Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF AUGUST 31, 2011 FBO #3567
DOCUMENT

A -- Consulting Services for Research and Development - Attachment

Notice Date
8/29/2011
 
Notice Type
Attachment
 
NAICS
541711 — Research and Development in Biotechnology
 
Contracting Office
Department of Veterans Affairs;Network Contracting Activity (NCA) 10;6150 Oak Tree Blvd., Suite 300;Independence OH 44131
 
ZIP Code
44131
 
Solicitation Number
VA25011RP0172
 
Response Due
9/8/2011
 
Archive Date
9/18/2011
 
Point of Contact
Shelly Leshe
 
Small Business Set-Aside
Service-Disabled Veteran-Owned Small Business
 
Description
This is a combined synopsis/solicitation for commercial items prepared in accordance with the format in Subpart 12.6 as supplemented with additional information included in this notice. This announcement constitutes the only solicitation; proposals are being requested and a written solicitation will not be issued. Solicitation VA-250-11-RP-0172 is being issued as a Request for Proposal (RFP) and the intent is to award a firm fixed price contract for services. The solicitation document and incorporated provisions and clauses are those in effect through Federal Acquisition Circular 2005-18. This requirement full and open competition after exclusion of sources, total service disabled veteran owned small business, for commercial items under the North Atlantic Industrial Classification System (NAICS) 541711 Research and Development in Biotechnology size standard in number of employees: 500. A.1 Contract Line Items: Background: The Louis Stokes Cleveland Functional Electronic Stimulation Center (VA FES) is a federally funded research consortium devoted to advancing knowledge and technology in the field of functional electronic stimulation. Their work involves developing and conducting research studies which often involve the development of a medical device for use on human subjects. Prior to using the medical device on humans, VA FES must receive an Investigational Device Exemption (IDE) from the FDA, permitting researches to use the device in clinical studies. The submittals for the IDE application include a copy of the proposed research study, the institutional review board approval, a description of the device and any pertinent drawings. The IDE is first submitted to the FDA and then returned with comments, advising of changes that will need to be made to meet FDA regulations. SOW: VA FES will submit the IDE application and FDA commentary to the vendor to provide regulatory consulting. Vendor shall read, analyze, and interpret the FDA report and advise the VA of changes that should be made to the IDE in order to obtain FDA compliance. The vendor will supply a written report of the recommended changes, sent electronically. The report should address the deficiencies in the original IDE and explain in detail how VA FES should change the IDE. All data stored on any electronic media type that is exchanged with the VA must be encrypted to FIPS-140-2 compliant standards. For emailed data, Public Key Infrastructure (PKI) encryption must be used. All work shall take place at the vendor's place of business. VA FES estimates that they will require approximately 64 hours of regulatory consulting annually. Please quote prices on a per hour basis. Contract Term: Date of Award through 12 months, with 4 one-year option periods HoursHourly RateTotal Base year:___________________________________________ Option year 1:___________________________________________ Option year 2:___________________________________________ Option year 3: ___________________________________________ Option year 4:___________________________________________ Total Contract Value:$______________ A.2 DELIVERY SCHEDULE The quantity and timing of the consulting will vary based on the receipt of IDEs from the FDA as well as the quantity of approved research projects and their progress. Reports should be delivered electronically within 5 working days of submission to: Kevin Kilgore, Kevin.Kilgore@va.gov, unless otherwise instructed by the Contracting Officer or the Contracting Officer's Technical Representative. If it is anticipated that the contractor cannot meet the deadline, they may request an extension from the COTR, not to exceed 10 days. Invoices shall be submitted in accordance with Federal Regulations 52.212-4(g) and shall be submitted to Financial Management Systems, PO Box 149971, Austin, Texas 78714. Remittance address: Payments under this contract shall be made to the address indicated in your quote. CONTRACT CLAUSES Provisions and Clauses: The clause at 52.219-27 Notice of Total Service Disabled Veteran Owned Small Business Set Aside is applicable to this procurement. The provision at 52.212-1, Instructions to Offerors- Commercial, applies to this acquisition. Award will be made on the basis of Lowest Price Technically Acceptable. Offerors should include a completed copy of the provision at 52.213-3, Offeror Representations and Certifications- Commercial items, with offer. The clause at 52.212-4 Contract Terms and Conditions-Commercial Items, applies to this acquisition, to include the following addendum to the clause: None. The clause at 52.212-5, Contract Terms and Conditions Required to Implement Statues or Executive Orders-Commercial Items, applies to this acquisition which shall include the following clauses: 52.222-21, 52.222-26, 52.222-35, 52.222-36,52.222-37,52.225-3, 52.223-18, Contractor Policy to Ban Text Messaging while Driving, 52.219-28, Post Award Small Business Program Rerepresentation, 52.225-13, Restrictions on Certain Foreign Purchases, 52.232-33, Payment by Electronic Funds Transfer--Central Contractor Registration, 52.222-41, Service Contract Act of 1965, 52.227-14 RIGHTS IN DATA-GENERAL, 52.227-16 ADDITIONAL DATA REQUIREMENTS. The preceding Federal Acquisition Regulations (FAR) clauses and provisions may be accessed on the Internet at The preceding Veterans Administration (VAAR) clauses and provisions may be accessed on the Internet at https://www.acquisition.gov/far/. 