Dec 12, 2017 3:53 pm
Section A - Solicitation/Contract Form
THIS IS AN INFORMATION NOTICE ONLY - NO AWARD WILL BE MADE FROM THIS NOTIFICATION. This is an announcement that the Government intends to issue a call against an existing Blanket Purchase Agreement (BPA) for Gastroenterology Clinic consignment items used at the the Naval Medical Center Portsmouth Virginia. The call will be placed against Naval Medical Center Portsmouth's BPA N0018317A0003. The Call will be issued for a total amount of $90,000.00 covering the period January 1, 2018 through March 31, 2018.
Section B - Supplies or Services and Prices
ITEM NO SUPPLIES/SERVICES QUANTITY UNIT UNIT PRICE AMOUNT
0001 3 Months
for Gastroenterology Clinic for January 2018 through March 2018.
PURCHASE REQUEST NUMBER: N0018318RCGE006
Section C - Descriptions and Specifications
CONTRACTOR UNCLASSIFIED ACCESS
Contractor Unclassified Access to Federally Controlled Facilities, Sensitive Information, Information Technology (IT) Systems or Protected Health Information (Jan 2017)
Homeland Security Presidential Directive (HSPD)-12, requires government agencies to develop and implement Federal security standards for Federal employees and contractors. The Deputy Secretary of Defense Directive-Type Memorandum (DTM) 08-006 - "DoD Implementation of Homeland Security Presidential Directive - 12 (HSPD-12)" dated November 26, 2008 (or its subsequent DoD instruction) directs implementation of HSPD-12. This clause is in accordance with HSPD-12 and its implementing directives.
This text applies to contractor employees requiring physical access to any area of a federally controlled base, facility or activity and/or requiring access to a DoN or DoD computer/network/system to perform certain unclassified sensitive duties. This clause also applies to contractor employees who access Privacy Act and Protected Health Information, provide support associated with fiduciary duties, or perform duties that have been identified as National Security Position, as advised by the command security manager. It is the responsibility of the responsible security officer of the command/facility where the work is performed to ensure compliance.
Each contractor employee providing services at a Navy Command under this contract is required to obtain a Department of Defense Common Access Card (DoD CAC). Additionally, depending on the level of computer/network access, the contract employee will require a successful investigation as detailed below.
ACCESS TO FEDERAL FACILITIES
Per HSPD-12 and implementing guidance, all contractor employees working at a federally controlled base, facility or activity under this clause will require a DoD CAC. When access to a base, facility or activity is required contractor employees shall in-process with the Command's Security Manager upon arrival to the Command and shall out-process prior to their departure at the completion of the individual's performance under the contract.
ACCESS TO DOD IT SYSTEMS
In accordance with SECNAV M-5510.30, contractor employees who require access to DoN or DoD networks are categorized as IT-I, IT-II, or IT-III. The IT-II level, defined in detail in SECNAV M-5510.30, includes positions which require access to information protected under the Privacy Act, to include Protected Health Information (PHI). All contractor employees under this contract who require access to Privacy Act protected information are therefore categorized no lower than IT-II. IT Levels are determined by the requiring activity's Command Information Assurance Manager.
Contractor employees requiring privileged or IT-I level access, (when specified by the terms of the contract) require a Single Scope Background Investigation (SSBI) or T5 or T5R equivalent investigation , which is a higher level investigation than the National Agency Check with Law and Credit (NACLC)/T3/T3R described below. Due to the privileged system access, an investigation suitable for High Risk national security positions is required. Individuals who have access to system control, monitoring, or administration functions (e.g. system administrator, database administrator) require training and certification to Information Assurance Technical Level 1, and must be trained and certified on the Operating System or Computing Environment they are required to maintain.
Access to sensitive IT systems is contingent upon a favorably adjudicated background investigation. When access to IT systems is required for performance of the contractor employee's duties, such employees shall in-process with the Navy Command's Security Manager and Information Assurance Manager upon arrival to the Navy command and shall out-process prior to their departure at the completion of the individual's performance under the contract. Completion and approval of a System Authorization Access Request Navy (SAAR-N) form is required for all individuals accessing Navy Information Technology resources. The decision to authorize access to a government IT system/network is inherently governmental. The contractor supervisor is not authorized to sign the SAAR-N; therefore, the government employee with knowledge of the system/network access required or the COR shall sign the SAAR-N as the "supervisor".
The SAAR-N shall be forwarded to the Command's Security Manager at least 30 days prior to the individual's start date. Failure to provide the required documentation at least 30 days prior to the individual's start date may result in delaying the individual's start date.
When required to maintain access to required IT systems or networks, the contractor shall ensure that all employees requiring access complete annual Information Assurance (IA) training, and maintain a current requisite background investigation. The Contractor's Security Representative shall contact the Command Security Manager for guidance when reinvestigations are required.
The Command's Security Manager may authorize issuance of a DoD CAC and interim access to a DoN or DoD unclassified computer/network upon a favorable review of the investigative questionnaire and advance favorable fingerprint results. When the results of the investigation are received and a favorable determination is not made, the contractor employee working on the contract under interim access will be denied access to the computer network and this denial will not relieve the contractor of his/her responsibility to perform.
DENIAL OR TERMINATION OF ACCESS
The potential consequences of any requirement under this clause including denial or termination of physical or system access in no way relieves the contractor from the requirement to execute performance under the contract within the timeframes specified in the contract. Contractors shall plan ahead in processing their employees and subcontractor employees. The contractor shall insert this clause in all subcontracts when the subcontractor is permitted to have unclassified access to a federally controlled facility, federally-controlled information system/network and/or to government information, meaning information not authorized for public release.
CONTRACTOR'S SECURITY REPRESENTATIVE
The contractor shall designate an employee to serve as the Contractor's Security Representative. Within three work days after contract award, the contractor shall provide to the requiring activity's Security Manager and the Contracting Officer, in writing, the name, title, address and phone number for the Contractor's Security Representative. The Contractor's Security Representative shall be the primary point of contact on any security matter. The Contractor's Security Representative shall not be replaced or removed without prior notice to the Contracting Officer and Command Security Manager.
BACKGROUND INVESTIGATION REQUIREMENTS AND SECURITY APPROVAL PROCESS FOR CONTRACTORS ASSIGNED TO NATIONAL SECURITY POSITIONS OR PERFORMING SENSITIVE DUTIES
Navy security policy requires that all positions be given a sensitivity value based on level of risk factors to ensure appropriate protective measures are applied. Contractor employees under this contract are recognized as Non-Critical Sensitive [ADP/IT-II] positions when the contract scope of work require physical access to a federally controlled base, facility or activity and/or requiring access to a DoD computer/network, to perform unclassified sensitive duties. This designation is also applied to contractor employees who access Privacy Act and Protected Health Information (PHI), provide support associated with fiduciary duties, or perform duties that have been identified as National Security Positions. At a minimum, each contractor employee must be a US citizen and have a favorably completed NACLC or T3 or T3R equivalent investigation to obtain a favorable determination for assignment to a non-critical sensitive or IT-II position. The investigation consists of a standard NAC and a FBI fingerprint check plus law enforcement checks and credit check. Each contractor employee filling a non-critical sensitive or IT-II position is required to complete:
• SF-86 Questionnaire for National Security Positions (or equivalent OPM investigative product)
• Two FD-258 Applicant Fingerprint Cards (or an electronic fingerprint submission)
• Original Signed Release Statements
Failure to provide the required documentation at least 30 days prior to the individual's start date shall result in delaying the individual's start date. Background investigations shall be reinitiated as required to ensure investigations remain current (not older than 10 years) throughout the contract performance period. The Contractor's Security Representative shall contact the Command Security Manager for guidance when reinvestigations are required.
Regardless of their duties or IT access requirements ALL contractor employees shall in-process with the Command's Security Manager upon arrival to the command and shall out-process prior to their departure at the completion of the individual's performance under the contract. Employees requiring IT access shall also check-in and check-out with the Navy Command's Information Assurance Manager. Completion and approval of a System Authorization Access Request Navy (SAAR-N) form is required for all individuals accessing Navy Information Technology resources. The SAAR-N shall be forwarded to the Navy Command's Security Manager at least 30 days prior to the individual's start date. Failure to provide the required documentation at least 30 days prior to the individual's start date shall result in delaying the individual's start date.
The contractor shall ensure that each contract employee requiring access to IT systems or networks complete annual Information Assurance (IA) training, and maintain a current requisite background investigation. Contractor employees shall accurately complete the required investigative forms prior to submission to the Command Security Manager. The Command's Security Manager will review the submitted documentation for completeness prior to submitting it to the Office of Personnel Management (OPM); Potential suitability or security issues identified may render the contractor employee ineligible for the assignment. An unfavorable determination is final (subject to SF-86 appeal procedures) and such a determination does not relieve the contractor from meeting any contractual obligation under the contract. The Command's Security Manager will forward the required forms to OPM for processing. Once the investigation is complete, the results will be forwarded by OPM to the DoD Central Adjudication Facility (CAF) for a determination.
If the contractor employee already possesses a current favorably adjudicated investigation, the contractor shall submit a Visit Authorization Request (VAR) via the Joint Personnel Adjudication System (JPAS) or a hard copy VAR directly from the contractor's Security Representative. Although the contractor will take JPAS "Owning" role over the contractor employee, the Command will take JPAS "Servicing" role over the contractor employee during the hiring process and for the duration of assignment under that contract. The contractor shall include the IT Position Category per SECNAV M-5510.30 for each employee designated on a VAR. The VAR requires annual renewal for the duration of the employee's performance under the contract.
Section D - Packaging and Marking
Naval Medical Center Portsmouth (NMCP) Receiving Dock Hours of Operation:
NMCP Receiving Dock is open Monday through Friday 0700 to 1600 (7:00 a.m. to 4:00 p.m.),
excluding federal holidays. Receiving personnel may be reached at 757-953-5770.
Section E - Inspection and Acceptance
INSPECTION AND ACCEPTANCE TERMS
Supplies/services will be inspected/accepted at:
CLIN INSPECT AT INSPECT BY ACCEPT AT ACCEPT BY
0001 Destination Government Destination Government
Section F - Deliveries or Performance
CLIN DELIVERY DATE QUANTITY SHIP TO ADDRESS DODAAC / CAGE
0001 POP 01-JAN-2018 TO
31-MAR-2018 N/A NAVAL MEDICAL CENTER
54 LEWIS MINOR STREET
PORTSMOUTH VA 23708-2297
FOB: Destination N00183
Section G - Contract Administration Data
CLAUSES INCORPORATED BY FULL TEXT
252.232-7006 WIDE AREA WORKFLOW PAYMENT INSTRUCTIONS (JUN 2012)
(a) Definitions. As used in this clause--
"Department of Defense Activity Address Code (DoDAAC)" is a six position code that uniquely identifies a unit, activity, or organization.
"Document type" means the type of payment request or receiving report available for creation in Wide Area WorkFlow (WAWF).
"Local processing office (LPO)" is the office responsible for payment certification when payment certification is done external to the entitlement system.
(b) Electronic invoicing. The WAWF system is the method to electronically process vendor payment requests and receiving reports, as authorized by DFARS 252.232-7003, Electronic Submission of Payment Requests and Receiving Reports.
(c) WAWF access. To access WAWF, the Contractor shall--
(1) Have a designated electronic business point of contact in the Central Contractor Registration at https://www.acquisition.gov
(2) Be registered to use WAWF at https://wawf.eb.mil/
following the step-by-step procedures for self-registration available at this Web site.
(d) WAWF training. The Contractor should follow the training instructions of the WAWF Web-Based Training Course and use the Practice Training Site before submitting payment requests through WAWF. Both can be accessed by selecting the "Web Based Training" link on the WAWF home page at https://wawf.eb.mil/.
(e) WAWF methods of document submission. Document submissions may be via Web entry, Electronic Data Interchange, or File Transfer Protocol.
(f) WAWF payment instructions. The Contractor must use the following information when submitting payment requests and receiving reports in WAWF for this contract/order:
(1) Document type. The Contractor shall use the following document type(s).
INVOICE AND RECEIVING REPORT COMBO
(2) Inspection/acceptance location. The Contractor shall select the following inspection/acceptance location(s) in WAWF, as specified by the contracting officer.
DESTINATION / DESTINATION
(3) Document routing. The Contractor shall use the information in the Routing Data Table below only to fill in applicable fields in WAWF when creating payment requests and receiving reports in the
Routing Data Table*
Field Name in WAWF Data to be entered in WAWF
Pay Official DoDAAC HQ0248
Issue By DoDAAC N00183
Admin DoDAAC N00183
Inspect By DoDAAC N/A
Ship To Code N00183
Ship From Code N/A
Mark For Code N/A
Service Approver (DoDAAC) N/A
Service Acceptor (DoDAAC) N/A
Accept at Other DoDAAC N/A
LPO DoDAAC N00183
DCAA Auditor DoDAAC N/A
Other DoDAAC(s) N/A
(4) Payment request and supporting documentation. The Contractor shall ensure a payment request includes appropriate contract line item and subline item descriptions of the work performed or supplies delivered, unit price/cost per unit, fee (if applicable), and all relevant back-up documentation, as defined in DFARS Appendix F, (e.g. timesheets) in support of each payment request.
(5) WAWF email notifications. The Contractor shall enter the email address identified below in the "Send Additional Email Notifications" field of WAWF once a document is submitted in the system.
WAWF Acceptor/COR Email Address: email@example.com
(g) WAWF point of contact.
(1) The Contractor may obtain clarification regarding invoicing in WAWF from the following contracting activity's WAWF point of firstname.lastname@example.org
(2) For technical WAWF help, contact the WAWF helpdesk at 866-618-5988.
(End of clause)
Section H - Special Contract Requirements
PRIVACY & SECURITY OF PHI
PRIVACY AND SECURITY OF PROTECTED HEALTH INFORMATION
In accordance with DoD 6025.18-R "Department of Defense Health Information Privacy Regulation," January 24, 2003, the Contractor meets the definition of Business Associate. Therefore, a Business Associate Agreement is required to comply with both the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security regulations. This clause serves as that agreement whereby the Business Associate agrees to abide by all applicable HIPAA Privacy and Security requirements regarding health information as defined in this clause, and in DoD 6025.18-R and DoD 8580.02, as amended. Additional requirements will be addressed when implemented.
a. Definitions. As used in this clause generally refer to the Code of Federal Regulations (CFR) definition unless a more specific provision exists in DoD 6025.18-R or DoD 8580.02.
(1) HITECH Act shall mean the Health Information Technology for Economic and Clinical Health Act included in the American Recovery and Reinvestment Act of 2009.
(2) Individual has the same meaning as the term "individual" in 45 CFR 160.103 and shall include a person who qualifies as a personal representative in accordance with 45 CFR 164.502(g).
(3) Privacy Rule means the Standards for Privacy of Individually Identifiable Health Information at 45 CFR part 160 and part 164, subparts A and E.
(4) Protected Health Information has the same meaning as the term "protected health information" in 45 CFR 160.103, limited to the information created or received by the Business Associate from or on behalf of the Government pursuant to the Contract.
(5) Electronic Protected Health Information has the same meaning as the term "electronic protected health information" in 45 CFR 160.103.
(6) Required by Law has the same meaning as the term "required by law" in 45 CFR 164.103.
(7) Secretary means the Secretary of the Department of Health and Human Services or his/her designee.
(8) Security Incident will have the same meaning as the term "security incident" in 45 CFR 164.304, limited to the information created or received by Business Associate from or on behalf of Covered Entity.
(9) Security Rule means the Health Insurance Reform: Security Standards at 45 CFR part 160, 162 and part 164, subpart C.
(10) Terms used, but not otherwise defined, in this Clause shall have the same meaning as those terms in 45 CFR 160.103, 160.502, 164.103, 164.304, and 164.501.
b. The Business Associate shall not use or further disclose Protected Health Information other than as permitted or required by the Contract or as Required by Law.
c. The Business Associate shall use appropriate safeguards to maintain the privacy of the Protected Health Information and to prevent use or disclosure of the Protected Health Information other than as provided for by this Contract.
d. The HIPAA Security administrative, physical, and technical safeguards in 45 CFR 164.308, 164.310, and 164.312, and the requirements for policies and procedures and documentation in 45 CFR 164.316 shall apply to Business Associate. The additional requirements of Title XIII of the HITECH Act that relate to the security and that are made applicable with respect to covered entities shall also be applicable to Business Associate. The Business Associate agrees to use administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic protected health information that it creates, receives, maintains, or transmits in the execution of this Contract.
e. The Business Associate shall, at their own expense, take action to mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of Protected Health Information by the Business Associate in violation of the requirements of this Clause. These mitigation actions will include as a minimum those listed in the TMA Breach Notification Standard Operating Procedure (SOP), which is available at: http://www.tricare.mil/tmaprivacy/breach.cfm
f. The Business Associate shall report to the Government any security incident involving protected health information of which it becomes aware.
g. The Business Associate shall report to the Government any use or disclosure of the Protected Health Information not provided for by this Contract of which the Business Associate becomes aware.
h. The Business Associate shall ensure that any agent, including a sub Business Associate, to whom it provides Protected Health Information received from, or created or received by the Business Associate, on behalf of the Government, agrees to the same restrictions and conditions that apply through this Contract to the Business Associate with respect to such information.
i. The Business Associate shall ensure that any agent, including a subBusiness Associate, to whom it provides electronic Protected Health Information, agrees to implement reasonable and appropriate safeguards to protect it.
j. The Business Associate shall provide access, at the request of the Government, and in the time and manner reasonably designated by the Government to Protected Health Information in a Designated Record Set, to the Government or, as directed by the Government, to an Individual in order to meet the requirements under 45 CFR 164.524.
k. The Business Associate shall make any amendment(s) to Protected Health
Information in a Designated Record Set that the Government directs or agrees to pursuant to 45 CFR 164.526 at the request of the Government, and in the time and manner reasonably designated by the Government.
l. The Business Associate shall make internal practices, books, and records relating to the use and disclosure of Protected Health Information received from, or created or received by the Business Associate, on behalf of the Government, available to the Government, or at the request of the Government to the Secretary, in a time and manner reasonably designated by the Government or the Secretary, for purposes of the Secretary determining the Government's compliance with the Privacy Rule.
m. The Business Associate shall document such disclosures of Protected Health Information and information related to such disclosures as would be required for the Government to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR 164.528.
n. The Business Associate shall provide to the Government or an Individual, in time and manner reasonably designated by the Government, information collected in accordance with this Clause of the Contract, to permit the Government to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR 164.528.
2. General Use and Disclosure Provisions
Except as otherwise limited in this Clause, the Business Associate may use or disclose Protected Health Information on behalf of, or to provide services to, the Government for treatment, payment, or healthcare operations purposes, in accordance with the specific use and disclosure provisions below, if such use or disclosure of Protected Health Information would not violate the HIPAA Privacy Rule, the HIPAA Security Rule, DoD 6025.18-R or DoD 8580.02 if done by the Government. The additional requirements of Title XIII of the HITECH Act that relate to privacy and that are made applicable with respect to covered entities shall also be applicable to Business Associate.
3. Specific Use and Disclosure Provisions
a. Except as otherwise limited in this Clause, the Business Associate may use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate.
b. Except as otherwise limited in this Clause, the Business Associate may disclose Protected Health Information for the proper management and administration of the Business Associate, provided that disclosures are required by law, or the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as required by law or for the purpose for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
c. Except as otherwise limited in this Clause, the Business Associate may use Protected Health Information to provide Data Aggregation services to the Government as permitted by 45 CFR 164.504(e)(2)(i)(B).
d. Business Associate may use Protected Health Information to report violations of law to appropriate Federal and State authorities, consistent with 45 CFR 164.502(j)(1).
4. Obligations of the Government
Provisions for the Government to Inform the Business Associate of Privacy Practices and Restrictions
a. The Government shall provide the Business Associate with the notice of privacy practices that the Government produces in accordance with 45 CFR 164.520.
b. The Government shall provide the Business Associate with any changes in, or revocation of, permission by Individual to use or disclose Protected Health
Information, if such changes affect the Business Associate's permitted or required uses and disclosures.
c. The Government shall notify the Business Associate of any restriction to the use or disclosure of Protected Health Information that the Government has agreed to in accordance with 45 CFR 164.522.
5. Permissible Requests by the Government
The Government shall not request the Business Associate to use or disclose
Protected Health Information in any manner that would not be permissible under the HIPAA Privacy Rule, the HIPAA Security Rule, or any applicable Government regulations (including without limitation, DoD 6025.18-R and DoD 8580.02) if done by the Government, except for providing Data Aggregation services to the Government and for management and administrative activities of the Business Associate as otherwise permitted by this clause.
a. Termination. A breach by the Business Associate of this clause, may subject the Business Associate to termination under any applicable default or termination provision of this Contract.
b. Effect of Termination.
(1) If this contract has records management requirements, the records subject to the Clause should be handled in accordance with the records management requirements. If this contract does not have records management requirements, the records should be handled in accordance with paragraphs (2) and (3) below
(2) If this contract does not have records management requirements, except as provided in paragraph (3) of this section, upon termination of this Contract, for any reason, the Business Associate shall return or destroy all Protected Health Information received from the Government, or created or received by the Business Associate on behalf of the Government. This provision shall apply to Protected Health Information that agents of the Business Associate may come in contact. The Business Associate shall retain no copies of the Protected Health Information.
(3) If this contract does not have records management provisions and the Business Associate determines that returning or destroying the Protected Health Information is infeasible, the Business Associate shall provide to the Government notification of the conditions that make return or destruction infeasible. Upon mutual agreement of the Government and the Business Associate that return or destruction of Protected Health Information is infeasible, the Business Associate shall extend the protections of this Contract to such Protected Health Information and limit further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction infeasible, for so long as the Business Associate maintains such Protected Health Information.
a. Regulatory References. A reference in this Clause to a section in DoD 6025.18-R, DoD 8580.02, Privacy Rule or Security Rule means the section currently in effect or as amended, and for which compliance is required.
b. Survival. The respective rights and obligations of Business Associate under the "Effect of Termination" provision of this Clause shall survive the termination of this Contract.
c. Interpretation. Any ambiguity in this Clause shall be resolved in favor of a meaning that permits the Government to comply with DoD 6025.18-R, DoD 8580.02, the HIPAA Privacy Rule or the HIPAA Security Rule.
Vendormate Credentialing Requirement
Naval Medical Center, Portsmouth (NMCP) has instituted a Credentialing Program which is designed to streamline the collection and management of key information regarding the regulatory and compliance status as well as business operations of our suppliers.
The program requires all vendors and their representatives to register in order to gain base access to NMCP. One nominal annual credentialing fee covers your company as well as all representatives of your company that interact with NMCP.
The price ranges from $25 to $250 per year depending on your company's risk profile and is paid directly to our partner, Vendormate Credentialing. It is imperative that each representative registers individually to maintain their personal credentials and ensure ongoing base access to our facility.
A Federal Tax Identification Number and a credit card are required to complete the initial registration. Additional representatives only need the Federal Tax Identification Number.
Register for Vendormate Credentialing at https://nmcp.vendormate.com
For technical questions, go to https://ghx.com/customer-care.
Kiosks are located on the first and second floor entrances of Building two (2). Your representatives who visit NMCP may be required to sign in electronically to obtain an identification badge. With a valid appointment and current credentials, your representative will be able to print a single-use badge that is to be worn throughout the visit to any NMCP facility. Badges are required for all vendors on premises.
Please note that GHX Vendormate Credentialing is in addition to RapidGate for Base Access. Vendors are required to register for both programs in order to come onboard the NMCP base.
Base Access (NMCP)
Commander, Navy Installations Command (CNIC), has established the Navy Commercial Access Control System (NCACS), a standardized process for granting unescorted access privileges to vendors, contractors, suppliers and service providers not otherwise entitled to the issuance of a Common Access Card (CAC) who seek access to and can provide justification to enter Navy installations and facilities. Vendors visiting Naval Medical Center Portsmouth (NMCP) may obtain daily passes directly from Naval Station Norfolk (NSN) Pass and ID office, located at NSN (Bldg CD-9), 9040 Hampton Blvd, Norfolk, Virginia, 23505, by submitting identification credentials for verification and undergoing a criminal screening/ background check. Alternatively, if the vendor so chooses, it may voluntarily elect to obtain long-term credentials through enrollment, registration, background vetting, screening, issuance of credentials, and electronic validation of credentials at its own cost through one of the designated independent contractor NCACS service providers. Credentials will be issued every five years and access privileges will be reviewed / renewed on an annual basis. The costs incurred to obtain Navy installation access of any kind are not reimbursable, and the price(s) paid for obtaining long-term NCACS credentials will not be approved as a direct cost of this contract. Further information regarding NCACS can be found at http://cnic.navy.mil/CNIC_HQ_Site/index.htm.
Section I - Contract Clauses
CLAUSES INCORPORATED BY REFERENCE
252.203-7000 Requirements Relating to Compensation of Former DoD Officials SEP 2011
252.203-7002 Requirement to Inform Employees of Whistleblower Rights SEP 2013
252.204-7003 Control Of Government Personnel Work Product APR 1992
252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Reporting OCT 2016
252.225-7048 Export-Controlled Items JUN 2013
252.232-7003 Electronic Submission of Payment Requests and Receiving Reports JUN 2012
252.237-7010 Prohibition on Interrogation of Detainees by Contractor Personnel JUN 2013
252.243-7001 Pricing Of Contract Modifications DEC 1991
CLAUSES INCORPORATED BY FULL TEXT
52.203-18 PROHIBITION ON CONTRACTING WITH ENTITIES THAT REQUIRE CERTAIN INTERNAL CONFIDENTIALITY AGREEMENTS OR STATEMENTS--REPRESENTATION (JAN 2017)
(a) Definition. As used in this provision--
Internal confidentiality agreement or statement, subcontract, and subcontractor, are defined in the clause at 52.203-19, Prohibition on Requiring Certain Internal Confidentiality Agreements or Statements.
(b) In accordance with section 743 of Division E, Title VII, of the Consolidated and Further Continuing Appropriations Act, 2015 (Pub. L. 113-235) and its successor provisions in subsequent appropriations acts (and as extended in continuing resolutions), Government agencies are not permitted to use funds appropriated (or otherwise made available) for contracts with an entity that requires employees or subcontractors of such entity seeking to report waste, fraud, or abuse to sign internal confidentiality agreements or statements prohibiting or otherwise restricting such employees or subcontractors from lawfully reporting such waste, fraud, or abuse to a designated investigative or law enforcement representative of a Federal department or agency authorized to receive such information.
(c) The prohibition in paragraph (b) of this provision does not contravene requirements applicable to Standard Form 312, (Classified Information Nondisclosure Agreement), Form 4414 (Sensitive Compartmented Information Nondisclosure Agreement), or any other form issued by a Federal department or agency governing the nondisclosure of classified information.
(d) Representation. By submission of its offer, the Offeror represents that it will not require its employees or subcontractors to sign or comply with internal confidentiality agreements or statements prohibiting or otherwise restricting such employees or subcontractors from lawfully reporting waste, fraud, or abuse related to the performance of a Government contract to a designated investigative or law enforcement representative of a Federal department or agency authorized to receive such information (e.g., agency Office of the Inspector General).
(End of provision)
52.203-19 PROHIBITION ON REQUIRING CERTAIN INTERNAL CONFIDENTIALITY AGREEMENTS OR STATEMENTS (JAN 2017)
(a) Definitions. As used in this clause--
Internal confidentiality agreement or statement means a confidentiality agreement or any other written statement that the contractor requires any of its employees or subcontractors to sign regarding nondisclosure of contractor information, except that it does not include confidentiality agreements arising out of civil litigation or confidentiality agreements that contractor employees or subcontractors sign at the behest of a Federal agency.
Subcontract means any contract as defined in subpart 2.1 entered into by a subcontractor to furnish supplies or services for performance of a prime contract or a subcontract. It includes but is not limited to purchase orders, and changes and modifications to purchase orders.
Subcontractor means any supplier, distributor, vendor, or firm (including a consultant) that furnishes supplies or services to or for a prime contractor or another subcontractor.
(b) The Contractor shall not require its employees or subcontractors to sign or comply with internal confidentiality agreements or statements prohibiting or otherwise restricting such employees or subcontractors from lawfully reporting waste, fraud, or abuse related to the performance of a Government contract to a designated investigative or law enforcement representative of a Federal department or agency authorized to receive such information (e.g., agency Office of the Inspector General).
(c) The Contractor shall notify current employees and subcontractors that prohibitions and restrictions of any preexisting internal confidentiality agreements or statements covered by this clause, to the extent that such prohibitions and restrictions are inconsistent with the prohibitions of this clause, are no longer in effect.
(d) The prohibition in paragraph (b) of this clause does not contravene requirements applicable to Standard Form 312 (Classified Information Nondisclosure Agreement), Form 4414 (Sensitive Compartmented Information Nondisclosure Agreement), or any other form issued by a Federal department or agency governing the nondisclosure of classified information.
(e) In accordance with section 743 of Division E, Title VII, of the Consolidated and Further Continuing Appropriations Act, 2015, (Pub. L. 113-235), and its successor provisions in subsequent appropriations acts (and as extended in continuing resolutions) use of funds appropriated (or otherwise made available) is prohibited, if the Government determines that the Contractor is not in compliance with the provisions of this clause.
(f) The Contractor shall include the substance of this clause, including this paragraph (f), in subcontracts under such contracts.
(End of clause)
52.232-18 AVAILABILITY OF FUNDS (APR 1984)
Funds are not presently available for this contract. The Government's obligation under this contract is contingent upon the availability of appropriated funds from which payment for contract purposes can be made. No legal liability on the part of the Government for any payment may arise until funds are made available to the Contracting Officer for this contract and until the Contractor receives notice of such availability, to be confirmed in writing by the Contracting Officer.
(End of clause)
52.252-2 CLAUSES INCORPORATED BY REFERENCE (FEB 1998)
This contract incorporates one or more clauses by reference, with the same force and effect as if they were given in full text. Upon request, the Contracting Officer will make their full text available. Also, the full text of a clause may be accessed electronically at this/these address(es):
FAR Clauses http://acquisition.gov/comp/far/index.htm
DFAR Clauses http://www.acq.osd.mil/dpap/dars/dfars/index.htm
(End of clause)