Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF SEPTEMBER 12, 2019 FBO #6500
SOLICITATION NOTICE

65 -- Gastroenterology BPA Call

Notice Date
9/10/2019
 
Notice Type
Combined Synopsis/Solicitation
 
NAICS
339113 — Surgical Appliance and Supplies Manufacturing
 
Contracting Office
Department of the Navy, Bureau of Medicine and Surgery, Naval Medical Center Portsmouth, 54 Lewis Minor St, Portsmouth, Virginia, 23708-2297, United States
 
ZIP Code
23708-2297
 
Solicitation Number
N0018319Q0167
 
Archive Date
9/30/2019
 
Point of Contact
Harold D Woodley, Phone: 757-953-7276, Christopher S. Ward, Phone: 757-953-3412
 
E-Mail Address
harold.d.woodley.civ@mail.mil, christopher.s.ward1.civ@mail.mil
(harold.d.woodley.civ@mail.mil, christopher.s.ward1.civ@mail.mil)
 
Small Business Set-Aside
N/A
 
Description
Section A - Solicitation/Contract Form CONTRACTOR INFORMATION THIS IS AN INFORMATION NOTICE ONLY - NO AWARD WILL BE MADE FROM THIS NOTIFICATION. This is an announcement that the Government intends to issue a call against an existing Blanket Purchase Agreement (BPA) for Gastroenterology Clinic consignment items used at the the Naval Medical Center Portsmouth Virginia. The call will be placed against Naval Medical Center Portsmouth's BPA N0018317A0003. The Call will be issued for a total amount of $90,000.00 covering the period October 1 - December 31, 2019. Section B - Supplies or Services and Prices ITEM NO SUPPLIES/SERVICES QUANTITY UNIT UNIT PRICE AMOUNT 0001 1 Quarter Gastroenterology consignment items for FFP the period 01 Oct 19 through 31 Dec 19 FOB: Destination MILSTRIP: N0018320RCGE003 PURCHASE REQUEST NUMBER: N0018320RCGE003 PSC CD: 6515 NET AMT Section C - Descriptions and Specifications CONTRACTOR UNCLASSIFIED ACCESS Contractor Unclassified Access to Federally Controlled Facilities, Sensitive Information, Information Technology (IT) Systems or Protected Health Information (Jan 2017) Homeland Security Presidential Directive (HSPD)-12, requires government agencies to develop and implement Federal security standards for Federal employees and contractors. The Deputy Secretary of Defense Directive-Type Memorandum (DTM) 08-006 - "DoD Implementation of Homeland Security Presidential Directive - 12 (HSPD-12)" dated November 26, 2008 (or its subsequent DoD instruction) directs implementation of HSPD-12. This clause is in accordance with HSPD-12 and its implementing directives. APPLICABILITY This text applies to contractor employees requiring physical access to any area of a federally controlled base, facility or activity and/or requiring access to a DoN or DoD computer/network/system to perform certain unclassified sensitive duties. This clause also applies to contractor employees who access Privacy Act and Protected Health Information, provide support associated with fiduciary duties, or perform duties that have been identified as National Security Position, as advised by the command security manager. It is the responsibility of the responsible security officer of the command/facility where the work is performed to ensure compliance. Each contractor employee providing services at a Navy Command under this contract is required to obtain a Department of Defense Common Access Card (DoD CAC). Additionally, depending on the level of computer/network access, the contract employee will require a successful investigation as detailed below. ACCESS TO FEDERAL FACILITIES Per HSPD-12 and implementing guidance, all contractor employees working at a federally controlled base, facility or activity under this clause will require a DoD CAC. When access to a base, facility or activity is required contractor employees shall in-process with the Command's Security Manager upon arrival to the Command and shall out-process prior to their departure at the completion of the individual's performance under the contract. ACCESS TO DOD IT SYSTEMS In accordance with SECNAV M-5510.30, contractor employees who require access to DoN or DoD networks are categorized as IT-I, IT-II, or IT-III. The IT-II level, defined in detail in SECNAV M-5510.30, includes positions which require access to information protected under the Privacy Act, to include Protected Health Information (PHI). All contractor employees under this contract who require access to Privacy Act protected information are therefore categorized no lower than IT-II. IT Levels are determined by the requiring activity's Command Information Assurance Manager. Contractor employees requiring privileged or IT-I level access, (when specified by the terms of the contract) require a Single Scope Background Investigation (SSBI) or T5 or T5R equivalent investigation, which is a higher level investigation than the National Agency Check with Law and Credit (NACLC)/T3/T3R described below. Due to the privileged system access, an investigation suitable for High Risk national security positions is required. Individuals who have access to system control, monitoring, or administration functions (e.g. system administrator, database administrator) require training and certification to Information Assurance Technical Level 1, and must be trained and certified on the Operating System or Computing Environment they are required to maintain. Access to sensitive IT systems is contingent upon a favorably adjudicated background investigation. When access to IT systems is required for performance of the contractor employee's duties, such employees shall in-process with the Navy Command's Security Manager and Information Assurance Manager upon arrival to the Navy command and shall out-process prior to their departure at the completion of the individual's performance under the contract. Completion and approval of a System Authorization Access