Loren Data's SAM Daily™

fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF JUNE 23, 2006 FBO #1670
SOLICITATION NOTICE

R -- Privacy Expert Consultants

Notice Date
6/21/2006
 
Notice Type
Solicitation Notice
 
NAICS
541611 — Administrative Management and General Management Consulting Services
 
Contracting Office
Social Security Administration, Office of Budget, Finance, and Management, Office of Acquisition and Grants, 1st Floor, Rear Entrance 7111 Security Blvd., Baltimore, MD, 21244
 
ZIP Code
21244
 
Solicitation Number
SSA-RFQ-06-1330
 
Response Due
7/6/2006
 
Archive Date
7/21/2006
 
Description
The Social Security Administration (SSA) is seeking Privacy Expert services. This is a combined synopsis/solicitation for commercial items prepared in accordance with the format in FAR 12.6 and supplemented with additional information included in this notice. This announcement constitutes the only solicitation. This procurement is being conducted as a simplified acquisition in accordance with FAR Part 13. The incorporated provisions and clauses are those in effect through the latest Federal Acquisition Circular 2005-09. This solicitation is issued as a Request for Quotation, identified as SSA-RFQ-06-1330. PERIOD OF PERFORMANCE: One twelve (12) month base period with two (2) one-year option periods. CONTRACT TYPE: The Government intends to award approximately two (2), Indefinite Delivery/Indefinite Quantity (IDIQ) labor-hour type contracts (incorporating fixed loaded labor rates). The number of hours to be procured in the base year will be 24 hours. For each option period, the minimum number of hours to be required is 16 and the maximum number of hours to be required is 24. BACKGROUND: In order to process claims for disability, the Social Security Administration (SSA) solicits medical information from doctors and other health care providers. SSA has legal and regulatory requirements to share payment and eligibility information with other federal, state and local agencies. SSA?s records are subject to the rules of confidentiality of the Federal Privacy Act. Many of these records are sensitive in nature. In spite of the safeguards for personal data guaranteed by the Privacy Act and other statutes, public concern for the security of personal data continues. As a result, SSA has developed Internet services as an alternate service delivery channel. Further legal drivers such as the Government Paperwork Elimination Act have made it necessary to offer services electronically as well. Such Internet services magnify the issues of confidentiality and privacy. OBJECTIVE: Development of the internet as an alternate service delivery channel raises challenges regarding how SSA will continue to shape and affect privacy and disclosure policy to ensure that it continues to make sound decisions regarding the Agency?s internal and external electronic business applications that have privacy and disclosure policy implications, and reflects a continued commitment to the public trust SSA holds as unique guardians of highly sensitive and personal information. Several issues must be resolved in order to effectively offer Internet services to the public: 1) Authentication: many of the electronic transactions being developed will allow access to personal information found in SSA records (e.g., access to MBR information in the Check Your Social Security Benefit service). These records are protected by the Privacy Act, which requires written consent for disclosure. SSA must ensure that it has built in effective user authentication to safeguard users from potential harm due to improper disclosure; 2) Program Integrity: other transactions will allow users direct access to SSA records which will result in changes that could redirect payments (e.g., COA service, Direct Deposit service) or post-entitlement reports that could change the amount of payments. Authentication is key in this area as well, as SSA needs to ensure that it controls risk and prevents loss of program dollars or liability for furnishing incorrect data; and 3) Image: SSA has earned the reputation for protecting the confidentiality of the information it collects and for providing efficient, accurate service to the public. As such, it is therefore necessary for SSA to consult with experts in the field of privacy to ensure that it is taking all privacy issues into consideration. STATEMENT OF WORK: The contractor shall have knowledge of Privacy Act rules and regulations and shall be in touch with current privacy matters as well as ideas, movements, and trends so that he/she can help SSA develop its thinking in the following privacy-related areas. These are not all-inclusive: 1) SSA?s Identity Database and our Potential Role as Authenticator: Although SSA collects and retains much unique information that could be used in a general authentication scheme, it is aware of the public?s intolerance to any type of national identity system and has therefore resisted many attempts to use such data in this manner. SSA seeks continuous input