SOURCES SOUGHT
J -- Xerox MFD Support Services - BUTLER VAMC Sources Sought Only
- Notice Date
- 3/12/2020 7:21:34 AM
- Notice Type
- Sources Sought
- NAICS
- 811212
— Computer and Office Machine Repair and Maintenance
- Contracting Office
- 244-NETWORK CONTRACT OFFICE 4 (36C244) PITTSBURGH PA 15215 USA
- ZIP Code
- 15215
- Solicitation Number
- 36C24420Q0394
- Response Due
- 3/19/2020 12:00:00 AM
- Archive Date
- 05/03/2020
- Point of Contact
- William.Schlobohm2@va.gov
- E-Mail Address
-
William.Schlobohm2@va.gov
(William.Schlobohm2@va.gov)
- Awardee
- null
- Description
- GENERAL INFORMATION FOLLOWED BY A TENTATIVE STATEMENT OF WORK NOTICE: This is not a solicitation but rather a Request for Information (RFI) (Sources Sought) to determine capability of potential sources and is for information and planning purposes only. Veterans Health Affairs, Network Contracting Office 4, is issuing this request for information/sources sought notice in order to identify capable firms for Xerox MFD Support Services for the Butler VAMC. Responses must be submitted by 11:00pm (EST) March 19th, 2019. Submit responses to the information requested above via email to william.schlobohm2@va.gov . All SDVOSB and VOSB firms that respond shall include proof of CVE certification via www.vip.vetbiz.gov. All small business firms that respond shall include proof of small business status via their Representations and Certifications in accordance with (FAR 4.1102 Policy). While SDVOSB/VOSB contractors are preferred, all capable contractors are welcome to respond to this sources sought notice for market research purposes, and shall include as part of their response a brief capability statement that covers the information in the following tentative statement of work The results of this market research will assist in the development of (1) the requirement, and (2) the acquisition strategy (e.g., socioeconomic set-aside, full and open competition, etc.). VA assumes no responsibility for any costs incurred associated with the preparation of responses. Suggested NAICS: 811212 (Office machine repair and maintenance services except communication equipment) Suggested PSC: J074 (Maintenance and Repair of Office Machines) Open to suggestions from the market as to a more proper NAICS and/or PSC, as well as any potential GSA/FSS Schedule SIN categories. SAMPLE / TENTATIVE STATEMENT OF WORK (BELOW) XEROX MULTIFUNCTION SUPPLIES, PARTS, MAINTENANCE, AND SUPPORT SERVICES BACKGROUND The Department of Veterans Affairs medical center in Butler, PA (Butler VA Health Care System) deployed 49 Xerox multifunction devices (MFD) throughout the Abie Abraham Health Care Center. In order to maintain copying, printing, scanning, and faxing services, these device require supplies, parts, maintenance, and support as described in the requirements below. APPLICABLE DOCUMENTS In the performance of the tasks associated with this Performance Work Statement (PWS), the Contractor shall comply with the following: 44 U.S.C. � 3541,� Federal Information Security Management Act (FISMA) of 2002 Federal Information Processing Standards (FIPS) Publication 140-2, Security Requirements For Cryptographic Modules FIPS Pub 201-2, Personal Identity Verification of Federal Employees and Contractors, August 2013 10 U.S.C. � 2224, ""Defense Information Assurance Program"" Carnegie Mellon Software Engineering Institute, Capability Maturity Model� Integration for Development (CMMI-DEV), Version 1.3 November 2010; and Carnegie Mellon Software Engineering Institute, Capability Maturity Model� Integration for Acquisition (CMMI-ACQ), Version 1.3 November 2010 5 U.S.C. � 552a, as amended, The Privacy Act of 1974 42 U.S.C. � 2000d Title VI of the Civil Rights Act of 1964 VA Directive 0710, Personnel Suitability and Security Program, June 4, 2010, http://www.va.gov/vapubs/ VA Handbook 0710, Personnel Suitability and Security Program, September 10, 2004, http://www.va.gov/vapubs VA Directive and Handbook 6102, Internet/Intranet Services, July 15, 2008 36 C.F.R. Part 1194 Electronic and Information Technology Accessibility Standards, July 1, 2003 Office of Management and Budget (OMB) Circular A-130, Management of Federal Information Resources, November 28, 2000 32 C.F.R. Part 199, Civilian Health and Medical Program of the Uniformed Services (CHAMPUS) An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, October 2008 Sections 504 and 508 of the Rehabilitation Act (29 U.S.C. � 794d), as amended by the Workforce Investment Act of 1998 (P.L. 105-220), August 7, 1998 Homeland Security Presidential Directive (12) (HSPD-12), August 27, 2004 VA Directive 6500, Managing Information Security Risk: VA Information Security Program, September 20, 2012 VA Handbook 6500, Risk Management Framework for VA Information Systems Tier 3: VA Information Security Program, March 10, 2015 VA Handbook 6500.1, Electronic Media Sanitization, November 03, 2008 VA Handbook 6500.2, Management of Data Breaches Involving Sensitive Personal Information (SPI) , January 6, 2012 VA Handbook 6500.3, Assessment, Authorization, And Continuous Monitoring Of VA Information Systems, February 3, 2014 VA Handbook 6500.5, Incorporating Security and Privacy in System Development Lifecycle March 22, 2010 VA Handbook 6500.6, Contract Security, March 12, 2010 VA Handbook 6500.8, Information System Contingency Planning , April 6, 2011 Project Management Accountability System (PMAS) portal (reference https://www.voa.va.gov/pmas/) OI&T ProPath