Loren Data's SAM Daily™

FBO DAILY - FEDBIZOPPS ISSUE OF MAY 14, 2017 FBO #5651
DOCUMENT

65 -- ZEISS CIRRUS HD OCT MODEL 5000 - Attachment

Notice Date

5/12/2017
 

Notice Type

Attachment
 

NAICS

334510 — Electromedical and Electrotherapeutic Apparatus Manufacturing
 

Contracting Office

Department of Veterans Affairs;Network Contracting Office (NCO) 10;2780 Airport Dr., Suite 340;Columbus OH 43219-1834
 

ZIP Code

43219-1834
 

Solicitation Number

VA25017Q0503
 

Response Due

5/16/2017
 

Archive Date

7/15/2017
 

Point of Contact

Percy Johnson
 

E-Mail Address

johnson2@va.gov<br
 

Small Business Set-Aside

Service-Disabled Veteran-Owned Small Business
 

Description

This is a combined synopsis/solicitation for commercial items prepared in accordance with the format in Subpart 12.6, as supplemented with additional information included in this notice. This announcement constitutes the only solicitation; proposals are being requested and a written solicitation will not be issued. The solicitation number is VA250-17-Q-0503and is issued as a request for quotation (RFQ) in accordance with FAR Parts 12 and 13. The solicitation document and incorporated provisions and clauses are those in effect through Federal Acquisition Circular 2005-95. The associated NAICS code is 334510 Electromedical and Electrotherapeutic Apparatus Manufacturing and small business size standard is 1,250 employees. This is a total service disabled veteran owned small business set-aside. The requirement is for 6 CIRRUS HD-OCT (Model 5000) with AngioPlex OCT Angiography for use at the Chalmers P. Wylie Ambulatory Care Center. Delivery locations are: Chalmers P. Wylie Ambulatory Care Center, 420 N James Road Columbus, OH  43219 : 3 units Newark CBOC, 1855 W. Main Street Newark, OH  43055: 1 unit Marion CBOC, 1203 Delaware Avenue, Corporate Center #2 Marion, OH  43302-6419: 1 unit Zanesville CBOC, 2800 Maple Avenue Zanesville, OH  43701: 1 unit This announcement constitutes the only solicitation; a formal, written solicitation will not be issued. PAPER COPIES OF THIS SOLICITATION WILL NOT BE AVAILABLE. This solicitation documents and incorporates provisions and clauses in effect through FAC 2005-95. It is the responsibility of the contractor to be familiar with the applicable clauses and provisions. The clauses may be accessed in full text at these addresses: https://www.acquisition.gov/Far/. The selected Offeror shall comply with the following commercial item terms and conditions, which are incorporated herein by reference: FAR 52.212-1, Instructions to Offerors -Commercial Items, FAR 52.212-3, Offeror Representations and Certifications-Commercial Items - the selected offeror shall submit a completed copy of the listed representations and certifications or confirm that the annual representations and certifications was completed electronically via the SAM website accessed through http://www.acquisition.gov; FAR 52.212-4, Contract Terms and Conditions-Commercial Items; 52.203-17, 52.203-99, and 52.204-4. FAR 52.212-5, Contract Terms and Conditions Required To Implement Statutes or Executive Orders-Commercial Items, paragraph (a) and the following clauses in paragraph (b): 52.203-6, 52.204-10, 52.209-6, 52.219-6, 52.219-8, 52.219-14, 52.219-27, 52.222-3, 52.222-19, 52.222-21, 52.222-26, 52.222-35, 52.222-36, 52.222-37, 52.222-40, 52.222-50, 52.223-18, 52.225-1, 52.225-13, and 52.232-33. The full text of the referenced FAR clauses may be accessed electronically at https://www.acquisition.gov/far/. Evaluation: will be made using the procedures under FAR 13. Offers will be evaluate using the Lowest price technically Acceptable (LPTA). The following VAAR Clauses apply 852.203-70 Commercial Advertising 852.211-70 Service Data Manuals 852.219-10 VA Notice of total service-disabled veteran-owned small business set-aside. 