from experts as it monitors public reactions in this area; 2) Conversion of Agency Paper Business Processes to Electronic Platforms: While individual applications often share common authentication issues, it has been SSA?s experience that each also raises unique concerns about privacy protections. SSA seeks input from experts about these unique concerns; 3) Data Sharing: In order to streamline the development of program requirements, SSA seeks to establish online data access to information maintained by other federal, state and local agencies. This results in similar requests for access to the information SSA holds. As such, SSA needs to cautiously consider the ramifications of data sharing and seeks input from experts in this area; 4) Employee Privacy: Monitoring of employee use of Internet, voice mail, email, etc. creates implications about systems of records for collection of personal data and public notice of these records. SSA seeks expert opinion of these issues; 5) Medical Privacy: The HIPAA Privacy Regulations established certain privacy standards that impact on the agency?s collaboration with the medical industry towards adjudicating disability applications. Even though SSA is not a covered entity under the privacy regulations, it is obligated to ensure the integrity and privacy of the medical information that is transmitted electronically to it to achieve program goals. SSA seeks expert opinion on this topic as we move forward; 6) Privatization/Personal Savings Accounts: Although SSA does not know at this time what form such a modification would take, it believes that there will be a need to set up a public/private sector partnership for the exchange of financial information in an investment process. SSA seeks expert opinion in the financial privacy community to ensure that it address the new categories of personal information created and how the Privacy Act applies; 7) Consent Based Release to Third Parties: SSA is facing increasing demands by third parties for beneficiaries? personal information from its program records. (Examples: insurance companies, pension plans, etc.). As such, SSA needs to anticipate the political and business pressure that may surface as this type of demand increases, and seeks expert opinion to assist in developing the best strategies; and 8) Collection, Maintenance and Use of Biometric Identifying Information: Some individuals believe that the only sure method of authentication is based on biometric identifiers such as fingerprints or retinal imaging. If SSA were to undertake this type of data collection and storage, it would need to address all the issues inherent in this process. SSA seeks expert opinion about this subject area. All of the issues above challenge SSA to anticipate how and where the public?s privacy concerns will develop in the next few years so that it can position itself to respond to the American public in an acceptable manner. Specifically, the contractor shall provide advice and consultation on an as needed basis. SSA will initiate contact when issues need to be considered. Most of this contact will be in the form of a conference call, with some face-to-face meetings. Background material will be sent out in advance to allow preparation for the discussion. The contractor will provide its thoughts and guidance based on this material during the conference call or meeting. The frequency of these discussions cannot be fully predicted at this time, as it depends on what issues surface as we develop Internet services. However, it is expected that conference calls or meetings would be held no more than once per quarter and only when a specific set of concerns need to be addressed. The contractor will be notified prior to the conference call or meeting if a written record of the discussion is needed. Occasionally, SSA may send a document to the contractor requesting a written opinion. SSA will explain the issues involved and provide a due date for the response. The contractor will review the areas of concern outlined in the document and prepare a written analysis. If the contractor thinks there are additional items to be addressed beyond what is included in this document, the contractor shall submit them to the Project Officer for pre-approval. TERMS AND CONDITIONS: The clauses at FAR 52.212-4 Contract Terms and Conditions --Commercial Items and FAR 52.212-5 Contract Terms and Conditions Required to Implement Statutes or Executive Orders?Commercial Items are incorporated by reference. FAR 52.212-5 applies as follows: (a); (b)(14), (15), (16), (17), (18), (19), (20), (26), and (31). The following clauses are also incorporated by reference: FAR 52.217-9 Option to Extend the Term of the Contract (a) 30 days; 30 days, (b), and (c) 3 years. ; FAR 52.216-18, Ordering; 52.216-19, Order Limitations (a) 16 hours, (b)(1) 24 hours, (b)(2) 24 hours, (b)(3) one year; (c); and (d) 7 days; and FAR 52.216-22, Indefinite Quantity. INSTRUCTIONS FOR SUBMITTING OFFERS: The offeror shall include a completed copy of the provision at 