Pipette Calibration System and accessories

A. PURPOSE OF CONTRACT: The Contractor shall provide a portable counter-top Pipette Calibration System (PCS) for the Phoenix Indian Medical Center (PIMC), Laboratory Department. PIMC has a need to implement a portable counter-top Pipette Calibration System (PCS) to improve quality assurance, ensuring precise and accurate data for compliance with regulatory agencies. This equipment will NOT be on the PIMC network nor will it be interfaced to the laboratory information system (LIS). B. SPECIFICATIONS OF SERVICES: The Contractor shall provide the latest software ArtelWare 2.4 installed prior to delivery. The Contractor shall provide a portable counter-top Pipette Calibration System (PCS) with the following specifications: Time Requirements: 10 data points < 3 minutes Volume Range: 0.1 uL to 5000uL Uncertainty (inaccuracy): 0.6% Random Error (Imprecision): 0.3% Size: 8.8”W x 13” L x 5.8” H Weight: 13 lbs COM port: USB Built in scanner: Reads 2D reagent barcodes Operational Temp: 15 °C to 30 °C Relative Humidity: 10% to 90%, non-condensing Electrical Requirements: Voltage: 90 – 260 VAC Frequency: 50 – 60 Hz Current: 2 A maximum PCS Computers: Processor: x64 Processor: 2.4 GHZ (recommended 4 or more cores) Memory: 8 GB (recommended min 16GB) I/O Ports: 2 USB Connectors Network: Gigabit Ethernet or 802.11n WIFI Storage: 40 GB of hard drive space Supported Operating Systems: Windows 11 SQL Server: 2022 or newer The Contractor shall provide a new version (upgradeable) of a portable counter-top Pipette Calibration System (PCS) if availability occurs at no additional cost to the Government and without affecting the price, length of contract, or original terms and conditions of the initial contract. The Contractor shall ensure the instrument software is running the latest operating system and has anti-virus software to align with the Indian Health Services IT policies. The Contractor shall replace the portable counter-top Pipette Calibration System (PCS) if it becomes damaged or non-operational due to manufacturer default. The technical staff of the Contractor who electronically monitor performance of equipment shall take mandatory Health Insurance Portability and Accountability Act (HIPAA) and the Computer Security Awareness Training. The Contractor shall work with laboratory personnel for monitored access to the Indian Health Service, Phoenix Area computer network. All purchases that require use of, access to, or communications through the Federal IHS Domain or an IHS controlled network device, must meet all IHS, HHS, and DHS security compliance requirements. All access to IHS network-controlled devices or systems by a vendor or a vendor representative must meet all IHS, HHS, and DHS security compliance requirements. Contractor shall conform to the Indian Health Service Information Technology policies for remote connection and anti-virus software. The Contractor shall provide training off-site and on-site for staff sufficient to establish competency in the labor and technical oversight processes involved in running the equipment supplied. This shall include two (2) off-site formal training slots for equipment, at no cost at Advanced Instruments Westbrook, Maine, USA facility. The training of the IHS Laboratory Staff will be where they have access to the equipment. Two training slots for the first year and one per year thereafter. The Contractor shall perform independent risk analysis that document the level of risk for potential misuse of sensitive information associated with a particular data breach. The Contractor shall be responsible for all costs, training, and associated expenses needed to maintain the associates’ software applications to the latest software versions allowed by the Indian Health Service Information Technology policies. Contractor shall provide at no cost to the government, a replacement UPS device and instrument printer. Contractor shall provide at no cost to the government, the latest version of Windows to comply with IHS IT policies; For example, PIMC is switching PCs over to Windows 11 and they want us to work with vendors to ensure applications are able to run on Windows 11. IT REQUIREMENTS: HHS Security and Compliance Requirements for Cloud Vendors Section 1: FedRAMP Authorization Requirements 1.1 Cloud Service Authorization: The Contractor shall ensure that all cloud-based services (Infrastructure-as-a-Service, Platform-as-a-Service, or Software-as-a-Service) used to store, process, or transmit federal information meet the following: FedRAMP Authorization Level:The service must possess a valid FedRAMP Authorization to Operate (ATO) at the Moderate or High impact level, depending on the sensitivity of the information involved. Acceptable Types of FedRAMP Authorization: Joint Authorization Board (JAB) P-ATO Agency ATO granted by HHS or another federal agency Authorization Documentation: The Contractor must provide: Current FedRAMP package (System Security Plan, POA&M, etc.) FedRAMP authorization letter Most recent annual assessment report and continuous monitoring evidence 1.2 Temporary Use of In-Process Solutions: If the cloud service is not currently FedRAMP Authorized, the following conditions apply: A FedRAMP In Process designation listed on Marketplace.FedRAMP.gov must be presented Contractor must submit a FedRAMP waiver request to HHS, including: Project scope Risk mitigation strategy FedRAMP authorization timeline Waiver Period: Not to exceed 12 months. Vendor must achieve full authorization within that time. Section 2: Remote Access Controls 2.1 Access Requirements: Any remote access to systems supporting HHS data must comply with the following: Two-Factor Authentication (2FA): All remote users must authenticate using FIPS 140-2 validated multifactor methods. Network Access Controls: Remote access must be limited to…