52.212-2 EVALUATION--COMMERCIAL ITEMS (JAN 1999) (a) The Government will award a contract resulting from this solicitation to the responsible offeror whose offer conforming to the solicitation will be most advantageous to the Government, price and other factors considered. The following factors shall be used to evaluate offers: 1.Technical a.Familiarity with FDA regulations and Investigational Device Exemptions i.Summary of 3 projects completed within the last 3 years, to include brief description of the project, length of contract, and dollar value. b.Familiarity with Functional Electronic Stimulation (FES) technology such as pulse generators and electrodes i.submit examples of cases (if any) worked on utilizing this technology c.Personnel Qualifications i. Please submit a narrative demonstrating relevant experience of personnel. Preference for biomedical engineering background with focus in electrical stimulation, neuroprostheses, and neural control interfacing 2.Past performance- a.please submit at least 2 references for customers within the last 3 years Technical and past performance, when combined, are equal to price. (b) Options. The Government will evaluate offers for award purposes by adding the total price for all options to the total price for the basic requirement. The Government may determine that an offer is unacceptable if the option prices are significantly unbalanced. Evaluation of options shall not obligate the Government to exercise the option(s). (c) A written notice of award or acceptance of an offer mailed or otherwise furnished to the successful offeror within the time for acceptance specified in the offer, shall result in a binding contract without further action by either party. Before the offer's specified expiration time, the Government may accept an offer (or part of an offer), whether or not there are negotiations after its receipt, unless a written notice of withdrawal is received before award. Quotes and accompanying information are due no later than 12 p.m. EST, Friday, September 2, 2011. Quotes must be sent by email to shelly.leshe@va.gov. The successful offeror must be registered with the Central Contractor Registration (CCR) to be awarded a contract. You may register easily and quickly on-line at http://www.ccr.gov CONTRACT DOCUMENTS, EXHIBITS, OR ATTACHMENTS BUSINESS ASSOCIATE AGREEMENT BETWEEN THE DEPARTMENT OF VETERANS AFFAIRS, VETERANS HEALTH ADMINISTRATION AND Whereas, ________________ (Business Associate) provides consulting services to the Department of Veterans Affairs Veterans Health Administration (Covered Entity); and Whereas, in order for Business Associate to provide consulting services to Covered Entity, Covered Entity discloses to Business Associate Protected Health Information (PHI) and Electronic Protected Health Information (EPHI) pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Pub. L. 104-191, 110 Stat. 1936 (1996), and its implementing regulations, 45 C.F.R Parts 160, 162, and 164, ("the HIPAA Privacy and Security Rules"); and Whereas, the American Recovery and Reinvestment Act of 2009, Pub. L. 111-5, 123 Stat. 115 (2009), pursuant to Title XIII of Division A and Title IV of Division B, called the Health Information Technology for Economic and Clinical Health (HITECH) Act, provides modifications to the HIPAA Privacy and Security Rules; and Whereas, Department of Veterans Affairs Veterans Health Administration is a "Covered Entity" as that term is defined in the HIPAA implementing regulations, 45 C.F.R. 160.103; and Whereas,____________________, including its employees, officers, contractors, subcontractors, or any other agents, as a recipient of PHI from Covered Entity in order to provide services to Covered Entity, is a "Business Associate" of Covered Entity as that term is defined in the HIPAA implementing regulations, 45 C.F.R 160.103; and Whereas, pursuant to the Privacy and Security Rules, all Business Associates of Covered Entities must agree in writing to certain mandatory provisions regarding the Use and Disclosure of PHI and EPHI; and Whereas, the purpose of this Agreement is to comply with the requirements of the Privacy and Security Rules, including, but not limited to, the Business Associate Agreement requirements at 45 C.F.R. 164.308(b), 164.314(a), 164.410, 164.502(e), and 164.504(e), as may be amended. NOW, THEREFORE, Covered Entity and Business Associate agree as follows: 1. Definitions. Unless otherwise provided in this Agreement, capitalized terms and phrases that are defined in the Privacy and Security Rules have the same meanings as set forth in the Privacy and Security Rules. When the phrase "Protected Health Information" and the abbreviation "PHI" are used in this Agreement, they include the phrase "Electronic Protected Health Information" and the abbreviation "EPHI." 2. Ownership of PHI. PHI provided by Covered Entity to Business Associate and its contractors, subcontractors, or other agents, or gathered by them on behalf of Covered Entity, under this Agreement are the property of Covered Entity. 