request for proposal proposal number: 65 …

of 8 revised 092016

REQUEST FOR PROPOSAL

PROPOSAL NUMBER: 65-RFP3000008797 ISSUE DATE: OCTOBER 23 2020

TITLE: SURVEILLANCE TESTING FOR COVID

THE UNIVERSITY OF NORTH CAROLINA AT CHAPEL HILL

ISSUING AGENCY: UNIVERSITY OF NORTH CAROLINA AT CHAPEL HILL

PROCUREMENT SERVICES

104 AIRPORT DRIVE, SUITE 2700

CHAPEL HILL, NORTH CAROLINA 27599-1100

ATTENTION: Mr. Mark Sillman

Phone: 919.962.9463

Email: [email protected]

USING DEPARTMENT: PROVOST OFFICE

IMPORTANT: This is a TWO-STEP RFP process. Proposals shall be received from each Offeror in two (2) separate

emails sent to [email protected] as a single MSWORD Document.

The first one shall be the technical proposal and it shall have a subject line of “RFP 3000008797 – Technical

Proposal – Company Name”.

The second one shall be the cost proposal and it shall have a subject line of “RFP 3000008797 – Cost


For additional information about the process see Section 4.03.

Sealed proposals shall be received until 3:00 p.m. on NOVEMBER 12, 2020 for furnishing the services described herein at the

address indicated above as the Issuing Agency. Proposals not received by 3:00 p.m. on NOVEMBER 12, 2010 shall not be

considered. No details of the proposals will be divulged at the time of opening.

All questions concerning this RFP must be submitted via email as a Microsoft word document to [email protected], no

later than 1:00 p.m. on OCTOBER 30, 2020. Please ensure that the subject line of your email says something like “Questions

for RFP 3000008797” so that your questions will be properly identified and not discarded as possible spam. A summary of all

questions and answers will be posted on the Internet or emailed as an addendum, located under the RFP number being modified.

It is the Offerors responsibility to assure that all addenda, if any have been reviewed, signed and returned.

mailto:[email protected]

of 8

revised 092016

ARTICLE I

GENERAL PROVISIONS

Section 1.01 PURPOSE:

The University of North Carolina at Chapel Hill is seeking proposals to implement mandatory routine COVID-19 testing of

asymptomatic persons at various sites dispersed throughout campus, thereby making the testing accessible to everyone for

whom it is required.

Section 1.02 BACKGROUND:

In preparation for a new school year strategic planning is in process, the School is seeking proposals to implement a program to

provide routine COVID-19 testing of asymptomatic persons at various sites dispersed throughout campus. There by making it

fully available to all those requiring the tests.

ARTICLE II

DEFINITIONS

Section 2.01 DEFINITIONS.

As used herein, the following terms shall have the meanings indicated below:

“Contract Administrator” shall mean the University representative who shall be the direct liaison between the Contractor and

the University for this contract. That representative will be Doctor Amir Barzis.

"Contractor" shall mean the Contractor that will provide the professional services to the University.

“Offeror” shall mean a company or other entity submitting a proposal in response to this Request for Proposal.

"Term" shall refer to the length of time the contract will be valid.

"University" shall mean, The University of North Carolina at Chapel Hill for its Office of the Executive Vice Chancellor and

Provost

Section 2.02 UNIVERSITY HOLIDAY SCHEDULE.

The University’s Holiday Schedule is maintained at https://hr.unc.edu/benefits/leave-and-holidays/index.htm and shall be

considered the official posting for all University recognized holidays.

https://hr.unc.edu/benefits/leave-and-holidays/index.htm

of 8

revised 092016

ARTICLE III

DUTIES AND RESPONSIBILITIES OF CONTRACTOR

The Contractor hereby agrees to work directly with the School, or its designated Contract Administrator, in connection with

carrying out and conducting all of the following duties and responsibilities during the term of this agreement to be negotiated

under mutual agreement between the Contractor and the School or its Contract Administrator.

Section 3.01 The Contractor shall be responsible for providing COVID testing using saliva or mid-turbinate nasal swabs for

SARS-CoV-2 active virus.

Section 3.02 The Contractor shall be responsible for providing information on any other innovations in testing and processing

that takes the place of COVID testing using saliva or mid-turbinate nasal swabs for SARS-CoV-2 active virus as they may be

approved.

Section 3.03 The Contractor shall be responsible for having the ability to process as many as 6,000 test per day.

Section 3.04 The Contractor shall be responsible for having the ability to process these tests with a turnaround time for

providing results in 48 hours or less from the time the test is administered.

Section 3.05 The Contractor shall be responsible for providing a system for reporting with regard to returning results that is

compatible with reporting to the offeror, NCDHHS, Orange County Health Department and other possible agencies as may be

directed.

Section 3.06 The Contractor shall be responsible for maintaining a proper quality assurance program.

Section 3.07 The Contractor should have the ability for providing on-sight personnel for the collection of specimens.

Section 3.08 The Contractor shall be responsible, if providing personnel to collect specimens, ensuring that such personnel

have been trained in the proper use of personal protective equipment plus vendor must supply such equipment and ensure that

personnel are properly protected at all time.

Section 3.09 The Contractor shall comply with all applicable laws in connection with providing the services, including but not

limited to N.C. Gen. Stat. § 90-210 and HIPAA requirements regarding privacy and security.

Section 3.10 (This only applies if Vendor is offering to provide people for on-sight collection) The Contractor shall be

responsible, at no additional cost to the University, for securing comprehensive criminal background checks on all employees

and subcontractors of Contractor who will be involved in rendering services at the University. These background checks shall

include a complete criminal history, including traffic records, and be performed by a reputable company providing statewide

North Carolina searches covering a minimum of the last seven (7) years. Out of state searches shall be required for persons

living in the state of North Carolina for less than seven (7) years. This documentation shall be provided to the Contract

Administrator at least twenty-four (24) hours prior to any employee or subcontractor of Contractor performing work under this

contract. This is an ongoing requirement will apply, in addition to current employees, to any new employees hired after the

contract has been awarded. Persons without this documentation may be turned away and not allowed to work on any property

owned or utilized by the University until proper documentation is submitted and approved by the Contract Administrator. The

University reserves the right to keep any person from being assigned to work on its property if that person (1) has been

convicted of a criminal offense since the age of eighteen (18), (2) has an outstanding warrant or a pending court case, or (3) if

related to his/her work at the University, has current habitual problems with traffic-related issues such as no driver’s license, no

vehicle tags, and/or no insurance.

of 8

revised 092016

ARTICLE IV

THE PROCUREMENT PROCESS

Section 4.01 PROPOSALS

All proposals are subject to the terms and conditions outlined herein. All responses shall be controlled by such terms and

conditions and the submission of other terms and conditions and other documents as part of an Offeror’s response will be

waived and have no effect either on this RFP or any contract that may be awarded resulting from this solicitation. The

submission of any other terms and conditions by an Offeror may be grounds for rejection of the Offeror’s proposal. Offeror

specifically agrees to the conditions set forth in this paragraph by the signature of its authorized representative on the execution

of the proposal page contained herein.

Section 4.02 PRE-PROPOSAL CONFERENCE

INTENTIONALLY REMOVED

Section 4.03 SELECTION PROCESS

Following is a general description of the process by which a Contractor will be selected to provide required services:

A. Request for Proposal (RFP) is issued.

B. Offerors shall submit in writing any questions they may have.

C. Proposals shall be received from each Offeror in two (2) separate emails sent to [email protected] as a

single MSWORD Document.

The first one shall be the technical proposal and it shall have a subject line of “RFP 3000008797 – Technical


The second one shall be the cost proposal and it shall have a subject line of “RFP 3000008797 – Cost


D. The proposal must be received by the Issuing Agency no later than the date and time specified on the cover of the

RFP.

E. At that date and time all technical proposals from each responding firm shall be opened and the name of each

Offeror shall be annotated on a bid tabulation form with a copy going to each Offeror who submitted a proposal.

This is due to the COVID 19 Pandemic.

F. The technical proposal is checked to ensure that the Execution of Proposal page is present and has been signed and

dated by an official authorized to bind the firm and then forwarded to the customer for evaluation.

G. After all technical proposals have been evaluated, only the cost proposals of those Offerors meeting the

specifications shall be opened and annotated on the bid tabulation form with a copy going to each Offeror who

submitted a proposal. This is due to the COVID 19 Pandemic.

H. The Offerors with acceptable technical proposals shall be notified of the time and place for the opening of the cost

proposals. At least two (2) working days notice shall be given prior to the opening. This paragraph does not apply

at this time due to the COVID 19 Pandemic.