852.232-72 Electronic submission of payment requests 852.246-70 Guarantee (at least one year) 852.246-71 Inspection The Following VAAR Provisions apply 852.211-72 Technical Industry Standards Quotes are to be emailed to Percy Johnson at percy.johnson2@va.gov, no later than 16 May 2017 3:00 p.m. EST. Contract Title. CIRRUS HD-OCT (Model 5000) with AngioPlex OCT (6 units) Purchase, Installation, and Training Scope. Delivery, installation, and training on the OCT 5000 instruments. Data transfer from existing OCT instruments to the new instruments. Coordination with Biomed to include setup of DICOM and FORUM transfers to replace the existing functions of the current OCT 4000 Instruments. Contractor shall remove all crating trash and debris associated with the delivery/install from the associated property. It is not permitted to dispose of packaging materials on the job site. Disposal of packaging is strictly prohibited. Environmental practices and proper recycling is required The Chalmers P. Wylie VA ACC is in need of purchasing: Six (6) CIRRUS HD-OCT (Model 5000) with AngioPlex units. The procurement includes the following: Six (6) CIRRUS HD-OCT (Model 5000) with AngioPlex units. Delivery to 3 CBOCs and main facility, Installation, and Calibration Transfer of existing data on OCT 4000 instruments to the OCT 5000 instruments. Assistance in network setup to connect to FORUM Server, VA Worklist, and VA DICOM Storage The OCT Instruments need to be compatible with the existing FORUM Server, and allow for progression analysis of retinal and optic nerve raw data scans, to utilize existing OCT 4000 scans as baseline imaging to future OCT 5000 scans. Specific Tasks. 1: Delivery, Installation, and Calibration Confirmation. Note that three instruments will be delivered to Chalmers P. Wylie Ambulatory Care Center and three instruments (1 each) will be delivered to CBOC locations in Marion Ohio, Newark Ohio, and Zanesville Ohio. Chalmers P. Wylie Ambulatory Care Center, 420 N James Road Columbus, OH  43219 : 3 units Newark CBOC, 1855 W. Main Street Newark, OH  43055: 1 unit Marion CBOC, 1203 Delaware Avenue, Corporate Center #2 Marion, OH  43302-6419: 1 unit Zanesville CBOC, 2800 Maple Avenue Zanesville, OH  43701: 1 unit 2: Data transfer from the OCT 4000 to the OCT 5000. This data is utilized as a backup to the FORUM Server database. This data is also a backup that allows for progression analysis when the network is not functional. 3: Assist Biomed in the setup and successful testing of VA worklist pull, FORUM Transfer, and DICOM Transfer, resulting in raw data available on the existing FORUM Server for analysis as well as PDF reports in VA DICOM in VISTA Imaging. Performance Monitoring The COR will confirm that imaging is successfully transferring to both FORUM and DICOM after installation. Security Requirements Service & Maintenance will follow the security requirements as per VA s Medical Device Protection Program (MDPP) which protects VA s medical devices through a comprehensive security initiative that encompasses pre-procurement assessments, medical device isolation architecture (MDIA), communication, validation, scanning, access control list remediation, patching, and secure remote connectivity. General Security Contractors, contractor personnel, subcontractors, and subcontractor personnel shall be subject to the same Federal laws, regulations, standards, and VA Directives and Handbooks as VA and VA personnel regarding information and information system security. 5.2 Access to VA Information and VA Information Systems a. A contractor/subcontractor shall request logical (technical) or physical access to VA information and VA information systems for their employees, subcontractors, and affiliates only to the extent necessary to perform the services specified in the contract, agreement, or task order. b. All contractors, subcontractors, and third-party servicers and associates working with VA information are subject to the same investigative requirements as those of VA appointees or employees who have access to the same types of information. The level and process of background security investigations for contractors must be in accordance with VA Directive and Handbook 0710, Personnel Suitability and Security Program. The Office for Operations, Security, and Preparedness is responsible for these policies and procedures. A BI is not required per VA Information and Information System Security/Privacy Requirements for IT Contracts dated August 2008 if the following exception applies: Contract Personnel with limited and intermittent access to equipment connected to facility networks on which limited VA sensitive information may reside, including medical equipment contractors who install, maintain, and repair networked medical equipment such as CT scanners, EKG systems, ICU monitoring, etc. In this case, Veterans Health Administration facilities must have a duly executed VA Business Associate Agreement (BAA) in place with the vendor in accordance with VHA Handbook 1600.1, Business Associates, to assure compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in addition to the contract. Contract personnel, if on site, should be escorted by VA IT Staff. 