Request Navy (SAAR-N) form is required for all individuals accessing Navy Information Technology resources. The decision to authorize access to a government IT system/network is inherently governmental. The contractor supervisor is not authorized to sign the SAAR-N; therefore, the government employee with knowledge of the system/network access required or the COR shall sign the SAAR-N as the "supervisor". The SAAR-N shall be forwarded to the Command's Security Manager at least 30 days prior to the individual's start date. Failure to provide the required documentation at least 30 days prior to the individual's start date may result in delaying the individual's start date. When required to maintain access to required IT systems or networks, the contractor shall ensure that all employees requiring access complete annual Information Assurance (IA) training, and maintain a current requisite background investigation. The Contractor's Security Representative shall contact the Command Security Manager for guidance when reinvestigations are required. INTERIM ACCESS The Command's Security Manager may authorize issuance of a DoD CAC and interim access to a DoN or DoD unclassified computer/network upon a favorable review of the investigative questionnaire and advance favorable fingerprint results. When the results of the investigation are received and a favorable determination is not made, the contractor employee working on the contract under interim access will be denied access to the computer network and this denial will not relieve the contractor of his/her responsibility to perform. DENIAL OR TERMINATION OF ACCESS The potential consequences of any requirement under this clause including denial or termination of physical or system access in no way relieves the contractor from the requirement to execute performance under the contract within the timeframes specified in the contract. Contractors shall plan ahead in processing their employees and subcontractor employees. The contractor shall insert this clause in all subcontracts when the subcontractor is permitted to have unclassified access to a federally controlled facility, federally-controlled information system/network and/or to government information, meaning information not authorized for public release. CONTRACTOR'S SECURITY REPRESENTATIVE The contractor shall designate an employee to serve as the Contractor's Security Representative. Within three work days after contract award, the contractor shall provide to the requiring activity's Security Manager and the Contracting Officer, in writing, the name, title, address and phone number for the Contractor's Security Representative. The Contractor's Security Representative shall be the primary point of contact on any security matter. The Contractor's Security Representative shall not be replaced or removed without prior notice to the Contracting Officer and Command Security Manager. BACKGROUND INVESTIGATION REQUIREMENTS AND SECURITY APPROVAL PROCESS FOR CONTRACTORS ASSIGNED TO NATIONAL SECURITY POSITIONS OR PERFORMING SENSITIVE DUTIES Navy security policy requires that all positions be given a sensitivity value based on level of risk factors to ensure appropriate protective measures are applied. Contractor employees under this contract are recognized as Non-Critical Sensitive [ADP/IT-II] positions when the contract scope of work require physical access to a federally controlled base, facility or activity and/or requiring access to a DoD computer/network, to perform unclassified sensitive duties. This designation is also applied to contractor employees who access Privacy Act and Protected Health Information (PHI), provide support associated with fiduciary duties, or perform duties that have been identified as National Security Positions. At a minimum, each contractor employee must be a US citizen and have a favorably completed NACLC or T3 or T3R equivalent investigation to obtain a favorable determination for assignment to a non-critical sensitive or IT-II position. The investigation consists of a standard NAC and a FBI fingerprint check plus law enforcement checks and credit check. Each contractor employee filling a non-critical sensitive or IT-II position is required to complete: • SF-86 Questionnaire for National Security Positions (or equivalent OPM investigative product) • Two FD-258 Applicant Fingerprint Cards (or an electronic fingerprint submission) • Original Signed Release Statements Failure to provide the required documentation at least 30 days prior to the individual's start date shall result in delaying the individual's start date. Background investigations shall be reinitiated as required to ensure investigations remain current (not older than 10 years) throughout the contract performance period. The Contractor's Security Representative shall contact the Command Security Manager for guidance when reinvestigations are required. Regardless of their duties or IT access requirements ALL contractor employees shall in-process with the Command's Security Manager upon arrival to the command and shall out-process prior to their departure at the completion of the individual's performance under the contract. Employees requiring IT access shall also check-in and check-out with the Navy Command's Information Assurance Manager. Completion and approval of a System Authorization Access Request Navy (SAAR-N) form is required for all individuals accessing Navy Information Technology resources. The SAAR-N shall be forwarded to the Navy Command's Security Manager at least 30 days prior to the individual's start date. Failure to provide the required documentation at least 30 days prior to the individual's start date shall result in delaying the individual's