Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF SEPTEMBER 20, 2013 FBO #4318
DOCUMENT

R -- Insurance Verification (reverify) - Attachment

Notice Date
9/18/2013
 
Notice Type
Attachment
 
NAICS
524298 — All Other Insurance Related Activities
 
Contracting Office
Department of Veterans Affairs;Health Administration Center;3773 Cherry Creek Drive North, Suite 875;Denver CO 80209
 
ZIP Code
80209
 
Solicitation Number
VA74113I0096
 
Response Due
9/27/2013
 
Archive Date
11/26/2013
 
Point of Contact
Diane Chinea
 
E-Mail Address
chinea@va.gov<br
 
Small Business Set-Aside
N/A
 
Description
Introduction: THIS IS NOT A SOLICITATION. This is a Request for Information (RFI)/Sources Sought notice issued in accordance with FAR 15.201(e) to conduct market research. This RFI is issued solely for information and planning purposes - it does not constitute a Request for Proposal (RFP) or a promise to issue a RFP in the future. This request for information does not commit the Government to contract for any supply or service whatsoever. The Department of Veterans Affairs (VA) is not, at this time, seeking proposals and will not accept unsolicited proposals. Responders are advised that the U.S. Government will not pay for any information or administrative costs incurred in response to this RFI; all costs associated with responding to this RFI will be solely at the interested vendor's expense. Not responding to this RFI does not preclude participation in any future RFP, if any is issued. Any information submitted by respondents to this RFI is strictly voluntary. All submissions become Government property and will not be returned. This announcement is based upon the best information available and is subject to future modification. Overview: VA is performing market research for a potential requirement for Insurance Verification services in order to improve collections through verification of Veterans' third party insurance. Attachment 1.Attached are copies of the draft Performance Work Statement (PWS) detailing the scope and requirements for the Insurance Verification a.Performance Work Statement (PWS) entitled, "Verify Insur PWS (1)," (Verify Insur PWS (1).docx) SPECIFIC RESPONSE INSTRUCTIONS: Please submit your RFI response to in accordance with the following: 1) No more than 15 pages (excluding transmittal page). Include the name, email address and phone number of the appropriate representative of your company; 2) Address each of the 7 sections described above; 3) Submit your response via email to Diane.Chinea@va.gov ; 4) Submit your response by 2:00 P.M. MST on September 27, 2013; 5) Mark your response as "Proprietary Information" if the information is considered business sensitive. 6) NO MARKETING MATERIALS ARE ALLOWED AS A PART OF THIS RFI. The Government will not review any other information or attachments included, that are in excess of the 15 page limitation. Information Requested from Industry: In response to the RFI, interested contractors shall submit the following information: 1.Company Information/Socio-Economic Status - a.Provide the company size, the CAGE code, and the POC information (name, email address, telephone, and fax numbers). b.VA has identified the appropriate North American Industry Classification System (NAICS) code of 524291, 524292, 524298, "Other Insurance Related Activities" which has a size standard of $7.0 million for this RFI. Please identify and explain any other NAICS code your company believes would better represent the predominate work included in the attached PWS. c.Indicate whether your company, subcontractors, teaming partners, joint ventures have a Federal Socio-Economic status, e.g., Small Business, Service-Disabled Veteran Owned Small Business, Veteran Owned Small Business, Woman-Owned Small Business, Disadvantaged Small Business, and Hub Zone. If Service-Disabled or Veteran Owned Small Business, is your company and/or partners registered in VA's VetBiz repository? 2.Background/Past Experience - Provide the following information on a maximum of three third party Insurance Verification projects in a healthcare environment completed within the last three years for which the responder was a prime or subcontractor. a.The name, address, and value of each project b.The Prime Contract Type, Firm Fixed-Price, Cost Reimbursement or Time and Material c.The name, telephone and address of the owner of each project d.A description of each project, including difficulties and successes e.Your company's role and services provided for each project. 3.Capabilities/Qualifications - Overview of proposed solution(s). Include a description of the capabilities/qualifications/skills your company possesses for each of the below statements: a.Assessment of capabilities to perform all the requirements noted in the draft PWS. b.Assessment of the types of changes required to accomplish the goals. c.Approach to be utilized to develop necessary changes to the systems to meet the organizational goals. d.Draft schedule to complete necessary changes. e.Potential contractors must meet all the VA Information Technology and security requirements that will be involved in their process; to include secure connectivity to the VA network and privacy protection requirements. Please describe how you will achieve this requirement. 4.Teaming Arrangements - Description of Teaming Partners, Joint Ventures that your company would consider to perform the work. 5.Price information - Provide your commercial price history and rough order of magnitude for the same or similar products/solutions. 6.Other Market Information - Provide any other relative information, however this information must be included within the 15 page limitation. 7.Other Federal Experience - Identify the federal contract vehicles to which you are party. ? PERFORMANCE WORK STATEMENT Insurance Verification 1.0Title of Project: Chief Business Office (CBO) Consolidated Patient Account Center (CPAC) - Insurance Verification (IV) 2.0Background: The Department of Veterans Affairs (VA) has historically relied on contract services in an effort to improve collections through identification and verification of veterans' third party insurance. In procuring those services, VA has been free to seek required services from any number of capable vendors. The VA's Consolidated Patient Account Centers (CPACs) are responsible for billing to and collecting from insurance companies for medical treatment provided to veterans for non-service connected conditions. There are seven (7) regional CPACs located as follows: Asheville NC - Mid-Atlantic CPAC (MACPAC) Murfreesboro, TN - Mid-South CPAC (MSCPAC) Orlando, FL - Florida Caribbean CPAC (FCCPAC) Madison, WI - North Central CPAC (NCCPAC) Lebanon, PA - North East CPAC (NECPAC) Leavenworth, KS - Central Plains CPAC (CPCPAC) Las Vegas, NV - West CPAC (WCPAC) Public Law 99-272 gave VA authority to seek reimbursement from third party health insurers for the cost of medical care furnished to an insured non-service connected (NSC) veteran. Public Law 101-508 expanded VA's recovery program by providing authority to seek reimbursement from third party payers for the cost of medical care provided to insured service-connected veterans treated for their NSC conditions. 