Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF JULY 29, 2017 FBO #5727
DOCUMENT

Q -- Patient Discharge Education and Instruction Software Base Year with four Option Years Seeking Sources willing to provide services as stated in the attached statement of work. - Attachment

Notice Date
7/27/2017
 
Notice Type
Attachment
 
NAICS
622110 — General Medical and Surgical Hospitals
 
Contracting Office
Department of Veterans Affairs;VA Healthcare System;Network Contracting Office (NCO) 10;3140 Governor ™s Place Blvd. Suite 210;Kettering OH 45409-1337
 
ZIP Code
45409-1337
 
Solicitation Number
VA25017Q0933
 
Response Due
8/2/2017
 
Archive Date
10/1/2017
 
Point of Contact
Adoniss Gibson
 
E-Mail Address
Contracting Point of Contact
(Adoniss.Gibson@va.gov)
 
Small Business Set-Aside
N/A
 
Description
STATEMENT OF WORK (SOW) as of July 27, 2017 1. Contract Title. Discharge Education/Patient Instruction Software Purchase (Contractor) for the Chillicothe VAMC. License for use includes all user access of patient education materials with discharge specific templates for workstations in the Urgent Care and Acute Medicine Inpatient Units 2. Authority: FAR 13.106-1 (b), Soliciting from a Single Source. Purpose of the Project: This is a request to purchase Contractor which offers customizable instructions for diagnoses, medications, treatments, medical devices, recommended diets, and follow-up. The comprehensive library offers over 5,500 education and instructions for Emergency Departments, Urgent Care, inpatient units and clinics. Patient list automatically displays new registrations made in VistA/CPR and imports Primary Care Provider, appointment and medication lists. Interfacing creates an automated process which eliminates printing and scanning instructions into CPRS and provides individualized detailed information to the patient. Background. The software package is being requested as part of a grant to improve the discharge process and reduce hospital readmissions. Readmissions within 30 days are very costly, disruptive to the patient, and are often preventable. Readmissions place patients at additional risk of hospital-acquired infections and complications, and are a good indicator of healthcare quality. Contractor is VA approved and fully integrates with VISTA and CPRS, transferring educational documentation to CPRS as a signed note. The software automatically includes the name of the patient s primary care provider, next appointment dates and times, and any other information deemed necessary by the Chillicothe VAMC. It can be initiated by any clinician and provides health education on topics related to disease prevention and management The base content can be customized to fit the needs of the facility and individual instruction can be customized by the document author in order to meet the specific needs of the patient. Contractor health content library offers over 5,500 topics which are written at a 5th-6th grade reading level. Contractor meets Joint Commission standards on for patient and family education. Current instructions is minimalistic and education inconsistent through Krames content. Krames is VISN contract is not being renewed and does not provide consistent research-based information or the needed electronic medical record documentation interface. 3. Scope. This contract will be for the purchase of Contractor patient instructions and will include the base year plus four (4) option year pricing. It is a firm, fixed price contract. Delivery and set up of   CONTRACTOR s Patient Instructions Software for Period of Performance of one year (award date through one year) for the Chillicothe VA Urgent Care Department and Acute Medical Units.     Delivery activities shall consist of install, implementation, interface, monitoring and licensing for use of patient education materials throughout the organization and specific template services as stated including: A.           Set-up: All preparation necessarily required to ready CONTRACTOR s Patient Instructions Software for operation (set-up and training) for Urgent Care and Acute Medical Surgical inpatient units. Additional levels of care discharge instructions may be needed in the future. B.           The contractor shall provide software license for CONTRACTOR s Patient Instructions software.   This includes the remote implementation, testing, maintenance, and training for Urgent Care and Acute Medical Surgical inpatient units. Additional levels of care discharge instructions may be needed in the future. C.           Software Support from the company includes: ·                 24-hour emergency technical support services for the CONTRACTOR Integrated Patient Instructions computer software and periodic releases and updates to clinical content ·                 Patient Instructions software includes content for patient education, discharge documents, and other miscellaneous documents related to patient education and instruction. ·                 Integration delivers patient information from Vista to the CONTRACTOR Patient List and completed documents from CONTRACTOR s Patient Instructions will be delivered to CPRS Notes. Upon receiving a maintenance and repair call from facility designee, the Contractor shall make a return telephone call within 2 hours.   The Contractor will restore the equipment to FULL PERFORMANCE within forty-eight (48) hours of the original call.   The Contractor shall notify the COR of the existence or development of any defects in the equipment covered under this contract which the Contractor considers he/she is not responsible for under the terms of the contract (such as operator misuse). Training and support and preventative maintenance and educational courses to be provided on-site as indicated. 