RFO # HBE-DA-2011-01

Department of Health Care Services Information Technology Services Division Enterprise Architecture Program MS 6300, P.O. Box 997413 Sacramento, CA 95899-7413

Request for Offer RFO # HBE-DA-2011-01

For: Health Benefits Exchange Project (HBE) For: One Senior Data Architect, Information Technology Services Division (ITSD), Enterprise Architecture Program (EAP) Date: May 3, 2011 You are invited to review and respond to this Request for Offer (RFO). In submitting your RFO, you must comply with the instructions found herein. Failure to comply with any of the requirements may result in the rejection of your offer. The services required are delineated in the Statement of Work (SOW). Please read the enclosed document carefully. By submitting an offer, your firm agrees to the terms and conditions stated in this RFO and your Department of General Services contract. Responses to this RFO are due on Tuesday, May 17, 2011 no later than 10:00AM. Late responses will not be accepted. Responses to this RFO must be submitted by electronic mail to the Enterprise Architecture Program at [email protected]. RFO questions should be directed to Ben Word at (916) 440-7223 or [email protected].

mailto:[email protected]

Department of Health Care Services RFO # HBE-DA-2011-01 Health Benefits Exchange Project RFO: Data Architect Services

of 28

SECTION 1. GENERAL INFORMATION A. BACKGROUND AND PURPOSE OF THE RFO FOR SERVICES

The California Department of Health Care Services (DHCS) is requesting offers from CMAS contractors for a Data Architect for the Health Benefits Exchange Project. The Health Benefits Exchange project will follow all state rules and regulations governing information technology projects as defined in the State Administrative Manual and the Statewide Information Management Manual (SIMM). This effort will be managed in alignment with CTA’s Project Management Methodology (CA-PMM). DHCS anticipates that one Data Architect will be required. Further detailed information is available in Section 3: Statement of Work. 1. Start Date The period of performance for this agreement shall be from the day the purchase order is signed (estimated to be on or about June 20, 2011) and continue for 12 months. 2. Cost The total amount of this agreement shall not exceed $########.

B. KEY ACTION DATES

It is recognized that time is of the essence. All dates after the due date for offers are approximate and may be changed if needed to allow DHCS additional time for selection and contract execution. DHCS may schedule interviews with the highest rated contractors based on the submitted offers. Key staff identified by the contractor must participate in the interview.

Event Date

Release of RFO May 3, 2011

Due date for offers by 10:00 AM May 17, 2011

Contractor interviews (if required) May 18-20, 2011

Estimated contractor start date June 20, 2011

Estimated contractor end date June 19, 2012

C. RFO RESPONSE GUIDELINES The SOW, the contractor’s response to this RFO, and the contractor’s DGS contract, by reference, will be made a part of any agreement resulting from this RFO. The agreement will be governed by and incorporate the terms and conditions of the Department of General Services CMAS contract. Responses to this RFO must contain all data/information requested and must conform to the format described in this section. The required information will be used by the state’s


of 28

selection team to determine and verify the contractor’s ability to perform the tasks and activities defined in the contractor’s offer.

D. RFO RESPONSE CONTENT IMPORTANT: The Company References, Resumes, and Key Staff Qualifications (Attachment A) must be submitted in a file or files separate from the other document(s) in the contractor’s response. The following documents must be included in all offers:

1. Cover Letter The cover letter must include the title and number of this RFO as well as the contractor’s:

Company name, contact and address as listed on the DGS contract Name and email address of the contact person DGS CMAS contract number Small Business number (if applicable) DVBE certification number (if applicable) Total offer amount Signature of an individual authorized to enter into contracts for the

contractor.

2. Company References Provide two (2) customer references. The reference information for the company must include the following:

name of customer organization name of the project company role on the project types of services provided customer point of contact – including e-mail address and phone

number 3. Resumes* Provide a resume of the relevant experience for each contractor staff person proposed. Resume entries should clearly demonstrate that the experience requirements described in the “Key Staff Qualifications form” in Attachment A of the RFO are met. Submit only your top two candidates for this RFO. 4. Key Staff Qualifications* For each proposed contractor staff person, complete the “Key Staff Qualifications” form in Attachment A. Note that the form requires a minimum of

IMPORTANT: The Company References, Resumes, and Key Staff Qualifications (Attachment A) must be submitted in a file or files separate from the other document(s) in the contractor’s response.


of 28

two (2) and maximum of (3) references for each contractor staff person. At least two references must be from previous supervisors, project managers, or contract managers.

5. Understanding and Description of the Tasks to be Performed Include a description of your understanding of the projects’ goals, emphasizing your understanding of DHCS’ objectives and the major activities that must be performed to complete the work. Describe the activities you will perform to complete the required work. Include your expectations of all entities outside your own team 6. Methods and Tools Describe the methods, tools and standards that will be used to complete the tasks identified in the SOW. 7. Assumptions Provide the assumptions used to develop the response. 8. Costs Provide costs by hour in a table consistent with the one shown in Attachment B.

Provide the cost per hour to be used as the basis for any additional work, should the purchase order be amended as described in the General Provisions section of this RFO. 9. Work Samples

Provide illustrative work samples from similar past projects or engagements. These may be excerpts from previous deliverables and should be no more than twenty (20) pages each. The objective should be to provide samples that illustrate performance of similar work. A brief explanation (not more than one page) explaining the rationale for selection should accompany the samples. 10. CMAS Contract

Provide a copy of the company’s DGS CMAS contract.


of 28

SECTION 2. OFFER SELECTION INFORMATION A. REVIEW OF OFFERS FOR AWARD/SELECTION CRITERIA

Timely responses to this RFO will first be reviewed for responsiveness to the requirements of the SOW. If a response is missing required information, it may be deemed not responsive. Further review or collection of missing information or data is subject to the discretion of DHCS. Award of a contract resulting from this RFO against the contractor’s DGS contract will be based on a best value method that includes cost as a substantial factor in the selection process. Each offer for services will be reviewed and scored on the following criteria1:

Criteria Percentage

Response Content Pass/Fail

Qualifications – Mandatory Pass/Fail

Quality, relevance and amount of experience of proposed staff on comparable IT projects, as demonstrated on resumes, references, and Attachment A (Qualifications – Desirable)

35%

Understanding of project requirements and roles as demonstrated by “5. Understanding and Description of the Tasks to Be Performed” and “6. Methods and Tools”

15%

Quality and relevance of sample work products by staff being proposed 10%

Total cost of offer 40%

Totals 100%

B. INTERVIEWS

DHCS may schedule interviews with the highest rated contractors based on the submitted offers. Key staff identified by the contractor must participate in the interview. The selection team does not wish to receive a presentation on corporate/firm qualifications. The selection team expects proposed staff to describe their understanding of the job and their approach to performing the work. The proposed staff in attendance will be asked a predetermined set of questions to assess their experience and knowledge as described in their resumes.

1 When assigning points, responses will be reviewed for the degree to which a response lacks

information, depth or breadth, or lacks significant facts and/or details, and/or contains weaknesses, defects or deficiencies, and/or fails to illustrate a full understanding of DHCS' service needs, and/or demonstrates the capacity to exceed regular service needs.


of 28

SECTION 3. STATEMENT OF WORK

This Statement of Work (SOW) reflects the services to be provided by the contractor for the Department of Health Care Services (DHCS). This SOW is governed by and incorporates by reference the terms and conditions of the contractor’s California Multiple Award Schedule (CMAS) contract.

I. Introduction

Health Benefit Exchange Background

On March 23, 2010, President Obama signed the Affordable Care Act (ACA), which extends health care to an estimated 32 million uninsured individuals and makes coverage more affordable for many others. Governor Arnold Schwarzenegger signed legislation on September 30, 2010 to create the California Health Benefit Exchange, an entity that will help California consumers and small businesses shop for and buy affordable health insurance starting in 2014. The Governor’s action makes California the first state in the nation to enact legislation creating a health benefit exchange under federal health care reform. The governor formed a Health Care Reform Task Force to implement key reform provisions and programs under health care reform. While states are waiting for additional guidelines from the federal government regarding health care reform, planning efforts must begin immediately to meet key dates established by the federal government as noted below: January 1, 2013 – states must demonstrate their readiness with significant progress towards implementation of a Health Benefits Exchange. January 1, 2014 – Completion of a Health Benefits Exchange that California consumers will be able to use to research their health coverage options and access federally-funded tax credits and cost sharing subsidies. The Department of Health Care Services (DHCS) is organizationally responsible for California’s Medicaid program (Medi-Cal) and is responsible for implementing new Medicaid program changes relating to the ACA. The ACA mandates Medi-Cal changes and also offers new opportunities to leverage additional federal support for Medicaid eligibility, benefits, rates, and also interactions with the ACA-mandated Health Insurance Exchange. Analysis and development of options for implementation of ACA must begin now or California will be unprepared to implement the provisions of ACA or be able to show readiness by 2013 to implement the Exchange. Although guidance from the federal Centers for Medicare & Medicaid Services (CMS) on all provisions of ACA has not yet been received, DHCS must be prepared to commence the design and development of those provisions immediately upon receipt of the guidance as they are issued by CMS. Even prior to receipt of any guidance, DHCS must fully review and analyze the provisions of ACA in order to fully understand and implement the forthcoming guidance. In order to achieve the intended goals of expanded coverage, affordability and improved health outcomes, DHCS must undertake an intensive planning effort for evaluating, planning, designing, developing, testing, implementing, and monitoring ACA provisions. Some provisions are mandatory and others are optional opportunities to reform the payment and delivery systems for Medicaid to improve quality and cost-effectiveness.


of 28

Many changes take effect in Fiscal Year (FY) 2010-11, and significant preparation must also begin in 2010-11 for the activities that will occur between 2010 and 2014. The Department is in need of an expert level data architect to provide analytical, technical, and project management support. This Statement of Work lists the proposed tasks and deliverables that will be undertaken by the consultant on a time and materials basis. DHCS is contracting for one full-time Senior Data Architect. The length of the contract will be for approximately 2000 hours over a maximum of 12 months. The consultant will work 40 hours per week in Sacramento. However, the consultant needs to be flexible as to location, travel and working hours in the event of an emergency or as needed. The consultant will be required to carry a pager/cell phone during after hours (Monday thru Friday from 5:01 pm to 7:59 am including Weekend and Holidays).The consultant must meet or exceed the required qualifications listed below. Structure of the Planning Effort The HBE project has been structured and will be executed as a multi-phased project with each phase receiving the appropriate review and approval from the state and federal control agencies, HHS and DHCS. This first phase includes the initiation and planning of DHCS efforts related to the HBE. This will include the development of an Advance Planning Document (APD), as well as a Feasibility Study Report (FSR) and an Information Technology Procurement Plan (ITPP). The approved documents will be submitted to the control agencies for review and approval. As a part of the planning effort, DHCS will consider:

Enterprise Identity Access Management (EIAM) – Potentially leverage existing state solutions with DMV-EDD through the California Technology Agency.

Enterprise Service Bus (ESB) – Document and help design an ESB for standardization and secure transmission of data to and from DHCS and external entities such as the Internal Revenue Service, Social Security Administration, and Health Care providers.

Single Point of Entry – Implement a portal for all beneficiaries and potential Health Insurance enrollees to solicit and sign-up for Health Insurance.

Organization of the Health Benefit Exchange Planning Efforts DHCS executive management will lead the department’s efforts to plan and implement the Health Benefit Exchange. DHCS will work in collaboration with the Health and Human Services (HHS) Agency and other HHS departments to ensure that strategic planning is accomplished at the State level. The Information Technology Services Division (ITSD) within DHCS will play a major role with the initial planning and analysis required to design and develop the structure for interfaces with the Exchange, development of an enrollment portal linked to the Exchange, and IT system modifications to expand California’s Medi-Cal Program to new populations.


of 28

Role of the Data Architect Contractor The Data Architect will be responsible for establishing the Enterprise Data Architecture (EDA) within the Enterprise Architecture Program (EAP). The Enterprise Data Architect will lead the effort to deliver documents (pictorial and narrative) for the development and maintenance of DHCS’s enterprise data model. The contractor will:

Establish and formulate a data dictionary for the CHHS Agency.

Establish ordinal rules for all data.

Establish ownership of all CHHS Agency data.

Establish and build all flows of information within and out of the CHHS Agency. The contractor will provide technical leadership for conceptual, logical and physical exchange of data to support CHHS system development projects, and provide technical oversight, guidance, and coaching for developers and administrators tasked with implementation, migration, testing, tuning, and maintenance of data repository systems.

