Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF AUGUST 05, 2017 FBO #5734
DOCUMENT

V -- Pittsburgh Taxi Services - Attachment

Notice Date
8/3/2017
 
Notice Type
Attachment
 
NAICS
485310 — Taxi Service
 
Contracting Office
Department of Veterans Affairs;Network Contracting Office 4
 
Solicitation Number
VA24417Q1473
 
Response Due
8/18/2017
 
Archive Date
9/17/2017
 
Point of Contact
Mark Andrews
 
Small Business Set-Aside
N/A
 
Description
SOURCES SOUGHT ANNOUNCEMENT: The VA Pittsburgh Health System, is conducting a market survey to identify potential sources to provide taxi services for patients. This announcement is issued for informational planning purposes only and is not a request for proposal or announcement of a solicitation. Submitting information for this announcement is voluntary and participants will not be compensated. The purpose of this market research is to identify capable sources that are both experienced and qualified to provide the afore mentioned, Transportation contract, including all labor, transport of patients IAW the draft Performance Work Statement (PWS) below. The North American Industry Classification System Code (NAICS) is 485310 and the small business size standard is $15 million for this type of effort. Based on this information, please indicate whether your company would be a Large or Small Business, and provide the average amount of sales for the last three (3) years or whether you have a socio-economic designation. Capabilities Statement and Documentation: Firms/Companies are invited to provide their capabilities, experience and knowledge in the Transportation of patients IAW the PWS. Sources are asked to provide information to demonstrate their answers to the following items of information: 1. Company Name, Address, Website, POC, and POC Phone Number. 2. Indicate and explain your capability of providing this service including maintaining any required security clearances and or additional licensing. 3. Provide a summary of the type transportation equipment that will be used and any relevant licensing. 4. If these services are available under your GSA contract, please provide the FSS number. 5. Please indicate your company's size under NAICS Code 485310. In addition to a Capability Statement which provides the above, submissions can include specifications, brochures, and manuals as attachments. Information regarding your firm's capacity and capability to provide such services are to be submitted electronically on or before Wednesday, 08/18/2017 prior to 4:00 pm (EST) addressed to Mark Andrews, Contract Specialist: Mark.andrews3@va.gov. Phone: 717-228-6018. B.2 PERFORMANCE WORK STATEMENT Section A Scope: VA Pittsburgh Healthcare System (VAPHS) is seeking to award a four year Indefinite Delivery Indefinite Quantity (IDIQ) contract for Taxi Transportation Services throughout the tri-state area. The Contractor agrees to furnish taxi transportation services, 24-hours per day, and seven days per week, (to include all federal holidays) for all beneficiaries of VAPHS located at University Drive, Pittsburgh, PA 15240; 1010 Delafield Road, Aspinwall, PA 15215; and their Community Based Outpatient Clinics (CBOC) in Beaver, Fayette, Washington, and Westmoreland Counties in PA and in Belmont County in OH. VAPHS requires taxi transportation services for patient care transport between designated VAPHS patient transportation locations and patient residences, the airport, bus stations, hotels and other locations as authorized. As approximately 50% of trips involve transportation to and from the Greater Pittsburgh International Airport (GPIA), VAPHS requires that the Contractor possess or obtain the appropriate permit authority and telecommunications equipment to continuously operate taxi s at that location. Section B Passenger Transportation: The Contractor shall provide taxi transportation services seven (7) days per week (including holidays), twenty-four (24) hours per day, three hundred sixty-five (365) days per year, for the term of this contract, including Federal Holidays. The following ten holidays are observed by the Federal Government: New Year s Day, Martin Luther King s Birthday, President s Day, Memorial Day, Independence Day, Labor Day, Columbus Day, Veterans Day, Thanksgiving Day, Christmas Day, and any other day specifically declared to be a national holiday by the President of the United States. The majority of the runs will be between 6:00 a.m. and 6:00 p.m. Monday through Friday. When service is needed, trip requests will be submitted to the Contractor s dispatch office by authorized VAPHS personnel. The Contractor shall provide the VAPHS with the communication method of contacting the Contractor on a twenty-four (24) hour per day basis. The Contracting Officer (CO) shall notify the Contractor if the proposed method of communication is not acceptable. The Contractor must ensure that passenger pick-ups and drop-offs are scheduled so that the total distance traveled will result in the most economical charge to the Government. While the required transportation may include trips to parts of Ohio, West Virginia, Maryland, Virginia, Washington DC, New York and New Jersey, the majority of the trips will be confined to Southwestern Pennsylvania, and most passengers will be VA hospital patients. It may be necessary on occasion for the Contractor to extend a trip beyond normal distances due to extenuating circumstances in order to avoid lengthy passenger wait times for alternate transportation. Contractor shall provide patient hand-off service for all patients to and from their designated appointments. Contractor is to transfer or hand-off the patient to the next person responsible for their care. Patients shall be picked up on the ward, in their homes, in the clinics, or at other areas designated by the VA and taken to the authorized destination or appointment. The contractor shall ensure that the patient is attended by an authorized responsible party at all times. The authorized responsible party may be the Contractor, VA employee, or family member depending on the stage of the trip (pre-appointment, appointment, or post-appointment). At no time shall the contractor leave the patient unattended. Assistance in maneuvering stairs and other barriers shall be provided by the driver when necessary. These services may need to be provided within or outside the home (i.e., from the door to the vehicle). When the patient is delivered to a destination (i.e., a clinic or other appointment), an authorized care giver or medical staff at the destination must be informed of the patient s arrival by the Contractor s driver or authorized attendant. The Contractor s driver shall observe the patient during transport. Any indication of a significant change in the patient s condition (i.e., sudden onset of rapid or labored respiration, complaints or chest pains, etc.) shall be communicated immediately to the VAPHS Emergency Room staff. Diversion from destination shall only be authorized by the COR, VAPHS Emergency Room staff, or the Administrative Officer of the Day (AOD). All diversions from destination, if authorized, shall be reported to the COR. Should the Contractor