4. Specific Tasks. Contractor shall provide the software license for its patient instruction software. This includes the remote implementation, testing and maintenance of the system. Patient instruction software includes content for patient education, discharge document, and other miscellaneous documents related to patient education and instructions. Contractor will provide staff training on the system and 24-hour emergency technical support services for patient instruction integrated software and periodic release and updates to clinical content. The integration of Contractor software delivers patient information from VISTA to Contractor s patient list and completed documents from Contractor s patient Instructions will be delivered to CPRS in note form. Post implementation reports to include template use, content usage and staff interactivity to develop a system of monitoring for compliance and standards. Ongoing support includes trouble shooting as needed and routine content updates that is research-based meeting government and performance standards with minimal interruption to care. Deployment includes: A.           Clinical workflow analysis for the Urgent Care Department, Acute Inpatient Medical Units and general patient education. ·                 Up to two (2) CONTRACTOR staff on site for up to two (2) days     Includes travel and expenses B.           All other services provided remotely. ·                 Project management ·                 Integration configuration ·                 Vista integration ·                 CPRS integration ·                 Remote application installation to VA facility servers within VA firewall ·                 Live / production environment ·                 Test environment (if applicable) ·                 Remote training of Super Users ·                 Dedicated remote Go-Live support C.           The Implementation team may include the following Contractor staff for the Contractor implementation: ·                 Project Manager: Will schedule and coordinate remote and onsite technical and clinical resources to test and install the product, train users, match product configuration to clinical analysis, install and test product and interface performance. ·                 Clinical Analyst(s): A clinical provider (medical or nursing) and an implementation expert will assist clinical staff in determining: Who will prepare patient education, at what points in the care process, what providers and options should be built into the follow-up process and where the application should be accessed. These individuals will also train staff on how to manage and update the system s clinical content. ·                 Interface Analyst(s): Will configure interface code and install and test interfaces in test and live environments, coordinating with VA local and Regional IT staff. ·                 Server/desktop support staff 4.1 Task 1 - Enterprise Management Controls. 4.1.1 Subtask 1 - Integration Management Control Planning. The requirement id for Contractor to update and interface patient instruction software to be compatible with the current VISTA system including software updates, trouble shooting, and support for efficient and sustainable discharging of patients form the urgent care and inpatient areas. Licensed technicians provide support and instruction to the government for producing critical reports and critical record updates. Contractor provides limited on-site support and extensive remote support to develop, implement and stabilize product use. Facility project staffing: Project Lead · Help organize deployment schedules and keep the project on task · Ensure the appropriate resources are made available Region 3 COTS Team Member Establish relationships with the regional COTS teams · Install Server hardware and Operating System · Work alongside CONTRACTOR to install the CONTRACTOR Patient Instructions application · Install our KIDS build for CPRS integration · Configure and validate connectivity CAC Team Member (Health Informatics) · Determine and configure a Note Title(s) in CPRS · Add an HTTP link in CPRS for the CONTRACTOR application · Assist in testing Integration (Access to Test Appointment Manager) Clinical Lead · Provide details of current workflow around patient discharge · Review after-care follow up choices and content · Review discharge and teaching form content AdPac Determine security owner Clinical User Work with your implementation lead to perform end to end testing Region 3 OI&T Establish two Active Directory groups for the creation of CONTRACTOR Patient Instruction users *Individual roles may overlap. 4.1.2 Subtask 2 - Contract Management. Not Applicable Deliverables: Contract Management Plan: See Delivery Table Monthly Status Report: See Delivery Table SOW Task# Deliverable Title Format Number Calendar Days After CO Start 1 Development of full Implementation plan Remote Standard Distribution* Draft 10 Final - 20 2 Network Interface development Remote 20 3 Development of program templates Remote 20 4 Testing completion /script with resolution if needed Remote 30 4 Admin/Super User Training UC & Acute Medical Units Remote 45 5 Go Live Urgent Care Onsite 45 6 Super User Training Refresher Remote 60 7 Go Live Acute Medical Units Remote 60 8 Monthly Status Report Remote 2 Copies to COR; Letter Only to CO Monthly, on 5th Workday * Standard Distribution: 1 copy of the transmittal letter without the deliverable to the Contracting Officer shall be Emailed. 5. Performance Monitoring Built in report functionality to evaluate use restricted to facility administrators. Response to emergency calls and utilization quarterly reports are available upon request of facility account owner assigned by Contractor. 6.0 Security Requirements Service & Maintenance will follow the security requirements as per VA s Medical Device Protection Program (MDPP) which protects VA s medical devices through a comprehensive security initiative that encompasses pre-procurement assessments, medical device isolation architecture (MDIA), communication, validation, scanning, access control list remediation, patching, and secure remote connectivity. 6.1 General Security Contractors, contractor personnel, subcontractors, and subcontractor personnel shall be subject to the same Federal laws, regulations, standards, and VA Directives and Handbooks as VA and VA personnel regarding information and information system security. 