Page 2 of 2 Introduction: The purpose of this Request For Information (RFI) is to seek a Rough Order of Magnitude (ROM) and vendors capable of providing commercial software licenses and maintenance support for the existing brand name Document Storage Systems (DSS) Insurance Capture Buffer (ICBWeb) software. The ICBWeb software is installed and operational at 129 parent VA Medical Center (VAMC) systems and all associated Community Based Outpatient Clinics (CBOCs) and Consolidated Patient Account Centers (CPACs). ICBWeb software is a cloud server-based product hosted within VA s Microsoft Azure Government (VA MAG) cloud. The Government anticipates soliciting this requirement on a firm fixed price basis. Interested Contractors are welcomed to, but not required to, submit any questions related to this requirement. This RFI is for planning purposes only and shall not be considered an Invitation for Bid, Request for Task Execution Plan, Request for Quotation or a Request for Proposal. Additionally, there is no obligation on the part of the Government to acquire any products or services described in this RFI. Your response to this RFI will be treated only as information for the Government to consider. You will not be entitled to payment for direct or indirect costs that you incur in responding to this RFI. This request does not constitute a solicitation for proposals or the authority to enter into negotiations to award a contract. No funds have been authorized, appropriated or received for this effort. Interested parties are responsible for adequately marking proprietary, restricted or competition sensitive information contained in their response. The Government does not intend to pay for the information submitted in response to this RFI. The Department of Veterans Affairs (VA), Veterans Health Administration (VHA), Office of Finance, eBusiness Solutions Office requires renewal of the software licenses and maintenance support for the existing brand name DSS ICBWeb software. The ICBWeb program is an insurance card scanning and Veterans Health Information System and Technology Architecture (VistA) Buffer File update management system designed to enhance the insurance data collection and verification processes for VA facilities. The ICBWeb Graphical User Interface (GUI) is integrated with several VistA components such as Appointment Scheduling and the Patient Insurance File. The transfer of information between ICBWeb and VistA is real-time. ICBWeb does not have its own patient insurance files; rather it reaches out to VistA, the system of record, and pulls the information directly from there to populate the ICBWeb views. ICBWeb allows users to easily view and update information stored within the VistA insurance company and patient insurance files. ICBWeb provides intake staff an electronic list of veterans with scheduled appointments whose insurance requires verification. The Patient Update worklist is used by check-in/check-out and registration clerks to scan insurance cards for those identified on the list. The worklist displays according to clinic configurations according to the specific user profile. Scanned images are stored in cloud-based blob storage account(s) and are immediately accessible to insurance verification clerks via the Insurance Buffer Entries list. Data from the image can be compared to existing insurance data within the veteran s permanent insurance file in VistA. A reporting utility is available to Business Office managers to ensure the compliance of Entry Clerks and Insurance Verification personnel with this initiative. VHA Directive 1910, Patient Information Collection Management (PICM) Program mandates the use of ICBWeb for requesting and verifying insurance information. As Entry Clerks populate the insurance buffer via ICBWeb, the electronic Insurance Verification (eIV) VistA software automatically sends and receives electronic inquiries in real-time from available third-party payers. These Electronic Data Interchange (EDI) processes comply with Health Insurance Portability and Accountability Act of 1996 (HIPAA) mandated industry standards. The resulting electronic response can auto-update to the patient file or is available for insurance verification staff processing. ICBWeb is integral to the continuing ability for VA to collect revenue from third party insurance carriers to meet mandates of 38 U.S.C 1729A Department of Veterans Affairs Medical Care Collections Fund (38 U.S.C 1729A Department of Veterans Affairs Medical Care Collections Fund). The listing of small, medium and large VAMCs where ICBWeb software is installed is found at Attachment A Facility List. The period of performance shall be 12 months from date of award, with four 12-month option periods, and an optional task per period