3.0Purpose of Project: The primary purpose of this Statement of Work (SOW) is to accomplish the following Insurance Verification objectives: "Establish off-site health insurance identification support with the purpose to: oVerify billable health insurance for veterans that have health insurance information on file that requires verification prior to entry in the buffer file and verify spouse insurance coverage and proper Coordination of Benefits relating to veterans coverage oProvide buffer file management and cleanup any backlog of insurance policies that require verification currently in the buffer file, and oUpdate the VISTA database with the information confirmed and/or new information obtained. "Establish and maintain a productive cost-effective IV system that: oIncorporates industry standard performance metrics that monitor the accuracy and timeliness of the system; oEstablishes a reporting mechanism that measures return on investment that is in line with negotiated performance metrics oAllows VISNs/VAMCs to meet and/or exceed their MCCF goals by optimizing third party reimbursements, in part through aggressive, accurate and timely Insurance Verification 4.0Type of Contract: The CBO intends to Indefinite Delivery, Indefinite Quantity (IDIQ) against existing GSA schedule(s), to a qualified firm(s) with the capability and capacity to provide the services listed herein. 5.0 Project Performance Period: The IDIQ period of performance shall be date of award for one year base period with four one year option periods from the date of award or expiration of the GSA Schedule contract, whichever occurs first. 6.0 Scope of Work: This IDIQ will be for Insurance Verification services for the CPACs which includes all VISNs. 7.0 Key Assumptions: "All information gathered will be entered into the Veterans Information System Technology Architecture (VISTA) system by the Contractor electronically. Accounts for which new insurance information has been identified will be presented via the "buffer file" which would be made available and accessed by the Contractor in the VISTA system. This file will be used as the main delivery system available for the Contractor to present identified and verified insurance information. Those accounts not containing valid, billable insurance information will be completed as defined by the VISTA system. "At minimum, the data fields required for insurance verification are listed in Appendage 1 "Expectations regarding approximate volume of claims will be addressed by the CPAC issuing the task order against the IDIQ. The dollar amount of the contract may be increased/decreased depending on the needs of the CPAC following coordination with the Contracting Officer. There is no guaranteed minimum or maximum amount of work. "There is no employer-employee relationship between the VA and the Contractor's employee(s). "Information and guidelines on insurance identification and verification within the Veterans Health Administration (VHA) may be found at http://www1.va.gov/CBO/revguide.asp "The VA is not authorized to bill Medicare or Medicaid and verification is therefore excluded from this PWS. "Contractor agrees that all deliverables, associated working papers, and other material deemed relevant by the Contractor in the performance of these tasks are the property of the United States Government. ""Business Day" is defined as Monday through Friday, excluding standard Federal Holidays and any other day specifically declared to be a national holiday. "All scheduled contacts between the Contractor and CPAC staff shall occur during regular CPAC hours of operation. 8.0 General Requirements: "All written deliverables shall be phrased in layperson language. Statistical and other technical terminology shall not be used without providing a glossary of terms. "For every task, the Contractor shall identify in writing all necessary subtasks (if any), associated costs by task with associated sub-milestone dates. The Contractor's subtask structure shall be reflected in the technical proposal. "Where a written milestone deliverable is required in draft form, the CPAC will complete the review of the draft deliverable within 10 calendar days from date of receipt. The Contractor shall have 5 calendar days to deliver the final deliverable from date of receipt of the government's comments. "The COR and/or designated representative will review and accept deliverables. Deliverables found to be unacceptable or not meeting the intent of the task within the review period shall be redone by the Contractor and considered to be within scope of this order. "The Contractor shall be required to follow the Veterans Affairs Office of Information and Technology's (OI&T) policies and procedures, which will be made available at the Contractor's request on award. The OI&T policies and procedures are in conjunction with others as may be identified in other paragraphs of this SOW. "The Contractor shall operate within Federal law and within VHA directives and guidelines for this contract. "Regarding Contractor staff, the Contractor shall be responsible for having trained staff at the Contractor's expense for insurance identification and verification in place at the time the task order is awarded. The Contract staff must be trained in all aspects of Insurance Verification requested under the contract including buffer file management. "The Contractor shall be responsible for correcting any errors made by their employees at no charge to the VA. "The Contractor shall have forty-five (45) days from the date of task order(s) award to have all sites operational (Contractor has all components of their insurance verification process in place to begin verifying insurance including having all employees screened, trained and with necessary access). "The Contractor shall provide Insurance Verification within VA established timeframes. "The Contractor shall provide a remote and secure business office solution for Insurance Verification. "The Contractor shall provide a mechanism to ensure timely and meaningful communications with appropriate CPAC COR at a frequency identified in the individual task order(s). The communication methodology shall be tailored to the CPAC's needs. "The Contractor shall establish Insurance verification priorities with the CPAC COTR designated on the task order. "Patient Confidentiality (HIPAA compliance) and overall data security are vitally important and will be maintained at all times. All Contractor personnel shall be required to observe the requirements imposed on sensitive data by law, Federal regulations, and VA policies and procedures. The Contractor shall be responsible for his/her employees (including subcontractors) in release of confidential/proprietary information and the divulgence to authorized recipients designed by the VAMCs and VISNs. "The Contractor must treat all individually identifiable health records with the strictest confidentiality. Access to records must be limited to essential