start date. The contractor shall ensure that each contract employee requiring access to IT systems or networks complete annual Information Assurance (IA) training, and maintain a current requisite background investigation. Contractor employees shall accurately complete the required investigative forms prior to submission to the Command Security Manager. The Command's Security Manager will review the submitted documentation for completeness prior to submitting it to the Office of Personnel Management (OPM); Potential suitability or security issues identified may render the contractor employee ineligible for the assignment. An unfavorable determination is final (subject to SF-86 appeal procedures) and such a determination does not relieve the contractor from meeting any contractual obligation under the contract. The Command's Security Manager will forward the required forms to OPM for processing. Once the investigation is complete, the results will be forwarded by OPM to the DoD Central Adjudication Facility (CAF) for a determination. If the contractor employee already possesses a current favorably adjudicated investigation, the contractor shall submit a Visit Authorization Request (VAR) via the Joint Personnel Adjudication System (JPAS) or a hard copy VAR directly from the contractor's Security Representative. Although the contractor will take JPAS "Owning" role over the contractor employee, the Command will take JPAS "Servicing" role over the contractor employee during the hiring process and for the duration of assignment under that contract. The contractor shall include the IT Position Category per SECNAV M-5510.30 for each employee designated on a VAR. The VAR requires annual renewal for the duration of the employee's performance under the contract. Section E - Inspection and Acceptance INSPECTION AND ACCEPTANCE TERMS Supplies/services will be inspected/accepted at: CLIN INSPECT AT INSPECT BY ACCEPT AT ACCEPT BY 0001 Destination Government Destination Government Section F - Deliveries or Performance DELIVERY INFORMATION CLIN DELIVERY DATE QUANTITY SHIP TO ADDRESS DODAAC / CAGE 0001 31-DEC-2019 1 NAVAL MEDICAL CENTER RECEIVING OFFICER 54 LEWIS MINOR STREET BLDG. 250 PORTSMOUTH VA 23708-2297 757-953-5770 FOB: Destination N00183 DOCK DELIVERY Naval Medical Center Portsmouth (NMCP) Receiving Dock Hours of Operation: NMCP Receiving Dock is open Monday through Friday 0700 to 1600 (7:00 a.m. to 4:00 p.m.). excluding federal holidays. Receiving personnel may be reached at 757-953-5770. Section G - Contract Administration Data CLAUSES INCORPORATED BY FULL TEXT 252.232-7006 WIDE AREA WORKFLOW PAYMENT INSTRUCTIONS (DEC 2018) (a) Definitions. As used in this clause- "Department of Defense Activity Address Code (DoDAAC)" is a six position code that uniquely identifies a unit, activity, or organization. "Document type" means the type of payment request or receiving report available for creation in Wide Area WorkFlow (WAWF). "Local processing office (LPO)" is the office responsible for payment certification when payment certification is done external to the entitlement system. "Payment request" and "receiving report" are defined in the clause at 252.232-7003, Electronic Submission of Payment Requests and Receiving Reports. (b) Electronic invoicing. The WAWF system provides the method to electronically process vendor payment requests and receiving reports, as authorized by Defense Federal Acquisition Regulation Supplement (DFARS) 252.232-7003, Electronic Submission of Payment Requests and Receiving Reports. (c) WAWF access. To access WAWF, the Contractor shall- (1) Have a designated electronic business point of contact in the System for Award Management at https://www.sam.gov; and (2) Be registered to use WAWF at https://wawf.eb.mil/ following the step-by-step procedures for self-registration available at this web site. (d) WAWF training. The Contractor should follow the training instructions of the WAWF Web-Based Training Course and use the Practice Training Site before submitting payment requests through WAWF. Both can be accessed by selecting the "Web Based Training" link on the WAWF home page at https://wawf.eb.mil/. (e) WAWF methods of document submission. Document submissions may be via web entry, Electronic Data Interchange, or File Transfer Protocol. (f) WAWF payment instructions. The Contractor shall use the following information when submitting payment requests and receiving reports in WAWF for this contract or task or delivery order: (1) Document type. The Contractor shall submit payment requests using the following document type(s): (i) For cost-type line items, including labor-hour or time-and-materials, submit a cost voucher. (ii) For fixed price line items- (A) That require shipment of a deliverable, submit the invoice and receiving report specified by the Contracting Officer. ____________COMBO FOR SUPPLIES________________________________________________ (Contracting Officer: Insert applicable invoice and receiving report document type(s) for fixed price line items that require shipment of a deliverable.) (B) For services that do not require shipment of a deliverable, submit either the Invoice 2in1, which meets the requirements for the invoice and receiving report, or the applicable invoice and receiving report, as specified by the Contracting Officer. ____________ ______________________________________________ (Contracting Officer: Insert either "Invoice 2in1" or the applicable invoice and receiving report document type(s) for fixed price line items for services.) (iii) For customary progress payments based on costs incurred, submit a progress payment request. (iv) For performance based payments, submit a performance based payment request. (v) For