I. Award shall be made to the responsible, responsive Offeror(s) whose proposal is most advantageous to the

University in accordance with the specifications set forth in this RFP.

mailto:[email protected]

of 8

revised 092016

Section 4.04 REQUIRED PROPOSAL CONTENT

Qualified Offerors are encouraged to submit a proposal for performing the services described herein. All proposals must be

submitted strictly in accordance with the requirements of this RFP. Failure to include any required information in the

proposal may disqualify an Offeror as a potential Contractor. Proposals shall be prepared simply and succinctly providing

a straightforward, concise description of the Offeror’s abilities to satisfy the requirements of this RFP. Emphasis shall be on

completeness and clarity of content. The information shall be prepared and submitted in the order given below. The proposal

shall be of sufficient detail to describe the following:

PROPOSAL:

A. The Offeror shall submit a brief company profile including, but not limited to, the following:

➢ The year the company was founded

➢ The total number of years the company has been in business

➢ The core services offered

➢ Information on FDA Emergency Use Authorization for test, CLIA approved lab

➢ Describe what test(s) is being offered (platform being used PCR, antigen, etc.)

➢ Confirm supply chain availability at all stages of the testing process (e.g. reagent, lab consumables, etc.)

➢ Provide information on your reporting capabilities and requirements with regard to returning results (describe

systems to return results, electronic systems preferred as are systems that are compatible with reporting to the

offeror, NCDHHS, Orange County Health Department and other possible agencies as may be directed.)

➢ Information on quality assurance procedures for tests

➢ Information on procedures in place to ensure compliance with HIPAA and ensuring privacy of personally

identifiable information, including health information

➢ Information on accuracy (i.e., sensitivity and specificity; “gold” standard used to determine accuracy) of the test in

asymptomatic populations (number and populations tested)

➢ Describe any other innovation or process management that can be offered, cell phone applications, data analytics

or informatics support.

➢ If able to offer personnel to collect specimens please provide a staffing plan and system for collection of

specimens on and around UNC campus

➢ If providing personnel to collect specimens please provide some proof or written assurance that such personnel

have been trained in the proper use of personal protective equipment that vendor can supply such equipment.

B. The Offeror shall submit the resume of the on-sight supervisor if one is being provided.

C. The Offeror shall list a minimum of three (3) references, including point of contact name, phone number, email

address.

D. The Offeror shall provide copies of insurance certificates with respect to each of the insurance policies to be

maintained in compliance with the provisions of Article V.

E. The Offeror shall provide a signed copy of the Execution of Proposal page with the proposal. The Execution of

Proposal page is located directly after Article VII, Terms and Conditions.

F. The Offeror shall provide a completed copy of the WHERE SERVICE CONTRACTS WILL BE PERFORMED

page with the proposal. The WHERE SERVICE CONTRACTS WILL BE PERFORMED page is located directly

after the Execution of Proposal page.

G. The Offeror shall completely fill out Section VI, PRICING SCHEDULE, and include it in the proposal. All blanks in

Section VI, PRICING SCHEDULE, must be filled in.

of 8

revised 092016

Section 4.05 PROPOSAL SUBMISSION AND OPENING

The technical and cost proposals must be received by the Issuing Agency no later than the date and time specified on the cover

of this RFP. Each technical and cost proposal shall be emailed separately.

Section 4.06 EVALUATION OF PROPOSALS

The Offeror’s proposal shall be submitted at the time specified. Designated University staff members shall evaluate the

proposals received and will consider the following factors in recommending award to a qualified firm. These factors are not

necessarily listed in order of priority.

A. Overall experience and qualifications of the Offeror and proposed personnel

B. Cost per test

C. Ability to adhere to the turnaround time

D. Test availability and accuracy

E. Capacity to test large volumes of tests quickly and efficiently(at least 6000 tests per day)

F. References and experience

G. Reporting capabilities

Offerors are cautioned that this is a request for proposal, not a request to contract, and the University reserves the unqualified

right to reject offers for any contract when such rejection is deemed to be in the best interest of the University. The award of a

contract to one Offeror does not mean that the other proposals lack merit, but that with all factors considered, that proposal was

most advantageous to the University. Requirements of this proposal are the minimum acceptable.

Section 4.07 REQUEST FOR OFFERS

Offerors are cautioned that this is a request for proposal, not a request to contract, and the University reserves the unqualified

right to reject offers for any contract when such rejection is deemed to be in the best interest of the University. The award of a

contract to one Offeror does not mean that the other proposals lack merit, but that with all factors considered, that proposal was

most advantageous to the University. Requirements of this proposal are the minimum acceptable.

Section 4.08 ELABORATE PROPOSALS

Elaborate proposals in the form of brochures or other presentations beyond that necessary to present a complete and effective

proposal are not desired.

In an effort to support the sustainability efforts of the University we solicit your cooperation in this endeavor.

It is desirable that all responses meet the following requirements:

• All copies are printed double sided.

• All submittals and copies are printed on recycled paper with a minimum post-consumer content of 30% and indicate

this information accordingly on the response.

• Unless absolutely necessary, all submittals and copies should minimize or eliminate use of non-recyclable or non-

reusable materials such as plastic report covers, plastic dividers, vinyl sleeves and GBC binding. Three ringed binders,

glued materials, paper clips and staples are acceptable.

• Materials should be submitted in a format which allows for easy removal and recycling of paper material.

of 8

revised 092016

Section 4.09 ORAL EXPLANATIONS

The University at its option may request oral presentations, or discussions with any or all Offerors for the purpose of

clarification or to amplify the material presented in any part of the technical proposal. However, Offerors are cautioned that the

University is not required to request clarification; therefore, all proposals should be complete and concise and reflect the most

favorable terms available from the Offeror. The University shall not be bound by oral explanations or instructions given at any

time during the competitive process prior to award.

Section 4.10 REFERENCE TO OTHER DATA

Only information that is received in response to this RFP shall be evaluated; references to information previously submitted

shall not be evaluated.

Section 4.11 RIGHT TO SUBMITTED MATERIALS

All responses, inquiries, or correspondence relating to or in reference to this RFP, and all other reports, charts, displays,

schedules, exhibits, and other documentation submitted by the Offerors shall become the property of The University when

received.

Section 4.12 COST OF PROPOSAL PREPARATION

Any costs incurred by the Offeror in preparing or submitting proposals are the Offeror’s sole responsibility; the University shall

not reimburse any Offeror for any costs incurred prior to award.

Section 4.13 PROTECTION OF OFFEROR TRADE SECRETS

The University will maintain the confidentiality of Offeror's “trade secrets”, in accordance with N.C. Gen. Stat. §132-1, et. seq.

(the “NC Public Records Act”). Trade secrets are defined by North Carolina statute as "business or technical information,

including but not limited to a formula, pattern, program, device, compilation of information, method, technique, or process that

derives independent actual or potential commercial value from (i) not being generally known or readily ascertainable through

independent development or reverse engineering by persons who can obtain economic value from its disclosure or use, and (ii)

is the subject of efforts that are reasonable under the circumstances to maintain its secrecy." (See N.C. Gen. Stat. §66-152).

Offeror shall designate the page(s) of the materials it delivers to the University that contain "trade secrets" by printing

“CONFIDENTIAL” in boldface at the top and bottom of the applicable page(s). Under the North Carolina Administrative

Code, price information shall not be deemed confidential (NCAC Title I, Chapter 5B.1501). In spite of what is labeled as

confidential, the determination as to whether the information is subject to disclosure shall be determined by North Carolina law.

The obligations of non-disclosure shall not apply to the following:

A. Information which, at the time of disclosure is in the public knowledge.

B. Information which, after disclosure becomes part of the public knowledge by publication or otherwise, except by

breach of this contract.

C. Information which was in the possession of the University at the time of disclosure and which was not acquired,

directly or indirectly by recipient from the disclosing party, and which prior possession can be proven by

documentary evidence.

D. Information received from third parties, provided such information was not obtained to their knowledge by said

third parties, directly or indirectly, on a confidential basis.

E. Information which is independently developed by the University’s personnel not privy to the Information.

F. Information contained in the Pricing Schedule, Article VI.

of 8

revised 092016

Section 4.14 DEBARMENT STATUS

By submitting a proposal, the Offeror certifies that it is not currently debarred from bidding on contracts by any agency of the

State of North Carolina or any agency of the federal government, nor is it an agent of any person or entity that is currently

debarred from submitting bids on contracts by any agency of the State of North Carolina or any agency of the federal

government.

Section 4.15 TITLES

Titles and headings in this RFP and any subsequent contract are for convenience only and shall have no binding force or effect.

Section 4.16 OFFEROR’S REPRESENTATIVE

Offerors shall submit the name, address, and telephone number of the person(s) with the authority to bind the Offeror and

answer questions or provide clarification concerning the Offeror’s proposal.

Section 4.17 COMPETITIVE OFFER

Under penalty of perjury, the signer of any proposal submitted in response to this RFP thereby certifies that its proposal has not

been arrived at collusively or otherwise in violation of federal or North Carolina antitrust laws. In submitting the proposal, the

Offeror agrees not to discuss or otherwise reveal its technical or cost information to any other sources, government or private,

until after the award of the contract. Offerors not in compliance with this provision may be disqualified.

Section 4.18 DECLINE TO OFFER

Any Offeror which received a copy of the RFP through the mail, but which declines to make an offer is requested to send a

formal “Decline to Offer” to the University. Failure to respond as requested may subject the Offeror to removal from

consideration on future requirements. If the RFP is received electronically a formal “Decline to Offer” is not necessary.