6.2 Access to VA Information and VA Information Systems a. A contractor/subcontractor shall request logical (technical) or physical access to VA information and VA information systems for their employees, subcontractors, and affiliates only to the extent necessary to perform the services specified in the contract, agreement, or task order. b. All contractors, subcontractors, and third-party servicers and associates working with VA information are subject to the same investigative requirements as those of VA appointees or employees who have access to the same types of information. The level and process of background security investigations for contractors must be in accordance with VA Directive and Handbook 0710, Personnel Suitability and Security Program. The Office for Operations, Security, and Preparedness is responsible for these policies and procedures. A BI is not required per VA Information and Information System Security/Privacy Requirements for IT Contracts dated August 2008 if the following exception applies: Contract Personnel with limited and intermittent access to equipment connected to facility networks on which limited VA sensitive information may reside, including medical equipment contractors who install, maintain, and repair networked medical equipment such as CT scanners, EKG systems, ICU monitoring, etc. In this case, Veterans Health Administration facilities must have a duly executed VA Business Associate Agreement (BAA) in place with the vendor in accordance with VHA Handbook 1600.1, Business Associates, to assure compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in addition to the contract. Contract personnel, if on site, should be escorted by VA IT Staff. 6.3 Training a. All contractor employees and subcontractor employees requiring access to VA information and VA information systems shall complete the following before being granted access to VA information and its systems: (1) Sign and acknowledge (either manually or electronically) understanding of and responsibilities for compliance with the Contractor Rules of Behavior, Appendix E relating to access to VA information and information systems; (2) Successfully complete the VA Cyber Security Awareness and Rules of Behavior training and annually complete required security training; (3) Successfully complete the appropriate VA privacy training and annually complete required privacy training; and (4) Successfully complete any additional cyber security or privacy training, as required for VA personnel with equivalent information system access [to be defined by the VA program official and provided to the contracting officer for inclusion in the solicitation document e.g., any role-based information security training required in accordance with NIST Special Publication 800-16, Information Technology Security Training Requirements.] b. The contractor shall provide to the contracting officer and/or the COR a copy of the training certificates and certification of signing the Contractor Rules of Behavior for each applicable employee within 1 week of the initiation of the contract and annually thereafter, as required. c. Failure to complete the mandatory annual training and sign the Rules of Behavior annually, within the timeframe required, is grounds for suspension or termination of all physical or electronic access privileges and removal from work on the contract until such time as the training and documents are complete. 6.4 VA Information Custodial Language a. Information made available to the contractor or subcontractor by VA for the performance or administration of this contract or information developed by the contractor/subcontractor in performance or administration of the contract shall be used only for those purposes and shall not be used in any other way without the prior written agreement of the VA. This clause expressly limits the contractor/subcontractor's rights to use data as described in Rights in Data - General, FAR 52.227-14(d) (1). b. The contractor/subcontractor must store, transport, or transmit VA sensitive information in an encrypted form, using VA-approved encryption tools that are, at a minimum, FIPS 140-2 validated. 6.5 Information Systems Hosting, Operations, Maintenance, or Use a. Bio-Medical devices and other equipment or systems containing media (hard drives, optical disks, etc.) with VA sensitive information must not be returned to the vendor at the end of lease, for trade-in, or other purposes. The options are: (1) Vendor must accept the system without the drive; (2) VA s initial medical device purchase includes a spare drive which must be installed in place of the original drive at time of turn-in; or (3) VA must reimburse the company for media at a reasonable open market replacement cost at time of purchase. (4) Due to the highly specialized and sometimes proprietary hardware and software associated with medical equipment/systems, if it is not possible for the VA to retain the hard drive, then; (a) The equipment vendor must have an existing BAA if the device being traded in has sensitive information stored on it and hard drive(s) from the system are being returned physically intact; and (b) Any fixed hard drive on the device must be non-destructively sanitized to the greatest extent possible without negatively impacting system operation. Selective clearing down to patient data folder level is recommended using VA approved and validated overwriting technologies/methods/tools. Applicable media sanitization specifications need to be preapproved and described in the purchase order or contract. (c) A statement needs to be signed by the Director (System Owner) that states that the drive could not be removed and that (a) and (b) controls above are in place and completed. The ISO needs to maintain the documentation. 