5.3 Training a. All contractor employees and subcontractor employees requiring access to VA information and VA information systems shall complete the following before being granted access to VA information and its systems: (1) Sign and acknowledge (either manually or electronically) understanding of and responsibilities for compliance with the Contractor Rules of Behavior, Appendix E relating to access to VA information and information systems; (2) Successfully complete the VA Cyber Security Awareness and Rules of Behavior training and annually complete required security training; (3) Successfully complete the appropriate VA privacy training and annually complete required privacy training; and (4) Successfully complete any additional cyber security or privacy training, as required for VA personnel with equivalent information system access [to be defined by the VA program official and provided to the contracting officer for inclusion in the solicitation document e.g., any role-based information security training required in accordance with NIST Special Publication 800-16, Information Technology Security Training Requirements.] b. The contractor shall provide to the contracting officer and/or the COR a copy of the training certificates and certification of signing the Contractor Rules of Behavior for each applicable employee within 1 week of the initiation of the contract and annually thereafter, as required. c. Failure to complete the mandatory annual training and sign the Rules of Behavior annually, within the timeframe required, is grounds for suspension or termination of all physical or electronic access privileges and removal from work on the contract until such time as the training and documents are complete. 5.4 VA Information Custodial Language a. Information made available to the contractor or subcontractor by VA for the performance or administration of this contract or information developed by the contractor/subcontractor in performance or administration of the contract shall be used only for those purposes and shall not be used in any other way without the prior written agreement of the VA. This clause expressly limits the contractor/subcontractor's rights to use data as described in Rights in Data - General, FAR 52.227-14(d) (1). b. The contractor/subcontractor must store, transport, or transmit VA sensitive information in an encrypted form, using VA-approved encryption tools that are, at a minimum, FIPS 140-2 validated. 5.5 Information Systems Hosting, Operations, Maintenance, or Use a. Bio-Medical devices and other equipment or systems containing media (hard drives, optical disks, etc.) with VA sensitive information must not be returned to the vendor at the end of lease, for trade-in, or other purposes. The options are: (1) Vendor must accept the system without the drive; (2) VA s initial medical device purchase includes a spare drive which must be installed in place of the original drive at time of turn-in; or (3) VA must reimburse the company for media at a reasonable open market replacement cost at time of purchase. (4) Due to the highly specialized and sometimes proprietary hardware and software associated with medical equipment/systems, if it is not possible for the VA to retain the hard drive, then; (a) The equipment vendor must have an existing BAA if the device being traded in has sensitive information stored on it and hard drive(s) from the system are being returned physically intact; and (b) Any fixed hard drive on the device must be non-destructively sanitized to the greatest extent possible without negatively impacting system operation. Selective clearing down to patient data folder level is recommended using VA approved and validated overwriting technologies/methods/tools. Applicable media sanitization specifications need to be preapproved and described in the purchase order or contract. (c) A statement needs to be signed by the Director (System Owner) that states that the drive could not be removed and that (a) and (b) controls above are in place and completed. The ISO needs to maintain the documentation. 