SAMDaily.us | SRCSGT | 99 | NIST Backup Care Program

SAMDAILY.US - ISSUE OF APRIL 13, 2023 SAM #7807
SOURCES SOUGHT

99 -- NIST Backup Care Program

Notice Date: 4/11/2023 1:37:51 PM
Notice Type: Sources Sought
NAICS: 518210 — Data Processing, Hosting, and Related Services
Contracting Office: DEPT OF COMMERCE NIST GAITHERSBURG MD 20899 USA
ZIP Code: 20899
Solicitation Number: NB170000-23-01334
Response Due: 4/21/2023 9:00:00 AM
Point of Contact: Yolanda McCray, Monica Brown, Phone: 3019750642
E-Mail Address: yolanda.mccray@nist.gov, monica.brown@nist.gov
(yolanda.mccray@nist.gov, monica.brown@nist.gov)
Description: This is a Sources Sought Notice ONLY. Requests for copies of a solicitation will not receive a response. This Notice is for planning purposes only and is not a Request for Proposal or Request for Quotation or an obligation on the part of the NIST for conducting a follow-on acquisition. NIST ��does not intend to award a contract based on this Notice, or otherwise pay for the information requested. No entitlement or payment of direct or indirect costs or charges by NIST will arise as a result of submission of responses to this Notice and NIST use of such information. NIST recognizes proprietary components, interfaces and equipment, and clearly marked restricted or proprietary components, interfaces and equipment, and data included as an addendum to the non-restricted/non-proprietary information. In the absence of such identification, NIST will assume to have unlimited rights to all technical data in the information paper. NO SOLICITATION DOCUMENTS EXIST AT THIS TIME. The National Institute of Standards and Technology has a requirement for back-up care services. Back-up care is defined as an alternative childcare or dependent arrangement made in response to an emergency, an unexpected event, or a disruption in regular, pre-arranged child or dependent care and serves as a safety net for when a childcare or dependent care emergency happens, or normal child or dependent care arrangements fall through. This is a benefit offered by employers to ensure happy and productive working parents. This backup care is intended to help when regular caregiver or a stay-at-home spouse is unavailable, when staff are transitioning between child or adult/elder care arrangements, when a child�s regular center or school is closed, when a child or adult/elder relative is mildly ill or needs temporary assistance, or when you need care for yourself. IV.�� Scope/General Requirements The NIST requires a contractor to demonstrate its ability to effectively and efficiently deliver and manage a reliable, monitored, and comprehensive nationwide back-up child/adult/elder care placement service that provides the following: �� An annual firm fixed fee structure in which the NIST pays an annual access fee and the NIST user pays an hourly cost of care fee. �� Direct billing and collection of the cost-of-care fees from the NIST user by the contractor. �� Availability to reserve and receive care 24 hours a day, 365 days a year. �� Availability throughout the United States, especially in the Metropolitan Washington, D.C. Area (i.e., Washington, D.C., Maryland, and Northern Virginia). �� Registration and reservation systems accessible and operable by toll-free telephone and web-based application. �� Childcare availability (in home, licensed childcare center, licensed family childcare, and licensed camp for children up to 13 years of age or children who are disabled and under the age of 18 years) within two (2) hours of notification by telephone and web-based application. �� Mildly ill care (in home) within two (2) hours of notification by telephone and web-based application. �� Adult/elder/self-care (in home) within two (2) hours of notification by telephone and web-based application. �� Collection and provision of data on all aspects of the contract in the form of monthly, quarterly, and annual reports to the Contacting Officer�s Representative (COR) and/or the designated alternate COR. �� Complete the necessary technical and administrative support for all aspects of the service. �� Efficiently and accurately receive and process reservations for backup care up to one (1) month in advance of the need, and up to the day care is needed. �� Maintain confidentiality of all the information contained in backup care requests �� Participate in discussions and trainings with and by the NIST Child and Family Programs manager on how to improve services. �� Provide consultation to customers, including program participants and potential participants, to assist with finding the care arrangements that will best suit the NIST federal employee. V.