Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF JUNE 09, 2023 SAM #7864
SOURCES SOUGHT

R -- Identity Protection Services Contract

Notice Date
6/7/2023 12:07:59 PM
 
Notice Type
Sources Sought
 
NAICS
561450 — Credit Bureaus
 
Contracting Office
ACQUISITIONS - AQM MOMENTUM WASHINGTON DC 20520 USA
 
ZIP Code
20520
 
Solicitation Number
10762331071
 
Response Due
6/15/2023 11:00:00 AM
 
Archive Date
06/30/2023
 
Point of Contact
Crystal Brooks
 
E-Mail Address
BrooksCC@state.gov
(BrooksCC@state.gov)
 
Small Business Set-Aside
SBA Total Small Business Set-Aside (FAR 19.5)
 
Description
� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �STATEMENT OF OBJECTIVES � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � U.S. Department of State � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Office of Global Information Services � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �Privacy Office (A/GIS/PRV) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Identity Protection Services Contract � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � June 7, 2023 General:�� This is a Sources Sought Notice Only. This is NOT a solicitation for proposals, proposal abstracts, or quotations. This Sources Sought Notice is issued for information and planning purposes only as part of U.S. Department of State (DOS) market research and does not constitute a solicitation. This requirement is covered under NAICS code�NAICS Code 561450�- Credit Bureaus The purpose of this notice is to obtain information regarding the availability and capability of qualified Small Business GSA Federal Supply Schedule Holders to provide the below services that meets the DOS requirements (small businesses; HUBZone small businesses; service-disabled veteran owned small businesses; 8(a) small businesses; veteran owned small businesses; woman owned small businesses; and small disadvantaged businesses). 1.1 Background PRV oversees the Department of State�s (the Department) collection, maintenance, and use of personally identifiable information. The office�s mission is to comply with federal privacy mandates, promote awareness, and build public trust by implementing best practices regarding personally identifiable information (PII). PRV works towards this mission by shaping privacy policy, managing breaches, creating workforce awareness, and complying with statutes. 1.2 Objective A primary PRV function is responding to and remediating breaches of PII. An essential element to breach management is ensuring mechanisms are in place allowing for a quick and efficient response. When PRV determines that a data loss or breach exposes an individual to risk of identity theft or other fraudulent activity, identity protection services may be offered. Through selected contracting services, the Department notifies impacted individuals by email or letter of their eligibility for Department-funded identity protection services along with contact information and account activation procedures. 1.3� The contractor must provide all resources necessary to accomplish the tasks and deliverables described in this statement of objecties (SOO) The contractor must handle all aspect of identity protection services under the guidance from the Department of State representatives. 1.4 Period of Performance The term of this contract shall be for a base year and four (4) one-year options commencing from the date of award. 1.5 Place of Performance The place of performance shall be within the United States, its territories, and possessions. 2.0� Specific Requirements 2.1 Enrollment Services Individuals eligible for Department of State-funded identity protection services voluntarily elect to participate. The Contractor must have the capability to enroll a minimum of 100 individuals per day, and provide enrollment services by mail, telephone or electronic exchange, at the option of the enrollee. 2.2 Monitoring Services The Contractor shall monitor credit information on enrolled individuals from each of the three credit monitoring bureaus (Equifax,� �Experian and Trans Union) in order to identify possible fraudulent activity and/or identity theft. 2.3 Customer Service The Contractor shall provide a customer assistance call center that shall be available seven (7) days a week, excluding federal holidays, and accessible by a toll-free phone number provided by the Contractor. The call center shall have the capacity to service phone inquiries on all Department of State specific enrollments. Note: Historically, the calls have not exceeded 50% of the mailings. 2.4 Alerts and Other Information The Contractor shall immediately alert enrollees of changes in their credit files that may be a possible indication of fraudulent activity and/or identity theft. The Contractor shall provide enrollees the option of choosing the method by which they wish to receive alerts and information to include internet, mail, and telephone. 2.5 Identity Theft Insurance Except where prohibited by State Law, the Contractor shall provide identity theft insurance of at least $10,000.00. 2.6 Notification The Contractor shall provide the ability to notify individuals of services provided on behalf of the Department. Reporting On a monthly basis the Contractor shall provide the Department of State Contracting Officer�s Representative (COR) the following: Number of individuals enrolled at the end of each month during the enrollment period. Number of individuals who requested Fraud Resolution Services. Contractor shall be able to provide a list with names, start and end dates of individuals needing credit monitoring only when requested by the COR Other Requirements: The Contractor shall offer all services in English and Spanish. � � � �2.To provide adequate protection in the storage, transmission and processing of Department of State information, the� � �Contractor must implement the minimum-security requirements and minimum-security controls set forth in FIPS 200, �Minimum Security Requirements for Federal Information and Information Systems� and NIST Special Publication 800-53 �Recommended Security Controls for Federal Information Systems.