personnel only. Records, to include any sensitive information that may be used in verifying polices, must be secured when not in use. "Contractor staff shall sign and follow confidentiality statements as required. "The Contractor shall comply with the Privacy Act, 38 USC 5701 and 38 USC 7332. Any information the Contractor may obtain on personnel and/or patient data as a result of performance of this contract will not at any time be disclosed to third parties or used for the Contractor's own purpose except to the extent allowed by the Privacy Act. "Contractor personnel who obtain access to hardware or media which may manipulate or store drug or alcohol abuse data, sickle cell anemia treatment records, records or tests or treatment for or infection with HIV, medical quality assurance records, or any other sensitive information is protected under 38 U.S.C. 4132 or 3305 as defined by the Department of Veterans Affairs, shall not have access to the records unless absolutely necessary to perform their contractual duties. Any individual who has access to this data will disclose them to no one, including other employees of the Contractor not involved in the performance of the particular contractual duty for which access was obtained. Violation of these statutory provisions, as stated in department regulations by the Contractor's employees may involve imposition of criminal penalties. "The Contractor shall report all VA security incidents will to the local facility VA Information Security Officer (ISO) as soon as the incident is discovered. The information submitted to the ISO will be the current date, the date the incident was observed, name of person filing the incident, organization, phone number of the person filing the report including e-mail address, affected system name and preliminary actions taken. The Contractor will meet the facility ISO before work in order to reinforce security responsibilities of their positions in the overall security program at the facility. Compliance with VA Directive 6504, Restrictions on Transmission, Transportation and Use Of, and Access To, VA Data Outside VA Facilities, issues June 7, 2006 is mandatory. "Contractor shall ensure that no fraud will be committed on work performed by the Contractor. The Contractor's claims expediting and collection activities must be legal, ethical and in compliance with applicable legislation regulating debt collection practices. "The Workforce Investment Act of 1998, Public Law 105-220 was enacted on August 7, 1998. Title IV of the Act is the Rehabilitation Act Amendments of 1998. Subsection 408 (b) amended Section 508 of the Rehabilitation Act of 1973. Section 508 requires Federal departments or agencies to develop, procure, maintain, or use Electronic and Information Technology (EIT). Agencies must ensure that the EIT allows Federal employees with disabilities to have access to and use of information and data that is comparable to the access and use of information and data to that of other Federal employees. Section 508 also requires that individuals with disabilities, who are members of the public seeking information or services from a Federal department or agency, access to and use of information and data that is comparable to that information and data that is available to the public not having the disabilities. "VA bills health insurance carriers for treatment of veterans' non-service connected conditions. The Contractor shall refer any questions regarding a veteran's service connected status to the appropriate CPAC. "Any updated patient demographic information obtained during the IV activities, must be furnished to the appropriate VISN/VAMC designee on a daily basis. "Section 508 Compliance: In December 2000, the Architectural and Transportation Barriers Compliance Board (Access Board), pursuant to Section 508(2) (A) of the Rehabilitation Act Amendments of 1998, established Information Technology accessibility standards for the Federal Government. Section 508(a)(1) requires that when Federal departments or agencies develop, procure, maintain, or use Electronic and Information Technology (EIT), they shall ensure that the EIT allows individuals with disabilities who are Federal employees to have access to and use of information and data that is comparable to the access to and use of the information and data by Federal employees who are not individuals with disabilities; and individuals with disabilities who are members of the public seeking information or services from a Federal department or agency to have access to and use of information and data that is comparable to the access to and use of the information and data by such members of the public who are not individuals with disabilities. Specific technical standards the Contractor must comply with are o1194.21, Software Applications and Operating Systems o1194.22, Web Based Intranet and Internet Information and Applications o1194.23 Telecommunication Products o1194.24 Video and Multimedia Products o1194.25 Self Contained Closed products o1194.26 Desktop and Portable Computers o1194.31 Functional Performance Criteria o1194.41 Information, Documentation and Support In order to validate conformance to the above standards the responsible requiring/procurement official must complete the VA's Section 508 Determination and Findings Document, see document at: http://www1.va.gov/oamm/rlib/best_practices.cfm. VA's Section 508 Program Office has developed a Conformance Validation Statement (CVS). The CVS must be completed by the responsible requiring/procurement official as part of their market research to validate the conformance of the E&IT project. (See Section 10 in the Section 508 Determination and Findings Document). If at any time the responsible requiring/procurement official finds that an exception may apply, they must complete the Section 508 EIT Exceptions Certification Document, see document at: http://www1.va.gov/oamm/rlib/best_practices.cfm, which must get a signed approval from the VA Section 508 Coordinator. Once the E&IT is determined to meet all applicable Section 508 standards, the E&IT is validated by the VA's Section 508 Program Office in the Department's Section 508 Testing and Training Center using the information provided by the CVS. If in the case the VA decides to purchase an application, product or service that cannot be validated for Section 508 prior to purchase, the Vendor agrees to accept all costs for ensuring conformance working with the VA Section 508 Program Office. For future releases or upgrades all steps using the CVS are required and upon validation a signed approval will be given to the VA POC from the VA Section 508 Coordinator. Section 508 text is available at: ohttp://www.va.gov/accessible ohttp://www.access-board.gov ohttp://www.opm.gov/HTML/508-textOfLaw.htm ohttp://www.section508.gov/index.cfm?FuseAction=Content&ID=14 ohttp://www1.va.gov/oamm/rlib/best_practices.cfm VA Directive and Handbook 6221, Accessible Electronic and Information Technology is posted at: http://www.va.gov/oit/ea/section508/policy.asp or vawww1.va.gov/vapubs. 