�� Tasks/Specific Requirements The NIST seeks a contractor with corporate knowledge in the operation and logistics of providing a reliable, monitored, and comprehensive back-up child/adult/elder care placement service nationwide, 24 hours a day, 365 days a year, to a diverse workforce. The contractor must submit a proposal that includes: �� A detailed description of their program including a flow chart that illustrates the program from when the NIST user makes contact to when the monthly report is presented to the NIST. �� A methodology on how each care option is selected and delivered to the NIST user. �� A detailed Quality Assurance Plan. �� A detailed description of how the program will be tracked and reported to the NIST. �� A detailed budget outlining the annual access cost of the program to the NIST and the hourly direct cost of care to be paid by the NIST user per type of care. �� A system for the NIST user to pay for direct cost of care fees to the contractor. �� A detailed schedule for program start-up. �� A detailed plan of how the program will be marketed to the NIST workforce in the first 30 days, the first three (3) months, six (6) months, and each following year of the contract. �� A minimum of three (3) written references regarding the contractor�s past performance on similar programs, preferably with the federal government. �� A detailed description of the comprehensive network of quality licensed child and family care, in home care agencies, and summer camp providers. Include the following for each type of provider but not limited to: standards of quality; number of providers within a five (5) mile radius of the NIST locations; method of verifying compliance with all Federal, State, and local laws and licensing regulations; evidence that caregivers are well-trained, professional, and appropriately certified, licensed and registered to professional, State, and Federal requirements; plan to expand care options in areas of high demand where NIST users are unable to receive the service due to capacity limits or other reasons; customer service methods and plan for handling complaints from the NIST user, the care provider, contractor staff, and/or the COR; and method and plan for handling and minimizing unfillable requests. �� A detailed description of how the contractor will determine the eligibility of the NIST employee. �� A detailed description of how the contractor will handle all administrative tasks associated with the NIST Back-up Child and Adult/Elder Care Program appropriately, effectively and in a timely manner, including notifying the COR of any issues within twenty-four (24) hours of knowledge. �� A detailed description of how the contractor will maintain and protect confidentiality of Personally Identifiable Information (PII) contained in the back-up care applications of the NIST staff. �� A detailed description of the criteria by which providers will be screened by the contractor, i.e., background checks, experience, certifications, e.g., cardio-pulmonary resuscitation (CPR) and automated external defibrillator (AED) training, First Aid training, nursing, etc. �� A detailed description of how the contractor will provide the COR with monthly, quarterly, and annual reports and, upon request, special reports. �� A detailed description of the centralized online and call-in center for the registration and reservation placement service including but not limited to location, number of staff, training, intake process, and communications sent to the NIST user. VI.�� Deliverables 1.�� Kick-off Meeting The Contractor shall attend a Kick-off meeting, via video conference, with NIST no later than one week after award. The Contractor shall contact the Contracting Officer�s Representative (COR) to schedule a date and time for the meeting. Attendees shall include, at a minimum, the Contracting Officer�s Representative (COR), The Contracting Officer or Contracting Specialist, and the Contractor�s Program Manager. The meeting will be to review contract requirements, summarize contract rules, review the background and objectives of the NIST Backup Care Program, and discuss the tasks required by the statement of work. The Contractor shall provide a summary of the meeting via email to the Contracting Officer�s Representative (COR) no later than three (3) days after the meeting date. 2.�� Registration and Reservation System The contractor will provide a system for the NIST users upon award to access the child/adult/elder care back-up care placement service by both toll-free telephone and web-based application for registration and reservation purposes. All written communications shall be transmitted via email. The system shall meet the following minimum requirements: General Requirements �� System will provide the NIST users a unique user identification and password for use when setting up their profile with the contract and entering their requests for back-up care. �� System will provide the NIST users a unique URL to ensure the NIST users are entering their requests for back-up care in the correct location/website. �� System will be hosted in a cloud-computing environment (at a Federal Risk and Authorization Management Program (FedRAMP) certified location, or one that meets FedRAMP security requirements for a low-risk system, if hosted with a non-FedRAMP certified location). �� System must be able to generate confirmation emails as soon as requests have been successfully submitted by the user. �� System must be able to generate confirmation emails as soon as requests have been successfully fulfilled to the NIST user registered account emails, with pertinent information, such as the care provider assigned, etc. �� System must be able to track and handle off-hour and emergency requests. �� System data must be the system of record for confirmed/filled/unfilled requests and used for preparing scheduled and ad-hoc reports. �� All reports