Process Methodology (reference process maps at http://www.va.gov/PROPATH/Maps.asp and templates at http://www.va.gov/PROPATH/Templates.asp NOTE: In the event of a conflict, OI&T ProPath takes precedence over other processes or methodologies. One-VA Technical Reference Model (TRM) (reference at http://www.va.gov/trm/TRMHomePage.asp) National Institute Standards and Technology (NIST) Special Publications (SP) VA Directive 6508, VA Privacy Impact Assessment, October 3, 2008 VA Directive 6300, Records and Information Management, February 26, 2009 VA Handbook, 6300.1, Records Management Procedures, March 24, 2010 OMB Memorandum, Transition to IPv6 , September 28, 2010 VA Directive 0735, Homeland Security Presidential Directive 12 (HSPD-12) Program, February 17, 2011 VA Handbook 0735, Homeland Security Presidential Directive 12 (HSPD-12) Program, March 20, 2014 OMB Memorandum M-06-18, Acquisition of Products and Services for Implementation of HSPD-12, June 30, 2006 OMB Memorandum 05-24, Implementation of Homeland Security Presidential Directive (HSPD) 12 Policy for a Common Identification Standard for Federal Employees and Contractors, August 5, 2005 OMB memorandum M-11-11, Continued Implementation of Homeland Security Presidential Directive (HSPD) 12 Policy for a Common Identification Standard for Federal Employees and Contractors, February 3, 2011 OMB Memorandum, Guidance for Homeland Security Presidential Directive (HSPD) 12 Implementation, May 23, 2008 Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance, December 2, 2011 NIST SP 800-116, A Recommendation for the Use of Personal Identity Verification (PIV) Credentials in Physical Access Control Systems, November 20, 2008 OMB Memorandum M-07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information, May 22, 2007 NIST SP 800-63-2, Electronic Authentication Guideline, August 2013 Draft NIST Special Publication 800-157, Guidelines for Derived PIV Credentials, March 2014 NIST Special Publication 800-164, Guidelines on Hardware-Rooted Security in Mobile Devices (Draft), October 2012 Draft National Institute of Standards and Technology Interagency Report (NISTIR) 7981 Mobile, PIV, and Authentication, March 2014 VA Memorandum, VAIQ #7100147, Continued Implementation of Homeland Security Presidential Directive 12 (HSPD-12), April 29, 2011 (reference https://www.voa.va.gov/documentlistpublic.aspx?NodeID=514) VA Memorandum, VAIQ # 7011145, VA Identity Management Policy, June 28, 2010 (reference Enterprise Architecture Section, PIV/IAM (reference https://www.voa.va.gov/documentlistpublic.aspx?NodeID=514) IAM Identity Management Business Requirements Guidance document, May 2013, (reference Enterprise Architecture Section, PIV/IAM (reference https://www.voa.va.gov/documentlistpublic.aspx?NodeID=514) Trusted Internet Connections (TIC) Reference Architecture Document, Version 2.0, Federal Interagency Technical Reference Architectures, Department of Homeland Security, October 1, 2013, https://www.fedramp.gov/files/2015/04/TIC_Ref_Arch_v2-0_2013.pdf OMB Memorandum M-08-05, Implementation of Trusted Internet Connections (TIC), November 20, 2007 OMB Memorandum M-08-23, Securing the Federal Government s Domain Name System Infrastructure, August 22, 2008 VA Memorandum, VAIQ #7497987, Compliance Electronic Product Environmental Assessment Tool (EPEAT) IT Electronic Equipment, August 11, 2014 (reference Document Libraries, EPEAT/Green Purchasing Section, https://www.voa.va.gov/documentlistpublic.aspx?NodeID=552) Sections 524 and 525 of the Energy Independence and Security Act of 2007, (Public Law 110 140), December 19, 2007 Section 104 of the Energy Policy Act of 2005, (Public Law 109 58), August 8, 2005 Executive Order 13693, Planning for Federal Sustainability in the Next Decade, March 19, 2015 Implementing Instructions for Executive Order 13693 Planning for Federal Sustainability in the Next Decade, June 10, 2015 Executive Order 13221, Energy-Efficient Standby Power Devices, August 2, 2001 VA Directive 0058, VA Green Purchasing Program , July 19, 2013 VA Handbook 0058, VA Green Purchasing Program , July 19, 2013 Office of Information Security (OIS) VAIQ #7424808 Memorandum, Remote Access , January 15, 2014, https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28 Clinger-Cohen Act of 1996, 40 U.S.C. �11101 and �11103 VA Directive 6071, Project Management Accountability System (PMAS), February 20, 2013 VA Memorandum, Implementation of Federal Personal Identity Verification (PIV) Credentials for Federal and Contractor Access to VA IT Systems , (VAIQ# 7614373) July 9, 2015, https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28 VA Memorandum Mandatory Use of PIV Multifactor Authentication to VA Information System (VAIQ# 7613595), June 30, 2015, https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28 VA Memorandum Mandatory Use of PIV Multifactor Authentication for Users with Elevated Privileges (VAIQ# 7613597), June 30, 2015; https://www.voa.va.gov/DocumentListPublic.aspx?NodeId=28 Multi-Function Device and Network Printers Security Technical Implementation Guide (STIG) - Version 2, Release 4 http://iase.disa.mil/stigs/Lists/stigs-masterlist/npw-netothermulti.aspx SCOPE OF WORK The contractor shall maintain the functioning 49 Xerox multifunction devices (MFD) listed in Appendix A. The functions of the MFD are copying, printing, scanning, and faxing which includes the configuration of Personal Identification Verification (PIV) cards, secure release printing, and network-based faxing within the MFD in accordance to the VA resources listed in the Applicable Documents section. Performance Details 4.1 PERFORMANCE PERIOD The performance period is 12 months from the effective date of award. 