9.0Description Of Tasks And Associated Deliverables: Task 1: The Contractor shall provide Insurance Verification services as follows: "Verify billable health insurance coverage for veterans who are provided care and treatment through the VA that currently have insurance information on file. "Cleanup any backlog of insurance policies that require verification currently in the buffer file; and "Update the VISTA database with the information confirmed and/or new information obtained. "The Contractor(s) must demonstrate the ability to compare verify veteran information against large databases of health information. Contractor(s) may contact insurance carriers directly. No direct patient contact is to occur. "Billable health insurance consists of all applicable non-Medicare coverage that the VA reasonably expects to receive reimbursement from. "The Contractor shall provide a methodology to extract data from and transfer data to the appropriate CPAC VAMC facility that is fully compliant with all applicable VA and VHA guidelines. "All verified health insurance information will be returned to the CPAC assigned VAMC's in a format that can uploaded into the VISTA "buffer file" patient insurance files. Deliverable 1a All deliverables (verified billable insurance policies) shall be forwarded to the VAMC for approval/acceptance. Deliverable 1b Monthly, the Contractor shall provide a summary to the IDIQ COR (Attachment B). This report covers only workload referred to the vendor based on a contractual agreement through the IDIQ. The Contractor may propose modifications to the reporting requirements to the COR. 10.0Deliverables: If for any reason a deliverable cannot be met within the scheduled time frame or adherence to the established schedules cannot be met, the Contractor is required to explain why, in writing, to the local Contracting Officer for the task order, and include a firm commitment of when the work shall be completed. This notice to the Contracting Officer shall specify the following: Reasons for the delay Modified delivery date Impact on the overall project A revised project plan with all adjusted dates The Contracting Officer will then review the facts and issue a response in accordance with applicable regulations. 11.0Reporting Requirements The Contractor shall include in their submission proposed monthly reports that will be provided by the Contractor to the VISN/VAMC contact person(s) that monitor performance on the task order. "Individual CPAC CORs may also require additional information that is specific to their facilities. This shall be addressed in the individual CPAC Task Order. "Monthly, the Contractor shall provide the following summary to the IDIQ COTR that includes CPAC, VAMC station number, amount of task order, date of task order, period of performance, and name of Task Order Contracting Officer and Task Order COR, along with the Contractor's report on the quality checks. This report covers only cases referred to the vendor based on a contractual agreement through the IDIQ. The Contractor may propose additional reporting to the IDIQ COR. However, the Contractor's proposed reports shall at minimum accomplish the following: oConstantly monitor process for required changes and feedback results oIdentify and report IV inconsistencies and irregularities that impact ongoing deliverables 12.0Performance Standards: TaskIDIndicatorStandardAcceptable Quality LevelPrimary Method of SurveillanceIncentive Insurance Verification of billable health insurance coverage for veterans who are provided care and treatment through the VA and have health insurance information on file.1Data fields for are completed for each policy verified.Data fields are completed for each policy verified at the time the insurance policy verification is provided back to the VA according to VHA Directive 2003-055. 95%Observation and random inspection (auditing).Exercise of Option Period and favorable past performance review. 2Verified insurance information is uploaded to VISTAVerified insurance information will be uploaded to VISTA according to the cycle specified on the Task Order 100%Observation and random inspection (auditing).Exercise of Option Period and favorable past performance review. 3*Policy: Accuracy and timeliness of insurance information provided Policy information: Information supplied to VA will be current, accurate and verified prior to importing to the VA database. 98%Observation and random inspection (auditing). Exercise of Option Period and favorable past performance review. 4Completed Reports Agreed upon reports will be complete, accurate and delivered to VA on agreed upon schedule. If issues are presenting that hinder satisfactory performance of this metric, vendor shall notify VA within 2 business days to request an extension. 98%Observation and random inspection (auditing). Exercise of Option Period and favorable past performance review. 5Workload requirements specified on the Task order are metVendor consistently meets agreed upon workload requirements specified in individual task orders 98% of the time. 98%Observation and random inspection (auditing). Exercise of Option Period and favorable past performance review. 6*Work is performed without any loss of data Vendor manages workload without loss of data 100%Observation and random inspection (auditing). Exercise of Option Period and favorable past performance review. 7Invoices accurately reflect the work performedInvoices accurately reflect the work performed and correction if any are made within ___ business days upon notification by the COR.95%Observation and random inspection (auditing). Exercise of Option Period and favorable past performance review. 8Background investigations and Training requirements are currentStatus of background investigations and completion of training requirements are provided monthly to the IDIQ COR and Task Order CORs95% Observation and random inspection (auditing). Exercise of Option Period and favorable past performance review. *Indicates highest priority elements 13.0 Government Responsibilities: If applicable, the Government will provide workspace, computers and telephone service when Contractor personnel are working on-site. The Contractor shall maintain a financial inventory accounting system for Government Furnished Equipment, Government Furnished Software, and other Government Furnished Tools, and provide the COR and Task Manager with information necessary to manage this task. At a minimum, the inventory shall track: serial number, quantity, location(s), government description, custodian, date of receipt and expected date of return. 