Section 4.19 AWARD OR REJECTION

All qualified proposals will be evaluated, and award made to that Offeror whose proposal is deemed to be the most

advantageous to the University. The University reserves the unqualified right to reject any or all offers, waive any informality

in the proposal and unless otherwise specified by the Offeror, to accept any item or part of the proposal if determined to be in

the best interest of the University.

Section 4.20 SUBCONTRACTING

Offerors may propose to subcontract portions of the work provided that their proposals clearly indicate what work they plan to

subcontract and to whom and that all information required about the prime contractor is also included for each proposed

subcontractor.

Section 4.21 PROPOSAL ACCEPTANCE PERIOD

This proposal shall be binding upon the Offeror for ninety (90) calendar days following the bid opening date. Any proposal on

which the Offeror shortens the acceptance period may be rejected.

Section 4.22 HISTORICALLY UNDERUTILIZED BUSINESS

Pursuant to N.C. Gen. Stat. § 143-48 and Executive Order No. 150, the University invites and encourages participation in this

procurement by businesses owned by minorities, women and the disabled, disabled business enterprises and non-profit work

centers for the blind and severely disabled.

of 8

revised 092016

Section 4.23 RECIPROCAL PREFERENCE

This RFP and the resulting contract are subject to General Statute 143-59 which establishes a reciprocal preference law to

discourage other states from applying in-state preferences against North Carolina’s resident Offerors. The “Principal Place of

Business” is defined as the principal place from which the trade of business of the Offeror is directed or managed.

Section 4.24 EXAMINATION OF CONDITIONS

It shall be understood and mutually agreed that by submitting a proposal, the Offeror acknowledges that it has carefully

examined all pertinent documents, the general location, and has satisfied itself as to the nature of the work, the condition of

existing buildings and their accessory structures; conformation of the ground; character, quality and quantity of the materials to

be encountered; general and local conditions, construction hazards, parking and transportation requirements; and all other

matters which can in any way affect the work under the contract. It is further mutually agreed that by submitting a proposal the

Offeror acknowledges that it has satisfied itself as to the feasibility and meaning of these specifications and any associated

documents relative to the work and that it accepts all the terms, conditions and stipulations contained therein; and that it is

prepared to work in cooperation with other contractors or University employees performing work at any location on campus.

Section 4.25 PROTEST PROCEDURES

If an Offeror wishes to protest a contract awarded pursuant to this solicitation, it must submit a written request to the Director,

Procurement Services, University of North Carolina at Chapel Hill, 104 Airport Drive, Suite 2700, CB 1100, Chapel Hill NC

27599-1100. This request must be received in the University Purchasing Office within thirty (30) consecutive calendar days

from the date of the contract award and must contain specific sound reasons and any supporting documentation for the protest.

NOTE: Contract award notices are sent only to those actually awarded contracts, and not to every person or Offeror responding

to this solicitation. Offerors may call the University to obtain an oral status of contract award. All protests will be handled

pursuant to the North Carolina Administrative Code, Title 1, Department of Administration, Chapter 5, Purchase and Contract,

Section 5B.1519.

Section 4.26 OUTSOURCING

The Offeror must detail the manner in which it intends to utilize resources or workers located outside of the United States, and

the University will evaluate the additional risks, costs and other factors associated with such utilization to make the award for

this proposal as deemed by the awarding authority to be in the best interest of the University.

For any proposed or actual utilization or contract performance outside of the United States, the Offeror’s proposal must include:

a) The location of work performed under a state contract by the vendor, any subcontractors, employees, or other

persons performing the contract.

b) The corporate structure and location of corporate employees and activities of the vendors, its affiliates or any

subcontractors.

The University may initiate proceedings to debar a vendor from participation in the bid process and from contract award as

authorized by North Carolina law, if it is determined that the Offeror has refused to disclose or has falsified any such

information in its proposal.

of 8

revised 092016

ARTICLE V

CONTRACT TERM

Section 5.01 TERM

This contract shall be binding on both parties from the date of contract award, through the satisfactory completion of the work

required under of the RFP and shall be complete when final payment has been made but shall not exceed 10 years in total

duration. The University reserves the right to suspend and or terminate this contract at any time the demand sufficiently drops

or the University is able to properly and adequately perform the tests themselves.

ARTICLE VI

COMPENSATION

Section 6.01 The Offeror shall propose the costs to furnish the services in accordance with this RFP. Award will be made to

the Contractor(s) whose proposal is most advantageous to the University in accordance with Section 4.06. It is proposed that

payment for services will be made based on the successful completion and acceptance of one of the two following scenarios:

Pricing categories per test: (for up to 6,000 test per day)

1. Providing test supplies (for UNC-CH personnel to perform collection only), processing (including all associated cost to

prepare the sample for analyzing, all lab personnel, and the processing of the lab), and reporting.

2. Providing test supplies, processing (including all associated cost to prepare the sample for analyzing, all lab personnel,

and the processing of the lab), and reporting to include personnel to collect specimens as shown below.

• Personnel:

• 20.0 people per shift

• All personnel would monitor self-collection of specimen, assist with IT issues, ensure

samples are collected and sent for processing

• Monday – Friday would operate 8:00 A.M. EST thru 5:00 P.M. EST

• Saturday – Sunday would operate 12:00 P.M. EST thru 5:00 P.M. EST

Firm Name: _________________________________

of 8

revised 092016

ARTICLE VII

TERMS AND CONDITIONS THAT SHALL GOVERN THE CONTRACT

Section 7.01: PERFORMANCE AND DEFAULT.

(a) If, through any cause, the Vendor shall fail to fulfill in timely and proper manner the obligations under this agreement,

the University shall thereupon have the right to terminate this agreement by giving written notice to the Vendor and specifying

the effective date thereof. In that event, all finished or unfinished deliverable items under this agreement prepared by the

Vendor shall, at the option of the University, become the University’s property, and the Vendor shall be entitled to receive just

and equitable compensation for any satisfactory work completed on such materials. Notwithstanding, the Vendor shall not be

relieved of liability to the University for damages sustained by the University by virtue of any breach of this agreement, and the

University may withhold any payment due the Vendor for the purpose of setoff until such time as the exact amount of damages

due the University from such breach can be determined. The University reserves the right to require a performance bond or

other acceptable alternative performance guarantees from successful offeror without expense to the University.

(b) In case of default by the Vendor, the University may cancel and procure the articles or services from other sources and

hold the Vendor responsible for any excess cost occasioned thereby. In addition, in the event of default by the Vendor, the

University may initiate proceedings with the State of North Carolina to de-bar the Vendor from doing future business with

agencies of the State of North Carolina.

Section 7.02: PAYMENT TERMS.

(a) Terms. All invoices shall be submitted to the University’s Systems and Operations Department unless otherwise

instructed on the face of the purchase order. Payment terms are net thirty (30) days after the University’s receipt of a correct

invoice or acceptance of the Services, whichever is later.

(b) Payment to third party. Upon written request approved by the University and solely as a convenience to the Vendor,

the University may: (i) forward the Vendor's payment check directly to any person or entity designated by the Vendor, and (ii)

include any person or entity designated by Vendor as a joint payee on the Vendor's payment check. In no event shall such

approval and action obligate the University to anyone other than the Vendor and the Vendor shall remain responsible for

fulfillment of all contract obligations.

Section 7.03: TAXES. Any applicable taxes shall be invoiced as a separate item. Invoices shall not include North Carolina

Sales & Use Tax. The University is exempt from North Carolina Sales & Use Tax for all qualifying purchases. The

University’s North Carolina Sales & Use Tax exemption number is 400028. The University shall not be responsible for income

or property taxes which are responsibility of the Vendor.

Section 7.04: TRAVEL EXPENSES. Unless otherwise agreed by the parties, Vendor may be reimbursed for documented

travel expenses arising under the performance of this agreement at the out-of-state rates set forth in North Carolina General

Statute §138-6; as amended from time to time. Vendor personnel whose travel expenses are to be paid or reimbursed by

University funds are subject to University travel regulations, which are located at

http://www.unc.edu/finance/busman/tra/trasc.html. Vendor agrees to use the lowest available airfare not requiring a weekend

stay and to use the lowest available rate for rental vehicles, and to require employees to share rental vehicles whenever the

Services to be provided reasonably allow. Unless otherwise agreed by the parties, all Vendor-incurred travel expenses shall be

billed on a monthly basis, shall be supported by receipt, and shall be paid by the University within thirty (30) days after invoice

approval. Travel expenses exceeding the foregoing rates shall not be paid by the University unless otherwise agreed by the

parties. The University will reimburse travel allowances only for days on which the Vendor is required to be in North Carolina

performing Services for which it is necessary to be on site under this agreement.

http://www.unc.edu/finance/busman/tra/trasc.html

of 8

revised 092016

Section 7.05: OWNERSHIP OF WORK PRODUCT. Unless otherwise agreed in writing by the parties, deliverables

developed or prepared specifically for the University hereunder (the “Deliverables”) shall be deemed “works made for hire”

under the federal copyright laws. Vendor hereby assigns to the University any and all rights, title and interest, including,

without limitation, copyrights, trade secrets and proprietary rights to the Deliverables. To the extent the Deliverables include

data, modules, components, designs, utilities, subsets, objects, processes, tools, models and specifications (“Technical

Elements”) owned or developed by Vendor prior to, or independently from, its engagement hereunder, Vendor retains

ownership of such Technical Elements and Vendor hereby grants to the University a perpetual, worldwide, fully paid-up limited

license to use such Technical Elements for University related purposes.