� � � � � 3. The Contractor is required to comply with all federal laws and regulations including but not limited to the following: - Accessibility provisions of Section 508 and Public Law 99-506. Fair Debt Collections Practices Act and amend. Privacy Act USC 552a. � � � � 4. Marketing or solicitation of individuals for services not provided is not authorized. � � � � 5.In addition to providing identity protection services to individuals residing in the Continental United States, the Contractor must also be prepared to offer identity protection to individuals with a U.S. credit file and a foreign or APO/FPO address. Enrollment options shall include at least one of the methods (telephone, electronic exchange (PII approved only), or PII approved fax). � � � 6. To� provide identity protection options of Per Enrollee & Per Impacted Individual. � � � �7. At the end of the monitoring period, the Contractor will notify each person by email when their monitoring will be finished. If the individual or the Contractor would like additional periods of identity protection to be provided � � � �8. The Contractor will communicate with the individual directly and the cost will be at the individual�s own expense. Any additional identity protection outside of the scope of this contract will not be provided by the Department of State. 3.0� Performance Standards The following is the service level matrix for Identity Protection Services: Desired Outcome 1. Customer problems shall be resolved as quickly and efficiently as possible 2.�Provide recovery assistance to help victims manage the process of eliminating fraudulent activity. 3.�Provide reports and records to the COR. Required Service 1.� Requests for service shall be efficiently logged and tracked, and the customer shall be notified as to the expected completion time. 2.�Provide short resolution period for investigation. 3.�Provide reports and records of activities and results to the COR as specified in SOW. Performance Standard 1. 90% of calls are resolved within the same business day. 2.�90% of calls are resolved within same business day. 3.�Provide reports on number of individuals enrolled at the end of each month during the enrollment period. Monitoring Method� 1.:Trouble tracking system will be reviewed, noting how request arrived (e-mail phone), time arrived, and� date/time completed; random sampling of customers. 2.�Trouble tracking system will be reviewed, noting how request arrived (e-mail phone), time arrived, and date/time completed; random sampling of customers. 3.�Receipt of applicable reports. Reports should include system uptime and availability. Quality Assurance Surveillance Plan (QASP) Performance analysis will be performed monthly. This plan is designed to provide an effective surveillance method to promote effective contractor performance. The Quality Assurance Plan provides a method for the Contracting Officer's Representative (COR) to monitor contractor performance, advise the Contractor of unsatisfactory performance, and notify the Contracting Officer of continued unsatisfactory performance. The Contractor, not the Government, is responsible for management and quality control to meet the terms of the task order. The role of the Government is to monitor contractor performance to ensure that the task order standards are achieved. 4.0�������� Special Instructions: Security Requirements The Contractor shall ensure adequate LAN/internet, data, information, and system security in accordance with Department of State standard operating procedures and Federal standards, laws, and regulations. The Contractor�s firewall and web server shall meet or exceed the Government minimum security requirements. All Government data shall be protected behind an approved firewall. Any security violations or attempted violations shall be reported to the COR 4 immediately upon detection. The Contractor shall adhere to applicable Department policies and procedures governing information security. Due to heightened security concerns all vendors are advised that service shall be provided in accordance with the safeguards of Department of State 5 FAM 470, Access to and Use of Information, issued August 1, 2007, and Department of State 12 FAM 540, Sensitive but Unclassified (SBU) Information. These directives identify compliance with the technology and processes necessary to ensure that all Department of State sensitive data (personal identifying data such as name, address, social security number, and date of birth; and personal information such as medical condition, diagnostic codes, treatments, medications, or billing information) are secure. This includes data that are stored, generated, or exchanged by the Department, a contractor, subcontractor or a third party, or of any of these entities, regardless of format (i.e., paper, microfiche, electronic or magnetic portable media), or whether it resides on a Department of State or contractor or subcontractor�s electronic information system. 5.0�������� Special Instructions: Notice to Contractors Press releases, marketing material, or any other printed or electronic documentation related to this project must not be publicized. All information/data collected by the contractor will remain the property of the State Department and therefore, will not and cannot be copied or released to anyone. �All data and information will only be used for the protection of the consumers identity and only as indicated by the State Department.�� SOURCES SOUGHT INSTRUCTIONS - All qualified GSA Federal Supply Schedule Holders (small business firms) with the capability to provide the services outlined in the SOO� of the recommended product description/specifications with the DOS requirements. -The qualified schedule holders shall present other applicable information that will benefit the acquisition� (Ex. Capability Statements) -Cost or price information is not solicited and will not be reviewed. -All interested GSA Small Business Federal Supply Schedule Holders shall provide their current NAICS code, and Socio-Economic Business Size (small businesses; HUBZone small businesses; service-disabled veteran owned small businesses; 8(a) small� businesses; veteran owned small businesses; woman owned small businesses; and small disadvantaged businesses). Interested firms �shall submit an electronic copy of their submission via email to Crystal Brooks at brooksCC@state.gov The due date and time for submission of responses is 2:00 PM Eastern Standard Time (EST) [June 15, 2023]. No phone calls related to this Sources Sought will be accepted. All correspondence shall be via email. Firms responding to this Sources Sought shall be registered in the System for Award Management under NAICS code�NAICS Code 561450�- Credit Bureaus �All responses must include the following information: Company name. Company address. Company business size (Respond: �Small� or �Other Than Small�). Unique Entity Identifier. Point-of-contact name, telephone number, and email address.
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/f702aac62e31456194c4bebd22416477/view)
 
Place of Performance
Address: Washington, DC 20520, USA
Zip Code: 20520
Country: USA
 
Record
SN06708103-F 20230609/230607230119 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.