s driver encounter any problems with transporting of patients, the driver shall contact the COR, from 5:00 AM to 7:00 PM. During irregular tour of duty (7:00 PM to 5:00 AM), weekends or holidays, the driver shall contact the AOD at the Admissions Desk. VAPHS will provide a list of individuals (other than the COR) authorized to contact the Contractor. This notification is merely for information purposes. It does not replace internal contractor communications needed to solve the problem. Contractor s driver shall notify the COR, of any unusual events, including but not limited to accidents, safety problems, and other such incidents that occur, which involve any VA patient being transported under this contract. The COR shall be notified within one (1) hour of the occurrence of the incident(s) by telephone and, if requested by the COR and/or CO, a written report of the incident(s) will be delivered to the COR by close of business the next working day. This notification is merely for information purposes. It does not replace internal contractor communications needed to solve the problem. For trips originating at VAPHS: Authorized VAPHS personnel are authorized to phone in passenger transport requests to the Contractor and will provide the destination and passenger s first and last name. During off-peak hours, VAPHS Administrative Officer of the Day (AOD) has authorization to phone in passenger transport requests. Contractor will dispatch the trip to a driver who must respond within the 45 minute response time window. Passengers will give the taxi driver their voucher as payment for the trip. Trips must originate from Point A and end at Point B with no stops or deviations. Contractor taxi drivers will turn in their vouchers to their company s appointed representative at the end of each work day. For accounting purposes, the taxi company s appointed representative will add a 15% gratuity ($5.00 minimum) to the metered charges for each completed trip. The vouchers will be used to track the number of trips and contracted cost per trip by the Contractor. For trips not originating at VAPHS: VAPHS Transportation (or during off-peak times, the AOD) will contact the Contractor s dispatch office to request the trip. NOTE: Occasionally, some passengers arriving at GPIA will walk-up to contracted taxi drivers requesting transportation to VAPHS. Drivers should accommodate these walk up passengers, and notify their dispatcher of the trip. Contractor will dispatch the trip to a driver who must respond within the 45 minute response time window. Twenty (20) minutes for trips originating at GPIA. The driver will transport the passenger to a VAPHS destination. The driver will report to the VA Transportation Office or AOD Office to submit their copy of the Taxi Authorization Voucher. The driver will turn in copies of their vouchers to their company s appointed representative at the end of each work day. For accounting purposes, the taxi company s appointed representative will add a 15% gratuity ($5.00 minimum) to the metered charges for each completed trip. Vouchers will be used to track the number of trips and cost per trip by the Contractor. Section C Contractor Drivers: All Contractor s drivers shall be required to wear, in a readily observable area on the employee, a Contractor supplied photo identification badge containing the name of the driver or attendant, and the Contractor s business name, or company uniform, that is acceptable to the CO, which identifies the driver while performing any aspect of service prescribed in this contract. Records of each employee as to character (criminal background check performed) and physical capabilities (Health Certificate or statement of health from a private physician) must be maintained and made available to the CO upon request. The Contractor shall be responsible for appropriate driver screening and selection criteria when employing drivers. Such screening shall include but not limited to testing drivers for prohibited drug use and alcohol misuse, and a criminal background check to the maximum extent permitted by law. VAPHS may authorize a relative, service/guide dog, or other person deemed appropriate to accompany the passenger at no additional cost to the VAPHS when it is in the best interest of the passenger. VAPHS reserves the right to observe Contractor customer service at any time, and to inspect all Contractor vehicles used for the contract as well drivers taxi credentials. Violations may result in adverse action being taken against the Contractor. The following acts are not permissible by the Contractor that provide services under this contract or while on VA premises: Use of intoxicating liquors, narcotics or controlled substances of any kind (excluding doctor s prescriptions which do not impair driver s driving ability) while on duty. Also includes reporting for duty while under the influence of liquors, narcotics or controlled substances of any kind Gambling in any form. Smoking and other uses of tobacco while on duty. Both Patients and Contractor are prohibited from smoking in vehicle. Carrying of pistols, firearms or concealed weapons. Resorting to physical violence to settle a dispute with a fellow employee, patients, or the general public while on duty. Spitting in prohibited places or any other unsanitary, offensive, or insensitive practices or behavior. Use of loud, indecent, or profane language and/or making threatening or obscene gestures toward patients or other employees. Stopping for personal business, including excessive use of restroom facilities, while vehicle is occupied by a passenger. The driver shall not leave the vehicle with the key in the ignition at any time. Engaging patients in a verbal confrontation in an attempt to settle a disagreement. Should a disagreement arise, the driver shall contact his dispatcher/supervisor via the radio system. Soliciting or accepting tips from patients, companions, or others at any time. The VA reserves the right to remove any driver from transporting VA patients should he/she violate any terms of this contract. All Contractor s drivers shall maintain a valid operator or chauffeur s license, required to operate the type of vehicle necessary to perform the service, as required by the State of Pennsylvania. The Contractor shall provide, upon request of the CO, a copy of the valid license of all drivers performing under this contract. Contractor s drivers shall not text message while driving. See FAR 52.223-18, Encouraging Contractor Policies to Ban Text Messaging While Driving which in incorporated into FAR 52.212-5, Commercial Terms and Conditions. Section D Contractor Conduct: The VA places the highest priority on the treatment of its beneficiaries. The Contractor, Contractor s employees, and Contractor s representatives shall treat each patient with respect, concern and a professional approach to the Patient s dignity as an individual and as a patient. All communication, both verbal and non-verbal, by the Contractor s personnel, with and in the presence of the patient, shall be conducted in a professional manner. The Contractor shall conduct themselves in a professional manner while performing