SAM #SS-26-IHS-1520131

IHS Seeks HSPD-12/FIPS 201-3 Compliant Access Control and Surveillance Systems for Great Plains and Billings Areas

This opportunity seeks qualified vendors to provide, install, and maintain advanced physical access control and video surveillance systems for Indian Health Service (IHS) facilities in the Great Plains and Billings Areas. - Government Buyer: - Department of Health and Human Services (HHS) - Indian Health Service (IHS), Great Plains Area - OEMs and Vendors Mentioned: - LenelS2 (OnGuard) - Milestone Systems (XProtect Corporate) - DMP (Digital Monitoring Products) - Aiphone - HID Global (pivCLASS, iCLASS Seos) - Products and Services Requested: - Physical Access Control Systems (PACS) and HSPD-12/FIPS 201-3 compliant door readers (at least 535 units) - Door reader modules (225+), Lenel controllers (56+), HSPD12 PAM modules (80+) - Interior (800+) and exterior (120+) IP cameras, including advanced models (panoramic, PTZ, AI-enabled) - Intercom master door stations (15+), panic buttons (80+), intrusion alarms, and related hardware - Lenel OnGuard and Milestone XProtect Corporate software licenses - DMP XR550 security modules, expansion modules, and wireless panic devices - Networking equipment (Wi-Fi 6E access points, PoE injectors, switches, transceivers, UPS) - CIV cards, iCLASS Seos cards, card printers, and supplies - Cabling, patch panels, racks, cabinets, and fiber infrastructure - Installation, configuration, integration, and project management services - Ongoing service, maintenance, and 12-month software assurance/support - Unique or Notable Requirements: - All systems must be GSA APL-listed and fully compliant with HSPD-12 and FIPS 201-3 standards - Contractor must be certified in LenelS2 OnGuard - Government retains full access and rights to all system elements - Support for remote diagnostics and annual licensing/maintenance - Estimated infrastructure includes 30 virtual servers, 80 panic buttons, 15 intercom stations, and extensive networking upgrades - Place of Performance: - IHS federal facilities throughout North Dakota, South Dakota, and the Billings Area - Contracting office located in Aberdeen, SD - Contract Structure: - Five-year IDIQ contract with firm-fixed pricing - Includes base and four option years

Description

Sources Sought: Security Cameras and Lenel HSPD-12/FIPS 201-3 Compliant Door Access Control Systems - Installation, Service, and Maintenance for the Great Plains Area Indian Health Service (GPAIHS), Office of Information Technology (OIT) Department, Aberdeen, South Dakota.

Sources Sought Notice Number: SS-26-IHS-1520131. This is a Sources Sought notice. This notice DOES NOT constitute a request for proposal, request for quote, or invitation for bid. This Sources Sought is a market research tool used to determine the availability of qualified Indian Small Businesses Economic Enterprises (ISBEEs) and Indian Economic Enterprises (IEEs) capable of performing the requirement prior to issuing a Request for Quote. This is not a solicitation for proposals, and no contract will be awarded from this announcement. No reimbursement will be made for any costs associated with providing information in response to this announcement. All responses will be provided via email. No presentations will be scheduled. Your responses to the information requested will assist the Government in determining the appropriate acquisition method, including whether a set-aside is possible. The applicable NAICS code for this acquisition is 541519 (Other Computer Related Services).

1.0 BACKGROUND

The Indian Health Service (IHS), an agency within the Department of Health & Human Services, is responsible for providing federal health services to American Indians and Alaska Natives. The Indian Health Service provides a comprehensive health service delivery system for approximately 1.9 million American Indians and Alaska Natives who belong to 567 federally recognized tribes, in 35 states. The Indian Health Service Headquarters is located in Rockville, MD, and is divided into twelve geographic areas: Alaska, Albuquerque, Bemidji, Billings, California, Great Plains, Nashville, Navajo, Oklahoma, Phoenix, Portland, and Tucson. The Great Plains Area Office (GPAO) works in conjunction with its 19 Indian Health Service Units and Tribal Managed Service Units to provide healthcare to approximately 122,000 Native Americans located in North Dakota, South Dakota, Nebraska, and Iowa. The Area Office’s service units include seven hospitals, eight health centers, and several smaller health stations and satellite clinics.