shall be provided in Adobe Acrobat Portable Document Format (PDF) format or in Microsoft Excel, unless otherwise requested. �� System will maintain an up-time of at least 98% or higher. System issues that affect users� ability to make reservations shall be reported within four (4) hours of their discovery. �� All issues with the System shall be reported to the COR within one (1) hour of the incident via email and will include an action plan and timeline on when and how the issue will be resolved. �� System will ensure maintenance, patches, enhancements are scheduled for off-hours to minimize system availability disruption for users. �� Access to the System shall utilize a two-factor authentication for all user types. Users/Consumers �� System shall collect the following data from users for each request: i.�� Requestor�s name and contact information (telephone numbers and email addresses) ii.�� Name of the person for who the services will be provided (if not the requestor) iii.�� Preference for care provider iv.�� Type of care being requested (e.g., childcare center, family childcare, in home care, mildly ill care, and adult/self/elder care) v.�� Location, date, start and end times �� System shall also include a link and toll-free telephone number to a helpdesk or support team to allow users to obtain help when making requests. �� System shall have an internal evaluation system (survey or other, to be identified) to record user feedback. These evaluations must be shared with the COR. �� System shall have the ability to create unique user accounts/profiles that allow information from previous requests to be retrieved and recalled for more efficient future reservation requests. The Registration Process will: �� Require each applicant to be a federal employee at NIST, by providing either their most recent SF-50 or a letter of employment verification. �� Provide a toll-free telephone number and be accessible via web-based application; �� Be available 24 hours a day, 365 days a year; �� Be free to the NIST individual to register for the service; �� Provide guidelines/expectations on the service from registration to the end-of-care survey, including a cancellation policy; �� Provide information about the cost of care that the NIST individual is responsible for, as well as how payment will be collected by the contractor; �� Provide information on the level of service and required documentation for each child/adult/elder care option type of care: center, home, self, and mildly ill; �� Provide a list of at least five (5) available providers/caregivers in the area the NIST user is requesting care, with the option of the NIST user requesting additional providers/caregivers. (If less than five (5) available providers/caregivers, the contractor will note limited providers in the area.) �� Collect data on each NIST user who registers, including, but not limited to, the following: a.�� Name b.�� Organizational Unit at NIST c.�� Age (in years; must be 18 years or older) d.�� Contact information: telephone (work, home, mobile), address (work and home), email (work and home), emergency contact person(s) with complete contact information e.�� Dependents (as determined by the NIST user) requiring care, but not limited by: i.�� Age (in years and by category: Infant 0-23 months; Toddler 24 months � 35 months); Preschool 3 years � 5 years; School-age 6 years to 17 years; Adult 18 years to 65 years; Elder 66 years and older); ii.�� Special needs, including allergies, medications, language, cognitive and mobility assistance; iii.�� Contact information that is different from the NIST user; iv.�� Any special instructions f.�� Emergency contact(s), including dependents (if different from the NIST individual) The Reservation Process will: �� Allow the NIST user to designate another individual to make reservations for their dependents; �� Provide a toll-free telephone number and be accessible via web-based application; �� Require a unique password for each NIST user; �� Be available 24 hours a day, 365 days a year; �� Be accessible by NIST computers; �� Be free to the NIST user to make reservations; �� Require that each reservation be made for a minimum of four (4) hours of care and shall not exceed ten (10) hours per day; �� Allow the NIST user to reserve ten (10) days of care per calendar year; The Contractor will notify the employee when they have one (1) backup care session left for the contract period. �� Verify all after hours (6:00 p.m. EST) and weekend requests with the COR; �� Include a detailed cancellation policy that allows the NIST user or their designee to cancel without penalty by 5:00 p.m. local on the business day prior to the day of care; �� Provide information to the NIST user on how payment for back-up care services will be collected as well as whom to contact if there is a dispute; �� Provide confirmation to the NIST user within 48 hours if reservation is entered 30 calendar days prior to the requested day of care; �� Provide confirmation to the NIST user within 24 hours if reservation is entered less than five (5) calendar days prior to the requested day of care; �� Provide an opportunity for the NIST user to speak with the care provider 48 hours prior to the day of care; �� Allow the NIST user to request a specific care provider