any aspect of service related to this contract at or on the grounds of the VAPHS. All VAPHS rules and regulations shall be adhered to by the Contractor while said persons are at or on the grounds of the medical center. Section E Orders: Requests for services will be recorded on the daily travel manifest and furnished to the Contractor via facsimile, electronically (e-mail) and/or telephone, by the COR, VAPHS, no later than 4:00 p.m. prior to the day the transportation is required. The Contractor will respond the same day by providing VAPHS with a confirmation number for each trip on the manifest. The following information shall be provided by the VA to the Contractor: Patient name (first and last) Pick up point (include address, telephone #, city, state, building and/or room number if applicable) Destination Time of pick up The Contractor will provide email confirmation to VAPHS Transportation within 10 minutes after the end of each trip. Confirmation notification must list the trip confirmation number in the subject line, and will be recorded by VAPHS Transportation to determine if the Contractor is meeting the scheduled pick-up and delivery requirements. No other method of delivery confirmation will be accepted. In the event that a patient misses his/her scheduled appointment due to pick up delay, the VA shall reschedule the trip at no cost to the VA. If additional charges are incurred by the VA for the rescheduled trip, the additional charges shall be the responsibility of the Contractor. The VA shall notify the Contractor when these cases are identified. The Contractor shall maintain a record of all trips (scheduled on the travel log or add-on) and provide a printed report that includes the patient s name, date and time of each trip, mileage, and/or any authorized additional charges. The printed report shall accompany the invoice for each billing cycle. The Contractor shall contact the COR with any questions, requests for clarification, or the need for additional information during the hours of 7:30 a.m. to 4:00 p.m. During irregular tour of duty (4:00 p.m. to 7:30 a.m.), the Contractor shall contact the AOD. The Contractor shall provide a breakdown no later than the 5th day of each month with the prior month s trips and associated costs (mileage, pick up time, drop off time) per patient. This report shall be in excel format and emailed to the COR at Harry.Taylor@va.gov. Requests for add-on trips (orders placed for same day service) not initially recorded on the travel log will be by telephone from the Dispatcher or AOD. If the Contractor fails to furnish services within a reasonable time (established as 45 minutes) after receiving an add-on request for an order, the VAPHS reserves the right to obtain the services from another source and to charge the Contractor with an excess cost which may result. In instances of add-on trips that are over 100 miles, the COR may allow some flexibility in the 45-minute response time. The VA will be the sole judge in determining when to order service from another source. In case of inclement weather, the decision as to whether or not a VA Patient will be transported will be made mutually by the COR and the Contractor. The Contractor shall notify the COR/Dispatcher, upon the COR/Dispatcher or (AOD s) request, of the estimated time of arrival for any vehicle in-route to pick-up a VA Patient or any VA loaded vehicle en-route to a specific destination. The Contractor shall also notify COR, by telephone, at least one-hour in advance in the event that the Contractor is unable to provide the scheduled or add-on trips within the time frame necessary for the VA Patient to maintain their scheduled appointment. Waiting Time - VAPHS will make every effort to alert the beneficiary to be ready and waiting for the arrival of the vehicle in order to reduce the lost time to the driver. Waiting time will not apply to the reasonable amount of time required for escorting the patient to the vehicle, loading and securing patient in vehicle, or unloading and delivering the patient to the authorized care giver or specified destination area. For time lost in waiting, at either end or both ends of a trip, due to causes beyond the control of the driver, the Contractor will be reimbursed at 30 minute increments per the schedule rate in the contract. The Contractor must call the COR and leave a voicemail (412-605-7918) after waiting 15 minutes to be reimbursed for the wait. The Contractor will not be reimbursed if there is no phone call to the COR. If the COR or AOD, authorizes the Contractor to transport more than one patient on a trip to the same destination or separate destinations, reimbursement will be made at the rate not exceeding the cost of transporting a single patient. However, the longest distance over which a patient is transported may be claimed when more than one patient is transported concurrently. The Contractor must ensure that the pick-ups and drop-offs are scheduled so that the total distance traveled will result in the most economical charge to the Government. Section F- Patient Privacy and Confidentiality: Contractor shall maintain the confidentiality of all patient information and records associated with the performance of this contract and adhere to all applicable laws related to patient privacy and confidentiality. Section G Vehicles: Each vehicle used in the performance of this contract must meet all State and Local Laws, ordinances, codes, rules and regulations. Taxi transport vehicles shall be of model and make to insure safe and comfortable transport of passengers. Each vehicle and all accessories and systems must be clean and shall meet all maintenance standards of the manufacturer. All preventive maintenance shall be documented and records provided upon request by the CO/COR. Taxis must be designed so that patients can be restrained by a seat belt at all times when the vehicle is in motion. All vehicles shall be equipped to allow for direct communication, at all times, between the drivers and staff of the VAPHS. This equipment may be mobile telephone, cellular telephone, or radio dispatch which would allow linking to the VAPHS by telephone. The Contractor shall provide any telephone numbers or special access codes or devices to Travel Section in order to comply with the provision for direct communication. All vehicles shall be equipped with properly functioning heater and/or air conditioning, with adequate capacity to maintain the comfort level of the patient during transport. Contractor shall not place a vehicle into service under this contract that does not protect the patient from outside temperatures that are not suitable for the patient s well-being. All vehicles shall be equipped with secured fire extinguishers, first aid kits, and two (2) flashlights that are readily available and operable for use in event of an emergency. Each vehicle shall contain a minimum of two (2) sanitary blankets. All vehicles shall be well maintained in a clean and orderly condition. Vehicles must be free from physical damage, odor, debris and accumulation (which may constitute an accident or fire hazard). Each vehicle shall have a daily maintenance/safety checklist. Checklists shall be maintained at the Contractor s establishment and made available for inspection upon request. All vehicles shall be smoke free and provide the proper ventilation for the patient. All vehicles shall be maintained with a professional appearance that is representative of the services being performed on behalf of the Department of Veterans Affairs. The CO/COR reserves the right to prohibit specific vehicles from being used to perform transportation services under this contract. This determination will be at the sole discretion of the CO and will be based on documented evidence. Section H Contractor s Quality Control Program (QCP): The Contractor shall establish and maintain a QCP to ensure all contract requirements are met. The Contractor s QCP shall include the following at a minimum: An inspection plan covering all services required by this contract. The inspection plan must specify the areas to be inspected on either a scheduled or unscheduled basis and how often inspections will be accomplished and documented, and the title of the individual(s) who will perform the inspections. On-site records of all inspections conducted by the Contractor noting necessary corrective action taken. The Government reserves the right to request copies of any and/or each inspection. The methods for identifying and preventing deficiencies in the quality of service performed before the level of performance becomes unacceptable and organizational functions noting intermediate supervisory responsibilities and overall management responsibilities for ensuring total acceptable performance. The Contractor shall maintain on-site records of all vehicle maintenance and repairs performed on vehicles used in the performance of this contract. The Contractor shall institute methods to identify and prevent vehicle breakdowns, with detailed procedure for alternative transportation of patients in the event of mechanical breakdown of vehicle. The Contractor shall maintain on-site records identifying the character, physical capabilities, certifications and ongoing training of each employee performing services under this contract. The Contractor shall have methods of identifying and preventing radio communication breakdowns and provide a detailed procedure for alternative communications in the event of electronic and mechanical breakdown. The Contractor shall maintain on-site records of any complaints or problems with procedures taken to allow for corrections and/or elimination before effects cause interruption of contract performance. Any complaints or issues shall be reported to the COR. The Contractor shall participate in quarterly scheduled and/or unscheduled conference calls with the VA representatives to provide a report of on-going operational issues. The Contractor shall have a system that verifies the licenses and driving records of individuals operating the vehicles. The Contractor shall make this information available for review by the VA upon request. Section I Performance Standards: Contractor must meet required contract requirements. If the contractor fails to meet contract requirements and circumstances that are not deemed outside of the driver s control by the COR, the VA reserves the right to withhold payment for that trip. Contractor must maintain a 99% customer satisfaction rate per 100 trips to be considered as providing acceptable performance. Acceptable performance is considered as having no more than one (1) valid complaint per 100 trips. Validity of complaint is to be determined by the COR. Performance tracking will be monitored by the COR on a quarterly basis. (See Quality Assurance Surveillance Plan in Section N). Section J Contract Administration: The Contractor shall contact the CO on any changes to this contract. Only the CO is authorized to make commitments to issue changes that will affect the price, quantity, quality, or delivery terms of this contract. The CO is Mark Ryan Andrews, Mark.Andrews3@va.gov. The CO Representative (COR) shall be the primary point of contact for all other matters. The COR on this contract is Harry Taylor, Harry.Taylor@va.gov. Evidence of Insurance Coverage - Before award of the contract, the Contractor shall furnish to the CO a Certificate of Insurance that is in compliance with the State requirements for the State of contract performance. Insurance shall contain an endorsement to the effect that cancellation of, or any material change in, the policies which adversely affect the interest of the Government in such insurance, shall not be effective unless a 30-day written notice of cancellation or change is furnished the CO. Invoicing - The Contractor shall coordinate billing arrangements with the COR bi-monthly on the 1st and 15th. Billing documents shall include a printed report that shall contain the contract number, date, time, patient s name and address, mileage, etc. The COR will forward the certified invoices to the Manager, Financial Services, for transmittal to the Austin Payment Center, Austin, Texas. Invoices shall be submitted monthly. The Contractor shall maintain a log, which will show pickup point, destination, and departure/arrival times if waiting time is claimed. If detours are encountered due to road construction or other obstruction, invoice shall be so noted. The Contractor shall provide a breakdown no later than the 5th of each month with the prior months trips and associated costs (mileage, pick up time, drop off time) per patient. This report shall be in Excel format and emailed to the COR at Harry.Taylor@va.gov. Section K - HIPAA Compliance: As a covered entity, the Department of Veterans Affairs (VA) is required by law to obtain satisfactory assurance of a Business Associate and that the Business Associate appropriately safeguards protected health information it receives or creates on behalf of the covered entity. Contractors and any subcontracts must adhere to the provisions of Public Law 104-191, Health Insurance Portability and Accountability Act (HIPAA) of 1996 to include the Administrative Simplification Provisions of the law and associated rules and regulations published by the Department of Health and Human Services (HHS). The Contractor shall comply with all HIPAA-related rules and regulations to include Electronic Transactions, the Standards for Privacy of Individually Identifiable Health Information, and the Security Standards. This includes both the Privacy and Security Rules published by the Department of Health and Human Services (HHS). As required by HIPAA, HHS has promulgated rules governing the use and disclosure of protected health information by covered entities. The covered entity component of the Department Veterans Affairs is the Veterans Health Administration (VHA). In accordance with HIPAA, the Contractor will be required to enter in to a Business Associate Agreement (BAA) with VHA. Business associates must follow VHA privacy policies and practices. All Contractors and business associates must receive privacy training annually. For Contractors and business associates who do not have access to VHA computer systems, this requirement is met by completing VHA National Privacy Policy training, other