On July 15, 2012, FEI Systems was chosen as one of the prime recipients by the National Institutes of Health (NIH) Information Technology Assessment and Acquisition Center (NITAAC) for their Chief Information Officer – Solutions and Partners 3 (CIO-SP3) 8(a) & Small Business contract. CIO-SP3 is a multiple award Government Wide Acquisition Contract (GWAC) with a ceiling value of $20 billion, and it can be used by federal civilian or Department of Defence (DoD) Agencies to meet scientific, health, administrative, operational, managerial and information management requirements. It was designed to provide general IT purchases across all agencies, and it gives Government agencies a mechanism for the quick ordering of needed IT solutions and services for the best value. CIO-SP3 offers government agencies an unprecedented breadth of IT that supports the Federal Enterprise Architecture, the Federal Health Architecture, and the DoD Enterprise Architecture, and it can be used to meet the requirements of agencies with Data Center Consolidation, Cloud Computing, Health IT, Mobility, and Cybersecurity needs.
Under the NITAAC program, agencies receive an easy-to-use, secure web-based e-GOS ordering system for automated task order completion, set-aside, management, and awardee selection and notification. The customer service center is able to deliver a 1-hour response time for any contractual, technical or procedural question, and it provides 1-day turnaround on free, comprehensive SOW/SOO assessment for every task order. Finally, there is no special “Delegation of Procurement Authority” required. Meanwhile, the GWAC itself offers streamlined ordering and procedures under FAR Subpart 16.505 save time, money, and resources, while 8(a) competition allows for sole source awards without additional competition or justification under FAR Subpart 19.804-6 (b).
CIO-SP3 Small Business Contract Holders have gone through a comprehensive review process prior to award, which includes dimensions such as technical capabilities, past performance, price and cost. This enables contract officers to use simplified evaluations at the task order level, resulting in significant savings in time, money, and resources. Furthermore, ceiling rates were negotiated at the Master Contract level to be the best available, so agencies start with the most competitive rates available; however, competition will only help to lower those rates further. Finally, contract holders were rated in and awarded the contract in up to 10 different task areas, for a total of 10 years.
Under this contract, FEI Systems has the opportunity to deliver a wide range of services, including software development, digital government, outsourcing, integration services, IT operations and maintenance, and IT services for biomedical research, health sciences, and healthcare. The CIO-SP3 Hourly Rates Tables below provides information regarding the pre-negotiated, ceiling labor rates for the 6 task areas in which FEI Systems was qualified.
Contract Number: Small Business: HHSN316201200139W
Prompt Payment Terms: Net 30
Task Area 1: IT Services for Biomedical Research, Health Sciences, and Healthcare
Task Area 2: Chief Information Officer (CIO) Support
Task Area 3: Imaging
Task Area 4: Outsourcing
Task Area 5: IT Operations and Maintenance
Task Area 6: Integration Services
Task Area 7: Critical Infrastructure Protection and Information Assurance
Task Area 8: Digital Government
Task Area 9: Enterprise Resource Planning
Task Area 10: Software Development
For additional information about NITAAC or the CIO-SP3 Small Business Contract, please visit the NITAAC website at:
http://nitaac.nih.gov/nitaac/contracts/cio-sp3-small-business
Columbia, Maryland, May 13, 2024 – FEI.com, Inc. dba FEI Systems (“FEI”) currently contracts with The Texas Health and Human Service Commission (“HHSC”) to provide a critical incident management system which captures critical incident reportable events for persons receiving services from health care providers in Texas (“Texas CIMS”). Among other things, Texas CIMS provides reports permitting health care providers to access certain personal information of individuals for whom they provide services. The reporting tools in Texas CIMS are configured such that health care providers are able to view personal information only for those individuals they serve. Between May 1, 2023 and August 4, 2023, however, one of the reports in the system was not so configured, and, as a result, up to 17 administrators for various Texas health care providers may have viewed information in the report that did not belong to the individuals served by their respective providers. The information involved may have included individuals’ first names, last names, dates of birth, social security numbers, Medicaid IDs, and/or Care IDs.
FEI conducted a thorough review of the reasons why the information may have been viewable and has now remedied the issue such that provider administrators who access the report can only see information about the individuals directly served by their respective health care providers. It is important to note that this was not a hacking incident. Instead, each of the provider administrators who may have accessed the report between May 1, 2023 and August 4, 2023 was authorized by HHSC to access Texas CIMS to view the confidential information of their health care providers and are trained to properly protect personal information, and each administrator attests upon signing on to Texas CIMS to protect the information that they see. FEI has no reason to believe the administrators that accessed Texas CIMS or the report at issue have misused any personal or sensitive information.
On May 9, 2024, FEI provided notice of this incident to potentially impacted individuals. In so doing, FEI provided information about the incident and about steps that potentially impacted individuals can take to protect their information. FEI also offered impacted individuals with access to complimentary credit monitoring and identity protection services.
FEI has established a toll-free call center to answer questions about the incident and to address related concerns. Call center representatives can be reached at 1-844-710-1716 between the hours of 8:00 a.m. to 8:00 p.m. Eastern time, Monday through Friday, excluding holidays.
The privacy and protection of personal information is a top priority for FEI, and FEI regrets any inconvenience or concern this incident may cause.
While we have no evidence of the misuse of any potentially impacted individual’s information, we are providing the following information to help those wanting to know more about steps they can take to protect themselves and their personal information:
What steps can I take to protect my personal information?
How do I obtain a copy of my credit report?
You may obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting http://www.annualcreditreport.com/, calling toll-free 877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You also can contact one of the following three agencies:
How do I put a fraud alert on my account?
You may want to consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit file for one year. The alert informs creditors of possible fraudulent activity within your report and requests that the creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact any of the three credit reporting agencies identified above. Additional information is available at http://www.annualcreditreport.com.
How do I put a security freeze on my credit reports?
You have the right to place a security freeze on your credit report. A security freeze is intended to prevent credit, loans, and services from being approved in your name without your consent. To place a security freeze on your credit report, you need to make a request to each consumer reporting agency. You may make that request by certified mail, overnight mail, or regular stamped mail, or online by following the instructions found at the websites listed below. You will need to provide the following information when requesting a security freeze (note that if you are making a request for your spouse, this information must be provided for him/her as well): (1) full name, with middle initial and any suffixes; (2) Social Security number; (3) date of birth; and (4) address. You may also be asked to provide other personal information such as your email address, a copy of a government-issued identification card, and a copy of a recent utility bill or bank or insurance statement. It is essential that each copy be legible, display your name and current mailing address, and the date of issue. There is no charge to place, lift, or remove a freeze.
What should I do if my family member’s information was involved in the incident and is deceased?
You may choose to notify the three major credit bureaus, Equifax, Experian and TransUnion, and request they flag the deceased credit file. This will prevent the credit file information from being used to open credit. To make this request, mail a copy of your family member’s death certificate to each company at the addresses below.
What should I do if my minor child’s information is involved in the incident?
You can request that each of the three national credit reporting agencies perform a manual search for a minor’s Social Security number to determine if there is an associated credit report. Copies of identifying information for the minor and parent/guardian may be required, including birth or adoption certificate, Social Security card and government issued identification card. If a credit report exists, you should request a copy of the report and immediately report any fraudulent accounts to the credit reporting agency. You can also report any misuse of a minor’s information to the FTC at https://www.identitytheft.gov/. For more information about Child Identity Theft and instructions for requesting a manual Social Security number search, visit the FTC website: https://www.consumer.ftc.gov/articles/0040-child-identity-theft. Contact information for the three national credit reporting agencies may be found above.
Review Your Account Statements and Notify Law Enforcement of Suspicious Activity
As a precautionary measure, we recommend that you remain vigilant by reviewing your account statements and credit reports closely. If you detect any suspicious activity on an account, you should promptly notify the financial institution or company with which the account is maintained. You also should promptly report any fraudulent activity or any suspected incidence of identity theft to proper law enforcement authorities, including your state attorney general and the Federal Trade Commission (FTC).
To file a complaint with the FTC, go to IdentityTheft.gov or call 1-877-ID-THEFT (877-438-4338). Complaints filed with the FTC will be added to the FTC’s Identity Theft Data Clearinghouse, which is a database made available to law enforcement agencies.
Obtain and Monitor Your Credit Report
We recommend that you obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting www.annualcreditreport.com, calling toll-free 877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You can access the request form at https://www.annualcreditreport.com/requestReport/requestForm.action. Or you can elect to purchase a copy of your credit report by contacting one of the three national credit reporting agencies. Contact information for the three national credit reporting agencies for the purpose of requesting a copy of your credit report or for general inquiries is provided below:
Consider Placing a Fraud Alert on Your Credit Report
You may want to consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your report and requests that the creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact any of the three credit reporting agencies identified above. Additional information is available at www.annualcreditreport.com.
Credit Report Monitoring/Identity Theft Protection Services
In addition, FEI will arrange to provide you with credit monitoring/identity theft protection services for one year, at no cost to you. Please contact us within 90 days of this notice to do so.