for additional technical support and maintenance. DSS ICBWeb BASE PERIOD REQUIREMENTS The Contractor shall provide the following brand name DSS ICB perpetual licenses and support for the 12-month base period for all sites listed in Attachment A Facility List within thirty days after award: Part Number Description Quantity DSS-ICBWEB-VA-PL-L DSS ICB Web VA Perpetual License, Large facility 93 DSS-ICBWEB-VA-PL-M DSS ICB Web VA Perpetual License, Medium facility 25 DSS-ICBWEB-VA-PL-S DSS ICB Web VA Perpetual License, Small facility 11 DSS-ICBWEB-VA-PL-AM-L DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Large facility 92 DSS-ICBWEB-VA-PL-AM-M DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Medium facility 23 DSS-ICBWEB-VA-PL-AM-S DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Small facility 9 DSS-ICBWEB-VA-PL-AM-L DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Large facility, discounted for partial Cerner operations 1 DSS-ICBWEB-VA-PL-AM-M DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Medium facility, discounted for partial Cerner operations 2 DSS-ICBWEB-VA-PL-AM-S DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Small facility, discounted for partial Cerner operations 2 Base Period Optional Task Optional Task: VA MAG Cloud Support PROGMGR PROJMGR INFO-SPEC2 FU-AN1 SW-SYS-ENG-ADV DBADMIN SYS-ARC-ENG INFO-SPEC2 DBADMIN SYS-ARC-ENG INFO-SPEC2 Optional Task: Additional DSS ICBWeb Microsoft Azure Government (MAG) Cloud technical support and maintenance. Consists of the following estimates: Program Manager at vendor facility per hour Project Manager at vendor facility per hour Information Specialist - Senior at vendor facility per hour Functional Analyst at vendor facility per hour Systems Engineer - Advanced at vendor facility per hour Data Base Administrator at vendor facility per hour Systems Architect/Staff Engineer at vendor facility per hour Information Specialist at vendor facility per hour Systems Engineer - Advanced at vendor facility per hour Data Base Administrator at vendor facility per hour Systems Architect/Staff Engineer at vendor facility per hour Information Specialist at vendor facility per hour 1 LOT 460 920 920 1840 1840 1840 1840 1840 1840 1840 1840 DSS ICBWeb OPTION PERIOD REQUIREMENTS Part Number Description Quantity DSS-ICBWEB-VA-PL-AM-L DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Large facility 92 DSS-ICBWEB-VA-PL-AM-M DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Medium facility 23 DSS-ICBWEB-VA-PL-AM-S DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Small facility 9 DSS-ICBWEB-VA-PL-AM-L DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Large facility, discounted for partial Cerner operations 1 DSS-ICBWEB-VA-PL-AM-M DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Medium facility, discounted for partial Cerner operations 2 DSS-ICBWEB-VA-PL-AM-S DSS ICB Web VA perpetual license software subscription annual maintenance and support with 24 x 7 coverage. Includes bug fixes, minor release upgrades, telephone support for a period of one-year, Small facility, discounted for partial Cerner operations 2 Option Period Optional Task Optional Task: VA MAG Cloud Support PROGMGR PROJMGR INFO-SPEC2 FU-AN1 SW-SYS-ENG-ADV DBADMIN SYS-ARC-ENG INFO-SPEC2 Optional Task: Additional DSS ICBWeb Microsoft Azure Government (MAG) Cloud technical support and maintenance. Consists of the following estimates: Program Manager at vendor facility per hour Project Manager at vendor facility per hour Information Specialist - Senior at vendor facility per hour Functional Analyst at vendor facility per hour Systems Engineer - Advanced at vendor facility per hour Data Base Administrator at vendor facility per hour Systems Architect/Staff Engineer at vendor facility per hour Information Specialist at vendor facility per hour 1 LOT 460 920 920 1840 1840 1840 1840 1840 DSS ICB SOFTARE MAINTENANCE AND TECHNICAL SUPPORT REQUIREMENTS: The Contractor shall provide DSS ICBWeb software maintenance support including all upgrade releases, modifications to software, bug fixes, and periodic updates to the software for all sites listed in Attachment A Facility List. The Contractor shall provide maintenance and operational support for the ICBWeb cloud-based product. The Contractor shall provide update releases via prescribed VA protocols, including FORUM and VA File Transfer Protocol (FTP) or direct installation where appropriate and directed by VA. The Contractor shall provide emergency fixes via prescribed VA protocols, including FORUM and VA File Transfer Protocol (FTP) or direct installation where appropriate and directed by VA. The Contractor shall provide patches via prescribed VA protocols, including FORUM and VA File Transfer Protocol (FTP) or direct installation