Inactive

THIS REQUEST FOR INFORMATION (RFI) 36C26220Q0325-IS ISSUED SOLELY FOR INFORMATION AND PLANNING PURPOSES ONLY AND DOES NOT CONSTITUTE A SOLICITATION. THE SUBMISSION OF PRICING, CAPABILITIES FOR PLANNIN... THIS REQUEST FOR INFORMATION (RFI) 36C26220Q0325-IS ISSUED SOLELY FOR INFORMATION AND PLANNING PURPOSES ONLY AND DOES NOT CONSTITUTE A SOLICITATION. THE SUBMISSION OF PRICING, CAPABILITIES FOR PLANNING PURPOSES, AND OTHER MARKET INFORMATION IS HIGHLY ENCOURAGED AND ALLOWED UNDER THIS RFI IN ACCORDANCE WITH (IAW) FAR 15.201(e). SOURCES SOUGHT DESCRIPTION This is NOT a solicitation announcement. This is a source sought/RFI for market research only. The purpose of this source sought/RFI is to gain knowledge of potential qualified sources and their size classification relative to NAICS 339112 (size standard is 1,000 Employees). Responses to this source sought will be used by the Government to make appropriate acquisition decisions. After review of the responses to this source sought, a solicitation announcement may be published. Responses to this source sought synopsis are not considered adequate responses for a solicitation announcement. The Department of Veterans Affairs (VA), VISN 22 Network Contracting Office, is seeking sources that can provide UDI Tracking System that at a minimum meets the following salient characteristics in the Statement of Work under Section 4 for the VA Long Beach Healthcare System: ITEM DESCRITPTION UNIT QUANTITY UNIT PRICE AMOUNT 0001 UDI Tracker Premium Implementation JB 1 0002 O.R. UDITracker Premium License YR 1 0003 VISTA Interface Implementation JB 1 0004 VISTA Interface with Consult Creation YR 1 0005 TS-036 5.7 cu. ft. Intelligent Freezer EA 1 0006 TS-079 3.6 cu. ft. Intelligent Freezer EA 1 0007 TS-074 20.2 cu ft. Intelligent Refrigerator EA 1 0008 TS-030 25 cu ft. Intelligent Cabinet x 2 EA 1 0009 Freezer CO2 or LN2 Backup Systems x 2 EA 1 0010 Freezer Accessory Package x 2 EA 1 0011 Bins and Shelving x 5 EA 1 0012 RFID Maintenance and Data Service x 5 YR 1 0013 RFID Unit Implementation (including Freight) JB 1 0014 Barcode Scanner x 4 PG 1 0015 Associated Implementation Fee (If any) JB 1 TOTAL Include shipping cost on the items price. Vendor Requirements: Vendor shall quote all items under this requirement. Vendor shall provide standard warranty on the product starting from the first day of delivery. STATEMENT OF WORK FOR THE UDI TRACKER, VA HOSPITAL MEDICAL CENTER, LONG BEACH, CA Background Due to FDA requirements, Joint Commission Compliance and VHA requirements, all medical facilities are required to track implantable items/devices (biological and non-biological). Scope The implant system must track and effectively manage inventory of all types of implantable items/devices (biological and non-biological), as well as have the full capacity to extend to other tracked items e.g. hearing aids, dental implants, etc. Tracking system shall support oversight of all devices all across the Medical Center. System will supply access to a web-based system to track devices from initiated request/use through to implant/delivery to patient and back (bi-directional) extending to warranty and supplier licensing/certification tracking. All integrated features will have retrievable supporting documentation with established analytics tools that drill by various fields and are exportable in various formats including but not limited to Excel & PDF. System delivery will include all initial hardware (scanner & printer), maintenance, licensing, unlimited storage capacity & information retention for a minimum of 75 years from last date of entry, multi-level training. System installation will be to the most current version available Product Description and Quantity ITEM DESCRITPTION UNIT QUANTITY 0001 UDI Tracker Premium Implementation JB 1 0002 O.R. UDITracker Premium License YR 1 0003 VISTA Interface Implementation JB 1 0004 VISTA Interface with Consult Creation YR 1 0005 TS-036 5.7 cu. ft. Intelligent Freezer EA 1 0006 TS-079 3.6 cu. ft. Intelligent Freezer EA 1 0007 TS-074 20.2 cu ft. Intelligent Refrigerator EA 1 0008 TS-030 25 cu ft. Intelligent Cabinet x 2 EA 1 0009 Freezer CO2 or LN2 Backup Systems x 2 EA 1 0010 Freezer Accessory Package x 2 EA 1 0011 Bins and Shelving x 5 EA 1 0012 RFID Maintenance and Data Service x 5 YR 1 0013 RFID Unit Implementation (including Freight) JB 1 0014 Barcode Scanner x 4 PG 1 Salient Characteristics Salient Characteristics for the Champion Healthcare Technologies UDI Tracker Must include UDITracker software. Must integrate with Document Storage Systems (DSS) Live Data currently used at Long Beach VA, Surgical HCG. Must have a dedicated centralized remote server maintained by the vendor. Must have a Business Associate Agreement (BAA), Authority to Operate (ATO) Must have a Memorandum of Understanding /Interconnection Security Agreement (MOU/ISA) and meet all HIPPA compliance standards for transmission and storage of all data; security of all information. Must be able to track and effectively manage inventory of all types of implantable items/devices (biological and non-biological), as well as have the full capacity to extend to other tracked items e.g. hearing aids, dental implants, etc. Must be able to supply access to a web based system to track devices from initiated request/use through to implant/delivery to patient and back (bi-directional) extending to warranty and supplier licensing/certification tracking. Must be intuitive. Must be latest version and be upgradeable to future versions of this system. Must have integrated features that will have retrievable supporting documentation with established analytics tools that drill by various fields and are exportable in various formats including but not limited to Excel & PDF. Must have all initial hardware (scanner & printer full service), maintenance, licensing, unlimited storage capacity & information retention for a minimum of 75 years from last date of entry, multi-level training. Must be compatible with existing Vista system and provide real-time integration with Vista - including scanning of tissue/implants into patient record eliminating the need for nurses to manually enter data. Must have one-click entry of tissue shipments from LifeNet, Allosource, CTS, RTI, MTF, MiMedx directly into available inventory. Must have Integrated RFID storage with 24/7 remote monitoring. Must have data/analytics for quick reconciliation including real-time cost per procedure per surgeon Must be able to support Electronic Health Record (HER) systems including Epic, Cerner, PICIS, MEDITECH, GIP, Vista, and McKesson, as well as ERP/MMIS systems including PeopleSoft, Lawson, SAP, MEDITECH, GIP, and McKesson. Must have automated recall matching to inventory and patient that is NOT reliant on a non-FDA third party recall notification service. Additional System Requirements: System will meet or exceed VHA IT Security Requirements including but not limited to an established HL7 interface and financial institution level of encryption. The operating system will be web based thus allowing for access on any computer for retrieval of information provided appropriate log in is accomplished. System will have the ability to have bi-directional integration between the software and the VA Electronic Health Record (EHR) and MMIS systems thereby bridging the gap between patient care and supply chain. The system should be able to support EHR systems including Epic, Cerner, PICIS, MEDITECH, GIP, Vista, and McKesson, as well as ERP/MMIS systems including PeopleSoft, Lawson, SAP, MEDITECH, GIP, and McKesson. Vendor must have a Business Associate Agreement (BAA), Authority to Operate (ATO), Memorandum of Understanding /Interconnection Security Agreement (MOU/ISA) and meet all HIPPA compliance standards for transmission and storage of all data; security of all information. Highest level of encryption technology, as aforementioned, to protect all data transmission and storage security protocols. Able to communicate with other VA medical centers as well as the ability for a National and VISN Directors to see all facilities under there preview. Utilize FDA Alerts and Recalls program that will do automatic data dives to extract out information and alert on any item that is recalled, no matter the status e.g. implanted, location, etc. Providing automated targeted emailed notifications sent to multiple recipients to facilitate the timeliest notification to the Medical Center staff; alerts have to be same, as facility uses this already and does not want to create a duplicate system with differing language or ways to duplicate/confuse and have it done repetitive times over same alert. System recall and Alert program will retrieve all maintained information associated with that individual implant e.g. item, location (implanted/shelf). Email or text notifications must be able to be sent when recalls are matched to inventory or affected patients, so manual data dives are not necessary. System redundancy is required for multiple power grids to assure data base is always available and fully functional. Must offer full initial data front load of all field information; product extraction to be provided by VA. Implementation of the system must be completed within six (6) months of award. License start-up will not begin until actual system milestone is in place and implemented. Renewal will be one year from the date of actual start usage, which will be mutually agreed upon by vendor and VA. Ongoing vendor data loads will be accomplished within one hour or less of request; consistency of data. Each individual access must have personal log on. The log on must include a trackable (see log in s and levels of access/changes) change management review feature/report. System access shall have a tiered access approach for security and control. Vendor shall provide a Toll-Free Hotline service will be available 24/7 for troubleshooting and emergent issues. System must integrate some type of technology that will show ship and receipt, if manufacturer has already established on the GTIN system and be expandable to those joining; facilitate review from ship to receipt view, so validation can be done. This is necessary to assure staff/patient notification is done as timely as possible should a shipment shows delay in transit (leaning forward for supply chain management). All tissue monitoring will include tissue prep instruction provided and updated by the tissue/implant tracking vendor, in addition to recall and transmission tracking. Cath Lab (pacemaker) and OR tracking integration will include RFID solution options. System must provide option to track complete warranty notification process for credit/returns for implant/explant and usage warranty. Tracking will be to various categories e.g. consigned, owned, etc. Ability to create a standardized barcode label for all manufacturers that are not currently utilizing GTIN and those that may need scanning capabilities upon receipt. System will have a fully developed and interactive secure analytics suite with multiple levels of reporting including graphs/charts, and all exportable to at a minimum but not limited to Excel & PDF formats or as an image; multiple outputs to facilitate differing report views/variations for varying audiences. System will support barcode scanning capabilities for multiple formats of coding e.g. GTIN and all compliant vendors, as they join the mandated technology compliance. Not looking for a separate barcoding system; reduction in labor burden not increases. System will populate, validate, update and all retain real time, as well as past, including but may not be limited to, FDA, AATB, AOPO, EEBA, HMBANA, and applicable state certifications as required by Joint Commission; support of acceptable business practices with minimum of 10-year history. System shall integrate with various RFID electronic supply cabinets. System will have RFID interoperability for integration of RTLS for future expansion of tracking program. Vendor must have active shipment integrations with major tissue suppliers, including but may not be limited to LifeNet, MTF, Allosource and CTS. Personnel The Contractor shall be responsible for the administration and management of all aspects of this SOW. This includes responsibility for all Contractor employees, subcontracts, agents, and anyone acting for or on behalf of the Contractor. The government is authorized to restrict the employment under the contract of any Contractor employee or prospective Contractor employee, who is identified as a potential threat to the health, safety, security, general wellbeing, or operational mission of the installation and its population. Contractor personnel shall present a neat appearance. Contractor personnel shall be easily recognizable while on the installation in conjunction with this contract. This shall be accomplished through the wear of distinctive clothing, overcoats, rain gear, or hats, bearing the company name or logo. The coloring or design of the items selected should be such that identifies personnel easily and quickly for reasons of safety and personal protection. Contractor s personnel are required to read, write, speak, and understand the English language, unless otherwise specified in this contract or agreed to by the Government. All Contractor personnel are required to wear identification (I.D.) badges during the entire time they are on the VA grounds. I.D. badges shall have an identification picture and shall state the name of the individual and the company they represent. The VA will issue an ID badge upon the completed fingerprinting process. The parties agree that the Contractor s personnel working as a result of this contract shall not be considered VA employees for any purpose and shall be considered employees of the Contractor. The Contractor shall be responsible for providing: Workers Compensation. Professional liability insurance. Health examinations. Income tax withholding, and, Social Security payments. Health Insurance Portability and Accountability Act: Contractor shall take reasonable measures to ensure patient privacy and confidentiality. The contractor agrees to take all reasonable precautions to safeguard patient information from unauthorized access or modification, in audio, electronic, and hard copy formats. That the undersigned understands that all parties are bound by the requirements of the Health Insurance Portability and Accountability Act of 1996 which provide guidance on the protection of patient privacy and confidentiality. This Act mandates that all government agencies, and those bodies with whom they contract, must be in compliance with the directives of the Act. Information and Information Technology Security Requirements: The contractor and their personnel shall be subject to the same Federal laws, regulations, standards and VA polices as VA personnel, regarding privacy and security information. Information made available to the contractor or subcontractor by VA for the performance or administration of this contract or information developed by the contractor/subcontractor in performance or administration of the contract shall be used only for those purposes and shall not be used in any other way without the prior written agreement of the VA. This clause expressly limits the contractor/subcontractor s rights to use data as described in Rights in Data General, FAR 52.227-14(d) (1). If VA determines that the contractor has violated any of the information confidentiality, privacy, and security provisions of the contract, it shall be sufficient grounds for VA to withhold payment to the contractor or third party or terminate the contract for default or terminate for cause under Federal Acquisition Regulation (FAR) part 12. The contractor/subcontractor shall not release VA records protected by Title 38 U.S.C. 5705, confidentiality of medical quality assurance records and/or Title 38 U.S.C. 7332, confidentiality of certain health records pertaining to drug addiction, sickle cell anemia, alcoholism or alcohol abuse, or infection with human immunodeficiency virus. If the contractor/subcontractor is in receipt of a court order or other requests for the above-mentioned information, that contractor/ subcontractor shall immediately refer such court orders or other requests to the VASNHS Release of Information office for response. The C&A requirements do not apply, and that a Security Accreditation Package is not required. Vendor shall ensure that a Contractor Security Control Assessment (CSCA) is completed within 30 days of contract approval and yearly on the renewal date of the contract. Vendor shall ensure that the CSCA is sent to the ISO and the OCS Certification Program Office for review to ensure that appropriate security controls are being implemented in service contracts. Ensure a copy of the CSCA is maintained in the Security Management and Reporting Tool (SMART) database. COR will provide a copy of the completed CSCA to ISO for uploading into SMART database. Liquidated Damages for Data Breach: Consistent with the requirements of 38 U.S.C. §5725, a contract may require access to sensitive personal information. If so, the contractor is liable to VA for liquidated damages in the event of a data breach or privacy incident involving any SPI the contractor/subcontractor processes or maintains under this contract. The contractor/subcontractor shall provide notice to VA of a security incident as set forth in the Security Incident Investigation section above. Upon such notification, VA must secure from a non-Department entity or the VA Office of Inspector General an independent risk analysis of the data breach to determine the level of risk associated with the data breach for the potential misuse of any sensitive personal information involved in the data breach. The term 'data breach' means the loss, theft, or other unauthorized access, or any access other than that incidental to the scope of employment, to data containing sensitive personal information, in electronic or printed form, that results in the potential compromise of the confidentiality or integrity of the data. Contractor shall fully cooperate with the entity performing the risk analysis. Failure to cooperate may be deemed a material breach and grounds for contract termination. Each risk analysis shall address all relevant information concerning the data breach, including the following: Nature of the event (loss, theft, unauthorized access); Description of the event, including date of occurrence and data elements involved, including any PII, such as full name, social security number, date of birth, home address, account number, disability code. Number of individuals affected or potentially affected; Names of individuals or groups affected or potentially affected. Ease of logical data access to the lost, stolen or improperly accessed data in light of the degree of protection for the data, e.g., unencrypted, plain text. Amount of time the data has been out of VA control. The likelihood that the sensitive personal information will or has been compromised (made accessible to and usable by unauthorized persons). Known misuses of data containing sensitive personal information, if any. Assessment of the potential harm to the affected individuals. Data breach analysis as outlined in 6500.2 Handbook, Management of Security and Privacy Incidents, as appropriate; and whether credit protection services may assist record subjects in avoiding or mitigating the results of identity theft based on the sensitive personal information that may have been compromised. Based on the determinations of the independent risk analysis, the contractor shall be responsible for paying to the VA liquidated damages per affected individual to cover the cost of providing credit protection services to affected individuals consisting of the following: Notification, one year of credit monitoring services consisting of automatic daily monitoring of at least 3 relevant credit bureau reports, data breach analysis, fraud resolution services, including writing dispute letters, initiating fraud alerts and credit freezes, to assist affected individuals to bring matters to resolution, one year of identity theft insurance with $20,000.00 coverage at $0 deductible; and necessary legal expenses the subjects may incur to repair falsified or damaged credit records, histories, or financial affairs. Training: All contractor employees and subcontractor employees requiring access to VA information and VA information systems shall complete the following before being granted access to VA information and its systems: Sign and acknowledge (either manually or electronically) understanding of and responsibilities for compliance with the Contractor Rules of Behavior, Appendix E relating to access to VA information and information systems; Successfully complete the VA Privacy and Information Security and Rules of Behavior training and annually complete required security training; Successfully complete the appropriate VA privacy training and annually complete required privacy training; and Successfully complete any additional cyber security or privacy training, as required for VA personnel with equivalent information system access. To be defined by the VA program official and provided to the contracting officer for inclusion in the solicitation document e.g., any role-based information security training required in accordance with NIST Special Publication 800-16, Information Technology Security Training Requirements.] The contractor shall provide to the contracting officer and/or the COR a copy of the training certificates and certification of signing the Contractor Rules of Behavior for each applicable employee within 1 week of the initiation of the contract and annually thereafter, as required. Failure to complete the mandatory annual training and sign the Rules of Behavior annually, within the timeframe required, is grounds for suspension or termination of all physical or electronic access privileges and removal from work on the contract until such time as the training and documents are complete. CONTRACTOR PERSONNEL SECURITY REQUIREMENTS: The Office of Security and Law Enforcement provides Department-wide policy on the assignment of appropriate position sensitivity designations associated with VA positions involving national security and public trust responsibilities, and on the level of background investigations required for applicants for, and incumbents of, those positions. In addition to VA employees, the policy and investigative requirements are applicable to contractor personnel who require access to VA information designated as sensitive. Contractor personnel shall maintain U.S. citizenship; the Contractor shall be responsible for compliance. Regardless of U.S. citizenship requirements, Contractor personnel are required to read, write, speak, and understand the English language, unless otherwise specified in this contract or agreed to by the Government. All Contractors, subcontractors, and third-party servicers and associates working with VA information are subject to the same investigative requirements as those of VA appointees or employees who have access to the same types of information. The level and process of background security investigations is in accordance with VA Directive and Handbook 0710, Personal Suitability and Security Program. The cost for such investigations shall be borne by the Contractor, either in advance or as reimbursement to the Government. The level of sensitivity shall be determined by the Government based on the type of access required. The level of sensitivity will determine the depth of the investigation and the cost thereof. At this time, the current estimated cost for such investigations is as follows: LEVEL OF SENSITIVITY BACKGROUND INVESTIGATION LEVEL APPROXIMATE COST Low Risk National Agency Check with Written Inquiries $ 200.00 Moderate Risk Minimum Background Investigation $ 795.00 High Risk Background Investigation $2,765.00 The Contractor shall be required to furnish all applicable employee information required to conduct the investigation, such as, but not limited to, the name, address, and social security number of Contractor personnel. The VA will provide all the necessary instructions and guidance for submission of the documents required to conduct the background investigation. Health and Human Service/ Office of Inspector General (HHS/OIG) to ensure that the individuals providing services under the contract have not engaged in fraud or abuse regarding Sections 1128 and 1128A of the Social Security Act regarding federal health care programs, the contractor is required to check the HHS/OIG list of excluded individuals/entities on the OIG Website (www.hhs.gov/oig) for each person providing services under this contract. Further, the contractor is required to certify in its proposal that all persons listed in the contractor s proposal have been compared against the OIG list and are not listed. During the performance of this contract, the Contractor is prohibited from using any individual or business listed on the List of Excluded Individual/Entities. All Contractor employees shall be the subject of a background investigation and must receive a favorable adjudication from the VA Office of Security and Law Enforcement prior to contract performance. This requirement is applicable to all subcontractor personnel requiring the same access. If the investigation is not completed prior to the start date of the contract, the Contractor shall be responsible for the actions of those individuals they provide to perform work for VA. The contract physicians, Physician Assistants, Nurses, and Administrative Personnel who requires access to the Department of Veterans Affairs information must complete the background investigations in order to work on the contract. Position Sensitivity - The position sensitivity has been designated as a low risk. Background Investigation - The level of background investigation commensurate with the required level of access is Background Investigation. Contractor Responsibilities All costs associated with obtaining clearances for Contractor provided personnel would be the responsibility of the Contractor. Further, the Contractor will be responsible for the actions of all individuals provided to work for the VA under this contract. In the event that damages arise from work performed by Contractor provided personnel, under the auspices of this contract, the Contractor will be responsible for all resources necessary to remedy the incident. The Contractor shall prescreen personnel to ensure they are able to read, write, speak, and understand the English language. The Contractor shall submit or have their employees submit the following required forms to the VA Office of Security and Law Enforcement within 30 days of receipt: FD 258, U.S. Department of Justice Fingerprint Applicant Chart VA Form 0710, Authority for Release of Information Form The Contractor, when notified of an unfavorable determination by the Government, shall withdraw the employee from consideration from working under the contract. Failure to comply with the Contractor personnel security requirements may result in termination of the contract for default. Government Responsibilities The VA Office of Security and Law Enforcement will provide the necessary forms to the Contractor or to the Contractor's employees after receiving a list of names and addresses. Upon receipt, the VA Office of Security and Law Enforcement will review the completed forms for accuracy and forward the forms to Office of Personnel Management (OPM) to conduct the background investigation. The VA Office of Security and Law Enforcement shall notify the contracting officer and Contractor adjudicating the results of the background investigations received from OPM. Upon being notified about a favorable determination, the Contracting Officer may issue a notice to proceed to the Contractor. Hours of Operation Majority of initial implementation work is forecasted to be performed during normal business hours Monday-Friday, 7:30AM-4PM. However, due to the fact that the Medical Center is open and utilized for patient care it may need to extend to weekend/evening work to facilitate continued patient care. There are 10 Holidays observed by the Federal Government: New Year s Day, Presidents Day, Martin Luther King Day, Memorial Day, Fourth of July, Labor Day, Columbus Day, Veterans Day, Thanksgiving Day, Christmas Day, or any other day specifically declared by the President of the United States to be a national holiday. VA Handbook 6500.6, Appendix C Clauses to be added to this contract. GENERAL: Contractors, contractor personnel, subcontractors, and subcontractor personnel shall be subject to the same Federal laws, regulations, standards, and VA Directives and Handbooks as VA and VA personnel regarding information and information system security. ACCESS TO VA INFORMATION AND VA INFORMATION SYSTEMS: A contractor/subcontractor shall request logical (technical) or physical access to VA information and VA information systems for their employees, subcontractors, and affiliates only to the extent necessary to perform the services specified in the contract, agreement, or task order. All contractors, subcontractors, and third-party servicers and associates working with VA information are subject to the same investigative requirements as those of VA appointees or employees who have access to the same types of information. The level and process of background security investigations for contractors must be in accordance with VA Directive and Handbook 0710, Personnel Suitability and Security Program. The Office for Operations, Security, and Preparedness is responsible for these policies and procedures. Contract personnel who require access to national security programs must have a valid security clearance. National Industrial Security Program (NISP) was established by Executive Order 12829 to ensure that cleared U.S. defense industry contract personnel safeguard the classified information in their possession while performing work on contracts, programs, bids, or research and development efforts. The Department of Veterans Affairs does not have a Memorandum of Agreement with Defense Security Service (DSS). Verification of a Security Clearance must be processed through the Special Security Officer located in the Planning and National Security Service within the Office of Operations, Security, and Preparedness. Custom software Custom software development and outsourced operations must be located in the U.S. to the maximum extent practical. If such services are proposed to be performed abroad and are not disallowed by other VA policy or mandates, the contractor/subcontractor must state where all non-U.S. services are provided and detail a security plan, deemed to be acceptable by VA, specifically to address mitigation of the resulting problems of communication, control, data protection, and so forth. Location within the U.S. may be an evaluation factor. The contractor or subcontractor must notify the Contracting Officer immediately when an employee working on a VA system or with access to VA information is reassigned or leaves the contractor or subcontractor s employ. The Contracting Officer must also be notified immediately by the contractor or subcontractor prior to an unfriendly termination. VA INFORMATION CUSTODIAL LANGUAGE Information made available to the contractor or subcontractor by VA for the performance or administration of this contract or information developed by the contractor/subcontractor in performance or administration of the contract shall be used only for those purposes and shall not be used in any other way without the prior written agreement of the VA. This clause expressly limits the contractor/subcontractor's rights to use data as described in Rights in Data - General, FAR 52.227-14(d) (1). VA information should not be co-mingled, if possible, with any other data on the contractors/subcontracto...