Section 7.06: SUBCONTRACTING. The Vendor may subcontract the performance of Services to third parties only with the

prior written consent of the University. The Vendor remains solely responsible for the performance of its subcontractors.

Subcontractors, if any, shall adhere to the same standards required of the Vendor under this agreement.

Section 7.07: ASSIGNMENT. This agreement may not be assigned by either party without the written consent of the other

party, except that Vendor may assign this agreement to an entity owned or controlled by Vendor upon written notice to

University. For purposes of this Section, the term “assignment” includes any change in control transaction, such as a merger or

acquisition of substantially all the shares or assets of a party to this agreement. An assignment will not relieve the assigning

party of its obligations under this agreement.

Section 7.08: QUALIFIED PERSONNEL; INTERVIEWS. For services procurements, Vendor shall ensure that qualified

personnel of the Vendor will provide the services under this agreement in a professional manner. “Professional manner” means

that the personnel performing the services will possess the skill and competence consistent with the prevailing business

standards in the applicable industry. Prior to Vendor commencing the provision of the services and upon the University's

request, the University shall have the opportunity to review resumes and conduct interviews of the personnel who Vendor

proposes to deploy to provide the services to the University. If the University is not satisfied with the proposed personnel, the

University may request acceptable substitute personnel to be provided by Vendor.

Section 7.09: KEY PERSONNEL. For services procurements, Vendor shall not substitute key personnel assigned to the

performance of this agreement without prior written approval by the University’s designated contract administrator. Any

desired substitution shall be noticed to the University’s contract administrator accompanied by the names and references of

Vendor’s recommended substitute personnel. The University will approve or disapprove the requested substitution in a timely

manner. The University may, in its sole discretion, terminate the services of any person providing services under this

agreement. Upon such termination, the University may request acceptable substitute personnel to be provided by the Vendor.

Section 7.10: CARE OF PROPERTY. Vendor agrees that it shall be responsible for the proper custody and care of any

property furnished it for use in connection with the performance of this agreement or purchased by it for this agreement and will

reimburse the University for any loss or damage of such property.

Section 7.11: INSPECTION AT VENDOR'S SITE. The University reserves the right to inspect, at a reasonable time, the

equipment/item, plant or other facilities of a prospective vendor prior to purchase order award, and during the purchase order

term as necessary for the University's determination that such equipment/item, plant or other facilities conform with the

specifications/requirements and are adequate and suitable for the proper and effective performance of the agreement.

Section 7.12: CONDITION AND PACKAGING. Unless otherwise provided by special terms and conditions or

specifications, it is understood and agreed that any item offered or shipped has not been sold or used for any purpose and shall

be in first class condition. All containers/packaging shall be suitable for handling, storage or shipment.

Section 7.13: STANDARDS. All manufactured items and/or fabricated assemblies subject to operation under pressure,

operation by connection to an electric source, or operation involving a connection to a manufactured, natural; or LP gas source

shall be constructed and approved in a manner acceptable to the appropriate state inspector which customarily requires the label

or re-examination listing or identification marking of appropriate safety standard organization; such as the American Society of

Mechanical Engineers for pressure vessels; the Underwriters Laboratories and/or National Electrical Manufacturers' Association

for electrically operated assemblies; or the American Gas Association for gas operated assemblies, where such approvals of

listings have been established for the type of device offered and furnished. Further, all items furnished shall meet all

requirements of the Occupational Safety and Health Act (OSHA), and state and federal requirements relating to clean air and

water pollution.

of 8

revised 092016

Section 7.14: TRANSPORTATION. FOB Destination - Freight, handling, hazardous material charges, and distribution

charges shall be included in the total price of each item listed. Any additional charges included on the invoice shall not be

honored for payment, unless authorized by change order by the University. In cases where materials are shipped against this

order by parties, other than the Vendor, the shipper must be instructed to show the purchase order number on all packages and

shipping manifests to insure proper identification and payment of invoices. Complete packing list must accompany each

shipment.

Section 7.15: INDEPENDENT CONTRACTOR. Vendor and its employees, officers and executives, and subcontractors, if

any, shall be independent contractors and not employees or agents of the University. This agreement shall not operate as a joint

venture, partnership, trust, agency or any other business relationship.

Section 7.16: INSURANCE COVERAGE.

(a) Generally. Vendor’s insurance policies shall meet all laws of the State of North Carolina and shall be obtained from

companies licensed or approved to do business in the State of North Carolina with an A.M. Best rating of not less than

A-VII. The minimum coverage limitations indicated below shall not be interpreted as limiting Vendor’s liability and

obligations under this agreement. University shall not be deemed or construed to have assessed the risk that may be

applicable to Vendor. Vendor shall assess its own risks and, if it deems appropriate, maintain higher limits and broader

coverages. University shall be listed as an additional insured. Vendor will provide thirty (30) days advance notice to

University, either directly or through the insurer, of any cancellation or non-renewal of a policy. The insurance

policies must be written on a primary basis and any insurance or self-insurance maintained by University shall be non-

contributing.

(b) Commercial General Liability. Vendor, at its sole cost and expense, shall maintain Commercial General Liability

(CGL) insurance (ISO form CG0001 or equivalent) with the following minimum limits of liability: (i) General

Aggregate: $2,000,000; (ii) Products/Completed Operations Aggregate: $2,000,000; (iii) Personal/Advertising Injury:

$1,000,000; and (iv) Each Occurrence Limit: $1,000,000. Umbrella or excess liability insurance may be used to meet

the CGL coverage limit requirements.

(c) Workers’ Compensation Insurance. Vendor, at its sole cost and expense, shall maintain Workers’ Compensation

Insurance in accordance with the limits and terms required by the laws of North Carolina, as well as Employers'

Liability coverage with minimum limits of $500,000, covering all of Vendor’s employees who are engaged in any

work under this agreement. If any work is sublet, the Vendor shall require the subcontractor to provide the same

coverage for any of his employees engaged in any work under this agreement.

(d) Automobile Liability Insurance. Vendor, at its sole cost and expense, shall maintain Automobile Liability Insurance, to

include liability coverage, covering all owned, non-owned, employee non-owned, leased, and hired vehicles used in

connection with this agreement. The minimum combined single limit shall be $1,000,000 bodily injury and property

damage per accident. Umbrella or excess liability insurance may be used to meet the Automobile Liability coverage

limit requirements.

(e) Professional Liability (Errors and Omissions Liability), including Cyber Liability. Contractor, at its sole cost and

expense, shall maintain Professional Liability insurance with the following minimum limits of liability: (i) $1,000,000

per loss and (ii) $1,000,000 per aggregate. This insurance shall provide coverage for: (A) liability arising from theft,

dissemination, and/or use of sensitive and confidential information; (B) network security liability arising from the

unauthorized access to, use of, or tampering with computer systems; and (C) liability arising from the introduction of a

computer virus into, or otherwise causing damage to a computer system, network or similar related property. If

professional liability insurance is written on a claims-made basis, Contractor warrants that any retroactive date under

the policy shall precede the effective date of this Contract and that either continuous coverage will be maintained or an

extended discovery period will be exercised for a period of two (2) years beginning at the time work under this contract

is completed. If such insurance is maintained on an occurrence form basis, Contractor shall maintain such insurance for

an additional period of one (1) year following termination of the contract. If such insurance is maintained on a claims-

made basis, Contractor shall maintain such insurance for an additional period of three (3) years following termination

of the contract.

(f) Umbrella/Excess Liability Insurance. Umbrella/Excess Liability Insurance shall be maintained over the vendor’s

Business Automobile Liability, Professional Liability/Errors and Omissions Insurance, and Commercial General

Liabilities policies, including completed operations. The total combined excess liability limit shall not be less than:

Per Occurrence $10,000,000.00

General Annual Aggregate $10,000,000.00

Products and Completed Operations $10,000,000.00

of 8

revised 092016

Section 7.17: AVAILABILITY OF FUNDS. Any and all payments to the Vendor are contingent upon and subject to the

availability of funds to the University for the purpose set forth in this agreement.

Section 7.18: INDEMNIFICATION AGREEMENT. Vendor shall indemnify, defend and hold harmless the University, its

trustees, officers, employees and agents (collectively, “Indemnitees”) from and against any and all damages, costs, liabilities,

losses and expenses incurred by Indemnitees arising from or related to (i) the goods or services of Vendor; (ii) a breach of this

agreement by Vendor; or (iii) any misconduct or acts of negligence by Vendor. Vendor shall pay all royalties and license fees

and shall defend all suits or claims for infringement of any patent rights or copyright rights and shall save the University from

loss on account thereof.

Section 7.19: TERMINATION (SERVICES AND INDEFINITE QUANTITY CONTRACTS ONLY). The University

may terminate this agreement without penalty for any reason upon 30 days written notice to the Vendor. In that event, all

finished or unfinished deliverable items prepared by the Vendor under this agreement shall, at the option of the University,

become its property. If this agreement is terminated by the University as provided herein, the Vendor shall be paid for services

satisfactorily completed, less payment or compensation previously made.

Section 7.20: FORCE MAJEURE. Neither party shall be deemed to be in default of its obligations hereunder if and so long

as it is prevented from performing such obligations as a result of events beyond its reasonable control, including without

limitation, fire, power failures, any act of war, riot, strikes, civil insurrection, acts of public officials, earthquake, hurricane,

tornado, or other catastrophic natural event or act of God.

Section 7.21: CONFIDENTIALITY; CARE OF INFORMATION.

(a) Confidentiality. Any information, data, documents, studies and reports given to or prepared or assembled by the

Vendor under this agreement shall be kept as confidential and not divulged or made available to any individual or organization

without the prior written approval of the University.

(b) Response to Third-party Requests for University Data. If Vendor is served with a subpoena related to University data,

then, unless prohibited by law, Vendor will provide prior notice of such subpoena to the University to allow the University an

opportunity to seek injunctive relief before disclosure of the information.

(c) Protection of Vendor Trade Secrets under NC Public Records Act. The University will maintain the confidentiality of

Vendor's “trade secrets”, in accordance with N.C. Gen. Stat. §132-1, et. seq. (the “NC Public Records Act”). Trade secrets are

defined by North Carolina statute as "business or technical information, including but not limited to a formula, pattern, program,

device, compilation of information, method, technique, or process that derives independent actual or potential commercial value

from (i) not being generally known or readily ascertainable through independent development or reverse engineering by persons

who can obtain economic value from its disclosure or use, and (ii) is the subject of efforts that are reasonable under the

circumstances to maintain its secrecy." (See N.C. Gen. Stat. §66-152). Vendor shall designate the portions of the materials it

delivers to the University that meet this definition of "trade secrets," or that otherwise are exempt from disclosure under the NC

Public Records Act, by printing “CONFIDENTIAL” in boldface at the top and bottom of the applicable pages or sections.

Under the North Carolina Administrative Code, price information shall not be deemed confidential (NCAC Title I, Chapter

5B.1501). In spite of what is labeled as confidential, the determination as to whether the information is subject to disclosure

shall be determined by North Carolina law.

(d) Information Security Compliance and Certifications. At all times during the term of this Agreement, Vendor shall (1)

use information security best practices for transmitting and storing potentially sensitive information; (2) employ information

security best practices with respect to network security techniques, including, but not limited to, firewalls, intrusion detection,

and authentication protocols; (3) comply with all applicable laws and regulations regarding privacy and data security to

maintain database security on any online financial transactions conducted on University’s behalf through the use of Vendor’s

Software or records belonging to University that contain sensitive and confidential information; (4) provide most current SOC 2

Type II report at least once every 2 years; (5) maintain ISO/IEC 27000 series information security best practices; and (6) in the

event Vendor is acting as a Service Provider as defined by the Payment Card Industry Data Security Standard (PCI-DSS),

comply with the Payment Card Industry Data Security Standard (PCI-DSS) and provide appropriate PCI attestation

documentation. The University reserves the right to conduct or request the Vendor to have an independent thirdparty security

audit performed.

of 8

revised 092016

(e) Protection of University's Sensitive and Confidential Information. Vendor shall safeguard and protect Sensitive and

Confidential Information of the University in accordance with all applicable laws and regulations and consistent with

information security best practices. “Sensitive and Confidential Information” means any of the following: “Personal

Information” under the North Carolina Identity Theft Protection Act of 2005, confidential “personnel information” under the

North Carolina Human Resources Act, “Protected Health Information” under the Health Insurance Portability and

Accountability Act (HIPAA), student “education records” under Family Educational Rights and Privacy Act (FERPA),

“customer record information” under Gramm Leach Bliley Act (GLBA), “card holder data” under the Payment Card Industry

Data Security Standard (PCI-DSS) and the Payment Application Data Security Standard (PA-DSS), and any information

protected from disclosure under the North Carolina Public Records Act. Sensitive and Confidential Information must be

restricted by Vendor to those with a legitimate business need for access to such information. For purposes of illustration,

Sensitive and Confidential Information may appear in research data, public safety information, financial donor information,

information concerning select agents, system access passwords, information security records, and information file encryption

keys. If Vendor becomes aware of a confirmed or suspected exposure of Sensitive and Confidential Information of the

University, Vendor shall notify as promptly as possible the University’s Information Security Office (tel: 919-445-9397) and the

University’s Office of University Counsel (tel: 919-962-1219).

(f) Grant of Limited Right to Use University Data. Subject to the terms and conditions of this agreement, University

grants to Vendor a non-exclusive, non-transferable, limited right to use University data received or accessed by Vendor in the

course of performing services under this Agreement. All right, title and interest in the data shall remain with the University or

end users, as applicable. Vendor may not access and/or duplicate the data for any reasons other than those stated herein without

the prior written consent of University.

(g) Limitations on Use of University Data. Vendor shall not collect, mine, save, disclose, or otherwise use any end user

personal information or University data for any purpose other than to provision and support the services expressly contemplated

under this Agreement.

(h) FERPA Acknowledgement. If Vendor’s services involve the hosting or accessing of student education records, Vendor

acknowledges and agrees that (i) the University has outsourced to Vendor the performance of institutional services or functions

for which the University would otherwise use its own employees, (ii) Vendor is considered to be a “school official” with

“legitimate educational interests” in “personally identifiable information” from “education records” of University students, as

those terms have been defined under FERPA (34 CFR 99), (iii) Vendor is under the direct control of the University with respect

to Vendor’s use and maintenance of data in the education records, and (iv) Vendor will abide by the limitations and

requirements imposed by 34 CFR 99.33(a) on school officials. Vendor will use such data only for the purpose of fulfilling its

duties under this agreement, and will not monitor or share such data with or disclose it to any third party except as required by

law, or authorized in writing by the University.

Section 7.22: IMPLEMENTATION; CONFLICTS/INCONSISTENCIES. This agreement shall be implemented by a

University purchase order. For purposes of construing a transaction as an integrated contract, the following shall be considered

a single transaction and a legal and binding contract: (i) the University purchase order(s); (ii) any signed statement of work or

other document directly related to this agreement that has been signed by authorized representatives of both parties; (iii) the

RFP, RFQ or other solicitation document; (iv) this agreement; and (v) Vendor's technical and cost proposals submitted in

response to a University solicitation document. In the event of a conflict or inconsistency between these contract documents,

the order of precedence shall be the order listed above, where clause "(i)" receives the highest priority and clause "(v)" receives

the lowest priority.

of 8

revised 092016

Section 7.23: AMENDMENTS/CONTRACT AUTHORIZATION.

(a) This agreement may not be amended orally or by performance. Any amendment, in order to be effective, must be

made in written form and signed by duly authorized representatives of the University and Vendor in accordance with this

section.

(b) This agreement is made subject to the shipment of quantities, qualities, and prices indicated on the purchase order and

all conditions and instructions on the purchase order or the solicitation document, as applicable. Any changes made to this

agreement or purchase order proposed by the Vendor are hereby rejected unless accepted in writing by the University’s

Purchasing Services Department or the Vice Chancellor for Finance and Administration. The University shall not be

responsible for services or products delivered without a purchase order or authorization from the University’s Purchasing

Services Department. In order to be effective, contracts for University purchases of goods or services exceeding $5,000 must be

signed by a duly authorized officer of the University’s Purchasing Services Department, or the University’s Vice Chancellor for

Finance and Administration or his/her delegate.

Section 7.24: ADVERTISING. Vendor shall not use the existence of this agreement or the name, logo, images or trademarks

of the University of North Carolina at Chapel Hill as a part of any marketing or commercial advertising without prior written

approval of the University. Requests to use the University’s name, logo, images or trademarks should be directed to the

University’s Office of Trademarks and Licensing. (http://www.licensing.unc.edu).

Section 7.25: EXPORT CONTROL CLASSIFICATION. Vendor shall not transfer or disclose to the University any

equipment, information, substance or material that is controlled under the federal government's Export Administration

Regulations (15 C.F.R. 730-774) or International Traffic in Arms Regulations (22 C.F.R. 120-130) (collectively, any “Export

Controlled Material”) without first informing the University of the Export Controlled Material’s Export Control Classification

Number (“ECCN”), or other applicable export control designation.

Section 7.26: NONDISCRIMINATION. The Vendor shall take affirmative action in complying with all Federal and State

requirements concerning fair employment and employment of people with disabilities, and concerning the treatment of all

employees without regard to discrimination by reason of race, color, religion, sex, national origin, or disability.

Section 7.27: OUTSOURCING. As required by North Carolina General Statute 147-33.97, if Vendor wishes to outsource any

portion of the work under this Agreement to a location outside the United States, prior written approval must be obtained from

the University's Vice Chancellor for Finance and Administration. A request for approval should include the country the work

will be outsourced to, whether customer data will be transferred to the outsourced location, and background checks of

subcontractor companies and employees.

Section 7.28: ACCESS TO PERSONS AND RECORDS. The North Carolina State Auditor and the University’s internal

auditor shall have access to persons and records as a result of all contracts or grants entered into by the University in accordance

with N.C. Gen. Stat. §147-64.7 and Session Law 2010-194, Section 21 (i.e., the State Auditors and the University’s internal

auditor may audit the records of the contractor during the term of the agreement to verify accounts and data affecting fees or

performance).

Section 7.29: PROHIBITION ON VENDOR GIFTS. Under N.C. Gen. Stat. § 133-32, it is unlawful for any vendor or

contractor to make gifts or to give favors to any officer or employee of the University whose job responsibilities include

awarding or administering University contracts.

Section 7.30: USE OF E-VERIFICATION. Vendor attests that it and all of its subcontractors have fully complied with all

requirements of N.C. Gen. Stat. § 64 Article 2 in regards to E-Verification as required by Section 2.(c) of Session Law 2013-

418, codified as N.C. Gen. Stat. § 143-129(j).

http://www.licensing.unc.edu/

of 8

revised 092016

Section 7.31: NO COLLUSION; ELIGIBLE VENDOR. Vendor certifies that (i) its pricing was submitted without collusion

(N.C. Gen. Stat. § 143-54); (ii) none of its officers, directors, or owners of an unincorporated business entity has been convicted

of any violations of Chapter 78A of the North Carolina General Statutes, the Securities Act of 1933, or the Securities Exchange

Act of 1934 (N.C. Gen. Stat. § 143-59.2); and (iii) it is not an ineligible vendor under North Carolina law (N.C. Gen. Stat. §

143-59.1). False certification is a Class I felony.

Section 7.32: NOTICES. Any notices required under this agreement should be delivered to the contract administrator for each

party. Unless otherwise specified, any notices shall be delivered in writing by U.S. Mail, commercial courier or by hand.

Section 7.33: COMPLIANCE WITH LAWS. Each party shall comply with all laws, ordinances, codes, rules, regulations,

and licensing requirements that are applicable to its operations, including those of federal, state, and local agencies having

jurisdiction and/or authority.

Section 7.34: GOVERNING LAWS, JURISDICTION, AND VENUE. This agreement is made under and shall be governed

and construed in accordance with the laws of the State of North Carolina. The place of this agreement, its situs and forum, shall

be Orange County, North Carolina, where all matters, whether sounding in contract or in tort, relating to its validity,

construction, interpretation and enforcement shall be determined. Vendor agrees and submits, solely for matters relating to this

agreement, to the jurisdiction of the courts of the State of North Carolina and stipulates that Orange County shall be the proper

venue for all matters.

Section 7.35: SEVERABILITY. In the event that a court of competent jurisdiction holds that a provision or requirement of

this agreement violates any applicable law, each such provision or requirement shall be enforced only to the extent it is not in

violation of law or is not otherwise unenforceable and all other provisions and requirements of this agreement shall remain in

full force and effect. All promises, requirement, terms, conditions, provisions, representations, guarantees and warranties

contained herein shall survive the expiration or termination date unless specifically provided otherwise herein, or unless

superseded by applicable federal or State statute, including statutes of repose or limitation.

Section 7.36 CRIMINAL CONVICTIONS CHECKS. This University is committed to providing a crime free environment

for all of its Faculty, Staff and Students to work and learn in. Due to the contractual requirements as set forth in Section III of

this RFP your personnel will have access to various areas of this University; the University reserves the right to require a

criminal convictions check on owners, officers, employees and any other workers of the Contractor and their Subcontractors at

any time upon written request. The Contractor or the Contractors direct representative shall accompany all new employees to

the jobsite and present them to the Contract Administrator. At that time, if a Criminal Convictions Check has been requested

the Contractor shall provide a criminal history (not a letter) including traffic records, by presenting a document from a reputable

company providing statewide searches covering a minimum of the last seven (7) years to the Contract Administrator. The

criminal history shall match the name on the government issued picture identification card. Out of state searches shall be

required for persons living in the state of North Carolina for less than seven (7) years. The names, social security numbers,

addresses and birth dates of each person that shall enter University property (including the owners and subcontracts) in the

performance of this contract shall be supplied with the criminal history on company letterhead signed by a representative duly

authorized to sign on behalf of the company. This history shall be provided to the Contract Administrator at least twenty-four

(24) hours prior to any person performing work under this contract. Persons without this criminal history may be turned away

and not allowed to work on any property owned or utilized by the University until proper documentation is submitted and

approved by the Contract Administrator.

Any Contractor or individual convicted of a criminal offense, since the age of eighteen (18), may not be allowed to work on

campus. Any individual found at any time to have an outstanding warrant or a pending court case may not be allowed to work

any property owned or utilized by the University. Any individual with current habitual problems with traffic related issues such

as no driver’s license, no vehicle tags, and/or no insurance may not be allowed to work any property owned or utilized by the

University.

During the term of this contract, the Contractor shall comply with these procedures for any new owner, officer, employee and

any other worker of the Contractor and their Subcontractors upon proper written notification by the Contract Administrator.

The Contract Administrator shall maintain all criminal convictions checks in a secure locked container for the term of the

contract. At the end of the contract period the Contract Administrator shall ensure that the files have been properly shredded or

destroyed in such a manner as to prevent disclosure of any kind.

of 8

revised 092016

EXECUTION OF PROPOSAL


AT THE UNIVERSITY OF NORTH CAROLINA AT CHAPEL HILL

PROPOSAL NUMBER: 65-RFP3000008797

Certification: By executing this proposal, the signer certifies that this proposal is submitted competitively and without

collusion (N.C. Gen. Stat. § 143-54), that none of its officers, directors, or owners of an unincorporated business entity has been

convicted of any violations of Chapter 78A of the General Statutes, the Securities Act of 1933, or the Securities Exchange Act

of 1934 (N.C. Gen. Stat. § 143-59.2), and that it is not an ineligible vendor as set forth in N.C. Gen. Stat. § 143-59.1. False

certification is a Class 1 felony.

Will any of the work under this contract be performed outside of the United States?

_____ Yes _____ No If your answer was yes, then in your proposal you shall describe in detail what part of the

work will be performed outside of the United States as well as what percentage of the total contract that work represents by

completing the attached document entitled “WHERE SERVICE CONTRACTS WILL BE PERFORMED”.

OFFEROR NAME:____________________________________________________________________

ADDRESS:___________________________________________________________________________

CITY, STATE, ZIP CODE:______________________________________________________________

PHONE NUMBER:___________________________ FAX NUMBER:___________________________

FEDERAL TAX IDENTIFICATION NUMBER: Please attach a completed W-9 Form and a completed Vendor Master

File Record.

PRINCIPAL PLACE OF BUSINESS IF DIFFERENT FROM ABOVE:_________________________

______________________________________________________________________________________

NAME:___________________________________ TITLE:___________________________________

SIGNATURE (IN INK):_______________________________ DATE:_________________________

EMAIL ADDRESS:_____________________________________________________________________

THIS PAGE AND THE ONE FOLLOWING MUST BE COMPLETELY FILLED OUT, SIGNED AND RETURNED

WITHIN YOUR PROPOSAL.

UNSIGNED PROPOSALS WILL NOT BE CONSIDERED.

of 8

revised 092016

VENDOR MASTER FILE RECORD DATA FORM

IRS INFORMATION:

In order to comply with Internal Revenue Service (IRS) regulations, we are required to obtain your Social Security Number (SSN) or

Federal Tax Identification Number (TIN/EIN) to satisfy IRS Form 1099 reporting requirements. Failure to provide this information may

subject all payments made to you to the 31% backup withholding as required by the IRS.

Enter your TIN in the appropriate box below. For individuals, this is your SSN. For sole proprietors you must show your individual name,

but you may also enter your business or ‘doing business as’ name. You may use either your SSN or EIN. For partnerships you must show

the name filed first on the partnership papers. For other entities, it is your EIN.

SOCIAL SECURITY NUMBER EMPLOYER ID NUMBER

CONTACT INFORMATION:

REMIT TO: ORDER FROM: SAME AS REMIT TO

Vendor Name: Vendor Name:

Contact Name: Contact Name:

Address 1: Address 1:

Address 2: Address 2:

City: State: Zip: City: State: Zip:

Phone: Fax: Phone: Fax:

E-Mail: E-Mail:

Website: Website:

TYPE OF BUSINESS:

Individual/Sole Proprietor Partnership Corporation Other

HUB INFORMATION: (OWNERSHIP OF 51% OR GREATER BY THE FOLLOWING)

Minority Women Disabled N/A

SIZE OF BUSINESS:

Small ( < 500 employees) Large ( > 500 employees)

ELECTRONIC PAYMENT INFORMATION: (THIS IS THE METHOD OF PAYMENT PREFERRED BY THE UNIVERSITY)

*When submitting completed form, please attach an imaged voided check.

Bank Name:

Routing #: Account #:

Email for ACH remit advice:

I CERTIFY THAT (1) I AM DULY AUTHORIZED TO COMPLETE THIS FORM; (2) THE LEGAL ORGANIZATION AND TAX

IDENTIFICATION NUMBER SHOWN ON THIS FORM ARE CORRECT, AND (3) I AM NOT SUBJECT TO BACKUP

WITHHOLDING. AN ORIGINAL SIGNATURE IS REQUIRED BY THE IRS.

SIGNATURE TITLE DATE

Please attach a W-9.

of 8

revised 092016

WHERE SERVICE CONTRACTS WILL BE PERFORMED

In accordance with NC General Statute 143-59.4 (Session Law 2005-169),

this form is to be completed and submitted with the Offeror’s proposal.




ISSUING AGENCY: UNIVERSITY OF NORTH CAROLINA AT CHAPEL HILL

PROCUREMENT SERVICES

104 AIRPORT DRIVE, SUITE 2700

CHAPEL HILL, NORTH CAROLINA 27599-1100

ATTENTION: Mr. Mark Sillman

Phone: 919.962.9463, Email: [email protected]

OFFEROR NAME:___________________________________________________________________

ADDRESS:______________________________________________________________________

CITY, STATE, ZIP CODE:________________________________________________________

Location(s) from which services will be performed by the contractor:

Service City/Province/State Country

_____________________________ _________________ _______

_____________________________ _________________ _______

Location(s) from which services are anticipated to be performed outside the U.S. by the contractor:

_____________________________ _________________ ________

_____________________________ _________________ ________

Location(s) from which services will be performed by subcontractor(s):

Service Subcontractor City/Province/State Country

_____________________________ ___________ _________________ ______

_____________________________ ___________ _________________ ______

Location(s) from which services are anticipated to be performed outside the U.S. by the subcontractor(s):

_____________________________ ___________ _________________ ______

_____________________________ ___________ _________________ ______

(Attach additional pages if necessary.)

of 8

revised 092016

CRIMINAL BACKGROUND STATEMENT




The Offeror hereby certifies that it performs and maintains criminal background checks on all employees and subcontractors

who will render services to the University and the Offeror will not allow any employee or subcontractor who has a criminal

record to work on University property without first notifying and obtaining approval from the Contract Administrator.

OFFEROR NAME:_____________________________________________________________________

NAME:___________________________________ TITLE:___________________________________

SIGNATURE (IN INK):_______________________________ DATE:_________________________

______________________________________________________________________________________

THIS PAGE MUST BE COMPLETELY FILLED OUT, SIGNED AND RETURNED WITHIN YOUR PROPOSAL.

Failure to include this information in the proposal may disqualify an Offeror as a potential Contractor.

of 8

revised 092016

BUSINESS ASSOCIATE AGREEMENT

This Agreement is made effective the of 20____, by and between

The University of North Carolina at Chapel Hill, on behalf of its ___________________, hereinafter referred to as

“Covered Entity”, and ___________________________________________________, hereinafter referred to as

“Business Associate”, (individually, a “Party” and collectively, the “Parties”). This Agreement supersedes any

previously executed Business Associate Agreement between the parties.

WITNESSETH:

WHEREAS, Sections 261 through 264 of the federal Health Insurance Portability and Accountability Act of

1996, Public Law 104-191, as modified by the Health Information Technology for Economic and Clinical Health Act, known collectively as “the Administrative Simplification provisions,” direct the Department of Health and Human Services to develop standards to protect the security, confidentiality and integrity of health information; and

WHEREAS, pursuant to the Administrative Simplification provisions, the Secretary of Health and Human

Services has issued regulations at 45 CFR Parts 160 and 164, as the same may be amended from time to time (the “HIPAA Security and Privacy Rule”); and

WHEREAS, the Parties wish to enter into or have entered into an arrangement whereby Business

Associate will provide certain services to Covered Entity, and, pursuant to such arrangement, Business Associate may be considered a “business associate” of Covered Entity as defined in the HIPAA Security and Privacy Rule (the agreement evidencing such arrangement is described on Exhibit A attached hereto and made a part hereof, and is hereby referred to as the “Arrangement Agreement”); and

WHEREAS, Business Associate may have access to Protected Health Information (as defined below) in

fulfilling its responsibilities under such arrangement;

THEREFORE, in consideration of the Parties’ continuing obligations under the Arrangement Agreement,

compliance with the HIPAA Security and Privacy Rule, and other good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the Parties agree to the provisions of this Agreement in order to address the requirements of the HIPAA Security and Privacy Rule and to protect the interests of both Parties.

I. DEFINITIONS

Except as otherwise defined herein, any and all capitalized terms in this Agreement shall have the definitions set forth in the HIPAA Security and Privacy Rule. In the event of an inconsistency between the provisions of this Agreement and mandatory provisions of the HIPAA Security and Privacy Rule, as amended, the HIPAA Security and Privacy Rule shall control. Where provisions of this Agreement are different from those mandated in the HIPAA Security and Privacy Rule, but are nonetheless permitted by the HIPAA Security and Privacy Rule, the provisions of this Agreement shall control.

The term “Protected Health Information” means individually identifiable health information including, without limitation, all information, data, documentation, and materials, including without limitation, demographic, medical and financial information, that relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past,

of 8

revised 092016

present, or future payment for the provision of health care to an individual; and that identifies the individual or with respect to which there is a reasonable basis to believe the information can be used to identify the individual. “Protected Health Information” includes without limitation “Electronic Protected Health Information” as defined below.

The term “Electronic Protected Health Information” means Protected Health Information that is transmitted by Electronic Media (as defined in the HIPAA Security and Privacy Rule) or maintained in Electronic Media.

Business Associate acknowledges and agrees that all Protected Health Information that is created or received by Covered Entity and disclosed or made available in any form, including paper record, oral communication, audio recording, and electronic display by Covered Entity or its operating units to Business Associate or is created or received by Business Associate on Covered Entity’s behalf shall be subject to this Agreement.

II. PERMITTED USES AND DISCLOSURES

(a) Business Associate may use or disclose Protected Health Information only as permitted or

required by this Agreement or as required by law. Except as specifically set forth herein, Business Associate may not use or disclose Protected Health Information in a manner that would violate the HIPAA Security and Privacy Rule if such use or disclosure were done by Covered Entity. Specifically, Business Associate may use or disclose Protected Health Information (1) for meeting its obligations as set forth in any agreements between the Parties evidencing their business relationship, including the Arrangement Agreement, or (2) as required by applicable law, rule or regulation, or by an accrediting or credentialing organization to whom Covered Entity is required to disclose such information, or (3) as otherwise permitted under this Agreement, the Arrangement Agreement (if consistent with this Agreement and the HIPAA Security and Privacy Rule), or the HIPAA Security and Privacy Rule, or (4) as would be permitted by the HIPAA Security and Privacy Rule as if such use or disclosure were made by Covered Entity.

(b) Business Associate may de-identify Protected Health Information only at the specific direction of

and only for the use of Covered Entity. Business Associate may not sell Protected Health Information except at the direction of Covered Entity and in compliance with the requirements of the HIPAA Security and Privacy Rule.

(c) Notwithstanding the prohibitions set forth in this Agreement,

(i) Business Associate may use Protected Health Information for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate;

(ii) Business Associate may disclose Protected Health Information for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate, provided that as to any such disclosure, the following requirements are met:

(A) The disclosure is required by law; or

(B) Business Associate obtains reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and will be used or further disclosed only as required by law or for the purpose for which it was disclosed to the person, and the person notifies Business

of 8

revised 092016

Associate of any instances of which it is aware in which the confidentiality of the

information has been breached;

(iii) Business Associate may provide data aggregation services relating to the health care operations of Covered Entity pursuant to any agreements between the Parties evidencing their business relationship. For purposes of this Agreement, data aggregation means the combining of Protected Health Information by Business Associate with the Protected Health Information received by Business Associate in its capacity as a business associate of another covered entity, to permit data analyses that relate to the health care operations of the respective covered entities.

III. CONFIDENTIALITY AND SECURITY REQUIREMENTS

(a) Business Associate agrees not to use or disclose Protected Health Information other than as

permitted or required by this Agreement or as required by law. To the extent Business Associate carries out obligations of Covered Entity under the HIPAA Security and Privacy Rule, Business Associate shall comply with the applicable provisions of the HIPAA Security and Privacy Rule as if such use or disclosure were made by Covered Entity. Covered Entity will not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under the HIPAA Security and Privacy Rule if done by Covered Entity, except as otherwise provided herein. Business Associate agrees to comply with Covered Entity’s policies regarding the minimum necessary use or disclosure of Protected Health Information.

(b) Business Associate agrees to provide HIPAA training to all of its personnel who service Covered

Entity’s account or who otherwise will have access to Covered Entity’s Protected Health Information.

(c) At termination of this Agreement, the Arrangement Agreement (or any similar documentation of the

business relationship of the Parties), or upon request of Covered Entity, whichever occurs first, if feasible, Business Associate will return (in a manner or process approved by the Covered Entity) or destroy all Protected Health Information received from Covered Entity, or created, maintained or received by Business Associate on behalf of Covered Entity, that Business Associate still maintains in any form and retain no copies of such information. If such return or destruction is not feasible, Business Associate will (i) retain only that Protected Health Information necessary under the circumstances; (ii) return or destroy the remaining Protected Health Information that the Business Associate still maintains in any form; (iii) extend the protections of this Agreement to the retained Protected Health Information; (iv) limit further uses and disclosures to those purposes that make the return or destruction of the Protected Health Information not feasible; and (v) return or destroy the retained Protected Health Information when it is no longer needed by Business Associate. This paragraph shall survive the termination of this Agreement and shall apply to Protected Health Information created, maintained, or received by Business Associate and any of its subcontractors.

(d) Business Associate agrees to ensure that its agents, including any subcontractors, that create,

receive, maintain or transmit Protected Health Information on behalf of Business Associate agree to the same (or greater) restrictions and conditions that apply to Business Associate with respect to such information, and agree to implement reasonable and appropriate safeguards to protect any of such information that is Electronic Protected Health Information. Business Associate agrees to enter into written agreements with any subcontractors in accordance with the requirements of the HIPAA Security and Privacy Rule. In addition, Business Associate agrees to take reasonable steps to ensure

of 8

revised 092016

that its employees’ actions or omissions do not cause Business Associate to breach the terms of this

Agreement.

(e) Business Associate will implement appropriate safeguards to prevent use or disclosure of

Protected Health Information other than as permitted in this Agreement. Business Associate will implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of any Electronic Protected Health Information that it creates, receives, maintains, or transmits on behalf of Covered Entity as required by the HIPAA Security and Privacy Rule.

(f) To the extent applicable, Business Associate will comply with (i) Covered Entity’s Notice of Privacy

Practices; (ii) any limitations to which Covered Entity has agreed in regard to an Individual’s permission to use or disclose his or her Protected Health Information; and (iii) any restrictions to the use or disclosure of Protected Health Information to which Covered Entity has agreed or is required to agree.

(g) Business Associate will make its internal practices, books and records available to the Secretary of

the Department of Health and Human Services for purposes of determining compliance with the terms of the HIPAA Security and Privacy Rule, and, at the request of the Secretary, will comply with any investigations and compliance reviews, permit access to information, and cooperate with any complaints, as required by law. Without unreasonable delay and, in any event, no more than 48 hours of receipt of the request or notification, Business Associate will notify Covered Entity in writing of any request by any governmental entity, or its designee, to review Business Associate’s compliance with law or this BAA, to pursue a complaint, or to conduct an audit or assessment of any kind.

(h) Business Associate shall report to Covered Entity (see Exhibit B) any use or disclosure of

Protected Health Information that is not in compliance with the terms of this Agreement, as well as any Security Incident and any actual or suspected Breach, of which it becomes aware, without unreasonable delay, and in no event later than forty-eight (48) hours of such discovery. Security Incidents and Breaches shall be treated as discovered by Business Associate as of the first day on which such Security Incident or Breach is known to Business Associate or, by exercising reasonable diligence, would have been known to Business Associate. For purposes of this Agreement, “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system. Such notification shall contain the elements required by 45 C.F.R. § 164.410. In addition, Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this Agreement, as well as to provide complete cooperation to Covered Entity should Covered Entity elect to review or investigate such noncompliance or Security Incident. Business Associate shall cooperate in Covered Entity’s breach analysis and/or risk assessment, if requested. Furthermore, Business Associate shall cooperate with Covered Entity in the event that Covered Entity determines that any third parties must be notified of a Breach, provided that Business Associate shall not provide any such notification except at the direction of Covered Entity. Business Associate shall indemnify and hold harmless Covered Entity for any injury or damages arising from any noncompliance with this Agreement or any Security Incident or Breach attributable to the negligence of Business Associate, including the failure to execute the terms of this Agreement.

(i) Business Associate shall permit Covered Entity, in its discretion, to conduct an audit of Business

Associate’s compliance with this Agreement, HIPAA, and HITECH. Such audit may consist of an onsite visit, a series of inquiries that require written responses, or both. Business Associate shall

of 8

revised 092016

promptly and completely respond to Covered Entity’s requests for information in support of the audit, which shall not be conducted more than once annually except in cases of an actual or reasonably suspected Security Incident or Breach, or reasonably suspected noncompliance with this Agreement, HIPAA or HITECH. Each Party shall bear its own costs associated with the audit.

IV. AVAILABILITY OF PHI

(a) Business Associate agrees to make available Protected Health Information in a

Designated Record Set to Covered Entity to the extent and in the manner required by Section 164.524 of the HIPAA Security and Privacy Rule.

(b) Business Associate agrees to make available Protected Health Information in a

Designated Record Set for amendment and to incorporate any amendments to Protected Health Information in accordance with the requirements of Section 164.526 of the HIPAA Security and Privacy Rule and at the direction of Covered Entity.

(c) Business Associate agrees to maintain and make available the information required to provide

an accounting of disclosures, as required by Section 164.528 of the HIPAA Security and Privacy Rule. Business Associate will comply with Covered Entity’s policy regarding accounting of disclosures.

(d) Business Associate agrees to comply with any requests for restriction on certain disclosures

of Protected Health Information pursuant to Section 164.522 of the HIPAA Security and Privacy Rule to which Covered Entity has agreed and of which Business Associate is notified by Covered Entity.

(e) In the event an Individual makes a request under this Section IV directly to Business

Associate, Business Associate will notify Covered Entity in writing of such request within three (3) business days and shall cooperate with, and act only at the direction of, Covered Entity in responding to such request.

V. TERMINATION

This Agreement shall be effective as of the date first set forth above and shall terminate upon the earlier of (i) the termination of all agreements between the parties, and (ii) the termination by Covered Entity for cause as provided herein. Notwithstanding anything in this Agreement to the contrary, Covered Entity shall have the right to terminate this Agreement and the Arrangement Agreement immediately if Covered Entity determines that Business Associate has violated any material term of this Agreement. If Covered Entity reasonably believes that Business Associate will violate a material term of this Agreement and, where practicable, Covered Entity gives written notice to Business Associate of such belief within a reasonable time after forming such belief, and Business Associate fails to provide adequate written assurances to Covered Entity that it will not breach the cited term of this Agreement within a reasonable period of time given the specific circumstances, but in any event, before the threatened breach is to occur, then Covered Entity shall have the right to terminate this Agreement and the Arrangement Agreement immediately.

of 8

revised 092016

VI. MISCELLANEOUS

Except as expressly stated herein or in the HIPAA Security and Privacy Rule, the parties to this Agreement do not intend to create any rights in any third parties. The obligations of Business Associate under this Agreement shall survive the expiration, termination, or cancellation of this Agreement, the Arrangement Agreement and/or the business relationship of the parties, and shall continue to bind Business Associate, its agents, employees, contractors, successors, and assigns as set forth herein.

This Agreement may be amended or modified only in a writing signed by the Parties. No Party may assign its respective rights and obligations under this Agreement without the prior written consent of the other Party. None of the provisions of this Agreement are intended to create, nor will they be deemed to create any relationship between the Parties other than that of independent parties contracting with each other solely for the purposes of effecting the provisions of this Agreement and any other agreements between the Parties evidencing their business relationship. This Agreement will be governed by the laws of the State of North Carolina. No change, waiver or discharge of any liability or obligation hereunder on any one or more occasions shall be deemed a waiver of performance of any continuing or other obligation, or shall prohibit enforcement of any obligation, on any other occasion.

The parties agree that, in the event that any documentation of the arrangement pursuant to which Business Associate provides services to Covered Entity contains provisions relating to the use or disclosure of Protected Health Information that are more restrictive than the provisions of this Agreement, the more restrictive provisions will control. The provisions of this Agreement are intended to establish the minimum requirements regarding Business Associate’s use and disclosure of Protected Health Information.

In the event that any provision of this Agreement is held by a court of competent jurisdiction to be invalid or unenforceable, the remainder of the provisions of this Agreement will remain in full force and effect. In addition, in the event a party believes in good faith that any provision of this Agreement fails to comply with the then-current requirements of the HIPAA Security and Privacy Rule, such party shall notify the other party in writing. For a period of up to thirty days, the parties shall address in good faith such concern and amend the terms of this Agreement, if necessary to bring it into compliance. If, after such thirty-day period, a party believes in good faith that the Agreement fails to comply with the HIPAA Security and Privacy Rule, then either party has the right to terminate upon written notice to the other party.

IN WITNESS WHEREOF, the Parties have executed this Agreement as of the day and year written

above.

COVERED ENTITY: BUSINESS ASSOCIATE:

By: By:

Title: Title:

of 8

revised 092016

EXHIBIT A

ARRANGEMENT AGREEMENT

1

EXHIBIT B

CONTACT INFORMATION

To report to Covered Entity any use or disclosure of Protected Health Information not in compliance with the

terms of this Agreement that might be considered a privacy breach, Business Associate should contact the Chief

Privacy Officer of The University of North Carolina at Chapel Hill, telephone: 919-962-6332 or email:

[email protected].

To report to Covered Entity any Security Incident (as defined in the Agreement), Business Associate should contact the Chief Privacy Officer (919-962-6332) or the Chief Information Security Officer (919-962-HELP) of The University of North Carolina at Chapel Hill.

request for proposal proposal number: 65 …

Documents