5.6 SECURITY INCIDENT INVESTIGATION a. The term security incident means an event that has, or could have, resulted in unauthorized access to, loss or damage to VA assets, or sensitive information, or an action that breaches VA security procedures. The contractor/subcontractor shall immediately notify the COR and simultaneously, the designated ISO and Privacy Officer for the contract of any known or suspected security/privacy incidents, or any unauthorized disclosure of sensitive information, including that contained in system(s) to which the contractor/subcontractor has access. b. To the extent known by the contractor/subcontractor, the contractor/subcontractor s notice to VA shall identify the information involved, the circumstances surrounding the incident (including to whom, how, when, and where the VA information or assets were placed at risk or compromised), and any other information that the contractor/subcontractor considers relevant. 5.7 LIQUIDATED DAMAGES FOR DATA BREACH a. Consistent with the requirements of 38 U.S.C. §5725, a contract may require access to sensitive personal information. If so, the contractor is liable to VA for liquidated damages in the event of a data breach or privacy incident involving any SPI the contractor/subcontractor processes or maintains under this contract. However, it is the policy of VA to forgo collection of liquidated damages in the event the contractor provides payment of actual damages in an amount determined to be adequate by the agency. b. Based on the determinations of the independent risk analysis, the contractor shall be responsible for paying to the VA liquidated damages in the amount of $37.50 per affected individual to cover the cost of providing credit protection services to affected individuals consisting of the following: (1) Notification; (2) One year of credit monitoring services consisting of automatic daily monitoring of at least 3 relevant credit bureau reports; (3) Data breach analysis; (4) Fraud resolution services, including writing dispute letters, initiating fraud alerts and credit freezes, to assist affected individuals to bring matters to resolution; (5) One year of identity theft insurance with $20,000.00 coverage at $0 deductible; and (6) Necessary legal expenses the subjects may incur to repair falsified or damaged credit records, histories, or financial affairs. Government-Furnished Equipment (GFE)/Government-Furnished Information (GFI). N/A Other Pertinent Information or Special Considerations. The contractor will need to work with Biomed and IT to ensure connectivity with the FORUM server at the time of installation. Identification of Possible Follow-on Work. None identified at this time Identification of Potential Conflicts of Interest (COI). None Identification of Non-Disclosure Requirements. None Packaging, Packing and Shipping Instructions. The contractor will deliver 3 instruments to the Main Columbus VA Facility, and 1 instrument to each of the following CBOC locations: Marion, Zanesville, Newark Inspection and Acceptance Criteria. The COR with confirm functionality and instrument connectivity with FORUM and VA DICOM after installation. Risk Control None Place of Performance. The contract will cover work at 4 different locations: Main Columbus VA Facility, and 1 instrument to each of the following CBOC locations: Marion, Zanesville, Newark A ZEISS Medical Instrument yearly service contract is in place. These instruments will replace the OCT 4000 units that will be retired. Delivery Schedule. SOW Task# Deliverable Title Format Number Calendar Days After CO Start 1 Columbus VAACC OCT 5000 Units 3 30 2 Newark CBOC OCT 5000 Unit 1 37 3 Marion CBOC OCT 5000 Unit 1 37 4 Zanesville CBOC OCT 5000 Unit 1 37 Period of Performance 30 Days ARO
 

Web Link

FBO.gov Permalink
(https://www.fbo.gov/spg/VA/CoVAOPC757/CoVAOPC757/VA25017Q0503/listing.html)
 

Document(s)

Attachment
 

File Name: VA250-17-Q-0503 VA250-17-Q-0503_CSSA1.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=3492953&FileName=VA250-17-Q-0503-001.docx)

Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=3492953&FileName=VA250-17-Q-0503-001.docx

 

Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 

Place of Performance

Address: Chalmers P. Wylie Ambulatory Care Center;420 N James Road;Columbus

Zip Code: OH
 

Record

SN04507606-W 20170514/170512235729-1c34e0051b707756e6d8c5397493c8bf (fbodaily.com)
 

Source

FedBizOpps Link to This Notice
(may not be valid after Archive Date)

---

| FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |