DOCUMENT
J -- Notice of Intent to Sole Source Portable XRay maintenance (5 Year) - Attachment
- Notice Date
- 6/22/2018
- Notice Type
- Attachment
- NAICS
- 811219
— Other Electronic and Precision Equipment Repair and Maintenance
- Contracting Office
- Department of Veterans Affairs;Network Contracting Office 4
- Solicitation Number
- 36C24418Q9292
- Archive Date
- 6/27/2018
- Point of Contact
- Andrew L Taylor
- E-Mail Address
-
285-2533<br
- Small Business Set-Aside
- N/A
- Description
- Summary of the Statement of Work Annual Maintenance and Repairs of Siemens Mobile X-Ray Mobilett Mira Max - Shared Service Expert Contractor is required to provide: Daily coverage from 8 am to 5 pm Monday through Friday. Phone response time of 60 minute or less. On-Site response by next day. Parts delivery by next day when ordered by 6 pm. Provide mobile FD coverage WFD The following item also need to be covered during the contract period: Mobilett Tube Coverage, Monitor Coverage, Updates, Technical Phone Support, Application Hotline Phone Support, Service SW Access Advanced, Technical Training Discount, Annual Agreement Review, Siemens Remote Services, Knowledge Database Access, and LifeNet Access. Flat panel detector for each radiographic room will be fully covered in this agreement. Any damage that occurs due to accidental damage, such as dropping, shall also be covered in this agreement. Contractor must provide an immediate replacement or a loaner while our detector is being repaired. Applications Support for the Radiology staff is required from the contractor. If the Radiology staff has questions concerning equipment operation and/or how to perform a radiological exam, the contractor will provide that support. VA INFORMATION CUSTODIAL LANGUAGE: Information made available to the contractor or subcontractor by VA for the performance or administration of this contract or information developed by the contractor/subcontractor in performance or administration of the contract shall be used only for those purposes and shall not be used in any other way without the prior written agreement of the VA. This clause expressly limits the contractor/subcontractor's rights to use data as described in Rights in Data General, FAR 52.227-14(d) (1). INFORMATION SYSTEM HOSTING, OPERATION, MAINTENANCE, OR USE: Bio-Medical devices and other equipment or systems containing media (hard drives, optical disks, etc.) with VA sensitive information must not be returned to the vendor at the end of lease, for trade-in, or other purposes. The options are: Vendor must accept the system without the drive; VA s initial medical device purchase includes a spare drive which must be installed in place of the original drive at time of turn-in; or VA must reimburse the company for media at a reasonable open market replacement cost at time of purchase. Due to the highly specialized and sometimes proprietary hardware and software associated with medical equipment/systems, if it is not possible for the VA to retain the hard drive, then; The equipment vendor must have an existing BAA if the device being traded in has sensitive information stored on it and hard drive(s) from the system are being returned physically intact; and Any fixed hard drive on the device must be non-destructively sanitized to the greatest extent possible without negatively impacting system operation. Selective clearing down to patient data folder level is recommended using VA approved and validated overwriting technologies/methods/tools. Applicable media sanitization specifications need to be preapproved and described in the purchase order or contract. A statement needs to be signed by the Director (System Owner) that states that the drive could not be removed and that (a) and (b) controls above are in place and completed. The Information Security Officer (ISO) needs to maintain the documentation. SECURITY INCIDENT INVESTIGATION: The term security incident means an event that has, or could have, resulted in unauthorized access to, loss or damage to VA assets, or sensitive information, or an action that breaches VA security procedures. The contractor/subcontractor shall immediately notify the COR and simultaneously, the designated ISO and Privacy Officer for the contract of any known or suspected security/privacy incidents, or any unauthorized disclosure of sensitive information, including that contained in system(s) to which the contractor/subcontractor has access. LIQUIDATED DAMAGES FOR DATA BREACH: Consistent with the requirements of 38 U.S.C. §5725, a contract may require access to sensitive personal information. If so, the contractor is liable to VA for liquidated damages in the event of a data breach or privacy incident involving any SPI the contractor/subcontractor processes or maintains under this contract. Based on the determinations of the independent risk analysis, the contractor shall be responsible for paying to the VA liquidated damages in the amount of $37.50 per affected individual to cover the cost of providing credit protection services to affected individuals consisting of the following: Notification; One year of credit monitoring services consisting of automatic daily monitoring of at least 3 relevant credit bureau reports; Data breach analysis; Fraud resolution services, including writing dispute letters, initiating fraud alerts and credit freezes, to assist affected individuals to bring matters to resolution; One year of identity theft insurance with $20,000.00 coverage at $0 deductible; and Necessary legal expenses the subjects may incur to repair falsified or damaged credit records, histories, or financial affairs. TRAINING: All contractor employees and subcontractor employees requiring access to VA information and VA information systems shall complete the following before being granted access to VA information and its systems: Sign and acknowledge (either manually or electronically) understanding of and responsibilities for compliance with the Contractor Rules of Behavior, Appendix E relating to access to VA information and information systems; Successfully complete the VA Cyber Security Awareness and Rules of Behavior training and annually complete required security training; Successfully complete the appropriate VA privacy training and annually complete required privacy training; and Successfully complete any additional cyber security or privacy training, as required for VA personnel with equivalent information system access The contractor shall provide to the contracting officer and/or the COR a copy of the training certificates and certification of signing the Contractor Rules of Behavior for each applicable employee within 1 week of the initiation of the contract and annually thereafter, as required. Failure to complete the mandatory annual training and sign the Rules of Behavior annually, within the timeframe required, is grounds for suspension or termination of all physical or electronic access privileges and removal from work on the contract until such time as the training and documents are complete.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/VA/PiVAMC646/PiVAMC646/36C24418Q9292/listing.html)
- Document(s)
- Attachment
- File Name: 36C24418Q9292 36C24418Q9292.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=4419514&FileName=36C24418Q9292-000.docx)
- Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=4419514&FileName=36C24418Q9292-000.docx
- Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
- File Name: 36C24418Q9292 36C24418Q9292.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=4419514&FileName=36C24418Q9292-000.docx)
- Record
- SN04965430-W 20180624/180622230827-5b0cdadbacaa307a20d6a676cf608e04 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |