Contract Terms: HIPAA, FOIA, Payment Clauses, and Conflicts for CMS Contractors, Study notes of Ethics

Download Contract Terms: HIPAA, FOIA, Payment Clauses, and Conflicts for CMS Contractors and more Study notes Ethics in PDF only on Docsity! Things You Should Know About Contract Terms and Conditions Leisa Bodway Director OAGM, Acquisition Business & Services Group and Acting Director, Division of Quality Assurance & Technology • What we do for acquisitions! DQAT Functional Areas Acquisition and other Policy and Procedures Quality Assurance, both Internal & External to CMS. Integrity, Compliance and other Organizational and Personal Conflict of Interest oversight. Acquisition Information Systems & Support Office of Acquisition & Grants Management (OAGM) Acquisition Business & Services Group (ABSG) Division of Quality Assurance & Technology (DQAT) HIPAA CHANGES Privacy, Security, and Enforcement Rules - Modified to strengthen privacy and security protections for health information and to improve enforcement as provided for by the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009 (ARRA). Includes:  Final modifications to the Breach Notification Rule, which will replace an interim final rule originally published in 2009, as required by the HITECH Act. HIPAA Privacy Rule - Revised to increase privacy protections for genetic information, as required by the Genetic Information Nondiscrimination Act of 2008 (GINA). HHS, Office of Civil Rights, Changes - HHS uses its general authority under HIPAA to make a number of changes to the Rules that are intended to increase workability and flexibility, decrease burden, and better harmonize the requirements with those under other Departmental regulations. HIPAA MODIFICATIONS or HIPAA NEW CLAUSE • Contracting Officers/Contract Specialists (CO/CS) will, if they have not already:  Include the new HIPAA clause in the next contract modification issued; and  Include the new HIPAA clause in all new contracts. • If you need the new clause immediately, please contact your respective CO/CS. PAYMENTS CLAUSE FOR INVOICES & VOUCHERS WHAT HAS CHANGED SINCE 2012?  Consolidated 2 old contract clauses into 1 clause.  3 “Types” of Payment Clauses Depending on Contract Type:  Firm Fixed Price  Time & Material  Cost Reimbursement  4 “Types” of Payment Processing “Categories” FREEDOM OF INFORMATION ACT (FOIA) Brand New Clause Policy: For all High Visibility/High Public Interest Contracts, CMS will include a FOIA contract clause entitled: “Open Government Proactive Pre-Disclosure Notification” Applicability  Contracts where CMS receives a significant amount of FOIA requests (contracts may be modified), or  Contracts where CMS could potentially receive a significant amount of FOIA requests (new contracts). Open Government Proactive Pre-Disclosure Notification • WHY ARE WE DOING THIS?  CMS receives the 2nd highest number of FOIA requests of all HHS Operating Divisions.  In 2013 alone, CMS received 55,000+ FOIA requests!  We want to get the Office of Acquisition & Grants Management (OAGM) and Contractors OUT of the FOIA BUSINESS! Open Government Proactive Pre-Disclosure Notification Procedures - Contractor Submission Requirements: Within 30 days of contract award, the Contractor shall submit to the FOIA office, one (1) Compact Disc (CD) or Digital Video Disc (DVD), with all 5 U.S.C. §552 FOIA, Exemption (b)(4), “…Trade Secrets, Commercial or Financial Information Which is Privileged or Confidential…,” otherwise known as public release/non-Confidential Business Information (non-CBI), with the information identified as follows: 1. Copy of Contract - CBI Highlighted : One copy of the contract with all CBI highlighted for CMS FOIA review; and, 2. Copy of Contract - Contractor Proposed Redacted for Public Release: An additional copy of the contract will be provided for public release, with all the identified information redacted. Redactions shall be made using “black” boxes, which cannot be removed or uncovered by a reader; and, 3. Pre-Disclosure Concerns - Comments/Rationale for Non-Disclosure of Trade Secrets, Commercial or Financial Information Which is Privileged or Confidential Homeland Security Presidential Directive (HSPD-12) Policy for a Common Identification Standard for Federal Employees and Contractors New Contract Clause Coming Soon to Replace Current Clause Entitled: SECURITY CLAUSE -BACKGROUND – INVESTIGATIONS FOR CONTRACTOR PERSONNEL HSPD-12 was issued August 27, 2004 by President George W. Bush because there was - • A wide variations in the quality and security of forms of identification used to gain access to secure Federal and other facilities where there is potential for terrorist attacks need to be eliminated. HSPD-12 will – • Achieve security assurance by verifying the claimed identity of individuals seeking physical and/or logical systems access to Federally controlled government facilities and information systems; • Establish common identification standard to be used across the Federal government called the Personal Identification Verification (PIV) card; • “Secure and reliable forms of identification," for purposes of HSPD-12, means identification that - (a) is issued based on sound criteria for verifying an individual employee's identity; (b) is strongly resistant to identity fraud, tampering, counterfeiting, and terrorist exploitation; (c) can be rapidly authenticated electronically; and (d) is issued only by providers whose reliability has been established by an official accreditation process. • All CMS contractors are required to have the appropriate investigation on file that corresponds to their level of system’s access and/or requiring routine access to CMS’ facilities and logical access (By Oct 27, 2008). 16 Investigation Levels Top Secret Secret Public Trust (PT) 6 5 MBI – Minimum Background Invest. Moderate Risk- Public Trust Level NACI - Natl. Agency Check w/Written Inquiries (Low Risk Level) SAC – Contractor Empl. (Mod. Risk - No access to Systems) Escorted Visitor Homeland Security Presidential Directive (HSPD-12) for a Federal Government Common Identification Standard Providers Counts – 80K+ MACS/Contractors accessing hosted environment Counts – 20K+ Contractors on the local network Counts – 5K+ Feds Counts – 6K+ WHAT DOES CHANGING THE 508 CONTRACT CLAUSE MEAN FOR CMS CONTRACTORS?  Contract Clause Will Change.  Section L – Proposal Instructions, Will Include Requirements for Submission of a V-PAT Form –  Section M – Evaluation Criteria Will Be Incorporated Into All Solicitations – Evaluation criteria will address the assertion that the vendor’s product meets the 508 requirements. 508 Frequently Asked Questions • What is "Electronic and Information Technology" (EIT)? – EIT is information technology (IT), as defined at FAR 2.101, and any equipment or interconnected system or subsystem of equipment that is used in the creation, conversion, or duplication of data or information. In addition to IT, EIT includes: • Telecommunication products, such as telephones; • Information kiosks; • Transaction machines; • World Wide Web sites; • Multimedia (including videotapes); and office equipment, such as copiers and fax machines. – EIT is defined by the Access Board at 36 CFR 1194.4 and in the FAR at 2.101. DOES 508 COVER IN-HOUSE DEVELOPED TECHNOLOGY? – The requirements of Section 508 apply to an agency's procurement of EIT, as well as to the agency's development, maintenance, or use of EIT irrespective of the origin of the EIT (in-house development or commercially acquired). 508 Frequently Asked Questions • Is EIT limited to products? • No. EIT, like IT, also includes services.  For example, some agencies seek to satisfy their desktop computing needs through so-called "seat management" service contracts. Under a seat management arrangement, the contractor provides the software, hardware, and technical support services necessary to support full service desktop computing resources to the agency for a given period of time. Although the agency does not acquire title to the hardware and software, the agency would still need to comply with Section 508 in acquiring desktop computing resources. • Does 508 cover contract deliverables?  Yes! All contract deliverables are required to be 508 compliant. Questions??? 25 CCMS Up Next... Ethics and Federal Government Contracts CENTERS FOR MEDICARE & MEDICAID SERVICES oo Ethics and Federal Government Contracts Leigh A. Snyder Ethics Program Administrator 410-786-6081 The most important question What does it look like to others? APPEARANCES APPEARANCES APPEARANCES Conflicts Of Interest 30 What to know…..  Be aware that conflicts of interest can cause bid protests and otherwise negatively impact federal government contracts  Contact your supervisor or your federal contract liaison if you suspect a conflict of interest or appearance issue And remember…WHAT DOES IT LOOK LIKE? Conflicts Of Interest 31 ————_ Financial Conflicts of Interes 18 U.S.C. § 208 Aes » riminal conflict of interest statute! ° Employees may not participate as a Government official in a matter that will have a direct and redictable effect on their financial interests, or the inancial interests of their spouse, minor children, general partners, outside employers, or prospective employers. 32  35 Definition of Gift  A gift is anything of monetary value, including but not limited to gratuities, favors, discounts, entertainment, hospitality, loans and other services Gifts 36 Gifts from Contractors  Employees may not solicit or accept gifts from prohibited sources or gifts given because of their Government positions  The rules allow employees to accept:  Light Refreshments (not part of a meal)  Greeting Cards, and other items of little intrinsic value  Gifts under $20 per occasion  Up to $50/ year from any one source  Gifts based on long standing personal relationships  Free attendance at meetings on the day of an employee’s official duty participation or presentation Gifts 37 Gifts To Contractors  Government ethics rules do not cover gifts to contractors  Consider favoritism and appearance issues  Consider contractor’s rules and policies about gift-giving Gifts 40 Post-Employment and Contractors  Post employment statutes cover all executive branch employees  Managers, senior employees, and certain contracting officials involved in procurement are subject to additional restrictions  These criminal statutes prevent former employees from making influential representations back to the Federal government on behalf of a third party about specific matters they worked on in the government 41 Other Key Points How Can I Prevent Post- Employment Issues?  Most common source of bid protests as they relate to ethics  If you are involved in hiring, ensure that the employee has consulted with his/her ethics official about matters  If you have concerns, ask the employee for the contact information of his or her ethics official. We can provide post-employment letters for employees 42 Other Key Points