all responses to Thomas.Auten@va.gov. PANDORA STATEMENT OF WORK I. SCOPE OF WORK: The Contractor shall provide Support Services, License and upgrades to the Omnicell Pandora System located at VA Ann Arbor Healthcare System (VAAAHS), 2215 Fuller Road, Ann Arbor, MI 48105. The VA Ann Arbor Healthcare System (VAAAHS) is seeking a one (1) year base with four (4) one (1) year options for Support Services, upgrades and License for the Omnicell Pandora Software system. PVI-ANA-0002 PANDORA VIA MILTILOCATION LICENSE QTY. 1 PVI-ANA-0001 PANDORA VIA SOFTWARE CORE FRAMEWORK QTY. 1 PVI-ANA-0003 PVIA CLINICALS ADC 10 LICENSE PACK OMNICELL QTY. 5 PVI-ANA-0005 PVIA CLINICALS ADC APP MODULE OMNICELL QTY. 1 PVI-ANA-032 PVIA CLINICALS PAR OPTIMIZATION MODULE QTY. 1 II. HOURS OF WORK: A.Omnicell Gold Plan for Software Support and Updates and Upgrades. B.Telephone Support Coverage 24 hours a day-7 days/ week. C.Engineer Live Coverage Monday -Friday -24 hours Saturday, Sunday, Holiday: 7AM -7PM EST. D.On Call Support Saturday, Sunday, Holidays: 7AM-7PM EST. E..Response Time One (1) Hour: Monday- Friday 7 AM -7 PM EST F.Response Times (Maximum) 2 hours Monday - Friday. 7AM -7 PM EST, Saturday, Sunday & Holidays. G.Remote Software & Interface Diagnostics-Included Proactive Remote available VIA Secure Server. H.On Site Support. (If necessary) 24 Hours /day -7 days/week based on the status of the system disabled system vs non-critical failure. Disabled 6 Hours I.Non -critical failure 24 hours. J.Repairs/ Replacement Parts- Parts are included. On site in 24 hours from Omnicell technician determination of need. K.Software Updates & Upgrade Included. XI. PRIVACY TRAINING: PRIVACY TRAINING REQUIREMENTS Failure to complete the mandatory annual training and sign privacy training VA20939, within the timeframe required, is grounds for suspension or termination of all physical or electronic access privileges and removal from work on the contract until such time as the training and documents are complete. The contractor/subcontractor shall provide notice to VA of a "security incident" as set forth in the Security Incident Investigation section above. Upon such notification, VA must secure from a non-Department entity or the VA Office of Inspector General an independent risk analysis of the data breach to determine the level of risk associated with the data breach for the potential misuse of any sensitive personal information involved in the data breach. The term 'data breach' means the loss, theft, or other unauthorized access, or any access other than that incidental to the scope of employment, to data containing sensitive personal information, in electronic or printed form, that results in the potential compromise of the confidentiality or integrity of the data. Contractor shall fully cooperate with the entity performing the risk analysis. Failure to cooperate may be deemed a material breach and grounds for contract termination. (1). Each risk analysis shall address all relevant information concerning the data breach, including the following: (a) Nature of the event (loss, theft, unauthorized access); (2) Description of the event, including: (a) Date of occurrence; (b) Data elements involved, including any PII, such as full name, social security number, date of birth, home address, account number, disability code; (3) Number of individuals affected or potentially affected; (4) Names of individuals or groups affected or potentially affected; (5) Ease of logical data access to the lost, stolen or improperly accessed data in light of the degree of protection for the data, e.g., unencrypted, plain text; (6) Amount of time the data has been out of VA control; (7) The likelihood that the sensitive personal information will or has been compromised (made accessible to and usable by unauthorized persons); (8) Known misuses of data containing sensitive personal information, if any; (9) Assessment of the potential harm to the affected individuals; (10) Data breach analysis as outlined in 6500.2 Handbook, Management of Security and Privacy Incidents, as appropriate; and (11) Whether credit protection services may assist record subjects in avoiding or mitigating the results of identity theft based on the sensitive personal information that may have been compromised. Based on the determinations of the independent risk analysis, the contractor shall be responsible for paying to the VA liquidated per affected individual to cover the cost of providing credit protection services to affected individuals consisting of the following: (1) Notification; (2) One year of credit monitoring services consisting of automatic daily monitoring of at least 3 relevant credit bureau reports; (3) Data breach analysis; (4) Fraud resolution services, including writing dispute letters, initiating fraud alerts and credit freezes, to assist affected individuals to bring matters to resolution; (5) One year of identity theft insurance with $20,000.00 coverage at $0 deductible; (6) Necessary legal expenses the subjects may incur to repair falsified or damaged credit records, histories, or financial affairs A. Security Requirements ' 1. Omnicell devices will communicate with Pandora VIA over network connections considered secure as measured against Department of Veterans Affairs National, regional and local guidelines. 2. Part of the maintenance contract with the Omnicell Corporation will allow and require remote access to the Omnicell System by Omnicell Technical personnel. The Omnicell Corporation shalll set up an account with the Department of Veterans Affairs that permits communication with the local Omnicell System via Virtual Private Network (VPN). Under certain catastrophic circumstances, communication via modem MAY be allowed (providing all permissions to use the modem are granted through the facility ISO). 3. Physical Security i. The Omnicell devices will operate in an environment that is observable and/or physically secured. ii. The devices will be chained to a secure wall. 4. Information Systems Security i. Access to Omnicell software and hardware operation is protected by the same safeguards as is standard on all Department of Veteran's Affairs workstations and servers and is compliant with national guidelines. ii. Antiviral software, firewall software and any other software necessary to secure uninterrupted operation and protect sensitive VA data will be applied to the medstations and servers as is standard for all Department of Veteran's Affairs workstations and servers and compliant with national guidelines. iii. Omnicell Automated Dispensing Systems shall have and maintain a Business Access Agreement with the Department of Veterans Affairs and comply with requirements detailed below in C3.4.1.1.3. iv. "VAAR- 852.273-75 SECURITY REQUIREMENTS FOR UNCLASSIFIED INFORMATION TECHNOLOGY RESOURCES (Interim - October 2008) v. The contractor and their personnel shall be subject to the same Federal laws, regulations, standards and VA policies as VA personnel, regarding information and information system security. These include, but are not limited to Federal Information Security Management Act (FISMA), Appendix Ill of OMB Circular A- 130, and guidance and standards, available from the Department of Commerce's National Institute of Standards and Technology (NIST). This also includes the use of common security configurations available from NIST's Web site at: http://checklists.nist.gov vi. To ensure that appropriate security controls are in place, contractors must follow the procedures set forth in "VA Information and Information System Security/Privacy Requirements for IT Contracts" located at the following Web sit http://www.iprm.oit.va.gov\. vii. These provisions shall apply to all contracts in which VA sensitive information is stored, generated, transmitted, or exchanged by VA, a contractor, subcontractor or a third-party, or on behalf of any of these entities regardless of format or whether it resides on a VA system or contractor/subcontractor's electronic information system(s) operating for or on the VA's behalf. viii. Clauses 3.4.4.5 and 3.4.4.6 shall apply to current and future contracts and acquisition vehicles including, but not limited to, job orders, task orders, letter contracts, purchase orders, and modifications. Contracts do not include grants and cooperative agreements covered by 31 U.S.C. §6301 et seq. ix. Certification of Compliance. I certify that all requirements applicable to this contract are in compliance with the stated clause VAAR Clause 852.273-75. ______________________________________ Authorized Company Representative Signature
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/VA/VAAAHCS506/VAAAHCS506/VA25016N0713/listing.html)
 
Document(s)
Attachment
 
File Name: VA250-16-N-0713 VA250-16-N-0713.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=2998707&FileName=VA250-16-N-0713-000.docx)
Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=2998707&FileName=VA250-16-N-0713-000.docx

 
Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 
Place of Performance
Address: VA ANN ARBOR HEALTHCARE SYSTEM;2215 FULLER RD;ANN ARBOR, MI
Zip Code: 48105
 
Record
SN04267373-W 20160914/160912235431-b692eb0862bd1b7a705b24f4a729e770 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.