VHA approved privacy training or Contractor furnished training that meets the requirements of HHS Standards for Privacy of Individually Identifiable Health information as determined by VHA. For Contractors and business associates who are granted access to VHA computer systems, this requirement is met by completing VHA National Privacy Policy training or other VHA approved privacy training. Proof of training is required. Any violation of HIPAA will be reported to the CO in writing within twenty-four (24) hours of the Contractor s discovery of an occurrence. Included in the report will be a description of the occurrence, patient names (if known), location, date and time. A copy of any filed police report will be provided by the Contractor to the CO within twenty-four (24) hours of completion. Section L - Contractor Personnel Security Requirements: VA Information and Information System Security/Privacy (Inserts from VA Handbook 6500.6 Appendix C, Paragraphs 3, 6, 7 and 9). VA Information Custodial Language Information made available to the Contractor or subcontract by VA for the performance or administration of this Contract or information developed by the Contractor/subcontract in performance or administration of the Contract shall be used only for those purposes and shall not be used in any other way without the prior written agreement of the VA. This clause expressly limits the Contractor/subcontract's rights to use data as described in Rights in Data - General, FAR 52.227-14(d) (1). Prior to termination or completion of this Contract, Contractor/subcontract must not destroy information received from VA, or gathered/created by the Contractor in the course of performing this Contract without prior written approval by the VA. Any data destruction done on behalf of VA by a Contractor/subcontract must be done in accordance with National Archives and Records Administration (NARA) requirements as outlined in VA Directive 6300, Records and Information Management and its Handbook 6300.1 Records Management Procedures, applicable VA Records Control Schedules, and VA Handbook 6500.1, Electronic Media Sanitization. Self-certification by the Contractor that the data destruction requirements above have been met must be sent to the VA CO within 30 days of termination of the Contract. The Contractor/subcontract must receive, gather, store, back up, maintain, use, disclose and dispose of VA information only in compliance with the terms of the Contract and applicable Federal and VA information confidentiality and security laws, regulations and policies. If Federal or VA information confidentiality and security laws, regulations and policies become applicable to the VA information or information systems after execution of the Contract, or if NIST issues or updates applicable FIPS or Special Publications (SP) after execution of this Contract, the parties agree to negotiate in good faith to implement the information confidentiality and security laws, regulations and policies in this Contract. The Contractor/subcontract shall not make copies of VA information except as authorized and necessary to perform the terms of the agreement or to preserve electronic information stored on Contractor/subcontract electronic storage media for restoration in case any electronic equipment or data used by the Contractor/subcontract needs to be restored to an operating state. If copies are made for restoration purposes, after the restoration is complete, the copies must be appropriately destroyed. If VA determines that the Contractor has violated any of the information confidentiality, privacy, and security provisions of the Contract, it shall be sufficient grounds for VA to withhold payment to the Contractor or third party or terminate the Contract for default or terminate for cause under Federal Acquisition Regulation (FAR) part 12. If a VHA contract is terminated for cause, the associated BAA must also be terminated and appropriate actions taken in accordance with VHA Handbook 1600.01, Business Associate Agreements. Absent an agreement to use or disclose protected health information, there is no business associate relationship. Except for uses and disclosures of VA information authorized by this Contract for performance of the Contract, the Contractor/subcontract may use and disclose VA information only in two other situations: (i) in response to a qualifying order of a court of competent jurisdiction, or (ii) with VA s prior written approval. The Contractor/subcontract must refer all requests for, demands for production of, or inquiries about, VA information and information systems to the VA CO for response. Notwithstanding the provision above, the Contractor/subcontract shall not release VA records protected by Title 38 U.S.C. 5705, confidentiality of medical quality assurance records and/or Title 38 U.S.C. 7332, confidentiality of certain health records pertaining to drug addiction, sickle cell anemia, alcoholism or alcohol abuse, or infection with human immunodeficiency virus. If the Contractor/subcontract is in receipt of a court order or other requests for the above mentioned information, that Contractor/subcontract shall immediately refer such court orders or other request to the VA CO for response. Security Incident Investigation The term security incident means an event that has, or could have, resulted in unauthorized access to, loss or damage to VA assets, or sensitive information, or an action that breaches VA security procedures. The Contractor/subcontract shall immediately notify the COR and simultaneously, the designated ISO and Privacy Officer for the Contract of any known or suspected security/privacy incidents, or any unauthorized disclosure of sensitive information, including that contained in system(s) to which the Contractor/subcontract has access. To the extent known by the Contractor/subcontract, the Contractor/subcontract s notice to VA shall identify the information involved, the circumstances surrounding the incident (including to whom, how, when, and where the VA information or assets were placed at risk or compromised), and any other information that the Contractor/subcontract considers relevant. Liquidated Damages for Data Breach Consistent with the requirements of 38 U.S.C. §5725, a Contract may require access to sensitive personal information. If so, the Contractor is liable to VA for liquidated damages in the event of a data breach or privacy incident involving any SPI the Contractor/subcontract processes or maintains under this Contract. The Contractor/subcontract shall provide notice to VA of a security incident as set forth in the Security Incident Investigation section above. Upon such notification, VA must secure from a non-Department entity or the VA Office of Inspector General an independent risk analysis of the data breach to determine the level of risk associated with the data breach for the potential misuse of any sensitive personal information involved in the data breach. The term 'data breach' means the loss, theft, or other unauthorized access, or any access other than that incidental to the scope of employment, to data containing sensitive personal information, in electronic or printed form, that results in the potential compromise of the confidentiality or integrity of the data. Contractor shall fully cooperate with the entity performing the risk analysis. Failure to cooperate may be deemed a material breach and grounds for Contract termination. Each risk analysis shall address all relevant information concerning the data breach, including the following: Nature of the event (loss, theft, unauthorized access; Description of the event, including; date of occurrence; data elements involved, including any PII, such as full name, social security number, date of birth, home address, account number, disability code; Number of individuals affected or potentially affected; Names of individuals or groups affected or potentially affected; Ease of logical data access to the lost, stolen or improperly accessed data in light of the degree of protection for the data, e.g., unencrypted, plain text; Amount of time the data has been out of VA control; The likelihood that the sensitive personal information will or has been compromised (made accessible to and usable by unauthorized persons); Known misuses of data containing sensitive personal information, if any; Assessment of the potential harm to the affected individuals; Data breach analysis as outlined in 6500.2 Handbook, Management of Security and Privacy Incidents, as appropriate; and Whether credit protection services may assist record subjects in avoiding or mitigating the results of identity theft based on the sensitive personal information that may have been compromised. Based on the determinations of the independent risk analysis, the Contractor shall be responsible for paying to the VA liquidated damages in the amount of $ 37.50 per affected individual to cover the cost of providing credit protection services to affected individuals consisting of the following: Notification; One year of credit monitoring services consisting of automatic daily monitoring of at least 3 relevant credit bureau reports; Data breach analysis; Fraud resolution services, including writing dispute letters, initiating fraud alerts and credit freezes, to assist affected individuals to bring matters to resolution; One year of identity theft insurance with $20,000.00 coverage at $0 deductible; and Necessary legal expenses the subjects may incur to repair falsified or damaged credit records, histories, or financial affairs. Training All Contractor employees and subcontract employees requiring access to VA information and VA information systems shall complete the following before being granted access to VA information and its systems: Sign and acknowledge (either manually or electronically) understanding of and responsibilities for compliance with the Contractor Rules of Behavior, Appendix E relating to access to VA information and information systems; Successfully complete the VA Cyber Security Awareness and Rules of Behavior training and annually complete required security training; Successfully complete the appropriate VA privacy training and annually complete required privacy training; and Successfully complete any additional cyber security or privacy training, as required for VA personnel with equivalent information system access [to be defined by the VA program official and provided to the CO for inclusion in the solicitation document e.g., any role-based information security training required in accordance with NIST Special Publication 800-16, Information Technology Security Training Requirements.] The Contractor shall provide to the CO and/or the COR a copy of the training certificates and certification of signing the Contractor Rules of Behavior for each applicable employee within 1 week of the initiation of the contract and annually thereafter, as required. Failure to complete the mandatory annual training and sign the Rules of Behavior annually, within the timeframe required, is grounds for suspension or termination of all physical or electronic access privileges and removal from work on the contract until such time as the training and documents are complete. Required Documentation: CONTRACTOR RULES OF BEHAVIOR This User Agreement contains rights and authorizations regarding my access to and use of any information assets or resources associated with my performance of services under the contract terms with the Department of Veterans Affairs (VA). This User Agreement covers my access to all VA data whether electronic or hard copy ("Data"), VA information systems and resources ("Systems"), and VA sites ("Sites"). This User Agreement incorporates Rules of Behavior for using VA, and other information systems and resources under the contract. GENERAL TERMS AND CONDITIONS FOR ALL ACTIONS AND ACTIVITIES UNDER THE CONTRACT: I understand and agree that I have no reasonable expectation of privacy in accessing or using any VA, or other Federal Government information systems. I consent to reviews and actions by the Office of Information & Technology (OI&T) staff designated and authorized by the VA Chief Information Officer (CIO) and to the VA OIG regarding my access to and use of any information assets or resources associated with my performance of services under the contract terms with the VA. These actions may include monitoring, recording, copying, inspecting, restricting access, blocking, tracking, and disclosing to all authorized OI&T, VA, and law enforcement personnel as directed by the VA CIO without my prior consent or notification. I consent to reviews and actions by authorized VA systems administrators and Information Security Officers solely for protection of the VA infrastructure, including, but not limited to monitoring, recording, auditing, inspecting, investigating, restricting access, blocking, tracking, disclosing to authorized personnel, or any other authorized actions by all authorized OI&T, VA, and law enforcement personnel. I understand and accept that unauthorized attempts or acts to access, upload, change, or delete information on Federal Government systems; modify Federal government systems; deny access to Federal government systems; accrue resources for unauthorized use on Federal government systems; or otherwise misuse Federal government systems or resources are prohibited. I understand that such unauthorized attempts or acts are subject to action that may result in criminal, civil, or administrative penalties. This includes penalties for violations of Federal laws including, but not limited to, 18 U.S.C. §1030 (fraud and related activity in connection with computers) and 18 U.S.C. §2701 (unlawful access to stored communications). I agree that OI&T staff, in the course of obtaining access to information or systems on my behalf for performance under the contract, may provide information about me including, but not limited to, appropriate unique personal identifiers such as date of birth and social security number to other system administrators, Information Security Officers (ISOs), or other authorized staff without further notifying me or obtaining additional written or verbal permission from me. I understand I must comply with VA s security and data privacy directives and handbooks. I understand that copies of those