3. Scope of Use and Disclosure by Business Associate of Protected Health Information. Unless otherwise limited herein, Business Associate may: A. Make Uses and Disclosures of PHI that is disclosed to it by Covered Entity or received by Business Associate on behalf of Covered Entity as necessary to perform its obligations under this Agreement and all applicable agreements, provided that such Use or Disclosure would not violate the HIPAA Privacy Rule if made by Covered Entity and complies with Covered Entity's minimum necessary policies and procedures; B. Use the PHI received in its capacity as a Business Associate of Covered Entity for its proper management and administration and to fulfill any legal responsibilities of Business Associate; C. Make a Disclosure of the PHI in its possession to a third party for the proper management and administration of Business Associate or to fulfill any legal responsibilities of Business Associate; provided, however, that the Disclosure would not violate the HIPAA Privacy Rule if made by Covered Entity, or is Required by Law; and Business Associate has received from the third party written assurances that (a) the information will be held confidentially and used or further disclosed only for the purposes for which it was disclosed to the third party or as Required By Law, (b) the third party will notify Business Associate of any instances of which it becomes aware in which the confidentiality of the information may have been breached, and (c) the third party has agreed to implement reasonable and appropriate steps to safeguard the information; D. Engage in Data Aggregation activities, consistent with the HIPAA Privacy Rule; and E. De-identify any and all PHI created or received by Business Associate under this Agreement, provided that the de-identification conforms to the requirements of the HIPAA Privacy Rule. 4. Obligations of Business Associate. In connection with its Use or Disclosure of PHI, Business Associate agrees that it will: A. Consult with Covered Entity before making the Use or Disclosure whenever Business Associate is uncertain whether it may make a particular Use or Disclosure of PHI in performance of this Agreement; B. Ensure any employee, officer, contractor, subcontractor, or other agent of Business Associate who has access to PHI receives at a minimum annual privacy and security awareness training that conforms to the requirements of Covered Entity; C. Develop and document policies and procedures and use reasonable and appropriate safeguards to prevent use or disclosure of PHI other than as provided by this Agreement; D. To the extent practicable, mitigate any harmful effect of a Use or Disclosure of PHI by Business Associate in violation of this Agreement that is known or, by exercising reasonable diligence, should have been known to Business Associate; E. Maintain a system or process to account for any Security Incident, Privacy Incident, or Use or Disclosure of PHI not authorized by this Agreement of which Business Associate becomes aware; F. Notify Covered Entity within 24 hours of Business Associate's discovery any incident which may potentially be a data breach, including a HIPAA Electronic Transactions and Code Sets, Privacy, Security or Standard Identifier Incident, or Use or Disclosure of PHI, whether secured (PHI which has been destroyed or in the alternative has been rendered unreadable, unusable or undecipherable) or unsecured (PHI not secured through the use of a technology which renders it unusable, unreadable, or indecipherable through methodology specified by HHS in guidance issued under 13402(h)(2) of the HITECH Act), not provided for by this Agreement and promptly provide a report to Covered Entity within ten (10) business days of the notification; (1) An incident will be considered any physical, technical or personal activity or event that increases risk of inappropriate or unauthorized use or disclosure of PHI or causes Covered Entity to be considered non-compliant with the HIPAA Privacy and Security Rules; (2) A breach, as defined in 45 C.F.R. 164.402, is an unauthorized acquisition, access, use or disclosure of PHI in a manner not permitted under the HIPAA Privacy Rule which compromises the security or privacy of the PHI by posing a significant risk of financial, reputational, or other harm to the individual; (3) A breach, consistent with 45 C.F.R. 164.410(a)(2), will be treated as discovered as of the first day on which such breach is known to Business Associate or, by exercising reasonable diligence, would have been known to Business Associate, or any employee, officer, contractor, subcontractor, or other agent of Business Associate; (4) Notification will be made by Business Associate to the Director, Health Data & Informatics by telephone, 202-461-5839 or secure fax of any HIPAA Electronic Transactions and Code Sets, Privacy, Security or Standard Identifier Incident, or Use or Disclosure of PHI not provided for by this Agreement; and (5) A written report of the incident, submitted to the Director, Health Data & Informatics within ten (10) business days after initial notification, will document the following: (a). The identification of each individual whose PHI has been, or is reasonably believed by Business Associate to have been accessed, acquired, used, or disclosed during the breach; (b). A brief description of what occurred, including the date of the breach and the date of the discovery of the breach (if known); (c). A description of the types of secured and/or unsecured PHI that was involved; (d). Any steps that Business Associate believes individuals should take to protect themselves from potential harm resulting from the breach; (e). A description of what is being done to investigate the breach, to mitigate further harm to individuals, and the reasonable and appropriate safeguards being taken to protect against future breaches; and (f). Any other information described in 45 C.F.R. 164.404(c); (g). This report should be documented as a letter and sent to: Director, Health Data & Informatics Department of Veterans Affairs - Veterans Health Administration Office of Information (19F) 810 Vermont Avenue NW Washington, DC 20420 Phone: 202-461-5839 Fax: 202-273-9386 G. Implement administrative, physical, and technical safeguards and controls for the PHI that Business Associate receives, maintains, or transmits on behalf of Covered Entity, including policies, procedures, training, and sanctions, in compliance with Federal Information Security Management Act (FISMA), Pub. L. No. 107-347, 116 Stat. 2946 (2002); the HIPAA Privacy and Security Rules, 45 C.F.R. Parts 160, 162, and 164; standards and guidance from the Office of Management and Budget and the National Institute of Standards and Technology; and other laws, regulations, and policies pertaining to safeguarding VA Sensitive Data; H. Require contractors, subcontractors, or other agents to whom Business Associate provides PHI received from Covered Entity to agree to the same restrictions and conditions that apply to Business Associate pursuant to this Agreement, including implementation of administrative, physical, and technical safeguards and controls, including policies, procedures, training and sanctions, in compliance with the above-referenced legal authorities; I. If Business Associate maintains PHI in a Designated Record Set or Privacy Act System of Records, within ten (10) business days of receiving a written request from Covered Entity: (1) Make available PHI in the Designated Record Set or System of Records necessary for Covered Entity to respond to individuals' requests for access to PHI about them that is not in the possession of Covered Entity; (2) Incorporate any amendments or corrections to the PHI in the Designated Record Set or System of Records in accordance with the Privacy Act and the HIPAA Privacy Rule; and (3) Maintain the information necessary to document the disclosures of PHI sufficient to make an accounting of those disclosures as required under the Privacy Act, 5 U.S.C. 552a, and the HIPAA Privacy Rule, and within ten (10) days of receiving a request from Covered Entity, make available the information necessary for Covered Entity to make an accounting of Disclosures of PHI about an individual in the Designated Record Set or System of Records; J. Utilize only contractors, subcontractors, or other agents who are physically located within a jurisdiction subject to the laws of the United States and ensure that no contractor, subcontractor, or agent maintains, processes, uses, or discloses PHI received from Covered Entity in any way that will remove the PHI from such jurisdiction. Any modification to this provision must be approved by Covered Entity in advance and in writing; K. Provide satisfactory assurances that the confidentiality, integrity, and availability of the PHI provided by Covered Entity under this Agreement are reasonably and appropriately protected; L. Upon completion or termination of the applicable contract(s) or agreement(s), return and/or destroy, at Covered Entity's option, the PHI gathered, created, received, or processed during the performance of the contract(s) or agreement(s). No data will be retained by Business Associate, or contractor, subcontractor, or other agent of Business Associate, unless retention is required by law or regulation and specifically permitted by Covered Entity. As deemed appropriate by and under the direction of Covered Entity, Business Associate shall provide written assurance that all PHI has been returned to Covered Entity or destroyed by Business Associate. If immediate return or destruction of all data is not possible, Business Associate shall notify Covered Entity and assure that all PHI retained will be safeguarded to prevent unauthorized Uses or Disclosures; M. Be liable to Covered Entity for liquidated damages in the event of a data breach involving any PHI maintained or processed by Business Associate under this Agreement; N. Be liable to Covered Entity for any civil or criminal penalties imposed on Covered Entity under the HIPAA Privacy and Security Rules in the event of a violation of the Rules as a result of any practice, behavior, or conduct by Business Associate; O. For the purpose of determining compliance with this Agreement and underlying agreements, Business Associate will make available to Covered Entity its practices, policies and procedures; and P. Make available to the Secretary of Health and Human Services Business Associate's internal practices, books, and records, including policies and procedures, relating to the Use or Disclosure of PHI for purposes of determining Covered Entity's compliance with the Privacy and Security Rules, subject to any applicable legal privileges. 5. Obligations of Covered Entity. Covered Entity agrees that it: A. Has obtained, and will obtain, from Individuals any consents, authorizations, and other permissions necessary or required by laws applicable to Covered Entity for Business Associate and Covered Entity to fulfill their obligations under this Agreement; B. Will promptly notify Business Associate in writing of any restrictions on the Use and Disclosure of PHI about Individuals that Covered Entity has agreed to that may affect Business Associate's ability to perform its obligations under this Agreement; and C. Will promptly notify Business Associate in writing of any change in, or revocation of, permission by an Individual to use or disclose PHI, if such change or revocation may affect Business Associate's ability to perform its obligations under this Agreement; 6. Material Breach and Termination. A. Termination for Cause. Upon Covered Entity's knowledge of a material breach by Business Associate, Covered Entity shall either: (1) Provide an opportunity for Business Associate to cure the breach or end the violation; (2) Terminate this Agreement and underlying contract(s) if Business Associate does not cure the breach or end the violation within the time specified by Covered Entity; (3) Immediately terminate this Agreement and underlying contract(s) if cure is not possible; or (4) If Business Associate has breached a material term of this agreement and neither termination nor cure is feasible, Covered Entity will report the violation to the Secretary of Health and Human Services. B. Termination Upon Review. This Agreement may be terminated by Covered Entity, if appropriate, upon review as defined in Section 12 of this Agreement. C. Automatic Termination. This Agreement will automatically terminate upon completion of the Business Associate's duties under all underlying agreements or by mutual written agreement to terminate underlying agreements. D. Effect of Termination. Termination of this Agreement will result in cessation of activities by Business Associate involving PHI under this Agreement. 7. Amendment. Business Associate and Covered Entity agree to take such action as is necessary to amend this Agreement for Covered Entity to comply with the requirements of the Privacy and Security Rules or other applicable law. 8. No Third Party Beneficiaries. Nothing expressed or implied in this Agreement is intended to confer, nor shall anything herein confer, upon any person other than the parties and their respective successors or assigns, any rights, remedies, obligations, or liabilities whatsoever. 9. Other Applicable Law. This Agreement does not and is not intended to abrogate any responsibilities of the parties under any other applicable law. 10. Effect of Agreement. With respect solely to the subject matter herein, in the case of any conflict in terms between this Agreement and any other previous agreement or addendum between the parties, the terms of this Agreement shall control and supersede and nullify any conflicting terms as it relates to the parties. 11. Effective Date. This Agreement shall be effective on last signature date below. 12. Review Date. The provisions of this Agreement will be reviewed by Covered Entity every two years from Effective Date to determine the applicability of the agreement based on the relationship of the parties at the time of review. Department of Veterans Affairs Veterans Health Administration By :By : ____________________________ Name : Name : ___________________________ Title: Title: ____________________________ Date :Date : ____________________________ E.4 52.227-16 ADDITIONAL DATA REQUIREMENTS (JUN 1987) (a) In addition to the data (as defined in the clause at 52.227-14, Rights in Data--General clause or other equivalent included in this contract) specified elsewhere in this contract to be delivered, the Contracting Officer may, at any time during contract performance or within a period of 3 years after acceptance of all items to be delivered under this contract, order any data first produced or specifically used in the performance of this contract. (b) The Rights in Data--General clause or other equivalent included in this contract is applicable to all data ordered under this Additional Data Requirements clause. Nothing contained in this clause shall require the Contractor to deliver any data the withholding of which is authorized by the Rights in Data--General or other equivalent clause of this contract, or data which are specifically identified in this contract as not subject to this clause. (c) When data are to be delivered under this clause, the Contractor will be compensated for converting the data into the prescribed form, for reproduction, and for delivery. (d) The Contracting Officer may release the Contractor from the requirements of this clause for specifically identified data items at any time during the 3-year period set forth in paragraph (a) of this clause.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/VA/BreVAMC/VAMCCO80220/VA25011RP0172/listing.html)
 
Document(s)
Attachment
 
File Name: VA-250-11-RP-0172 FBO NOTICE.doc (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=244146&FileName=VA-250-11-RP-0172-001.doc)
Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=244146&FileName=VA-250-11-RP-0172-001.doc

 
Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 
Record
SN02554319-W 20110831/110830000221-f2937740ef95c97e93b99e236a99d423 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.