2.0 OBJECTIVE

The mission of the Indian Health Service (IHS) is to elevate the physical, mental, social, and spiritual health of American Indians and Alaska Natives to the highest level. As part of this mission, the IHS is committed to ensuring the safety and security of its patients, staff, and facilities while providing high-quality healthcare services across its regions. To support this mission, the purpose of this contract is to design, furnish, install, and maintain Homeland Security Presidential Directive 12 (HSPD-12) compliant Physical Access Control Systems (PACS), video surveillance systems, and alarms in Indian Health Service facilities throughout the Great Plains and Billings Areas, including North Dakota and South Dakota. These systems will enhance the protection of federal facilities, patients, staff, and property through compliance with HSPD-12, Federal Information Processing Standard (FIPS) 201-3, and all applicable federal security and privacy regulations. The implementation of these systems will ensure standardized, secure, and efficient access control for all IHS facilities, promote accountability, and safeguard critical federal healthcare infrastructure. By integrating advanced physical security technologies, the IHS will continue to uphold its mission of providing safe and secure environments where quality healthcare can be delivered to the Native communities it serves. All systems must comply with HSPD-12 and FIPS 201-3 Personal Identity Verification (PIV) standards. Physical Access Control (PACS) must come from the GSA Approved Products List under the 13.01 Topology. Maintain fully functional, continuously operating door access and video surveillance systems. Provide secure, auditable, and centrally managed access to protected facilities. Integrate panic devices and intrusion detection systems. Minimize system downtime and security vulnerabilities through proactive service and maintenance.

3.0 SCOPE OF WORK

This Performance Work Statement (PWS) defines the requirements for the installation, configuration, integration, service, and ongoing maintenance of security camera systems, intrusion alarms, and Lenel door access control systems in accordance with Homeland Security Presidential Directive 12 (HSPD-12) and Federal Information Processing Standard (FIPS) 201-3. The contractor shall provide all personnel, equipment, tools, materials, supervision, and services necessary to ensure continuous operation and compliance of physical security systems. The contractor awarded this contract must be certified or have a certified sub-contractor in the LenelS2 OnGuard™ software applications and hardware installation/maintenance. The Government shall retain rights to all associated data, hardware, and software and have full access to all elements of the video surveillance and physical access systems. The Government must never be locked out of the system. The contractor will be required to provide a comprehensive plan for annual licensing, repairs, and maintenance. The existing security infrastructure before this IDIQ award includes Recording Servers, Access Panels, Lock Power Supplies, Cameras, Card Readers, Electrical Strikes, Exit Door Push Buttons, Panic Buttons, integration with alarm systems, and Door Monitor Switches at the Service Unit Pharmacy Locations. The current software used for surveillance management is Milestone Systems XProtect Corporate. The software for Access Control is OnGuard and Lenel. Existing Hardware Estimates (minimums): Door Readers – 535 units Door Reader Modules – 225 units Lenel Controllers – 56 units HSPD12 PAM Modules – 80 units Interior IP Cameras – approximately 800 units Exterior IP Cameras – approximately 120 units Virtual Servers – 30 units Panic Buttons – 80 units Intercom master door stations – 15 with 36 doors The Recording Servers are virtual servers with Windows 2022. During the base plus four option years of this contract, a Windows OS Server upgrade will be performed. The vendor is responsible for ensuring servers remain operational, fully patched, and maintained throughout the contract, including system updates and capacity planning. This performance-based methodology requires the contractor, as part of its proposal, to furnish the government with a Performance Work Statement (PWS) that details how the work will be accomplished, along with standards demonstrating successful completion.

4.0 TYPE OF ORDER

The anticipated contract type is Firm-Fixed-Price, Indefinite-Delivery/Indefinite-Quantity (IDIQ), with an estimated five-year ordering period. This will be a Non-Personal Service, Commercial Item Purchase Order to design, furnish, install, and maintain Homeland Security Presidential Directive 12 (HSPD-12) compliant Physical Access Control Systems (PACS), video surveillance systems, and alarms in Indian Health Service facilities across the Great Plains and Billings Areas, including North Dakota and South Dakota.