directives and handbooks can be obtained from the COR. If the Contractor believes the policies and guidance provided by the COR is a material unilateral change to the contract, the Contractor must elevate such concerns to the CO for resolution. I will report suspected or identified information security/privacy incidents to the COR and to the local ISO or Privacy Officer as appropriate. GENERAL RULES OF BEHAVIOR Rules of Behavior are part of a comprehensive program to provide complete information security. These rules establish standards of behavior in recognition of the fact that knowledgeable users are the foundation of a successful security program. Users must understand that taking personal responsibility for the security of their computer and the information it contains is an essential part of their job. The following rules apply to all VA Contractors. I agree to: Follow established procedures for requesting, accessing, and closing user accounts and access. I will not request or obtain access beyond what is normally granted to users or by what is outlined in the contract. Use only systems, software, databases, and data which I am authorized to use, including any copyright restrictions. I will not use other equipment (OE) (non-Contractor owned) for the storage, transfer, or processing of VA sensitive information without a VA CIO approved waiver, unless it has been reviewed and approved by local management and is included in the language of the contract. If authorized to use OE IT equipment, I must ensure that the system meets all applicable 6500 Handbook requirements for OE. Not use my position of trust and access rights to exploit system controls or access information for any reason other than in the performance of the contract. Not attempt to override or disable security, technical, or management controls unless expressly permitted to do so as an explicit requirement under the contract or at the direction of the COR or ISO. If I am allowed or required to have a local administrator account on a government-owned computer, that local administrative account does not confer me unrestricted access or use, nor the authority to bypass security or other controls except as expressly permitted by the VA CIO or CIO's designee. Contractors use of systems, information, or sites is strictly limited to fulfill the terms of the contract. I understand no personal use is authorized. I will only use other Federal government information systems as expressly authorized by the terms of those systems. I accept that the restrictions under ethics regulations and criminal law still apply. Grant access to systems and information only to those who have an official need to know. Protect passwords from access by other individuals. Create and change passwords in accordance with VA Handbook 6500 on systems and any devices protecting VA information as well as the rules of behavior and security settings for the particular system in question. Protect information and systems from unauthorized disclosure, use, modification, or destruction. I will only use encryption that is FIPS 140-2 validated to safeguard VA sensitive information, both safeguarding VA sensitive information in storage and in transit regarding my access to and use of any information assets or resources associated with my performance of services under the contract terms with the VA. Follow VA Handbook 6500.1, Electronic Media Sanitization to protect VA information. I will contact the COR for policies and guidance on complying with this requirement and will follow the COR's orders. Ensure that the COR has previously approved VA information for public dissemination, including e-mail communications outside of the VA as appropriate. I will not make any unauthorized disclosure of any VA sensitive information through the use of any means of communication including but not limited to e-mail, instant messaging, online chat, and web bulletin boards or logs. Not host, set up, administer, or run an Internet server related to my access to any use of any information assets or resources associated with my performance of services under the contract terms with the VA unless explicitly authorized under the contract or in writing by the COR. Protect government property from theft, destruction, or misuse. I will follow VA directives and handbooks on handling Federal government IT equipment, information, and systems. I will not take VA sensitive information from the workplace without authorization from the COR. Only use anti-virus software, antispyware, and firewall/intrusion detection software authorized by VA. I will contact the COR for policies and guidance on complying with this requirement and will follow the COR's orders regarding my access to and use of any information assets or resources associated with my performance of services under the contract terms with VA. Not disable or degrade the standard anti-virus software, antispyware, and/or firewall/intrusion detection software on the computer I use to access and use information assets or resources associated with my performance of services under the contract terms with VA. I will report anti-virus, antispyware, firewall or intrusion detection software errors, or significant alert messages to the COR. Understand that restoration of service of any VA system is a concern of all users of the system. Complete required information security and privacy training, and complete required training for the particular systems to which I require access. ADDITIONAL CONDITIONS FOR USE OF NON- VA INFORMATION TECHNOLOGY RESOURCES When required to complete work under the contract, I will directly connect to the VA network whenever possible. If a direct connection to the VA network is not possible, then I will use VA approved remote access software and services. Remote access to non-public VA information technology resources is prohibited from publicly-available IT computers, such as remotely connecting to the internal VA network from computers in a public library. I will not have both a VA network line and any kind of non-VA network line including a wireless network card, modem with phone line, or other network device physically connected to my computer at the same time, unless the dual connection is explicitly authorized by the COR. I understand that I may not obviate or evade my responsibility to adhere to VA security requirements by subcontracting any work under any given contract or agreement with VA, and that any subcontract(s) I engage shall likewise be bound by the same security requirements and penalties for violating the same. STATEMENT ON LITIGATION This User Agreement does not and should not be relied upon to create any other right or benefit, substantive or procedural, enforceable by law, by a party to litigation with the United States Government. ACKNOWLEDGEMENT AND ACCEPTANCE I acknowledge receipt of this User Agreement. I understand and accept all terms and conditions of this User Agreement, and I will comply with the terms and conditions of this agreement and any additional VA warning banners, directives, handbooks, notices, or directions regarding access to or use of information systems or information. The terms