commercial item financing, submit a commercial item financing request. (2) Fast Pay requests are only permitted when Federal Acquisition Regulation (FAR) 52.213-1 is included in the contract. [Note: The Contractor may use a WAWF "combo" document type to create some combinations of invoice and receiving report in one step.] (3) Document routing. The Contractor shall use the information in the Routing Data Table below only to fill in applicable fields in WAWF when creating payment requests and receiving reports in the system. Routing Data Table* Field Name in WAWF Data to be entered in WAWF Pay Official DoDAAC HQ0248 Issue By DoDAAC N00183 Admin DoDAAC** N00183 Inspect By DoDAAC N/A Ship To Code N00183 Ship From Code N/A Mark For Code N/A Service Approver (DoDAAC) N/A Service Acceptor (DoDAAC) N/A Accept at Other DoDAAC N/A LPO DoDAAC N00183 DCAA Auditor DoDAAC N/A Other DoDAAC(s) N/A (*Contracting Officer: Insert applicable DoDAAC information. If multiple ship to/acceptance locations apply, insert "See Schedule" or "Not applicable.") (**Contracting Officer: If the contract provides for progress payments or performance-based payments, insert the DoDAAC for the contract administration office assigned the functions under FAR 42.302(a)(13).) (4) Payment request. The Contractor shall ensure a payment request includes documentation appropriate to the type of payment request in accordance with the payment clause, contract financing clause, or Federal Acquisition Regulation 52.216-7, Allowable Cost and Payment, as applicable. (5) Receiving report. The Contractor shall ensure a receiving report meets the requirements of DFARS Appendix F. (g) WAWF point of contact. (1) The Contractor may obtain clarification regarding invoicing in WAWF from the following contracting activity's WAWF point of contact. _USN.DETRICK.NAVMEDLOGCOMFTDMD.LIST.NMLC-WAWF@MAI.MIL___ (Contracting Officer: Insert applicable information or "Not applicable.") (2) Contact the WAWF helpdesk at 866-618-5988, if assistance is needed. (End of clause) Section H - Special Contract Requirements PRIVACY & SECURITY OF PHI PRIVACY AND SECURITY OF PROTECTED HEALTH INFORMATION 1. Introduction In accordance with DoD 6025.18-R "Department of Defense Health Information Privacy Regulation," January 24, 2003, the Contractor meets the definition of Business Associate. Therefore, a Business Associate Agreement is required to comply with both the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security regulations. This clause serves as that agreement whereby the Business Associate agrees to abide by all applicable HIPAA Privacy and Security requirements regarding health information as defined in this clause, and in DoD 6025.18-R and DoD 8580.02, as amended. Additional requirements will be addressed when implemented. a. Definitions. As used in this clause generally refer to the Code of Federal Regulations (CFR) definition unless a more specific provision exists in DoD 6025.18-R or DoD 8580.02. (1) HITECH Act shall mean the Health Information Technology for Economic and Clinical Health Act included in the American Recovery and Reinvestment Act of 2009. (2) Individual has the same meaning as the term "individual" in 45 CFR 160.103 and shall include a person who qualifies as a personal representative in accordance with 45 CFR 164.502(g). (3) Privacy Rule means the Standards for Privacy of Individually Identifiable Health Information at 45 CFR part 160 and part 164, subparts A and E. (4) Protected Health Information has the same meaning as the term "protected health information" in 45 CFR 160.103, limited to the information created or received by the Business Associate from or on behalf of the Government pursuant to the Contract. (5) Electronic Protected Health Information has the same meaning as the term "electronic protected health information" in 45 CFR 160.103. (6) Required by Law has the same meaning as the term "required by law" in 45 CFR 164.103. (7) Secretary means the Secretary of the Department of Health and Human Services or his/her designee. (8) Security Incident will have the same meaning as the term "security incident" in 45 CFR 164.304, limited to the information created or received by Business Associate from or on behalf of Covered Entity. (9) Security Rule means the Health Insurance Reform: Security Standards at 45 CFR part 160, 162 and part 164, subpart C. (10) Terms used, but not otherwise defined, in this Clause shall have the same meaning as those terms in 45 CFR 160.103, 160.502, 164.103, 164.304, and 164.501. b. The Business Associate shall not use or further disclose Protected Health Information other than as permitted or required by the Contract or as Required by Law. c. The Business Associate shall use appropriate safeguards to maintain the privacy of the Protected Health Information and to prevent use or disclosure of the Protected Health Information other than as provided for by this Contract. d. The HIPAA Security administrative, physical, and technical safeguards in 45 CFR 164.308, 164.310, and 164.312, and the requirements for policies and procedures and documentation in 45 CFR 164.316 shall apply to Business Associate. The additional requirements of Title XIII of the HITECH Act that relate to the security and that are made applicable with respect to covered entities shall also be applicable to Business Associate. The Business Associate agrees to use administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic protected health information that it creates, receives, maintains, or transmits in the execution of this Contract. e. The Business Associate shall, at their own expense, take action to mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of Protected Health