4.2 PLACE OF PERFORMANCE The 49 Xerox MFD units are located within the Abie Abraham VA Health Care Center located at 353 North Duffy Road, Butler, PA 16001. 4.3 TRAVEL The Government anticipates travel to be required to satisfy the requirements throughout the period of performance. All estimated travel costs shall be included in line items, as travel costs will not be directly reimbursed by the Government. 5.0 SPECIFIC REQUIREMENTS 5.1 PRINTING REQUIREMENTS In addition to receiving and processing normal print and scan jobs, an MFD on the network shall be able to receive any user-initiated secure print jobs via PIV Authentication (VistA terminal emulation, CPRS and other Windows applications print jobs) from workstations and allow only the specified user to view, or delete only their print jobs from the MFD. Unclaimed print jobs must be deleted by the system at configurable time intervals. The configuration of Nuance Output Manager (NSI) application shall be maintained on the MFD. An MFD shall be able to capture the print job user metadata to associate the print job with the authenticated user at the output device. The MFD will not show other user s jobs sitting in the queue. Only the authenticated user s job will be shown as not to present a security vulnerability target. The Contractor shall provide a PIV enabled secure print feature that allows users to retrieve printouts securely, using their PIV credentials. The MFD shall be capable of allowing the user to authenticate at the MFD with PIV to release the held print job(s). For auditing purposes, an MFD shall track username, print job name, and date/time stamp for all print jobs. MFD shall support follow me print via use of VA supported PIV card and NT credentials entered on a key board. The configuration of Nuance Output Manager (NSI) application shall be maintained on the MFD. 5.2 SCANNING REQUIREMENTS The Contractor shall adhere to the PIV method as outlined in the FIPS 201-1 publication. The Contractor shall maintain authentication capabilities that shall integrate with the PIV system. The MFD may use an internal or external PIV solution to achieve this requirement. User identification must be automatic based on attributes on the PIV. Based on PIV authentication, the MFD shall allow VA to customize scan options based on user profiles or user group profile (e.g., users in the Prosthetics user group can scan to only Prosthetics document destinations) as a measure of operational security. The MFD shall maintain a capability to allow users to scan to user home directories (i.e., home folders, H-Drives, or U-Drives) or other personalized destinations to limit Personally Identifiable Information (PII) exposure. Apart from PIV authentication, MFD routing of documents shall not require any additional user identification (such as requiring the user to type in their username or navigating to a folder structure). 5.3 FAX REQUIREMENTS The Contractor shall maintain the connection and configuration of the MFD to the existing VA FAX server at the installation site. The fax server application is CLEO STREEM. 5.4 USER ACCESS REQUIREMENTS The MFD shall support a smart card reader with multiple user access capabilities via the VA PIV card. 5.5 NETWORK SUPPORT The Contractor shall provide remote technical support to VA IT staff in troubleshooting and providing corrective actions to re-establish MFD connectivity and functionality, to include PIV authentication functionality. The Contractor shall provide a point of contact for VA IT staff to contact via telephone or email, if loss of MFD connectivity or functionality occurs after a software upgrade or patch is done on the VA network. 5.6 FULL SERVICE MEAINTENANCE SUPPORT WITH SUPPLIES The Contractor shall be responsible for all maintenance actions, labor, and parts, for all devices listed in Appendix A. The Contractor shall maintain each device at a minimum 95% monthly availability rate, based on an administrative duty schedule, (e.g., 8 am to 7 pm, Monday thru Friday). The Contractor shall repair or replace defective parts or equipment, at Contractor s expense, to maintain the required functionality and operation of the device. Full service maintenance support shall include troubleshooting, repair and replacement of failed or defective non-user replaceable parts, as well as all normal, routine, periodic and preventative maintenance (PM) work and parts, annual and ad hoc repair services, and required PM kits, circuit boards, light bulbs, rollers and any other parts required to retain peak operational function of MFD equipment. The full service maintenance support shall also include coverage for all internal and external mechanical and electronic components and software required to maintain the MFD functionality. The Contractor technician shall respond to service calls to remotely repair systems within four (4) hours after receiving notification from the VA facility, or arrive at the facility location within next business day, when there is an equipment failure requiring onsite repair. In addition to the full service maintenance support, as described above, the Contractor shall provide and install the supplies necessary to maintain full MFD operations. The supplies shall include