for each day of care; �� Transmit electronically to the NIST user the required forms for the requested type of care with confirmation of reservation; �� Transmit electronically to the NIST user the required forms from the licensed childcare center (if applicable), including an explanation of expectations on the day(s) of care, with confirmation of reservation; �� Provide a detailed definition of mildly ill care and the level of care that will be provided; �� Provide a list of caregiver qualifications for each type of care and care option; �� Provide a contact number if the NIST user is not satisfied with the care given, if the care provider fails to report, or if the childcare center does not have the reservation on file; �� Collect payment from the NIST user; �� Transmit electronically to the NIST user, within 24 hours of care reservation being cancelled, a customer survey that collects the following information: a.�� Customer satisfaction with reservation process, b.�� The reason for cancellation of the care, c.�� The alternate care arrangement used (instead of the NIST Back-up Care Program), d.�� Customer expectations of the service/program, e.�� Ease of use of the program, f.�� Impact to the NIST individual if the NIST Back-up Care program was not offered, g.�� Ways to improve service, h.�� Willingness to recommend the program to a co-worker. �� Transmit electronically to the NIST user, within seven (7) business days of care being provided, a customer survey that collects the following information: a.�� Customer satisfaction with care, b.�� Customer expectations of the service/program, c.�� Ease of use of the program, d.�� The alternate care arrangement the NIST individual would use if the NIST Back-up Care Program was not available, e.�� Ways to improve service, f.�� Willingness to recommend the program to a co-worker. 3.�� Communication and Marketing Plan The contractor will develop a comprehensive communication plan no later than fourteen (14) days after the initial kick-off meeting to include, but not limited to, the following: �� Flyers, posters, business cards, bookmarks, etc. specific to the NIST workforce, the NIST Back-up Care Program, and types of care, both in print and digital versions. (Print materials must be provided in PDF file format, unless otherwise noted. Print and digital versions of materials must comply with Section 508, an amendment to the United States Workforce Rehabilitation Act of 1973, a federal law mandating that all electronic and information technology procured or used by the federal government be accessible to people with disabilities.) �� Web-based webinars on the NIST Back-up Care Program, types of care, and additional informational resources to assist with caregiver responsibilities. �� Seasonal emails to inform NIST individuals about the NIST Back-up Care Program. �� Collaboration with the COR to attend at least two NIST virtual information events to promote and discuss the NIST Back-up Care Program. �� Collaboration with the COR to develop unique opportunities to recruit and retain NIST users of the NIST Back-up Care Program. �� Collaboration with other NIST work-life program initiatives in cross-promotional efforts. 4.�� Reporting Requirements Monthly Reporting A monthly executive summary along with year-to-date (YTD) and month-to-date (MTD) comparative data and trend analyses, including charts/graphs, shall be prepared by the contractor, and emailed to the COR by the 15th of the following month. The report format shall be PDF file format for the summaries, charts, graphs and analyses and comma-separated values (CSV) files compatible with Microsoft Excel or Google spreadsheets for monthly data reports. More specifically, the following information shall be included: �� Contract Number and Title �� Type of Report (Monthly, Quarterly, Annual) �� Period of Performance being reported �� Contractor�s name and address �� Date of submission �� Executive Summary �� Performance metrics obtained from reservation system to include the following: o�� User Summary: all and new users; o�� Dependent Summary: all dependents by specified age ranges; o�� Program Use: type of care (child/adult/elder/self/mildly ill) and type of care provider (in home, licensed childcare center, family care, and summer camp); �� Number of days of work saved; �� Organizational Unit at NIST �� Reservation Summary: number of all requests; number made by telephone and number made via website; number of requests filled; number of requests cancelled by the NIST user; reason(s) for the cancellation(s); number of requests unfilled by the contractor; reason(s) for the contractor being unable to fill request; and number of reservations that NIST users forgot to cancel. Mid-Year Report The contractor shall present a Mid-Year Report to the NIST. This report shall include a comprehensive review of all aspects of the back-up care program provided under this contract. The contractor will present the report to the COR via video conference and the COR has final approval of the agenda and topics for discussion. At a minimum, the Mid-Year Report shall include the following: �� An assessment of all key aspects of the program, registration, utilization, communication efforts, and customer surveys. �� Identification of any trends and