where appropriate and directed by VA. VA FTP may be using either a VA hosted site or contractor hosted site as appropriate. The eBusiness Solutions, eInsurance team members shall be involved and notified of all releases, emergency fixes and patch release notices via email. The Contractor shall also provide software technical support for all sites The technical software support shall include telephone help desk support from 8:00 am to 7:00 pm Eastern Standard Time, Monday through Friday; excluding Federal Holidays. As part of the technical software support, the Contractor shall provide user manual, technical manual and VA software artifacts for instances where software releases, emergency fixes and patches change the software. The Contractor shall: Support virtual training for all types of end users who use the software, including but not limited to insurance collection users, insurance verification users, report users, technical management staff and VA software support staff. Provide soft copy training documentation which will enable VA staff to train personnel. The documentation shall include updated functional and technical user guides with visual representations of software operations. Provide soft copy software artifacts. The software artifacts may include but are not limited to; Business Requirements Document, Requirements Design Document, Software Specification Document, Configuration Management Plan, SQA & Developer checklists, Defect Log, Version Description Document, Incident Response Plan, Master Test Plan, Disaster Recovery Plan, Installation Roll Back Guide, and Information Security Contingency Plan. Salient Characteristics of Insurance Collection and Insurance Verification software solution: The software solution module must be integrated out-of-the-box on day one with VA s Veterans Health Information Systems and Technology Architecture (VistA) existing insurance collection and insurance verification management system(s). Integration must be in place for the following VistA modules and/or VistA data files: Patient Appointment Scheduling module Patient Registration module Patient Insurance Type sub-file module Electronic Insurance Verification module New person file Clinic Profile file Insurance Verification Processor file Insurance Company file Group Plan file Coverage Limitations file Annual Benefits file IIV Response file Clinic Stop Code file The software solution must present the appointment check-in clerk with his/her own view of the clinics for which they check-in patients. The Patient List will show all patients scheduled for an appointment in that specific clinic that either have no insurance on file in VistA or the patient s insurance file in VistA is blank or the patient s insurance in VistA has not been verified within XXX days (site specific setting). The software must allow the user to scan and save insurance card images. The software solution must allow staff to easily view the electronic image of the insurance card. The software must electronically store the image of the insurance card with metadata and automatically attach and/or reference it whenever the patient s insurance file is retrieved. The software must have real time integration with the VistA system of record for all collected insurance information, aka Insurance Buffer file. The software must provide integration points with VistA Insurance Verification Processor File so that the existing VA HIPAA 270/271 transaction mechanisms are triggered and used in real time (external HIPAA 270/271 transactions are not allowed). The software solution must allow insurance verification staff real time access to the buffer entry in order to verify and process the insurance information either manually or electronically. The software solution must allow insurance verification staff real time access to the VA HIPAA 270/271 transaction information in order to verify and process the insurance information either manually or electronically. The software solution must allow insurance verification staff real time access to the insurance card image stored and attached to the Insurance Buffer file and/or the patient insurance file in order to verify and process the insurance information either manually or electronically. The software solution must allow verification staff access to the buffer entry through an easy-to-use Windows, VistA graphical user interface immediately upon the creation of the buffer file entry by the check-in clerk. The software solution must include functionality for a verifier to pull data from the image into the insurance file thereby eliminating data entry errors. The software solution must generate standard reports via network or local printer, on screen, export to Microsoft Excel, or e-mail reports to any specified recipient regarding productivity by verification clerk (e.g. check-in clerks who are/are not successful in obtaining insurance information or manage to process obtaining third party insurance information). The software solution must comply with HIPAA requirements. The software solution must be available 24 hours a day/7 days a week, and as an essential service must meet memorandums of understanding and interconnection security agreements (MOU-ISA) and Business Associate Agreement (BAA) timeframes for failover and service availability. The software solution must be compatible with the following card scanners which includes but are not limited to: Ambir PS662 Docket Port 485 Scanshell 800n Ambir DS687-AS Ambir 690gt Ambir PS665-SS Docket Port 665 Travel Scan 662 Scanshell 800 BizCard Reader 900c Ambir PS667 Fijitsu Fi 412OC2 Visioneer Patriot P15 ImageScan Pro 490i The software solution must have designated user roles based on functional area of responsibility and provide elevated users the ability to manage users and/or roles. The software solution must include Facility parameter settings available to Facility Administrators (user role) The contract vendor must provide an included training solution to meet the following requirements: Training for both end users and local management (up to 30,000 active individuals) on operation and reporting functions of the software. Training for national business managers on operation and national reporting functions of the software. Provide documentation for full operational reference and to enable VA staff to train oncoming personnel. Additional Requirements of ICBWeb solution: The software solution must meet all requirements for deployment as an enterprise level application. The software solution must be cloud server-based intranet accessible application. The software must wholly reside within the VA firewall and be controlled by VA Enterprise Cloud operations team(s). Authority to Operate All software solutions deployed in VA environment(s) are required to obtain an Authority to Operate (ATO). Information systems are designed or developed for or on behalf of VA shall comply with all VA policies developed in accordance with the Federal Information Security Management Act (FISMA), Health Information Portability and Accountability Act (HIPAA), National Institute for Standards and Technology (NIST), and related VA security and privacy control requirements for Federal Information Systems. This includes standards for the protection of electronic Protected Health Information (PHI), outlines in 45 C.F.R. Part 164, Subpart C, information and system security categorization level designations in accordance with Federal Information Processing Standards (FIPS) 199 and FIPS 200 with implementation of all baseline security controls commensurate with the FIPS 199 System Security Categorization (reference Appendix A of VA Handbook 6500, VA information Security Program https://www.va.gov/vapubs/viewPublication.asp?Pub_ID=793&FType=2). Prior to deployment, a privacy impact assessment shall be completed, provided the COR, and approved by the VA Privacy Service in accordance with VA Privacy Impact Assessment Handbook 6500.3 (https://www.va.gov/vapubs/viewPublication.asp?Pub_ID=733&FType=2). The security controls shall be designated, developed, approved by the VA, and implemented in accordance with the provisions of the VA Security System development life cycle as outlined in NIST Special Publication 800-37 and VA Handbook 6500. The Contractor shall be required to design, develop, and operate a System of Records or individuals to accomplish an agency function subject to the Privacy Act of 1974, (as amended), Public Law 93-579, December 31, 1974 (5 U.S.C. 552a) and applicable agency regulations. Violation of the Privacy Act may involve the imposition of criminal and civil penalties. FISMA of 2014 requires all Federal agencies to comply with the standards and guidelines developed by the NIST. VA Directive 6500: VA Cybersecruity Program establishes a VA cybersecurity program to protect and defend VA information and information technology. VA Office Information and Technology (OIT) describes these operational requirements in VA Handbook 6500: Risk Management Framework for VA Information Systems and subsequent chapters. Specifically, VA Handbook 6500.3: Assessment, Authorization and Continuous Monitoring of VA Information Systems addresses additional requirements of FISMA and Office of Management and Budget (OMB) Circular A-130, Appendix III: Security of Federal Automated Information Resources. VA A&A procedures can be found: https://vaww.portal2.va.gov/sites/infosecurity/ca/CA%20Home%20Documents/ATO%20Documents/Authorization%20Requirements%20SOP%20Guide.doc This is an internal VA site. Class I Status All commercial solutions deployed in VA are required to be listed in the VA Technical Reference Model (TRM). https://www.oit.va.gov/services/trm/ Standards and protocols - The vendor for the software solution shall agree to obtain compliance for all requirements with relevant information technology standards and protocols defined by VA Enterprise Architecture. Quality Assurance - The software solution should demonstrate a planned, systematic and documented approach to the evaluation, testing and overall quality of the product during its implementation. This approach should include an assurance for individual processes within the software execution in order to demonstrate project The software solution must interoperate and transact with one (1) instance and/or with one hundred twenty-nine (129) instances of VA s Veterans Health Information Systems and Technology Architecture (VistA) using a VA compliant architecture and data formats and have at minimum a FEDRAMP Ready designation without interruption to current operations. Minimum requirement: be FEDRAMP Ready and be ready to submit all VA ATO requirements on day one of contract award Listed as a minor application under and existing VA application(s) ATO Granted a separate system VA ATO. 2. Submittal Information: All responsible sources may submit a response in accordance with the below information. There is a page limitation for this RFI of 5 pages. The Government will not review any other information or attachments included, that are in excess of the 5-page limit. NO MARKETING MATERIALS ARE ALLOWED AS PART OF THIS RFI. Generic capability statements will not be accepted or reviewed. Interested Vendors shall at a minimum, provide the following information in the initial paragraph of the submission: Name of Company Address Point of Contact Phone Number Fax Number Email address Company Business Size and Status For VOSB and SDVOSBs, proof of verification in VIP. NAICS code(s) Socioeconomic data System for Award Management Unique Identity Identification Number Existing Contractual Vehicles (GWAC, FSS, or MAC) Questions to Industry Does your product come out-of-the-box with an internal, inherent Veterans Health Information Systems and Technology Architecture (VistA) Massachusetts General Hospital Utility Multi-Programming System (MUMPS) interface? Does your product provide a fully customizable graphical user interface to the VA VistA Integrated Billing (IB) package and/or is it customizable to meet VA Revenue Operations (RO) standards and workflows? Is your product programmed using Opensource Application Programming Interfaces (APIs)? If yes, which API sets do you use? Are they VA and/or MUMPS APIs? Does your product have a VA-approved Authority to Operate (ATO)? If yes, when was your ATO issued and when does it expire? If your product has an ATO, what is your VA Systems Inventory (VASI) number? If your product does not have an ATO, describe your ability to support the VA requirements to obtain/maintain an ATO, including a notional schedule to obtain an ATO. Is your product listed in the VA Technical Reference Model (TRM)? If yes, what version number is approved for use? Please provide the TRM link. Will your product interface (out-of-the-box) with the Health Insurance Portability and Accountability Act (HIPAA) 270/271 transactions that are inherent within VistA today? If not, what HIPAA 270/271 platform do you use? Is your product a URL that can be hosted in the cloud or is it a thick-client executable? If your product is hosted in the cloud, can it be hosted solely behind VA firewalls for Protected Health Information (PHI) and Personally Identifiable Information (PII) protection? Does your product allow for scanning and saving insurance cards, indexed to the patient? If yes, does it interact with any third-party scanning service? Is your product 508 compliant in accordance with Section 508 Standards? Is your product capable of being successfully audited by the VA Section 508 team? Please identify if you are the software solution owner. If not, please describe your relationship with the seller and verify if a proposed agreement is in place to resell this product to VA to ensure a stable and maintainable solution. NOTE: Technical questions may be submitted as part of your response, however, questions directed to the customer are prohibited. Responses are due no later than 11:00 AM EST, April 4, 2023, via email to Contract Specialist Mary Beth Hall, at Mary.Hall3@va.gov and Contracting Officer Troy Loveland at Troy.Loveland@va.gov. Please note Insurance Card Buffer Web in the subject line of your response. Mark your response as Proprietary Information if the information is considered business sensitive.

Attachments/Links

Download All Attachments/Links