52.212-3, Offeror Representations and Certifications ? Commercial Items with its offer. The provision at FAR 52.212-1, Instructions to Offerors ? Commercial Items is incorporated by reference. Special attention is directed to the following paragraphs: (b)(4) a technical approach is not required; however, the offeror should include all relevant information in accordance with the Evaluation Criteria below; (b)(6) pricing should include loaded hourly labor rates, which include such items as overhead, fringe benefits, general and administration (G&A), or any other elements of cost. The offeror should NOT budget for travel as a $2,000 ceiling amount will be included in the base period and each option period at the time of award; (b)(10) All information required by this paragraph shall be submitted. Experience and Past performance information should be limited to current projects and/or projects completed within the past 3 years; (b)(11) All information required by this paragraph MUST be submitted; paragraphs (e), (h), and( i) do not apply. Offers must be received no later than 3:00pm EST, July 6, 2006 in an electronic format addressed to Erica Day at Erica.day@ssa.gov. The electronic document must be in Microsoft Word and/or current Adobe Reader (pdf file) only. The offeror?s submission shall not exceed 25 single-spaced pages (pages in excess of 25 will not be considered). The offeror should submit its proposal in 3 parts -- Part I: Pricing Page, Representations and Certifications, Experience, and Past Performance documentation; Part II: Response to mandatory evaluation criteria; and Part III: Response to non-mandatory evaluation criteria. NOTE: Offerors should pay close attention to the mandatory criteria. Failure to address and include all required information may result in the offer being rejected without further consideration. EVALUATION CRITERIA AND AWARD: Although evaluation factors are of paramount consideration, price is also important to the overall award decision. All evaluation factors when combined are more important than cost or price. The award decision will be based on best value to the Government. The Government reserves the right to make award without discussions. MANDATORY CRITERIA ? (Offerors failing to demonstrate ALL mandatory criteria will not be considered). The mandatory criteria apply to every individual named in the offeror?s proposal. Demonstrated recognition as an expert, renowned by others in the privacy field, as shown by: (a) Providing testimony to Congressional committees or presentations to high level decision-making or policy-determining bodies; (b) Serving on or consulting with governmental committees and/or task forces developing privacy policies and related topics; (c) Publication on topics concerning privacy, disclosure and authentication in respected journals (such as law reviews, scientific journals, public policy journals, etc.); and (d) Speaker at symposia studying privacy issues for policy recommendation to governmental bodies. NOTE: The offeror must provide proof of these factors in the form of copies of such testimony or publications within the last 3 years; proof of appointment to government committee or task force; proof of prior appointment as consultant to a Federal agency. NON-MANDATORY CRITERIA ? (Only after ALL the mandatory requirements above have been met will the offer will be further evaluated on the following criteria). The offeror must show proof of: (a) Knowledge of Federal laws and regulations concerning privacy, systems security, management of information technology, including the Privacy Act, the Paperwork Reduction Act, the Government Paperwork Elimination Act, the Computer Security Act, and OMB Circular A-130; (b) Knowledge of SSA?s systems? security practices for Internet customer services accessible via socialsecurity.gov; (c) Knowledge of electronic user authentication methods, including digital signatures, digitized signatures, biometrics, smart cards, public key infrastructure, PINs and passwords, etc.; (d) Knowledge of and affiliation with leading organizations, educational institutions and,or councils engaged in legal and policy discussions and proceedings on the topic of privacy rights and responsibilities; (e) Being quoted in major newspapers and journals, such as The Washington Post, NY Times, Wall Street Journal; and (f) Author of book on topic of privacy and/or authentication. The offeror will be evaluated on its demonstrated experience (above) and past performance (how well relevant experience was performed). For evaluating past performance, the Government is not limited to the references listed by the offeror ? the Government reserves the right to contact any relevant references for past performance information using public and private resources. The Government is not required to make more than two attempts to contact any given reference.
 
Record
SN01075003-W 20060623/060621221442 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)

FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.