areas for improvement. �� Marketing and business plans with objectives or goals for the coming six (6) months. Annual Report An Annual Report shall also be presented by the contractor to the NIST and shall include a comprehensive review of all aspects of the back-up care program delivery provided under this contract. The contractor shall present the report to the COR via video conference, and the COR has final approval of the agenda and topics for discussion. At a minimum, the Annual Report shall include all the topics covered in the Mid-Year Report and the following additional items: �� Customer Survey, including overall results and trend analysis. �� A report of all complaints and comments submitted by NIST individuals. �� A summary of the number of providers in each of the NIST main campus areas (MD, CO, SC). �� Assessment of the marketing and business plan and objectives or goals for the coming contract year. Special Reports Upon Request Special reports will be provided within three (3) business days upon request from the COR or Contracting Officer (CO). These reports will typically result in the development of a CSV data file compatible with Microsoft Excel or Google spreadsheets. The NIST reserves the right to add additional reports as necessary. 5.�� Invoicing Requirements Contractor will invoice no more frequently than MONTHLY and no less frequently than QUARTERLY. Contractor must submit accurate and timely invoices to the COR or designated alternate COR via email attachment (PDF Format) no later than the 15th of the following month, (i.e., an October invoice must be received by November 15, or the first business day thereafter). Invoices must include TO/PO #, Contract #, CLIN, Requisition #, DUNS #, Tax Identifier #, and point of contact for questions. Inaccurate invoices will be returned to the contractor within seven (7) days for correction and re-submittal. 6.�� Risk and Liability Protection Plan Contractor will provide a risk and liability plan to include, but not limited to, the following: �� Criteria for selecting childcare centers: for example, level of compliance with local and state licensing requirements, teacher qualifications/credentials and training levels, background checks and screening of criminal history (e.g., local, state, and federal levels); �� A review of childcare centers: how often the review will be done, by whom, and by what criteria; �� Method of handling complaints about care providers; �� Insurance coverage(s) for childcare centers: type(s) and liability limits for each policy; �� Criteria for selecting in-home agencies: for example, level of compliance with local and state licensing requirements, caregiver qualifications/credentials and training levels, background checks and screening of criminal history (e.g., local, state, and federal levels), CPR and AED and First Aid trainings; �� A review of in-home agencies: how often the review will be done, by whom, and by what criteria; �� Method of handling complaints about in-home agencies; �� Insurance coverage(s) for in-home agencies: type(s) and liability limits for each policy; �� Indemnification from liability in an amount required by law and of at least $20,000,000.00 to the NIST; �� Plan of appropriate service standards, oversight and communication with subcontracted providers that ensures quality of care and adherence to state and federal requirements; �� Plan for ensuring that the number of �unfillable� reservations by contractor (due to contract placement capacities) is as close to zero as possible. 7.�� Cybersecurity and Privacy Requirements NIST seeks a solution which provides security and privacy protection consistent with requirements defined by applicable federal laws, regulations, policies, and standards (e.g., the Federal Information Security Management Act (FISMA), OMB Circular A-130, and FIPS Publication 200). The solution provider (including subcontractors) may meet these requirements through various means including but not limited to; FedRAMP authorization, current third-party assessments (e.g., SSAE, PCI) and/or responses to NIST special publication control set SP 800-171. ? Minimally Acceptable Controls �� System security plan describing physical, technical, and administrative controls implemented to protect systems and sensitive personally identifiable information (SPII). �� IT management processes to establish and manage secure configuration baselines including routine patching for all operating systems and applications. �� Access to SPII is restricted to those with a need to know. Personnel with access to SPII have background investigations performed (e.g., criminal, financial etc.), and are trained on secure handling of SPII. �� Access Controls for SPII meet or exceed industry best practices for access and identification control including, but not limited to, connectivity to servers and databases, multi-factor authentication for remote accesses for administration, secure configurations for any devices accessing the system, and strong physical security for any place where the data is accessed. �� The solution supports multifactor authentication for users and/or supports integration with customer federation services for Single-Sign capability. �� Processes for scanning on a continual basis for vulnerabilities and proper configurations for all aspects of the system, as well as processes for timely mitigation of findings. �� Auditing and Incident Response processes including customer notification of suspected or actual incidents and logging with sufficient information to perform forensics on any incident. Processes for notifying and providing appropriate mitigations, including but not limited to credit monitoring services, for subsidy applicants in the event of suspected or actual incidents. �� SPII is encrypted in transit using TLS 1.2 or better and encrypted at rest in all places the SPII is stored.� All encryption algorithms and modules are FIPS 140-2/140-3 validated. If unable to meet any of the requirements listed above, solution provider may provide details of mitigations or alternative protections in place to ensure the appropriate handling and protection of SPII. If the solution provider provides services to other Federal agencies, provide a general description of the security risk management approach and client point of contact. Respond to the questions below to provide Government information necessary to evaluate compliance with FISMA/FedRAMP requirements: 1. Describe the security controls that limit or restrict access to the system. 2. Describe your IT systems change management process. 3. Describe your patch management, antivirus, and vulnerability remediation process. 4. Describe the process to collect, protect and dispose information gathered by the proposed application, i.e., Personally Identifiable Information (PII). 508 Compliance for Services3 Section 508 requires that all website content be accessible to people with disabilities. This applies to Web applications, Web pages and all attached files on the intranet, as well as internet. Each month the Department of Health and Human Services runs a Section 508-compliance analysis on all the websites in its portfolio. The resulting report is called a �HHS 508 Leaderboard Report.� This Section 508 status report is made available to every OPDIV and STAFFDIV for any needed actions to achieve a 508 compliant site. Use this link to see the most recent leaderboard report. Specifically, the end-product must be conformant with all applicable provisions, including: - 1194.21 Software Applications and Operating Systems - 1194.22 Web-based Intranet and Internet Information and Applications - 1194.24 Video and Multimedia Products - 1194.31 Functional Performance Criteria - 1194.41 Information, Documentation, and Support Personally Identifiable Information (PII) The contractor will maintain databases to manage and document the NIST back-up child/adult/elder care program. �� The contractor shall provide the best value cost to the NIST users. �� The contractor shall have appropriate safeguards established and in place to protect PII that is obtained in the regular course of business. �� The contractor shall comply with all the NIST security requirements. �� The contrassigned to perform tasks for the duration of the contract. �� 508 Compliance: Section 508 of the Rehabilitation Act requires that Federal agencies' electronic and information technology is accessible to people with disabilities. This courseware product must be Section 508 conformant. Specifically, the end-product shall be conformant with all applicable provisions, including: o�� 1194.21 Software Applications and Operating Systems o�� 1194.22 Web-based Intranet and Internet Information and Applications o�� 1194.31 Functional Performance Criteria o�� 1194.41 Information, Documentation, and Support. (End of Specific Tasks) NIST is seeking responses from all responsible small business sources under the size standard of $40M dollars associated with the applicable NAICS code, 518210 Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services Please include company�s size classification and socio-economic status in any response to this notice. Companies able to provide such services are requested to email a detailed response describing their abilities to yolanda.mccray@nist.gov no later than the response date for this source. The report should include any information relevant to your capabilities and the following: Name of company/companies that are authorized provide services, their addresses, and a point �of contact for the company (name, phone number, fax number and email address). Number of days, after receipt of order that is typical for delivery of services. Indication of whether the services are currently on one or more GSA Federal Supply Schedule contract or any other government-wide contracts. If so, please provide the applicable contract number(s). Indication of whether the services proposed is a commercial item currently offered in the marketplace. Any other relevant information that is not listed above which the Government should consider in developing its minimum performance requirements.
Web Link: SAM.gov Permalink
(https://sam.gov/opp/295c913539894e16a522922ae6bce7df/view)
Place of Performance: Address: Gaithersburg, MD 20899, USA; Zip Code: 20899; Country: USA
Record: SN06647584-F 20230413/230411230112 (samdaily.us)
Source: SAM.gov Link to This Notice
(may not be valid after Archive Date)

| FSG Index | This Issue's Index | Today's SAM Daily Index Page |

Loren Data's SAM Daily™

99 -- NIST Backup Care Program