14.0Property Rights: The Contractor shall not divulge or disclose information received and discussed regarding data considered proprietary to other contractors collaborating on or with this effort. Contractor staff will be required to complete mandated VA privacy and security training. The Contractor may be required to negotiate agreements with commercial system vendors relating to non-disclosure of vendor-proprietary information. If the Contractor uses copyright or otherwise licensed software in any deliverable under this order, the Contractor must secure unlimited use rights for the Government. In addition, the Contractor is required to pass all software licenses on to the Government within 30 days after completion of the tasks. The Contractor shall limit access to the minimum number of employees necessary for order performance for all information considered sensitive or proprietary in nature. If the Contractor is uncertain of the sensitivity of any information obtained during the order then the Contractor has a responsibility to ask the Government representative. The Contractor shall indoctrinate all personnel employed by the Contractor and any subcontractors involved in this order on their roles and responsibilities for proper handling and nondisclosure of sensitive government or proprietary information. Contractor personnel shall not engage in any other action, venture or employment wherein sensitive information shall be used for the profit of any party other than those furnishing the information. 15.0Travel: Travel is not anticipated for this effort. 16.0Contract Award Meeting: The Contractor shall not commence performance on the tasks in this PWS until the Contracting Officer has conducted a kick off meeting or, has advised the Contractor that a kick off meeting is waived. 17.0 Changes to the Performance Work Statement: Any changes to this PWS shall be authorized and approved only through written correspondence from the Contracting Officer. A copy of each change will be kept in a project folder along with all other products of the project. Costs incurred by the Contractor, through the actions of parties other than the Contracting Officer, shall be borne by the Contractor. 18.0Security and Privacy: "Information and Records 1.1.1 All information and records provided to Contractor by VA, in whatever medium, as well as all information and documents, including drafts, emails, back-up copies, hand-written notes and copies that contain such information and records gathered or createdby Contractor (collectively referred to as "VA information") in the performance of this contract, regardless of storage media, are the exclusive property of VA. Contractor does not retain any property interest in these materials and will not use them for any purpose other than performance of this contract. 1.1.2 Upon completion or termination of the contract, Contractor will either provide all copies of all VA information to VA or certify that it has destroyed all copies of all VA information as required by VA in a method specified by VA, at VA's option. The Contractor will not retain any copies of VA information. Where immediate return or destruction of the information is not practicable, Contractor will return or destroy the information within 30 days of completion or termination of the contract. All provisions of this contract concerning the security and protection of the VA information that is the subject of this contract will continue to apply to the VA information for as long as the Contractor retains it, regardless of whether the contract has been completed or terminated. 1.1.3 Prior to termination or completion of this contract, Contractor will not destroy VA information received from VA or gathered or created by Contractor in the course of performing this contract without prior written approval by VA. 1.1.4 Contractor will receive, gather, store, backup, maintain, use, disclose and dispose of VA information only in accordance with the terms of this contract and applicable federal and VA information confidentiality and security laws, regulations and policies. 1.1.5 The Contractor shall not make copies of VA information except as necessary to perform this agreement or to preserve electronic information stored on Contractor electronic storage media for restoration in case any electronic equipment or data used by the Contractor needs to be restored to an operating state. 1.1.6 Contractor shall provide access to VA information only to employees, subcontractors, and affiliates only: (1) to the extent necessary to perform the services specified in this Contract, (2) to perform necessary maintenance functions for electronic storage or transmission media necessary for performance of this contract, and (3) only to individuals who first satisfy the same conditions, requirements and restrictions that comparable VA employees must meet in order to have access to the same VA information. These restrictions include the same level of background investigations, where applicable. 1.1.7 Contractor will store, transport or transmit VA information only in an encrypted form, using an encryption application that meets the requirements of FIPS 140-2, and is approved for use by VA. 1.1.8 Except for uses and disclosures of VA information authorized by this contract for performance of the contract, the contractor may use and disclose VA information only in two other situations: (i) in response to an order of a court of competent jurisdiction, or (ii) with VA's prior written authorization. The contractor will refer all requests for, demands for production of, or inquiries about, VA information to VA for response. 1.1.9 If VA information subject to the contract includes information protected by 38 USC 7332, or 5705, include the following after the last sentence of the paragraph immediately above: Contractor shall not release information protected by either 38 USC 5705 or 7332 in response to a court order, and shall immediately refer such court orders to VA for response. 1.1.10 Prior to any disclosure pursuant to a court order, the Contractor shall promptly notify VA of the court order upon its receipt by the Contractor, provide VA with a copy by fax or email, whichever is faster, and notify by telephone the VA individual designated in advance to receive such notices. If the Contractor cannot notify VA before being compelled to produce the information under court order, the Contractor will notify VA of the disclosure as soon as practical and provide a copy of the court order, including a copy of the court order, a description of the records provided pursuant to the court order, and to whom the Contractor provided the records under the court order. The notice will include the following information to the extent that the Contractor knows it, if it does not show on the face of the court order: the records disclosed pursuant to the order, to whom, where, when, and for what purpose, and any other information that the Contractor reasonably believes is relevant to the disclosure. If VA determines that it is appropriate to seek retrieval of information released pursuant to a court order before Contractor notified VA of the court order, Contractor will assist VA in attempting to retrieve the VA information involved. 