6.6 SECURITY INCIDENT INVESTIGATION a. The term security incident means an event that has, or could have, resulted in unauthorized access to, loss or damage to VA assets, or sensitive information, or an action that breaches VA security procedures. The contractor/subcontractor shall immediately notify the COR and simultaneously, the designated ISO and Privacy Officer for the contract of any known or suspected security/privacy incidents, or any unauthorized disclosure of sensitive information, including that contained in system(s) to which the contractor/subcontractor has access. b. To the extent known by the contractor/subcontractor, the contractor/subcontractor s notice to VA shall identify the information involved, the circumstances surrounding the incident (including to whom, how, when, and where the VA information or assets were placed at risk or compromised), and any other information that the contractor/subcontractor considers relevant. 6.7 LIQUIDATED DAMAGES FOR DATA BREACH a. Consistent with the requirements of 38 U.S.C. §5725, a contract may require access to sensitive personal information. If so, the contractor is liable to VA for liquidated damages in the event of a data breach or privacy incident involving any SPI the contractor/subcontractor processes or maintains under this contract. However, it is the policy of VA to forgo collection of liquidated damages in the event the contractor provides payment of actual damages in an amount determined to be adequate by the agency. b. Based on the determinations of the independent risk analysis, the contractor shall be responsible for paying to the VA liquidated damages in the amount of $37.50 per affected individual to cover the cost of providing credit protection services to affected individuals consisting of the following: (1) Notification; (2) One year of credit monitoring services consisting of automatic daily monitoring of at least 3 relevant credit bureau reports; (3) Data breach analysis; (4) Fraud resolution services, including writing dispute letters, initiating fraud alerts and credit freezes, to assist affected individuals to bring matters to resolution; (5) One year of identity theft insurance with $20,000.00 coverage at $0 deductible; and (6) Necessary legal expenses the subjects may incur to repair falsified or damaged credit records, histories, or financial affairs. 7. Government-Furnished Equipment (GFE)/Government-Furnished Information (GFI). No GFE/GFI is needed or required. 8. Other Pertinent Information or Special Considerations. See below Identification of Possible Follow-on Work. Not Applicable b. Identification of Potential Conflicts of Interest (COI). Not Applicable c. Identification of Non-Disclosure Requirements. Not Applicable d. Packaging, Packing and Shipping Instructions. Not applicable e. Inspection and Acceptance Criteria. Template creation for Veteran Discharge Instructions and Patient Education will be developed, piloted in Urgent care prior to implementation in the Acute Medical Inpatient units. Clinical engagement is the key to success. To have clinical support Contractor will first need to provide an application workflow that works. It will be important to standardize department workflow out of CONTRACTOR Patient Instructions to provide consistent education to the Veterans. Champions will be sought out at the facility to ensure the most efficient use of the Contractor application. Contractor agrees to continued support by listening and addressing configuration and site specific content to meet ongoing needs. Updates include routine clinical content updates through research based information and new topics upon request. After live use begins, Contractor will provide all the benefits of our support including 24/7-hour support line. In addition to standard support, the implementation specialist(s) will continue to work with our facility to meet the goal expectations that are established. Contractor will provide or give tools to report on system use data. 9. Risk Control As a web-based product, OIT and the Information Security Officer was involved in planning and access security is a priority. Contractor staff accessing VA systems have VA credentials granted PIV cards, and certificates can be obtained upon request. The Region 03 COTS team and the Contractor will assure that- No other information except what is in this contract will be shared with the contractor in any follow up communication. Sensitive VA information is contained within the systems covered by this contract. The Vendor will not transfer any VA information to a location outside the VA and only to VA locations determined by the VA System Administrator. The information in these systems may be covered by the Privacy Act 1974 which contains criminal penalties of abuse of information. During onsite service, the Vendor shall be chaperoned by VA Personnel. Non-volatile memory devices, working or non-working, shall NOT be removed from the VA facility until the ISO has certified that the data has been destroyed. For magnetic devices and media, the data destruction will be by degaussing. Other forms of cleansing will be used for non-magnetic media. Updates and repairs will be coordinated through Region 03 COTS Team. 10. Place of Performance. Product is web-based and will be implemented with the assistance of Region 3 COTS team with the access residing on a virtual server. No patient data is stored within that local computers. As documentation is completed the information will be stored within the electronic medical record for that patient. All data is protected on the Region 03 virtual server with the firewall. 11. Period of Performance. Product delivery through year one with 4 optional years. 12. Delivery Schedule. To be determined at the time of contract for coordination through Region 03 COTS team.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/VA/DaVAMC552/DaVAMC552/VA25017Q0933/listing.html)
 
Document(s)
Attachment
 
File Name: VA250-17-Q-0933 VA250-17-Q-0933.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=3689725&FileName=VA250-17-Q-0933-000.docx)
Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=3689725&FileName=VA250-17-Q-0933-000.docx

 
Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 
Place of Performance
Address: Department of Veterans Affairs;Chillicothe VA Medical Center;17273 State Route 104;Chillicothe, Ohio
Zip Code: 45601-9718
 
Record
SN04601626-W 20170729/170727233151-6df4698afcf3424e074cf355bbbc886a (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.