drums, fusers, toner, developer, filters, webs, and paper fasteners. Excluded supplies include paper, transparencies, and binding tape. In accordance with Executive Order 13693, all toner cartridges provided under this contract shall be remanufactured, contain recycled content, or be bio-based. If all three of these sustainable acquisition requirements for toner cartridges cannot be met in the same product, remanufactured and recycled cartridges shall be provided before bio-based toner, unless one of the exceptions listed below applies. Additionally, all toner cartridges provided by the Contractor shall meet one or both of the following U.S. Environmental Protection Agency (EPA)-recommended standards for toner cartridges: a. STMC Manufacturer meets Standardized Test Methods of the International Imaging Technology Council b. UL 2785 Standard for Sustainability for Printing Cartridges The Contractor shall adhere to the sustainable acquisition requirements for toner cartridges unless there is an allowable exception. An allowable exception is available if any of the following conditions exist: a. Product or service cannot be acquired competitively within a reasonable performance schedule. b. Product or service cannot be acquired that meets the performance requirements. c. Product or service cannot be acquired at a reasonable price. d. An exception is provided by statute. The price shall be deemed unreasonable if the total life cycle costs are significantly higher for the sustainable product or service versus the non-sustainable product. Life cycle costs are determined by combining the initial costs of a product or service with any additional costs or revenues generated from that product during its entire life. If at any point during the POP the Contractor cannot comply with the sustainable acquisition requirements for one of the reasons listed above, the Contractor shall provide documentation identifying the exception being used and rationale for using the exception, for approval by the CO. The Contractor shall be responsible for the cost of repair or replacement for any equipment damaged by the Contractor-provided toner cartridges. Appendix A MFD Manufacturer MFD Model MFD Serial Number XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018282 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018340 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018269 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018370 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018369 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018356N XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018342 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018354 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018368 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018349 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018236 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018364 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018339 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018359 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018336 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018259 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018256 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018265 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018351 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018365 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018234 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018264 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018293 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018302 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018353 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018334 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018315 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018275 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018358 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018341 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018254 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018233 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018247 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018348 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018272 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018301 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018190 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018261 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018352 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018271 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018372 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018355 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018250 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018363 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018346 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018338 XEROX Xerox WorkCentre 5865 v1 Multifunction System EX9018257 XEROX Xerox WorkCentre 7970 v1 Multifunction Printer B0W174967 XEROX Xerox WorkCentre 7970 v1 Multifunction Printer B0W174958
- Web Link
-
SAM.gov Permalink
(https://beta.sam.gov/opp/96178344e7c041079831b55b268a577a/view)
- Place of Performance
- Address: Butler VA Health Care System;353 N. Duffy Rd, Butler PA 16001
- Record
- SN05587847-F 20200314/200312230148 (samdaily.us)
- Source
-
SAM.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's SAM Daily Index Page |