1.1.11 The Contractor will inform VA, by the most expeditious method available to Contractor, of any incident of suspected or actual access to, or disclosure, disposition, alteration or destruction of, VA information not authorized under this Contract ("incident") within one hour of learning of the incident. An incident includes the transmission, storage or access of VA information by Contractor or subcontractor employees in violation of applicable VA confidentiality and security requirements. To the extent known by the Contractor, the Contractor's notice to VA will identify the information involved, the circumstances surrounding the incident (including to whom, how, when, and where the VA information was placed at risk or compromised), and any other information that the contractor considers relevant. 1.1.12 Contractor will simultaneously report the incident to the appropriate law enforcement entity(ies) of jurisdiction. The Contractor, its employees, and its subcontractors and their employees will cooperate with VA and any law enforcement authority responsible for the investigation and prosecution of any possible criminal law violation(s) associated with any incident. The Contractor also will cooperate with VA in any civil litigation to recover VA information, to obtain monetary or other compensation from a third party for damages arising from any incident, or to obtain injunctive relief against any third party arising from, or related to, the incident. 1.1.13 In addition to notifying the COTR on this BPA, VA will provide the Contractor with the name, title, telephone number, fax number and email address of the VA official to whom the Contractor will provide all notices required by this Contract. This shall be indicated on the specific task orders. 1.1.14 VA has the right during normal business hours to inspect the Contractor's facility, information technology systems and storage and transmission equipment, and software utilized to perform the contract to ensure that the Contractor is providing for the security of VA data and computer systems in accordance with the terms of this Contract. 1.1.15 Contractor will receive, gather, store, backup, maintain, use, disclose and dispose of VA information only in compliance with all applicable Federal Information Processing Standards (FIPS) and Special Publications (SPs) issued by the National Institute of Standards and Technology (NIST) concerning VA information that is the subject of this contract. If NIST issues or updates an applicable FIPS or SP after execution of this contract, the parties agree to negotiate in good faith to implement the FIPS or SP in this contract. 1.1.16 The Contractor will provide appropriate administrative, technical, and physical safeguards to ensure the confidentiality and security of the Owner's data and to prevent unauthorized use or access to it. VA sensitive information must not be transmitted by remote access unless VA-approved protection mechanisms are used. All encryption modules used to protect VA data must be validated by NIST to meet the currently applicable version of Federal Information Processing Standards (FIPS) 140 (See http://csrc.nist.gov/cryptval/140-1/1401val.htm for a complete list of validated cryptographic modules). Only approved encryption solutions using validated modules may be used when protecting data during transmission. Additional security controls are required to guard VA sensitive information stored on computers used outside VA facilities. All VA data must be stored in an encrypted partition on the hard drive and must be encrypted with FIPS 140 validated software. The application must be capable of key recovery and a copy of the encryption key(s) must be stored in multiple secure locations. Further, the Contractor agrees that the data must not be physically moved or transmitted in any way from the site without first being encrypted and obtaining prior written approval from the VA data owner. 1.1.17 A determination by VA that the Contractor has violated any of the information confidentiality and security provisions of this contract, including a violation of any applicable FIPS or SP, shall be a basis for VA to terminate the contract for cause. 1.1.18 If anyone performing this contract, including employees of subcontractors, accesses VA computer systems or data in the performance of the contract, VA may monitor and record all such access activity. If VA monitoring reveals any information of suspected or potential criminal law violations, VA will refer the matter to the appropriate law enforcement authorities for investigation. 1.1.19 Contractor shall inform its employees and other individuals performing any part of this contract that VA may monitor their actions in accessing or attempting to access VA computer systems and the possible consequences to them for improper access, whether successful or not. The Contractor shall ensure that any subcontractors or others acting on behalf of or for the Contractor in performing any part of this contract inform their employees, associates or others acting on their behalf that VA may monitor their access activities. Execution of this contract and any subcontract or agreement constitutes consent to VA monitoring. 1.1.20 The Contractor will ensure that all individuals who will access VA data or systems in performing the contract are appropriately trained in the applicable VA confidentiality and security requirements. Contractor may do this by requiring and documenting that these individuals have completed the VA training for its employees. Contractor shall contact the Associate COTR on the individual Task Order regarding access to the required VA training. 1.1.21 To the extent practicable, Contractor shall mitigate any harmful effect on individuals whose VA information was accessed or disclosed in an incident. 1.1.22 Contractor shall require subcontractors, agents, affiliates or others to whom Contractor provides access to VA information for the performance of this contract to agree to the same VA information confidentiality and security restrictions and conditions that apply to the Contractor before providing access. "Protection of Individual Privacy 1.2.1 The contractor shall abide by FAR clauses 52.224-1 and 224.2. The VA records that are the subject of this contract are contained in VA Privacy Act system of records Program Evaluation Research Data Records #107VA008B. 1.2.2 The contractor shall abide by FAR clauses 52.239-1 and 24.101-104 for Privacy or Security Safeguards. 1.2.3 The contractor shall not publish or disclose in any manner, without the Contracting Officer's written consent, the details of any safeguards either designed or developed by the contractor under this contract or otherwise provided by the government. 1.2.4 To the extent required to carry out a program of inspection to safeguard against threats and hazards to the security, integrity, and confidentiality of Government data, the contractor shall afford the Government access to the contractor's facilities, installations, technical capabilities, operations, documentation, records, and databases. 