II. Period of Performance The period of performance for this agreement shall be from the day the purchase order is signed (estimated to be on or about June 20, 2011) and continue for 12 months, unless extended by an amendment. DHCS reserves the right to amend the term of the resulting purchase order and applicable due dates, as needed, to ensure completion of the SOW.

III. Amount

The total amount of this agreement shall not exceed $#######. This RFO/contract budget contains a line item for travel and per diem. Each bidder must include $5000 per consultant position in their proposal for potential travel required by the state. Travel and per diem will only be paid for by the State according to DPA rules and rates that apply to state employee travel. If the travel line item is not used, the contractor may request a transfer of funds to the consultant line item for additional staff time as required by the state. In advance of any travel expenditures or line item transfers, the contractor must request and obtain approval from the State contract manager.

IV. Description of Services The contractor will be required to:

Develop an enterprise data model reflecting the data currently housed in DHCS’ systems that represents DHCS’s Business Model by aligning with the Information Architecture within the MITA Framework:

• Data Management Strategy • Conceptual Data Model • Logical Data Model • Data Standards

Establish the roadmap between the current data feeds to the future data feeds as described in the CMS Pilot Project Medicaid and CHIP Business Information Solution (MACBIS) Automated Data Management project.


of 28

Guide the creation and monitoring for the usage of data and information as vital department assets.

Review and provide comments for design of Logical Data models during the Health Benefit Exchange (HBE) requirement analysis phase.

Collaborate with industry and government data exchange leaders about data integration techniques and methods needed to support new payment and care coordination models

Introduce new data management methods and tools to manage provider and beneficiary data at a state and national level.

Create a design for an Enterprise Master Person Index (EMPI) that can be adopted by the CHHS as a standard.

Lead core and extended EDA teams through the process of defining EDA requirements, principles and models. This includes developing a charter that is based on goals and objectives, and defining roles and responsibilities.

Participate in the development of data governance processes and procedures.

Develop and/or support existing data change request management processes.

Publish standardized data naming conventions automated tools for enforcement of naming standards.

Establish an Enterprise Data Model (EDM) containing common and reusable data objects as well as standardized data modeling templates for jump-starting new software development projects or re-engineering legacy applications.

Create documentation for administration and maintenance of an Enterprise Metadata repository.

Provide data and impact analysis services in conjunction with new and ongoing application development efforts.

Provide a plan for maintaining the inventory of DHCS’s data assets.

Facilitate the understanding of the meaning, accuracy and timeliness of data assets.

Promote the reuse of standardized data names, definitions, elements and values.

Identify areas for improvement based on assessment of DHCS’ data needs.

Develop data specifications for new DHCS HBE solutions.

Provide technical oversight and/or guidance to developers in the development and implementation of the data migration, data integration, and testing plans associated with the release of new applications and major application upgrades.

Lead and participate in planning sessions with intra- and inter-departmental workgroups to define the data requirements for the HBE and to identify and evaluate various solution alternatives.

Provide oversight of health care reform activities to ensure compliance with federal, state, and departmental policies.

Facilitate and coordinate the communication and information sharing between departmental staff, business partners, the governor’s task force, other state entities, and key stakeholders. The communication role will be especially critical as the federal government provides additional guidelines and decisions are made for system interfaces and web portal development.

Develop the governance structure for effective management and approval of the data architecture developed during the planning and analysis stage of this effort.

Maintain an integrated project schedule that reflects the major activities of all data architecture for the DHCS HBE project planning effort.

Advise the Project Director and Project Sponsor on issues that arise during the course of the DHCS HBE project planning efforts.


of 28

Make presentations to committees and other internal and external stakeholders, as required by the Project Director.

Attend and participate in regularly scheduled meetings and ad hoc meetings with Agency stakeholders, other State Department stakeholders, DHCS Executive Management, the DHCS Chief Information Officer, the DHCS Planning and Project Management Branch Chief, and the DHCS Contracting Officer.

Prepare reports and white papers, as required by the Project Director.

Lead weekly status meetings

Provide briefings as requested to DHCS management with information and recommendations for training and transfer of knowledge to State staff as well as recommendations for inclusion of additional outside Stakeholders impacted or affected by the DHCS HBE project planning efforts.

Note: Additional Contractor responsibilities appear in Section VI, "Responsibilities of the Parties".

V. Contractor Requirements

The contractors must be available onsite (1615 Capital Avenue, Sacramento) for the duration of the contract. The standard work week is defined as 40 hours, five days a week, Monday through Friday, except for state holidays. The number of hours may fluctuate depending on the work load of the planning effort. Any reduction to the standard work week must be agreed upon by the Project Director. If the contractor proposes a team, then as a minimum, each team member must have experience in at least one area listed below; however, experience in all of the areas listed below must be addressed collectively as a team. Mandatory Qualifications: Failure to meet these mandatory qualifications will result in the disqualification of the proposal. Minimum of 4 years of experience in the development of conceptual, logical and

physical architectures and designs. At least three (3) years of experience working on health information data system

projects. Minimum ten (10) years of experience making formal and informal presentations to

various levels of project stakeholders (i.e., sponsors, executive committees, project teams) and leading structured discussion sessions. This includes the development of visual presentations and handouts used as part of the oral presentations.

Formal training and/or certification in data exchange architecture and design or equivalent experience as a principle architect.

Past experience in developing the data exchange components of comprehensive IT enabled business change solutions.

Experience with and/or knowledge of Enterprise Architecture and Medicaid Information Technology Architecture (MITA)

Desirable Qualifications: Knowledge of and experience with Business Rules Engines.


of 28

Knowledge of and experience with data exchange modeling processes and tools including Visio.

Strong hands-on experience in leading the definition, design, development, integration, testing, deployment, and maintenance of data exchange systems.

Demonstrated experience in building and leading technical teams. Knowledge of best practices, methods, tools, and techniques used to address each

phase of a system’s life cycle. Good grasp of modern data storage, management, transformation and reporting

technologies including relational database technologies. Knowledge of database technologies in use in CRS (SQL Server, MS Access,

MYSQL, SQLite, and Oracle 8i) Experience working with HHS and DHCS programs and projects, such as SAWS,

MEDS, etc.

VI. Responsibilities of Parties The following section describes specific responsibilities of the contractor and DHCS. Contractor responsibilities: All meetings shall be scheduled using the DHCS MS Outlook. All contractor staff

shall maintain their schedules of availability on their DHCS MS Outlook calendars.

The contractor shall designate a person to whom all project communications may be addressed and who has the authority to act on all aspects of the contract for services. This person shall be responsible for the overall project and shall be the contact for all invoice issues and contractor staffing issues.

The contractor shall comply with all applicable DHCS, DGS, Department of Finance, and the California Technology Agency policies and procedures, including but not limited to policies regarding Sexual Harassment Prevention, Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, IT Security, Workplace Violence Prevention, and Emergency Preparedness.

Written reports will be subject to review and approval by DHCS and the contractor will be required to formally respond to DHCS review results. Payment to the contractor will be contingent upon final approval of each written deliverable.

The contractor will make its best efforts to maintain staff continuity throughout the life of the project. DHCS will be notified, in writing, of any changes in the personnel assigned to tasks. If a contractor employee is unable to perform his or her duties due to illness, resignation, or other factors beyond the contractor’s control, the contractor will make every reasonable effort to provide suitable substitute personnel. The substitute personnel must meet all requirements of this RFO and SOW and must be approved by DHCS in writing prior to initiating work.

The contractor should expect to provide draft documents and to incorporate, as appropriate, comments provided by the DHCS. The contractor should plan to meet with DHCS stakeholders to discuss the draft and final documents.

The contractor is responsible for his/her own operating expenses, overhead, clerical support, and cell phone/smartphone.

DHCS responsibilities:


of 28

DHCS will provide office space for the duration of the agreement including: desk,

chair, telephone, PC, internet connection, card keys, and access to printer, copier and fax services.

The DHCS Contract Manager is the contact person to whom all contractor communications may be addressed and who has the authority to act on all aspects of the services. This person will review the agreement and associated documents with the contractor to ensure understanding of the responsibilities of both parties.

DHCS will provide sufficient access to appropriate levels of staff, business representatives, other users, and department management, as appropriate to facilitate the performance of consulting tasks and creation of consulting deliverables.

DHCS will provide timely review and approval of the draft and final documents and deliverables provided by the contractor in order for the contractor to perform its obligations under the agreement.

DHCS will provide payments based upon the receipt of undisputed invoices and on the submission and approval of timesheets as identified in the Cost Data Sheets (See Attachment B).

VII. General Deliverable Requirements Reports will be provided in Microsoft Office 2010 format or a format pre-approved by DHCS, including processing documents, spreadsheets, presentations, and databases. The media of delivery will be compatible with the DHCS document storage devices.

VIII. Invoicing

The contractor will submit invoices in triplicate, along with two copies of the purchase order, and the contractor’s CMAS cover page. The contractor shall submit invoices monthly along with the signed timesheets. DHCS will be the sole judge of the acceptability of all work performed and all work products produced by the contractor as a result of this SOW.

IX. Deliverables

Listed below are the deliverables for this agreement: 1. Prepare a weekly status report documenting the accomplishments for the week, planned accomplishments for the coming week, a list of all projects and activities currently assigned, and any issues related to assigned projects; 2. Documentation of all processes and procedures required to support the daily activities of the consultant in a format approved by the state; 3. Act as the Subject Matter Expert (SME) for application and system support; and provide guidance for management as requested; 4. Develop, implement training plans and provide training and knowledge transfer to DHCS staff; 5. Provide reports, diagrams, tables and analysis as required; 6. Provide documentation and technical specifications for supporting the web development environment;


of 28

7. Weekly oral report to the consultant’s supervisor on the status of all projects and activities currently assigned to the consultant; 8. Provide logical, and physical Network diagrams of systems, as planned and as-built for all systems the consultant is assigned to research; 9. Attend any DHCS Standards meetings to obtain approval of projects assigned to the consultant; 10. Attend all DHCS Unit staff meetings and be prepared to discuss the current status of all projects; 11. Submit required time sheets in a timely manner; 12. Project plans and schedules, in a work breakdown structure format, for all assigned projects; 13. Complete Infrastructure Change Request form and attendance at weekly meetings for all changes to the Enterprise. 14. Evaluate the capabilities of new products and be able to recommend various solutions to management. 15. Assess legacy system integration challenges and opportunities based on Health Care Reform (HCR) regulations, and document recommended methodologies of going about this system integration. Presentations of these findings to senior leadership in form of a PowerPoint presentation 16. Assess and document where synchronous data exchange and processing opportunities are available and where this will not be feasible. Present these findings in the form of a PowerPoint presentation to senior leadership.


of 28

SECTION 4. GENERAL PROVISIONS

In the event that the following conflicts with the DGS CMAS General Provisions for Information Technology, then the DGS CMAS General Provisions for Information Technology will take precedence. These provisions are available on the Department of General Services’ web site at http://www.pd.dgs.ca.gov/Buy/default.htm.

Amendments

At the State’s sole discretion, the purchase order may be extended for time or time and money and may be amended consistent with the terms and conditions of the original contract. Any purchase order resulting from this RFO may be amended to change the quantity, contract term, total contract dollar amount, and the Statement of Work by mutual agreement of the parties. Amendments to the purchase order will be issued by the DHCS Purchasing Services Unit. All such amendments shall be in writing.

Problem Escalation The parties acknowledge and agree that the contractor may wish to escalate issues pertaining to the administration of this agreement by DHCS. Such issues may include, but are not necessarily limited to, invoice processing and DHCS timeliness in meeting its other contractual obligations. Problems or issues shall normally be reported in regular status reports. However, there may be instances where the severity of the problem justifies escalated reporting. To this extent, the contractor will determine the level of severity and notify the appropriate DHCS personnel. The DHCS personnel notified and the time period taken to report the problem or issue shall be at a level commensurate with the severity of the problem or issue. DHCS personnel are to be notified in the following sequence: First level: DHCS Contract manager. Second level: DHCS Chief of the Infrastructure Management Architecture Section Third level: DHCS Chief of the Infrastructure Support Branch Fourth level: DHCS Chief Information Officer The contractor will advise the DHCS Contract Manager of any intended escalation. If the contractor is not entirely satisfied that the State is exercising its best efforts to resolve any problem or issue in an appropriate period of time, then the contractor must escalate the problem or issue to the next appropriate level(s).

Ownership of Products Refer to the “Rights in Work Product” section of the CMAS General Provisions for Information Technology. DHCS will retain ownership of all documents, procedures, etc. that the contractor develops while under contract with DHCS.

Confidentiality

http://www.pd.dgs.ca.gov/Buy/default.htm


of 28

Refer to the “Confidentiality of Data” section of the CMAS General Provisions for Information Technology. In addition to these General Provisions pertaining to confidentiality, the contractor will sign all confidentiality, privacy, security and conflict of interest agreements as required by DHCS to successfully provide the services described in this SOW/RFO.

HIPAA Business Associate Addendum (BAA)

This agreement has been determined to constitute a business associate relationship under the Health Insurance Portability and Accountability Act (“HIPAA”). As such, submission of a proposal in response to this RFO will constitute acceptance to the HIPAA BAA language. (See attachment C).

Exclusion for Conflict of Interest

No consultant shall be paid out of State funds for developing recommendations on the acquisition of IT goods or services or assisting in the preparation of a feasibility study, if that consultant is to be a source of such acquisition or would otherwise directly and/or materially benefit from the State adoption of such recommendations or the course of action recommended in the feasibility study. Further, no consultant shall be paid out of State funds for developing recommendations on the disposal of State surplus IT products if that consultant would directly and/or materially benefit from state adoption of such recommendations

Disclosure of Financial Interests

Proposals in response to State procurements for assistance in the preparation of feasibility studies or the development of recommendations for the acquisition of IT goods and services must disclose any financial interests (i.e., service contracts, OEM agreements, remarketing agreements, etc.) that may foreseeably allow the individual or organization submitting the proposal to materially benefit from the State's adoption of a course of action recommended in the feasibility study or of the acquisition recommendations.

Follow-on Contracts Refer to Section 43 “Follow-On Contracts” of the CMAS General Provisions for Information Technology.

Disposition of Response Materials Following Award

All materials submitted in response to this RFO will become the property of the Department of Health Care Services and, as such, are subject to the Public Records Act (GC Section 6250, et seq.). DHCS will disregard any language purporting to render all or portions of any response and price offer confidential. Following DHCS’ award decision, DHCS will release the name of the intended contract awardee. Following Purchase Order approval, all materials submitted in response to


of 28

this RFO and all documents used in the award process shall be available for review, inspection, and copying during normal business hours.

Inspecting or Obtaining Copies of Offers and/or Response Materials

Persons wishing to view or inspect any response, price offer, or RFO related materials must identify the items they wish to inspect and must make an inspection appointment by contacting Rebecca Voog at (916) 440-7079. Persons wishing to obtain copies of any response, price offer, or RFO related materials may submit a written request to DHCS via email, U.S Postal Service, or personal delivery at the address identified below. The requestor must specifically identify and/or describe the items they wish to receive copies of and indicate the number of copies requested. DHCS reserves the right to impose a charge of ten cents per page for all requested copies. If a copying/mailing fee is imposed, the requestor will be required to submit a check covering the copying and/or mailing costs to DHCS at the address noted below. DHCS will attempt to fulfill all copy requests as promptly as possible. Submit copy requests as follows:

U.S. Postal Service: Courier or Hand Delivery:

Request for Copies RFO #HBE-DA-2011-01 Attn: Rebecca Voog Department of Health Care Services Planning and Oversight Section Information Technology Services Division MS 6200, P.O. Box 997413 Sacramento, CA 95899-7413

Request for Copies RFO #HBE-DA-2011-01 Attn: Rebecca Voog Department of Health Care Services Planning and Oversight Section Information Technology Services Division 1615 Capital Avenue, 73.3.233 Sacramento, CA 95814

Email: [email protected]

Award Objections

California law does not provide a protest or appeal process against award decisions made through an informal selection method. Respondents submitting a price offer in response to this Request for Offer may not protest or appeal the award. The Department’s award decision shall be final.

Debriefings

Written or oral debriefings will not be given to unsuccessful respondents. Travel Costs

All travel costs shall be reimbursed at rates not to exceed those established for DHCS's non-represented employees, computed in accordance with and allowable pursuant to applicable Department of Personnel Administration regulations.

Completion Criteria


of 28

The contract will be considered complete when one of the following first occurs:

The total value of the contract has been expended; or

Upon completion and approval of the last deliverable as proposed by the contractor and agreed by DHCS; or

DHCS provides 30 calendar days written notice to the contractor that no additional services are required.

Funding

Funding for each state fiscal year is subject to an annual appropriation by the State Legislature or Congress. If full funding does not become available, DHCS will either cancel the resulting agreement or amend it to reflect reduced funding and reduced activities. Continuation beyond the first state fiscal year is also subject to contractor’s successful performance. Without prior DHCS authorization, a Contractor may not expend funds set aside for one budget period in a subsequent budget period.


of 28

Attachment A. Key Staff Qualifications

Complete this attachment (or a table or spreadsheet similar to it) for each of the proposed key staff. Failure to complete this attachment may be cause for rejection of the offer.

Qualifications

Experience

Number of Years

Name of project(s), staff role and the relevant experience on the project(s). List dates of each engagement

Reference information

2:

name, e-mail address, phone number

Mandatory: Minimum of 4 years of experience in the development of conceptual, logical and physical architectures and designs.

Mandatory: At least three (3) years of experience working on health information data system projects.

Mandatory: Minimum ten (10) years of experience making formal and informal presentations to various levels of project stakeholders (i.e., sponsors, executive committees, project teams) and leading structured discussion sessions. This includes the development of visual presentations and handouts used as part of the oral presentations.

Mandatory: Formal training and/or certification in data exchange architecture and design or equivalent experience as a principle architect.

Mandatory: Past experience in developing the data exchange components of comprehensive IT enabled business change solutions.

Mandatory: Experience with and/or knowledge of Enterprise Architecture and Medicaid Information Technology Architecture (MITA)

Desirable: Knowledge of and experience with Business Rules Engines.

Desirable: Knowledge of and experience with data exchange modeling processes and tools including Visio.

Desirable: Strong hands-on experience in leading the definition, design, development, integration, testing, deployment, and maintenance of data exchange systems.

Desirable: Demonstrated experience in building and leading technical teams.

Desirable: Knowledge of best practices, methods, tools, and techniques used to address each phase of a system’s life cycle

2 List at least two references in this column. Two references are not required for each row, instead a

minimum of two references is required for each staff person.


of 28

Qualifications

Experience

Number of Years

Name of project(s), staff role and the relevant experience on the project(s). List dates of each engagement

Reference information

2:

name, e-mail address, phone number

Desirable: Good grasp of modern data storage, management, transformation and reporting technologies including relational database technologies.

Desirable: Knowledge of database technologies in use in CRS (SQL Server, MS Access, MYSQL, SQLite, and Oracle 8i)

Desirable: Experience working with HHS and DHCS programs and projects, such as SAWS, MEDS, etc.


of 28

Attachment B. Cost Data Sheet

Provide one summary table that aggregates the costs and hours per contract staff. Provide this information in a table or spreadsheet similar to the format shown below.

Each offer should include a Travel line item of $5,000 for required travel to attend meetings and conferences throughout the state. All travel will be arranged by the state and reimbursed at negotiated state rates. Any fees claimed in excess of the state negotiated rates are the sole responsibility of the contractor and will not be reimbursed.

OFFER TOTALS

Staff name Project role Classification Published hourly rate

Negotiated hourly rate

Est. total hours

Total

[insert more rows if needed]

Travel n/a n/a n/a n/a $5,000.00

Contractor’s Offer Totals

AMENDMENTS

At the State’s sole discretion, the purchase order may be extended for time or time and money and may be amended consistent with the terms and conditions of the original contract.

Describe the basis (e.g., specified cost per hour) for any additional work not previously identified that may arise during this project. Provide the information in a table or spreadsheet similar to the format shown here:

Staff name Project role Classification Published hourly rate

Negotiated hourly rate

[Insert more rows if needed]


of 28

Attachment C. HIPAA Business Associate Addendum

I. Recitals A. This Contract (Agreement) has been determined to constitute a business associate

relationship under the Health Insurance Portability and Accountability Act (“HIPAA”) and its implementing privacy and security regulations at 45 CFR Parts 160 and 164 (“the HIPAA regulations:”).

B. The California Department of Health Care Services (“DHCS”) wishes to disclose to Business

Associate certain information pursuant to the terms of this Agreement, some of which may constitute Protected Health Information (“PHI”).

C. “Protected Health Information” or “PHI” means any information, whether oral or recorded in

any form or medium that relates to the past, present, or future physical or mental condition of an individual, the provision of health and dental care to an individual, or the past, present, or future payment for the provision of health and dental care to an individual; and that identifies the individual or with respect to which there is a reasonable basis to believe the information can be used to identify the individual. PHI shall have the meaning given to such term under HIPAA and HIPAA regulations, as the same may be amended from time to time.

D. “Security Incident” means the attempted or successful unauthorized access, use, disclosure,

modification, or destruction of PHI, or confidential data that is essential to the ongoing operation of the Business Associate’s organization and intended for internal use; or interference with system operations in an information system.

E. As set forth in this Agreement Contractor, here and after, is the Business Associate of

DHCS that provides services, arranges, performs or assists in the performance of functions or activities on behalf of DHCS and creates, receives, maintains, transmits, uses or discloses PHI.

F. DHCS and Business Associate desire to protect the privacy and provide for the security of

PHI created, received, maintained, transmitted, used or disclosed pursuant to this Agreement, in compliance with HIPAA and HIPAA regulations and other applicable laws.

G. The purpose of the Addendum is to satisfy certain standards and requirements of HIPAA

and the HIPAA regulations. H. The terms used in this Addendum, but not otherwise defined, shall have the same meanings

as those terms in the HIPAA regulations. In exchanging information pursuant to this Agreement, the parties agree as follows:

1. Permitted Uses and Disclosures of PHI by Business Associate A. Permitted Uses and Disclosures. Except as otherwise indicated in this Addendum,

Business Associate may use or disclose PHI only to perform functions, activities or services specified in this Agreement, for, or on behalf of DHCS, provided that such use or disclosure would not violate the HIPAA regulations, if done by DHCS.


of 28

B. Specific Use and Disclosure Provisions. Except as otherwise indicated in this

Addendum, Business Associate may: 1) Use and disclose for management and administration. Use and disclose PHI for the

proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate, provided that disclosures are required by law, or the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and will be used or further disclosed only as required by law or for the purpose for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware that the confidentiality of the information has been breached.

2) Provision of Data Aggregation Services. Use PHI to provide data aggregation

services to DHCS. Data aggregation means the combining of PHI created or received by the Business Associate on behalf of DHCS with PHI received by the Business Associate in its capacity as the Business Associate of another covered entity, to permit data analyses that relate to the health care operations of DHCS.

2. Responsibilities of Business Associate

Business Associate agrees: A. Nondisclosure. Not to use or disclose Protected Health Information (PHI) other than as

permitted or required by this Agreement or as required by law. B. Safeguards. To implement administrative, physical, and technical safeguards that

reasonably and appropriately protect the confidentiality, integrity, and availability of the PHI, including electronic PHI, that it creates, receives, maintains, uses or transmits on behalf of DHCS; and to prevent use or disclosure of PHI other than as provided for by this Agreement. Business Associate shall develop and maintain a written information privacy and security program that includes administrative, technical and physical safeguards appropriate to the size and complexity of the Business Associate’s operations and the nature and scope of its activities, and which incorporates the requirements of section C, Security, below. Business Associate will provide DHCS with its current and updated policies.

C. Security. To take any and all steps necessary to ensure the continuous security of all

computerized data systems containing PHI, and provide data security procedures for the use of DHCS at the end of the contract period. These steps shall include, at a minimum: 1) Complying with all of the data system security precautions listed in this Agreement or in

an Exhibit incorporated into this Agreement; and 2) Complying with the safeguard provisions in the Department’s Information Security

Policy, embodied in Health Administrative Manual (HAM), sections 6-1000 et seq. and in the Security and Risk Management Policy in the Information Technology Section of the State Administrative Manual (SAM), sections 4840 et seq., in so far as the security standards in these manuals apply to Business Associate’s operations. In case of a conflict between any of the security standards contained in any of these enumerated sources of security standards, the most stringent shall apply. The most stringent means


of 28

that safeguard which provides the highest level of protection to PHI from unauthorized disclosure. Further, Business Associate must comply with changes to these standards that occur after the effective date of this Agreement.

Business Associate shall designate a Security Officer to oversee its data security program who shall be responsible for carrying out the requirements of this section and for communicating on security matters with DHCS.

D. Mitigation of Harmful Effects. To mitigate, to the extent practicable, any harmful effect

that is known to Business Associate of a use or disclosure of PHI by Business Associate or its subcontractors in violation of the requirements of this Addendum.

E. Business Associate’s Agents. To ensure that any agents, including subcontractors, to

whom Business Associate provides PHI received from or created or received by Business Associate on behalf of DHCS, agree to the same restrictions and conditions that apply to Business Associate with respect to such PHI, including implementation of reasonable and appropriate administrative, physical, and technical safeguards to protect such PHI; and to incorporate, when applicable, the relevant provisions of this Addendum into each subcontract or subaward to such agents or subcontractors.

F. Availability of Information to DHCS and Individuals. To provide access as DHCS may

require, and in the time and manner designated by DHCS (upon reasonable notice and during Business Associate’s normal business hours) to PHI in a Designated Record Set, to DHCS (or, as directed by DHCS), to an Individual, in accordance with 45 CFR Section 164.524. Designated Record Set means the group of records maintained for DHCS that includes medical, dental and billing records about individuals; enrollment, payment, claims adjudication, and case or medical management systems maintained for DHCS health plans; or those records used to make decisions about individuals on behalf of DHCS. Business Associate shall use the forms and processes developed by DHCS for this purpose and shall respond to requests for access to records transmitted by DHCS within fifteen (15) calendar days of receipt of the request by producing the records or verifying that there are none.

G. Amendment of PHI. To make any amendment(s) to PHI that DHCS directs or agrees to

pursuant to 45 CFR Section 164.526, in the time and manner designated by DHCS. H. Internal Practices. To make Business Associate’s internal practices, books and records

relating to the use and disclosure of PHI received from DHCS, or created or received by Business Associate on behalf of DHCS, available to DHCS or to the Secretary of the U.S. Department of Health and Human Services in a time and manner designated by DHCS or by the Secretary, for purposes of determining DHCS’ compliance with the HIPAA regulations.

I. Documentation of Disclosures. To document and make available to DHCS or (at the

direction of DHCS) to an Individual such disclosures of PHI, and information related to such disclosures, necessary to respond to a proper request by the subject Individual for an accounting of disclosures of PHI, in accordance with 45 CFR 164.528.


of 28

J. Notification of Breach. During the term of this Agreement: 1) Discovery of Breach. To notify DHCS immediately by telephone call plus email or

fax upon the discovery of breach of security of PHI in computerized form if the PHI was, or is reasonably believed to have been, acquired by an unauthorized person, or within 24 hours by email or fax of any suspected security incident, intrusion or unauthorized use or disclosure of PHI in violation of this Agreement and this Addendum, or potential loss of confidential data affecting this Agreement. Notification shall be provided to the DHCS contract manager, the DHCS Privacy Officer and the DHCS Information Security Officer. If the incident occurs after business hours or on a weekend or holiday and involves electronic PHI, notification shall be provided by calling the DHCS ITSD Help Desk. Business Associate shall take: i. Prompt corrective action to mitigate any risks or damages involved with the breach

and to protect the operating environment and ii. Any action pertaining to such unauthorized disclosure required by applicable Federal

and State laws and regulations. 2) Investigation of Breach. To immediately investigate such security incident, breach, or

unauthorized use or disclosure of PHI or confidential data. Within 72 hours of the discovery, to notify the DHCS contract manager(s), the DHCS Privacy Officer, and the DHCS Information Security Officer of: i. What data elements were involved and the extent of the data involved in the breach,

ii. A description of the unauthorized persons known or reasonably believed to have improperly used or disclosed PHI or confidential data,

iii. A description of where the PHI or confidential data is believed to have been improperly transmitted, sent, or utilized,

iv. A description of the probable causes of the improper use or disclosure; and

v. Whether Civil Code sections 1798.29 or 1798.82 or any other federal or state laws requiring individual notifications of breaches are triggered.

3) Written Report. To provide a written report of the investigation to the DHCS contract

managers, the DHCS Privacy Officer, and the DHCS Information Security Officer within ten (10) working days of the discovery of the breach or unauthorized use or disclosure. The report shall include, but not be limited to, the information specified above, as well as a full, detailed corrective action plan, including information on measures that were taken to halt and/or contain the improper use or disclosure.

4) Notification of Individuals. To notify individuals of the breach or unauthorized use or

disclosure when notification is required under state or federal law and to pay any costs of such notifications, as well as any costs associated with the breach. The DHCS contract managers, the DHCS Privacy Officer, and the DHCS Information Security Officer shall approve the time, manner and content of any such notifications.

5) DHCS Contact Information. To direct communications to the above referenced DHCS

staff, the Contractor shall initiate contact as indicated herein. DHCS reserves the right to make changes to the contact information below by giving written notice to the


of 28

Contractor. Said changes shall not require an amendment to this Agreement or Addendum.

DHCS Contract Manager DHCS Privacy Officer DHCS Information Security

Officer

Department of Health Care Services ITSD/Enterprise Architecture Program Attn: Ben Word MS Code 6300 P.O. Box 997413 Sacramento, CA 95814-5006

Phone: (916) 440-7223

Privacy Officer c/o Office of Legal Services Department of Health Services P.O. Box 997413, MS 0011 Sacramento, CA 95899-7413 Email: [email protected] Telephone: (916) 445-4646

Information Security Officer Information Security Office P.O. Box 997413, MS 6302 Sacramento, CA 95899-7413 Email: [email protected] Telephone: ITSD Help Desk (916) 440-7000 or (800) 579-0874

K. Employee Training and Discipline. To train and use reasonable measures to ensure

compliance with the requirements of this Addendum by employees who assist in the performance of functions or activities on behalf of DHCS under this Agreement and use or disclose PHI; and discipline such employees who intentionally violate any provisions of this Addendum, including by termination of employment. In complying with the provisions of this section K, Business Associate shall observe the following requirements: 1) Business Associate shall provide information privacy and security training, at least

annually, at its own expense, to all its employees who assist in the performance of functions or activities on behalf of DHCS under this Agreement and use or disclose PHI.

2) Business Associate shall require each employee who receives information privacy and

security training to sign a certification, indicating the employee’s name and the date on which the training was completed.

3) Business Associate shall retain each employee’s written certifications for DHCS

inspection for a period of three years following contract termination.

3. Obligations of DHCS DHCS agrees to: A. Notice of Privacy Practices. Provide Business Associate with the Notice of Privacy

Practices that DHCS produces in accordance with 45 CFR 164.520, as well as any changes to such notice. Visit this Internet address to view the most current Notice of Privacy Practices: http://www.dhcs.ca.gov/formsandpubs/laws/priv/Pages/NoticeofPrivacyPractices.aspx

B. Permission by Individuals for Use and Disclosure of PHI. Provide the Business

Associate with any changes in, or revocation of, permission by an Individual to use or disclose PHI, if such changes affect the Business Associate’s permitted or required uses and disclosures.

C. Notification of Restrictions. Notify the Business Associate of any restriction to the use or

disclosure of PHI that DHCS has agreed to in accordance with 45 CFR 164.522, to the extent that such restriction may affect the Business Associate’s use or disclosure of PHI.



http://www.dhcs.ca.gov/formsandpubs/laws/priv/Pages/NoticeofPrivacyPractices.aspx


of 28

D. Requests Conflicting with HIPAA Rules. Not request the Business Associate to use or

disclose PHI in any manner that would not be permissible under the HIPAA regulations if done by DHCS.

4. Audits, Inspection and Enforcement

From time to time, DHCS may inspect the facilities, systems, books and records of Business Associate to monitor compliance with this Agreement and this Addendum. Business Associate shall promptly remedy any violation of any provision of this Addendum and shall certify the same to the DHCS Privacy Officer in writing. The fact that DHCS inspects, or fails to inspect, or has the right to inspect, Business Associate’s facilities, systems and procedures does not relieve Business Associate of its responsibility to comply with this Addendum, nor does DHCS’:

A. Failure to detect or B. Detection, but failure to notify Business Associate or require Business Associate’s

remediation of any unsatisfactory practices constitute acceptance of such practice or a waiver of DHCS’ enforcement rights under this Agreement and this Addendum.

5. Termination

A. Termination for Cause. Upon DHCS’ knowledge of a material breach of this Addendum by

Business Associate, DHCS shall: 1) Provide an opportunity for Business Associate to cure the breach or end the violation

and terminate this Agreement if Business Associate does not cure the breach or end the violation within the time specified by DHCS;

2) Immediately terminate this Agreement if Business Associate has breached a material

term of this Addendum and cure is not possible; or 3) If neither cure nor termination is feasible, report the violation to the Secretary of the U.S.

Department of Health and Human Services. B. Judicial or Administrative Proceedings. Business Associate will notify DHCS if it is

named as a defendant in a criminal proceeding for a violation of HIPAA. DHCS may terminate this Agreement if Business Associate is found guilty of a criminal violation of HIPAA. DHCS may terminate this Agreement if a finding or stipulation that the Business Associate has violated any standard or requirement of HIPAA, or other security or privacy laws is made in any administrative or civil proceeding in which the Business Associate is a party or has been joined.

C. Effect of Termination. Upon termination or expiration of this Agreement for any reason,

Business Associate shall return or destroy all PHI received from DHCS (or created or received by Business Associate on behalf of DHCS) that Business Associate still maintains in any form, and shall retain no copies of such PHI or, if return or destruction is not feasible, shall continue to extend the protections of this Addendum to such information, and shall limit further use of such PHI to those purposes that make the return or destruction of such PHI infeasible. This provision shall apply to PHI that is in the possession of subcontractors or agents of Business Associate.


of 28

6. Miscellaneous Provisions

A. Disclaimer. DHCS makes no warranty or representation that compliance by Business

Associate with this Addendum, HIPAA or the HIPAA regulations will be adequate or satisfactory for Business Associate’s own purposes or that any information in Business Associate’s possession or control, or transmitted or received by Business Associate, is or will be secure from unauthorized use or disclosure. Business Associate is solely responsible for all decisions made by Business Associate regarding the safeguarding of PHI.

B. Amendment. The parties acknowledge that federal and state laws relating to electronic

data security and privacy are rapidly evolving and that amendment of this Addendum may be required to provide for procedures to ensure compliance with such developments. The parties specifically agree to take such action as is necessary to implement the standards and requirements of HIPAA, the HIPAA regulations and other applicable laws relating to the security or privacy of PHI. Upon DHCS’ request, Business Associate agrees to promptly enter into negotiations with DHCS concerning an amendment to this Addendum embodying written assurances consistent with the standards and requirements of HIPAA, the HIPAA regulations or other applicable laws. DHCS may terminate this Agreement upon thirty (30) days written notice in the event: 1) Business Associate does not promptly enter into negotiations to amend this Addendum

when requested by DHCS pursuant to this Section or 2) Business Associate does not enter into an amendment providing assurances regarding

the safeguarding of PHI that DHCS in its sole discretion, deems sufficient to satisfy the standards and requirements of HIPAA and the HIPAA regulations.

C. Assistance in Litigation or Administrative Proceedings. Business Associate shall make

itself and any subcontractors, employees or agents assisting Business Associate in the performance of its obligations under this Agreement, available to DHCS at no cost to DHCS to testify as witnesses, or otherwise, in the event of litigation or administrative proceedings being commenced against DHCS, its directors, officers or employees based upon claimed violation of HIPAA, the HIPAA regulations or other laws relating to security and privacy, which involves inactions or actions by the Business Associate, except where Business Associate or its subcontractor, employee or agent is a named adverse party.

D. No Third-Party Beneficiaries. Nothing express or implied in the terms and conditions of

this Addendum is intended to confer, nor shall anything herein confer, upon any person other than DHCS or Business Associate and their respective successors or assignees, any rights, remedies, obligations or liabilities whatsoever.

E. Interpretation. The terms and conditions in this Addendum shall be interpreted as broadly

as necessary to implement and comply with HIPAA, the HIPAA regulations and applicable state laws. The parties agree that any ambiguity in the terms and conditions of this Addendum shall be resolved in favor of a meaning that complies and is consistent with HIPAA and the HIPAA regulations.

F. Regulatory References. A reference in the terms and conditions of this Addendum to a

section in the HIPAA regulations means the section as in effect or as amended.


of 28

G. Survival. The respective rights and obligations of Business Associate under Section 6.C of

this Addendum shall survive the termination or expiration of this Agreement. H. No Waiver of Obligations. No change, waiver or discharge of any liability or obligation

hereunder on any one or more occasions shall be deemed a waiver of performance of any continuing or other obligation, or shall prohibit enforcement of any obligation, on any other occasion.

RFO # HBE-DA-2011-01

Documents

Transcript of RFO # HBE-DA-2011-01