5.0 ANTICIPATED PERIOD OF PERFORMANCE

Period of Performance: 5-year ordering period (IDIQ)

6.0 PLACE OF PERFORMANCE

All work shall be performed at designated federal facilities listed in the contract. A table of supported facilities is included in the PWS and is subject to change upon mutual agreement. Some remote diagnostics and updates may be conducted offsite.

7.0 REPORT(S)/DELIVERABLES AND DELIVERY SCHEDULE

Attachment A — Service Levels & QASP (Government Surveillance) Definitions Availability: service reachable and performing intended function; excludes Government-approved maintenance windows. S1 Critical: Area-wide PACS/VMS outage; loss of recording at hospital; life/safety issue. S2 High: Multi-door failure; door won’t re-secure; pharmacy vault camera failure; certificate validation down at site. S3 Medium: Single door/camera persistent fault. S4 Low: Cosmetic, documentation, minor tuning. Service Levels MetricTargetAQL / Remedy PACS core uptime (site)≥ 99.5% monthlyCredit 5% MRC/site per 0.1% below to 98.5% VMS recording uptime (site)≥ 99.5% monthlySame as above

Patch currency (Critical/High): ≤14 / ≤30 days respectively. Findings on quarterly audit require a corrective action plan within 10 days. Backup success (servers/config): ≥98% monthly. Failure to restore will require a plan and retest within 5 days. APL attestation: Quarterly, with no gaps. Gaps require stopping work on non-APL work until resolved. Government QA will review monthly logs, sample doors/cameras, and change records against this QASP.

8.0 PAYMENT

Invoices submitted under any award will be required to utilize the Invoice Processing Platform (IPP) in accordance with HHSAR 352.232-71, Electronic Submission and Processing of Payment Requests.

Payment will be made upon receipt of a complete and accurate invoice and successful acceptance inspection in accordance with the Prompt Payment Act. Invoices must include all required information and supporting documentation, submitted through IPP.gov with a copy to Brenda Steiger (CORIII), Supervisory IT Project Manager, or her designee.

9.0 Capability Statement/Information

Capability statements should demonstrate experience with LenelS2 OnGuard, HSPD-12 compliant PACS, and enterprise video surveillance systems. Interested parties should review this notice and the attached PWS to familiarize themselves with the project requirements. The following information must be included in the capability statement: Company Name Company point of contact, mailing address, email, phone number, and website. Name, phone, and email of a company representative authorized to clarify responses with the government. Company Unique Entity Identification (UEI) number. Business size and type (e.g., ISBEE/IEE, 8(a), SDVOSB). All respondents must be registered in SAM at https://www.sam.gov. Capability narrative. Relevant Past Performance details: Current capability and capacity. Past similar projects. Organizational experience and management. Examples of prior government contracts and related info. Certifications (Lenel, network, etc.). Ability to meet HSPD-12/PACS requirements. The capability statement must not exceed 10 pages, single-sided, 12-point font, in Word or PDF, 8.1/2 x 11 inches, with 1-inch margins. Proprietary info should be marked accordingly. Responses will be confidential. Respondents will not be notified individually of the results. This notice is for planning purposes only and does not constitute a solicitation or obligation. Funding may not be available, and no reimbursement will be provided for efforts or submissions.

10.0 Closing Statement

Point of Contact: Wenda Wright, Contract Specialist, at wenda.wright@ihs.gov Submission Instructions: Interested parties should email their capability statements to Wenda Wright at the above email, including the Sources Sought Number SS-26-IHS-1520131 in the subject line. The deadline is April 24, 2026, at 4:00 p.m. CST. All responses must be received by the deadline to be considered. This notice is for information and planning only and is not a solicitation or contractual obligation. The IHS may issue a Request for Quote (RFQ) based on this notice. Disclaimer: This notice does not obligate the Government to award a contract or pay for responses. The Government may use the information provided for any necessary purpose. Responses should be complete and detailed. The Government is not obligated to acknowledge receipt or provide feedback. After review, a pre-solicitation and solicitation may be published in SAM.gov. Responses to this notice are not responses to a solicitation. Confidentiality: Do not include proprietary, classified, confidential, or sensitive info in your response.

View original listing