Information by the Business Associate in violation of the requirements of this Clause. These mitigation actions will include as a minimum those listed in the TMA Breach Notification Standard Operating Procedure (SOP), which is available at: http://www.tricare.mil/tmaprivacy/breach.cfm f. The Business Associate shall report to the Government any security incident involving protected health information of which it becomes aware. g. The Business Associate shall report to the Government any use or disclosure of the Protected Health Information not provided for by this Contract of which the Business Associate becomes aware. h. The Business Associate shall ensure that any agent, including a sub Business Associate, to whom it provides Protected Health Information received from, or created or received by the Business Associate, on behalf of the Government, agrees to the same restrictions and conditions that apply through this Contract to the Business Associate with respect to such information. i. The Business Associate shall ensure that any agent, including a subBusiness Associate, to whom it provides electronic Protected Health Information, agrees to implement reasonable and appropriate safeguards to protect it. j. The Business Associate shall provide access, at the request of the Government, and in the time and manner reasonably designated by the Government to Protected Health Information in a Designated Record Set, to the Government or, as directed by the Government, to an Individual in order to meet the requirements under 45 CFR 164.524. k. The Business Associate shall make any amendment(s) to Protected Health Information in a Designated Record Set that the Government directs or agrees to pursuant to 45 CFR 164.526 at the request of the Government, and in the time and manner reasonably designated by the Government. l. The Business Associate shall make internal practices, books, and records relating to the use and disclosure of Protected Health Information received from, or created or received by the Business Associate, on behalf of the Government, available to the Government, or at the request of the Government to the Secretary, in a time and manner reasonably designated by the Government or the Secretary, for purposes of the Secretary determining the Government's compliance with the Privacy Rule. m. The Business Associate shall document such disclosures of Protected Health Information and information related to such disclosures as would be required for the Government to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR 164.528. n. The Business Associate shall provide to the Government or an Individual, in time and manner reasonably designated by the Government, information collected in accordance with this Clause of the Contract, to permit the Government to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR 164.528. 2. General Use and Disclosure Provisions Except as otherwise limited in this Clause, the Business Associate may use or disclose Protected Health Information on behalf of, or to provide services to, the Government for treatment, payment, or healthcare operations purposes, in accordance with the specific use and disclosure provisions below, if such use or disclosure of Protected Health Information would not violate the HIPAA Privacy Rule, the HIPAA Security Rule, DoD 6025.18-R or DoD 8580.02 if done by the Government. The additional requirements of Title XIII of the HITECH Act that relate to privacy and that are made applicable with respect to covered entities shall also be applicable to Business Associate. 3. Specific Use and Disclosure Provisions a. Except as otherwise limited in this Clause, the Business Associate may use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate. b. Except as otherwise limited in this Clause, the Business Associate may disclose Protected Health Information for the proper management and administration of the Business Associate, provided that disclosures are required by law, or the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as required by law or for the purpose for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached. c. Except as otherwise limited in this Clause, the Business Associate may use Protected Health Information to provide Data Aggregation services to the Government as permitted by 45 CFR 164.504(e)(2)(i)(B). d. Business Associate may use Protected Health Information to report violations of law to appropriate Federal and State authorities, consistent with 45 CFR 164.502(j)(1). 4. Obligations of the Government Provisions for the Government to Inform the Business Associate of Privacy Practices and Restrictions a. The Government shall provide the Business Associate with the notice of privacy practices that the Government produces in accordance with 45 CFR 164.520. b. The Government shall provide the Business Associate with any changes in, or revocation of, permission by Individual to use or disclose Protected Health Information, if such changes affect the Business Associate's permitted or required uses and disclosures. c. The Government shall notify the Business Associate of any restriction to the use or disclosure of Protected Health Information that the Government has agreed to in accordance with 45 CFR 164.522. 5. Permissible Requests by the Government The Government shall not request the Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under the HIPAA Privacy Rule, the HIPAA Security Rule, or any applicable Government regulations (including without limitation, DoD 6025.18-R and DoD 8580.02) if done by the Government, except for providing Data Aggregation services to the Government and for management and administrative activities of the Business Associate as otherwise permitted by this clause. 