and conditions of this document do not supersede the terms and conditions of the signatory s employer and VA. __________________________________ ________________________ Print or type your full name Signature __________________________________ ________________________ Last 4 digits of SSN Date __________________________________ _________________________ Office Phone Position Title __________________________________ Please complete and return the original signed Contractor s Company Name document to the COR within the timeframe stated in the terms of the contract. Additional Security Requirement: HIPAA-Focused Training" prior to the performance of the contract and annually thereafter. Training must be completed in VA s Talent Management System (TMS) (https://www.tms.va.gov/). Certification of Completion is required to be provided to COR and CO for each employee working on this contract. Section M - Rates: Payment for mileage traveled will be limited to one way only, which is the distance over which the passenger is transported. The taxi company will strictly charge by metered rates in effect and as set by the Pennsylvania Public Utilities Commission (PA - PUC) at the time of the trip. Trip rates are not negotiable. A 15% gratuity will be added to the metered charges and invoiced accordingly with a $5.00 minimum gratuity for each trip. The passenger is not obligated to tip the driver but may choose to do so and this need not be recorded or offset against the invoice. At no time during these trips should the taxi driver request ANY fees from passengers. The taxi company will submit invoices monthly in arrears, based on the vouchers they receive from participants. The taxi company shall retain, and will submit upon request, copies of vouchers documenting each trip invoiced to the VAPHS. It is estimated that approximately 400 trips per month will be completed. The contractor will be paid for any on-the-spot cancellation. Meaning: driver goes to the door and passenger or caretaker cancels the appointment, or doesn't answer the door. After 15 minutes this is considered a dry run. The contractor will be paid for the full length of the trip. Meaning: from the time the driver picks up the passenger until the passenger is dropped off at their destination. The contractor will not be paid for the miles for the return trip once the patient is dropped off. Meaning: once the patient is dropped off the run is completed and the return trip is considered dead miles. The driver will start the meter once the passenger enters the taxi. The Contractor will not get paid for any trips that do include a voucher. Trip mileage under the contract shall be determined by using Internet web site applications such as Google Maps, Yahoo Maps, Map Quest, or other Internet mileage application. Disputes concerning mileage discrepancies between the VAPHS and the Contractor shall be resolved by the Contracting Officer, who will render their decision in writing, subject to provisions of the disputes clause of this contract. Section N Billing Requirements: The Contractor will provide under a company coversheet by the fifth day of each month all required billing documents for the previous month. Billing documents will consist of all trip logs and a spreadsheet summary of all trips in the log in sequential order. Trip logs must include the following: Activity period header and customer name Trip request call date and time Authorized VAPHS contact name and extension Name of dispatcher receiving the request Scheduled pick-up date and time (if pre-scheduled) Trip confirmation number Date and time trip was assigned Maps application provided distance information (mileage estimate from Google Maps, Yahoo Maps, etc.) Base fare amount and total fare amount with tip added Driver s name List of stops (pick up and drop off addresses) Date and time - Load Date and time - Done Car (taxi) number Contractor operating zone identification number Spreadsheet summary (in MS Excel format) must include: Date of transport Time of transport Patient s first and last name Trip identification number Fare amount Tip amount Total fare Authorized VAPHS contact name From address To address Cab number Driver s name Irregular charge justification Failure to provide the required billing documents on time and in the required format may result in late payment to the Contractor. Submission of the taxi meter voucher is not required. Section N Quality Assurance Surveillance Plan (QASP): Contractor s name: Upon award, Government will enter Contractor s name (hereafter referred to as the Contractor). PURPOSE This QASP provides a systematic method to evaluate performance for the stated contract. This QASP explains the following: What will be monitored How monitoring will take place Who will conduct the monitoring How monitoring efforts and results will be documented This QASP does not detail how the Contractor accomplishes the work. Rather, the QASP is created with the premise that the Contractor is responsible for management and quality control actions to meet the terms of the contract. It is the Government s responsibility to be objective, fair, and consistent in evaluating performance. This QASP is a living document and the Government may review and revise it on a regular basis. However, the Government shall coordinate changes with the Contractor. Copies of the original QASP and revisions shall be provided to the Contractor and Government officials implementing surveillance activities. GOVERNMENT ROLES AND RESPONSIBILITIES The following personnel shall oversee and coordinate surveillance activities: The CO shall ensure performance of all necessary actions for effective contracting, ensure compliance with the contract terms, and shall safeguard the interests of the United States in the contractual relationship. The CO shall also assure that the Contractor receives impartial, fair, and equitable treatment under this contract. The CO is ultimately responsible for the final determination of the adequacy of the Contractor s performance. The COR is responsible for technical administration of the contract and shall assure proper Government surveillance of the Contractor s performance. The COR shall keep a quality assurance file. The COR is not empowered to make any contractual commitments or to authorize any contractual changes on the Government s behalf. CONTRACTOR REPRESENTATIVES The following employees of the Contractor serve as the Contractor s program manager for this contract. Program Manager Government will enter name upon contract award. Other Contractor Personnel - Government will enter other names upon contract award.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/VA/PiVAMC646/PiVAMC646/VA24417Q1473/listing.html)
 
Document(s)
Attachment
 
File Name: VA244-17-Q-1473 VA244-17-Q-1473.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=3708636&FileName=VA244-17-Q-1473-000.docx)
Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=3708636&FileName=VA244-17-Q-1473-000.docx

 
Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 
Record
SN04612015-W 20170805/170803233129-a5867a1efa31ce4c1be93aac56fffbc2 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.