1.2.5 If new or unanticipated threats or hazards are discovered by either the Government or the contractor, or if existing safeguards have ceased to function, the discoverer shall immediately bring the situation to the attention of the other party 1.2.6 The contractor shall utilize only employees, subcontractors or agents who are physically located within a jurisdiction subject to the laws of the United States. The contractor will ensure that it does not use or disclose PHI received from Covered Entity in any way that will remove the PHI from such jurisdiction. The contractor will ensure that its employees, subcontractors and agents do not use or disclose PHI received from Covered Entity in any way that will remove the PHI from such jurisdiction. 1.2.7 If the work of the contractor is deemed to meet the definition of research from the HHS Office of Human Research Protections (OHRP) as well as the Common Rule (38 CFR 16), then the contractor as well as any subcontractors or collaborating institutions must be covered under Federal Wide Assurances (FWA) or other assurances acceptable to the VA, and the research protocol must be reviewed and approved by the contractor's Institutional Review Board (IRB) of record as well as by IRBs of the collaborating institutions. Subcontractors engaged in research must also hold FWAs or be covered by the contractor's FWA. If all the entities engaged in research are covered under one FWA with a common IRB of record then it would not be necessary to involve more than one IRB. 1.2.8 At its discretion the VA may submit the research protocol prior to its initiation for review to a VA ad-hoc peer-review committee. This review will be conducted to ensure that the research incorporates or takes into consideration all VA and veteran specific concerns and issues that may impact on the scientific rigor of the study. 1.2.9 All subjects enrolled in the research must receive protections equivalent or greater as those required by VHA policies including VHA Handbook 1200.5 including appendixes and other applicable VHA 1200 series handbooks. If vulnerable subjects will be entered into the research, appropriate safeguards must be in place. 1.2.10 If the research project is eligible for a Certificate of Confidentiality, one must be obtained from NIH (http://grants.nih.gov/grants/policy/coc) 1.2.11 Recruitment of veterans into research projects must follow the recruitment plan as approved by the IRB. The plan must require that initial contact with the veteran be in person or by letter prior to any telephone contact. If a letter is sent to the veteran it must provide a telephone number of other means that the veteran can use to verity the validity of the contact and the study. Social security numbers may not be requested during a phone contact 1.2.12 All investigators and research staff interacting with research subjects or working with identifiable health information must receive training in the ethical conduct of human subjects research that is equivalent to or exceeds the requirement for VA investigators and research staff. See handbook VHA 1200.5 Requirements for Protections of Human Subjects in Research. http://www1.va.gov/vhapublications/ViewPublication.asp?pub_ID=418 "Information System Security - The Contractor shall ensure adequate LAN/Internet, data, information, and system security in accordance with VA standard operating procedures and standard contract language, conditions laws, and regulations. The Contractor's firewall and web server shall meet or exceed the government minimum requirements for security. All government data shall be protected behind an approved firewall. Any security violations or attempted violations shall be reported to the VA project manager and the VHA Headquarters Information Security Officer as soon as possible. The Contractor shall follow all applicable VA policies and procedures governing information security, especially those that pertain to certification accreditation. "Security Training - All Contractor employees and subcontractors under this contract or order are required to complete the VA's on-line Security Awareness Training Course and the Privacy Awareness Training Course annually. Contractors must provide signed certifications of completion to the CO during each year of the contract. This requirement is in addition to any other training that may be required of the Contractor and subcontractor(s). "Contractor Personnel Security - All Contractor employees who require access to the Department of Veterans Affairs' computer systems shall be the subject of a background investigation and must receive a favorable adjudication from the VA Security and Investigations Center (07C). The level of background security investigation will be in accordance with VA Directive 0710 dated September 10, 2004 and is available at: http://www.va.gov/pubs/asp/edsdirec.asp (VA Handbook 0710, Appendix A, Tables 1 - 3). Appropriate Background Investigation (BI) forms will be provided upon contract (or task order) award, and are to be completed and returned to the VA Security and Investigations Center (07C) within 30 days for processing. Contractors will be notified by 07C when the BI has been completed and adjudicated. These requirements are applicable to all subcontractor personnel requiring the same access. If the security clearance investigation is not completed prior to the start date of the contract, the employee may work on the contract while the security clearance is being processed, but the Contractor will be responsible for the actions of those individuals they provide to perform work for the VA. In the event that damage arises from work performed by Contractor personnel, under the auspices of the contract, the Contractor will be responsible for resources necessary to remedy the incident. The investigative history for Contractor personnel working under this contract must be maintained in the databases of either the Office of Personnel Management (OPM) or the Defense Industrial Security Clearance Organization (DISCO). Should the Contractor use a vendor other than OPM or Defense Security Service (DSS) to conduct investigations, the investigative company must be certified by OPM/DSS to conduct Contractor investigations. "Background Investigation - The position sensitivity impact for this effort has been designated as Low Risk and the level of background investigation is NACI. "Contractor Responsibilities - oThe Contractor shall bear the expense of obtaining background investigations. If the investigation is conducted by the Office of Personnel Management (OPM) through the VA, the Contractor shall reimburse the VA within 30 days. oBackground investigations from investigating agencies other than OPM are permitted if the agencies possess an OPM and Defense Security Service certification. The Vendor Cage Code number must be provided to the Security and Investigations Center (07C), which will verify the information and advise the contracting officer whether access to the computer systems can be authorized. oThe Contractor shall prescreen all personnel requiring access to the computer systems to ensure they maintain a U.S. citizenship and are able to read, write, speak and understand the English language. oAfter contract award and prior to contract performance, the Contractor shall provide the following information, using Attachment C, to the CO or designated COTR: (1)List of names of Contractor personnel. (2)Social Security Number of