6. Termination a. Termination. A breach by the Business Associate of this clause, may subject the Business Associate to termination under any applicable default or termination provision of this Contract. b. Effect of Termination. (1) If this contract has records management requirements, the records subject to the Clause should be handled in accordance with the records management requirements. If this contract does not have records management requirements, the records should be handled in accordance with paragraphs (2) and (3) below (2) If this contract does not have records management requirements, except as provided in paragraph (3) of this section, upon termination of this Contract, for any reason, the Business Associate shall return or destroy all Protected Health Information received from the Government, or created or received by the Business Associate on behalf of the Government. This provision shall apply to Protected Health Information that agents of the Business Associate may come in contact. The Business Associate shall retain no copies of the Protected Health Information. (3) If this contract does not have records management provisions and the Business Associate determines that returning or destroying the Protected Health Information is infeasible, the Business Associate shall provide to the Government notification of the conditions that make return or destruction infeasible. Upon mutual agreement of the Government and the Business Associate that return or destruction of Protected Health Information is infeasible, the Business Associate shall extend the protections of this Contract to such Protected Health Information and limit further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction infeasible, for so long as the Business Associate maintains such Protected Health Information. 7. Miscellaneous a. Regulatory References. A reference in this Clause to a section in DoD 6025.18-R, DoD 8580.02, Privacy Rule or Security Rule means the section currently in effect or as amended, and for which compliance is required. b. Survival. The respective rights and obligations of Business Associate under the "Effect of Termination" provision of this Clause shall survive the termination of this Contract. c. Interpretation. Any ambiguity in this Clause shall be resolved in favor of a meaning that permits the Government to comply with DoD 6025.18-R, DoD 8580.02, the HIPAA Privacy Rule or the HIPAA Security Rule. BASE ACCESS Base Access (NMCP) Commander, Navy Installations Command (CNIC), has established the Navy Commercial Access Control System (NCACS), a standardized process for granting unescorted access privileges to vendors, contractors, suppliers and service providers not otherwise entitled to the issuance of a Common Access Card (CAC) who seek access to and can provide justification to enter Navy installations and facilities. Vendors visiting Naval Medical Center Portsmouth (NMCP) may obtain daily passes directly from Naval Station Norfolk (NSN) Pass and ID office, located at NSN (Bldg CD-9), 9040 Hampton Blvd, Norfolk, Virginia, 23505, by submitting identification credentials for verification and undergoing a criminal screening/ background check. Alternatively, if the vendor so chooses, it may voluntarily elect to obtain long-term credentials through enrollment, registration, background vetting, screening, issuance of credentials, and electronic validation of credentials at its own cost through one of the designated independent contractor NCACS service providers. Credentials will be issued every five years and access privileges will be reviewed / renewed on an annual basis. The costs incurred to obtain Navy installation access of any kind are not reimbursable, and the price(s) paid for obtaining long-term NCACS credentials will not be approved as a direct cost of this contract. Further information regarding NCACS can be found at http://cnic.navy.mil/CNIC_HQ_Site/index.htm. VENDORMATE Vendormate Credentialing Requirement Naval Medical Center, Portsmouth (NMCP) has instituted a Credentialing Program which is designed to streamline the collection and management of key information regarding the regulatory and compliance status as well as business operations of our suppliers. The program requires all vendors and their representatives to register in order to gain base access to NMCP. One nominal annual credentialing fee covers your company as well as all representatives of your company that interact with NMCP. The price ranges from $25 to $250 per year depending on your company's risk profile and is paid directly to our partner, Vendormate Credentialing. It is imperative that each representative registers individually to maintain their personal credentials and ensure ongoing base access to our facility. A Federal Tax Identification Number and a credit card are required to complete the initial registration. Additional representatives only need the Federal Tax Identification Number. Register for Vendormate Credentialing at https://nmcp.vendormate.com. For technical questions, go to https://ghx.com/customer-care. Kiosks are located on the first and second floor entrances of Building two (2). Your representatives who visit NMCP may be required to sign in electronically to obtain an identification badge. With a valid appointment and current credentials, your representative will be able to print a single-use badge that is to be worn throughout the visit to any NMCP facility. Badges are required for all vendors on premises. Please note that GHX Vendormate Credentialing is in addition to RapidGate for Base Access. Vendors are required to register for both programs in order to come onboard the NMCP base. Section I - Contract Clauses CLAUSES INCORPORATED BY REFERENCE 252.203-7000 Requirements Relating to Compensation of Former DoD Officials SEP 2011 252.203-7002 Requirement to Inform Employees of Whistleblower Rights SEP 2013 252.204-7003 Control Of Government Personnel Work Product APR 1992 252.211-7003 Item Unique Identification and Valuation MAR 2016 252.225-7048 Export-Controlled Items JUN 2013 252.232-7003 Electronic Submission of Payment Requests and Receiving Reports DEC 2018 252.237-7010 Prohibition on Interrogation of Detainees by Contractor Personnel JUN 2013 252.243-7001 Pricing Of Contract Modifications DEC 1991 CLAUSES INCORPORATED BY FULL TEXT Representation Regarding Certain Telecommunications and Video Surveillance Services or Equipment (Aug 2019) (a) Definitions. As used in this provision- "Covered telecommunications equipment or services", "Critical technology", and "Substantial or essential component" have the meanings provided in clause 52.204-25, Prohibition on Contracting for Certain Telecommunications and Video Surveillance Services or Equipment. (b) Prohibition. Section 889(a)(1)(A) of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (Pub. L. 115-232) prohibits the head of an executive agency on or after August 13, 2019, from procuring or obtaining, or extending or renewing a contract to procure or obtain, any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system. Contractors are not prohibited from providing- (1) A service that connects to the facilities of a third-party, such as backhaul, roaming, or interconnection arrangements; or (2) Telecommunications equipment that cannot route or redirect user data traffic or permit visibility into any user data or packets that such equipment transmits or otherwise handles. (c) Representation. The Offeror represents that- It □ will, □ will not provide covered telecommunications equipment or services to the Government in the performance of any contract, subcontract or other contractual instrument resulting from this solicitation. (d) Disclosures. If the Offeror has responded affirmatively to the representation in paragraph (c) of this provision, the Offeror shall provide the following information as part of the offer (1) All covered telecommunications equipment and services offered (include brand; model number, such as original equipment manufacturer (OEM) number, manufacturer part number, or wholesaler number; and item description, as applicable); (2) Explanation of the proposed use of covered telecommunications equipment and services and any factors relevant to determining if such use would be permissible under the prohibition in paragraph (b) of this provision; (3) For services, the entity providing the covered telecommunications services (include entity name, unique entity identifier, and Commercial and Government Entity (CAGE) code, if known); and (4) For equipment, the entity that produced the covered telecommunications equipment (include entity name, unique entity identifier, CAGE code, and whether the entity was the OEM or a distributor, if known). (End of provision) 52.204-25 PROHIBITION ON CONTRACTING FOR CERTAIN TELECOMMUNICATIONS AND VIDEO SURVEILLANCE SERVICES OR EQUIPMENT (AUG 2019) (a) Definitions. As used in this clause-- Covered foreign country means The People's Republic of China. Covered telecommunications equipment or services means-- (1) Telecommunications equipment produced by Huawei Technologies Company or ZTE Corporation (or any subsidiary or affiliate of such entities); (2) For the purpose of public safety, security of Government facilities, physical security surveillance of critical infrastructure, and other national security purposes, video surveillance and telecommunications equipment produced by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, or Dahua Technology Company (or any subsidiary or affiliate of such entities); (3) Telecommunications or video surveillance services provided by such entities or using such equipment; or (4) Telecommunications or video surveillance equipment or services produced or provided by an entity that the Secretary of Defense, in consultation with the Director of National Intelligence or the Director of the Federal Bureau of Investigation, reasonably believes to be an entity owned or controlled by, or otherwise connected to, the government of a covered foreign country. Critical technology means-- (1) Defense articles or defense services included on the United States Munitions List set forth in the International Traffic in Arms Regulations under subchapter M of chapter I of title 22, Code of Federal Regulations; (2) Items included on the Commerce Control List set forth in Supplement No. 1 to part 774 of the Export Administration Regulations under subchapter C of chapter VII of title 15, Code of Federal Regulations, and controlled-- (i) Pursuant to multilateral regimes, including for reasons relating to national security, chemical and biological weapons proliferation, nuclear nonproliferation, or missile technology; or (ii) For reasons relating to regional stability or surreptitious listening; (3) Specially designed and prepared nuclear equipment, parts and components, materials, software, and technology covered by part 810 of title 10, Code of Federal Regulations (relating to assistance to foreign atomic energy activities); (4) Nuclear facilities, equipment, and material covered by part 110 of title 10, Code of Federal Regulations (relating to export and import of nuclear equipment and material); (5) Select agents and toxins covered by part 331 of title 7, Code of Federal Regulations, part 121 of title 9 of such Code, or part 73 of title 42 of such Code; or (6) Emerging and foundational technologies controlled pursuant to section 1758 