Contractor personnel. (3)Home address of Contractor personnel or the Contractor's address. oThe Contractor, when notified of an unfavorable determination by the Government, shall withdraw the employee from consideration from working under the contract. oFailure to comply with the Contractor personnel security requirements may result in termination of the contract for default. oFurther, the Contractor will be responsible for the actions of all individuals provided to work for the VA under this contract. In the event that damages arise from work performed by Contractor provided personnel, under the auspices of this contract, the Contractor will be responsible for all resources necessary to remedy the incident." "Government Responsibilities oThe VA Security and Investigations Center (07C) will provide the necessary forms to the Contractor or to the Contractor's employees after receiving a list of names and addresses. oUpon receipt, the VA Security and Investigations Center (07C) will review the completed forms for accuracy and forward the forms to OPM to conduct the background investigation. oThe VA facility will pay for investigations conducted by the OPM in advance. In these instances, the Contractor will reimburse the VA facility within 30 days. oThe VA Security and Investigations Center (07C) will notify the contracting officer and Contractor after adjudicating the results of the background investigations received from OPM. oThe Contracting Officer will ensure that the Contractor provides evidence that investigations have been completed or are in the process of being requested. "VA Internet and Intranet Standards: The contractor shall adhere to and comply with VA Directive 6102 and VA Handbook 6102, Internet/Intranet Services, including applicable amendments and changes, if the contractor's work includes managing, maintaining, establishing and presenting information on VA's Internet/Intranet Service Sites. This pertains, but is not limited to: creating announcements; collecting information; databases to be accessed, graphics and links to external sites. Internet/Intranet Services Directive 6102 is posted at: http://www.va.gov/pubs/directives/Information-Resources-Management-(IRM)/6102d.doc Internet/Intranet Services Handbook 6102 is posted at: http://www.va.gov/pubs/handbooks/Information-Resources-Management-(IRM)/6102h.doc. Internet/Intranet Services Handbook 6102, Change 1, is posted at: http://www.va.gov/pubs/handbooks/Information-Resources-Management-(IRM)/61021h.doc. These documents contain information regarding: VA cookie use policy, privacy statements, Section 508 applicability, posting "Hot Topics", warning notices and editorial changes. 19.0 Invoicing Acceptance: The Contractor shall forward invoices related to this effort by regular mail to the Austin Financial Services Center with a copy sent by electronic mail to the Local Associate COTR on the Task Order. All invoices submitted shall contain the following information: Project Identification Number: Accounting Control Number: Letter Order Number: Contract Number: Purchase Order Number: The above information shall be listed on the invoices, provided VHA has identified the appropriate numbers on its Purchase Order and indicated on the Purchase Order that the above references need to be referenced on the invoice. The Contractor shall submit invoices to VA on a basis commensurate with length of the project. For completed projects shorter than a month, submit an invoice at the end of that month. For projects which take longer than a month, submit an invoice at the end of each month for all completed project tasks accomplished during that month. 20.0Task Order Termination: VA has the right to terminate (in whole or in part) this task order at any time in accordance with the termination clauses of the governing GSA Schedule Contract. The Contractor will be paid only for the services rendered up to the point of receiving the termination notice, and then only to the extent that those services meet the requirements of this PWS. 21.0 Contract Administration: After award of Contract, all inquires and correspondence relative to the administration of the Contract shall be addressed to the attention of the Contracting Officer. Contracting Officer: TBD Telephone Number: Fax Number: Email: IDIQ Contracting Officer's Representative (COR): Yvonne Hochfelder Telephone Number: 678-924-5729 Fax Number: 678-924-5776 Email: yvonne.hochfelder@va.gov ? Attachment A Appendage 1 Data Fields FieldField NameDefinition 1TRANS_NBRTracking Number 2PAT_NAMEPatient Name (Last, First MI) 3PAT_SSNPatient SSN - From VA 4DOBDate of Birth 5AGEAge of Patient 6INS_CARRInsurance Carrier Name 7PHONE_NBRInsurance Carrier Phone Number 8EFF_DATEEffective Date of Insurance Coverage 9ACTIVEIs the Policy Active? 10TERMDTTermination Date of Insurance Coverage 11GROUP_NBRGroup Number 12GROUP_NAMEGroup Name 13INS_ADDR1Insurance Address 1 14INS_ADDR2Insurance Address 2 15INS_CITYInsurance City 16INS_STATEInsurance State 17INS_ZIPInsurance Zip Code 18INS_OP_ADDR1Insurance Out Patient Address 1 19INS_OP_ADDR2Insurance Out Patient Address 2 20INS_OP_CITYInsurance Out Patient City 21INS_OP_STATEInsurance Out Patient State 22INS_OP_ZIPInsurance Out Patient Zip Code 23SUB_NAMESubscriber Name 24SUB_DOBSubscriber Date of Birth 25INS_IDInsurance Identification Number 26FILINGLMTFiling Limit 27COMPComprehensive Coverage? 28CHAMPUSCHAMPUS Coverage? 29MENTHLTHMental Health Coverage? 30INDEMNITYIndemnity Coverage? 31TRADTraditional Indemnity Coverage? 32INCPROTIncome Protection Indemnity Coverage? 33INPATIENTONLYInpatient Only Coverage? 34MEDEXPSMedical Expense Coverage? 35HMOHMO Coverage? 36POSPOS Coverage 37PPOPPO Coverage? 38MEDICAREMedicare Coverage? 39PARTAMedicare Part A Coverage? 40PARTBMedicare Part B Coverage? 41MCAREPRIMEIs Medicare Primary? 42MCAREEFFDTMedicare Effective Date 43MCARESECDIs Medicare Secondary? 44MCARESUPPMedicare Supplement Coverage? 45WHICHPLANWhich Supplement Plan? 46MCARECARVEMedicare Carve Out Coverage? 47MCAREHMOMedicare HMO Coverage? 48RXCOVERAGERx Coverage? 49RXPERCENTRX Percentage 50RXADDRRx Carrier Name 51RXADDR2Rx Address 52RXCITYRx City 53RXSTATERx State 54RXZIPRx Zip 55INPATPRECERTInpatient Pre-Certification? 56PRECRTPHONEPre-Certification Phone Number 57CONTACTContact 58BILL_PHONEBill Phone Number 59DTVERFEDDate Verified 60VERIFIEDBYVerified By 61VER_COMPIs the Verification Complete? 62DTDEDate Data Entered 63ENTEREDPIIs it entered on the Patient insurance File? 64REJECTEDRejected From the Buffer File 65TYPE_INSType of Insurance
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/VA/VAHAC741/VAHAC741/VA74113I0096/listing.html)
 
Document(s)
Attachment
 
File Name: VA741-13-I-0096 VA741-13-I-0096_1.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=1011788&FileName=VA741-13-I-0096-001.docx)
Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=1011788&FileName=VA741-13-I-0096-001.docx

 
Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 
Record
SN03192660-W 20130920/130918234839-b4f3188fb96ac50cb67f30c2d360044b (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.