of the Export Control Reform Act of 2018 (50 U.S.C. 4817). Substantial or essential component means any component necessary for the proper function or performance of a piece of equipment, system, or service. (b) Prohibition. Section 889(a)(1)(A) of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (Pub. L. 115-232) prohibits the head of an executive agency on or after August 13, 2019, from procuring or obtaining, or extending or renewing a contract to procure or obtain, any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system. The Contractor is prohibited from providing to the Government any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system, unless an exception at paragraph (c) of this clause applies or the covered telecommunication equipment or services are covered by a waiver described in Federal Acquisition Regulation 4.2104. (c) Exceptions. This clause does not prohibit contractors from providing-- (1) A service that connects to the facilities of a third-party, such as backhaul, roaming, or interconnection arrangements; or (2) Telecommunications equipment that cannot route or redirect user data traffic or permit visibility into any user data or packets that such equipment transmits or otherwise handles. (d) Reporting requirement. (1) In the event the Contractor identifies covered telecommunications equipment or services used as a substantial or essential component of any system, or as critical technology as part of any system, during contract performance, or the Contractor is notified of such by a subcontractor at any tier or by any other source, the Contractor shall report the information in paragraph (d)(2) of this clause to the Contracting Officer, unless elsewhere in this contract are established procedures for reporting the information; in the case of the Department of Defense, the Contractor shall report to the website at https://dibnet.dod.mil. For indefinite delivery contracts, the Contractor shall report to the Contracting Officer for the indefinite delivery contract and the Contracting Officer(s) for any affected order or, in the case of the Department of Defense, identify both the indefinite delivery contract and any affected orders in the report provided at https://dibnet.dod.mil. (2) The Contractor shall report the following information pursuant to paragraph (d)(1) of this clause: (i) Within one business day from the date of such identification or notification: The contract number; the order number(s), if applicable; supplier name; supplier unique entity identifier (if known); supplier Commercial and Government Entity (CAGE) code (if known); brand; model number (original equipment manufacturer number, manufacturer part number, or wholesaler number); item description; and any readily available information about mitigation actions undertaken or recommended. (ii) Within 10 business days of submitting the information in paragraph (d)(2)(i) of this clause: Any further available information about mitigation actions undertaken or recommended. In addition, the Contractor shall describe the efforts it undertook to prevent use or submission of covered telecommunications equipment or services, and any additional efforts that will be incorporated to prevent future use or submission of covered telecommunications equipment or services. (e) Subcontracts. The Contractor shall insert the substance of this clause, including this paragraph (e), in all subcontracts and other contractual instruments, including subcontracts for the acquisition of commercial items. (End of clause) 52.232-18 AVAILABILITY OF FUNDS (APR 1984) Funds are not presently available for this contract. The Government's obligation under this contract is contingent upon the availability of appropriated funds from which payment for contract purposes can be made. No legal liability on the part of the Government for any payment may arise until funds are made available to the Contracting Officer for this contract and until the Contractor receives notice of such availability, to be confirmed in writing by the Contracting Officer. (End of clause) 52.252-1 SOLICITATION PROVISIONS INCORPORATED BY REFERENCE (FEB 1998) This solicitation incorporates one or more solicitation provisions by reference, with the same force and effect as if they were given in full text. Upon request, the Contracting Officer will make their full text available. The offeror is cautioned that the listed provisions may include blocks that must be completed by the offeror and submitted with its quotation or offer. In lieu of submitting the full text of those provisions, the offeror may identify the provision by paragraph identifier and provide the appropriate information with its quotation or offer. Also, the full text of a solicitation provision may be accessed electronically at this/these address(es): http://www.arnet.gov/far (End of provision) 52.252-2 CLAUSES INCORPORATED BY REFERENCE (FEB 1998) This contract incorporates one or more clauses by reference, with the same force and effect as if they were given in full text. Upon request, the Contracting Officer will make their full text available. Also, the full text of a clause may be accessed electronically at this/these address(es): FAR Clauses http://acquisition.gov/comp/far/index.htm DFAR Clauses http://www.acq.osd.mil/dpap/dars/dfars/index.htm (End of clause)
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DON/BUMED/N00183/N0018319Q0167/listing.html)
 
Place of Performance
Address: Naval Medical Center Portsmouth, 54 Lewis Minor Street, Building 250, Portsmouth, Virginia, 23708, United States
Zip Code: 23708
 
Record
SN05439226-W 20190912/190910231417-187e2d0d9d598e7c007980949505cd3f (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.