News Column

Special Notice - D-- Request for Information Clinical Systems Integrator Services

August 11, 2014

Notice Type: Special Notice

Posted Date: 08-AUG-14

Office Address: Department of Veterans Affairs;VISN17 Network Contracting Activity;7400 Merton Minter Blvd. (10N17/90C);San Antonio TX 78229

Subject: D-- Request for Information Clinical Systems Integrator Services

Classification Code: D - Information technology services, including telecommunications services

Contact: Ross FutchTel: 210-694-6310 Fax: 210-694-6300 []

Description: Department of Veterans Affairs

VA South Texas Health Care System

Department of Veterans Affairs South Texas Health Care System


THIS IS A REQUEST FOR INFORMATION (RFI) ONLY. This request is for planning

purposes only, and does not constitute a Request for Proposal, Solicitation, a Request

for Quote, or an indication that the Government will award a contract for the items

contained in this RFI. This notice is not to be construed as a commitment on the part of

the Government to award a contract, nor does the Government reimburse

respondents for any costs associated with submission of the information being

requested, or reimburse expenses incurred for responses to this RFI.

Companies are encouraged to respond if they have a minimum of 3 years of experience in providing Healthcare Clinical Systems Integration Services.

Please complete this Questionnaire and send by facsimile: FAX (210) 694-6300 to: Department of Veteran Affairs, VHA NCO17, Attn: Ross Futch, Contract Specialist or by email to Phone (210)694-6310

Desired Response Date: _22 August 2014

Market Research Questionnaire


Clinical Systems Integration Service Providers

Healthcare Industry

Instructions: Please provide a written response to the following questions.

1. How have companies like yours worked collaboratively with the Veterans Health Administration or Department of Defense Biomedical Engineering staff, Information Technology staff and medical center staff to ensure timely remediation of IT vulnerabilities Please list some locations and references where this has been accomplished.

2. How does private practice and industry manage the challenges of IT security in terms of workload, staffing and keeping technical staff competency levels up to date

3. Examples of best practices could include work flow, automation, communication, project management, system configuration, training, security, local and remote maintenance and support models, etc. In the systems integration and medical device security industry, what are the best practices related to the following areas

a. project management and implementation

b. ongoing technical support for systems and databases

c. network security management

d. information security certification

e. IT technical training

4. What would you look for in the ideal IT security and technical support service solution

5. Examples of commonly used measures are uptime, response time, completion times, schedule compliance, completed mitigation tasks, etc. What are other performance measures used in the device security industry and how have they helped improve performance

6. What advantages and disadvantages are there with regard to up/down scalability in providing IT technical and security services and how is cost impacted

7. What are the biggest risks, threats and vulnerabilities in having IT security and technical support services and how do companies like yours meet expectations like ours of maintaining high performance and securing data

8. Describe what the IT technical support and security industry doing in the following areas to support health care systems. (Examples include monitors to assure compliance with security standards and protocols, disposal management of electronic media, development of baseline configuration standards for medical devices, management of access control list, change management, vulnerability scanning, reporting and remediation, performing system administration and database administration, implementing and providing incidence response and risk based decision methodology related to security, scanning of mobile media, migration of operating systems and legacy systems data, operating systems and applications updates, managing network isolation architecture and rule sets, designing, building and managing secure data centers and data closets, managing information security training and personnel background checks)

a. Designing and developing functional and technical requirements and specifications for clinical systems integration

b. Performing System Integration/Implementation support

c. Testing and evaluation integration clinical systems

d. Operations support for integration clinical systems including scheduled and unscheduled maintenance of integration clinical systems

e. Project planning and administration for integration clinical systems

f. Monitoring performance, capacity, availability, serviceability, and recoverability for integration clinical systems

g. System configuration and change management for integration clinical systems

h. Information security design for integration clinical systems

i. Implementing security procedures and tools for integration clinical systems

j. Application of security/information assurance policies, principles, and practices for integration clinical systems

9. Describe what the industry is doing to support medical device protection programs for medical devices in these areas:

a. technical and administrative support related to Active Directory (AD) infrastructure.

b. security auditing medical devices

c. risks management associated baseline and configuration changes

d. networked medical device inventory management and control

e. Specialized Systems and Group Policy Objects (GPOs) compliance and impact assessment

f. Management and assessment of security controls within the clinical system(s)

g. vulnerabilities assessments of new patches and system security updates

h. integration management of information security architecture into the clinical systems architecture

10. How do companies like yours ensure that transmission rates between the clinical system nodes are optimized and what should we look for to ensure our LANs/WANs have the capacity for optimum speed and performance

11. What clinical systems related problems do companies experience and what solutions are most effective

12. What are the biggest problems and best solutions associated with interfacing and integrating clinical systems and associated hardware and software from different manufactures and third parties

13. What agreement approaches are currently in use in the industry to formalize roles, responsibilities and accountability between different vendors to ensure interoperability between systems For example, are signed memorandums of understanding, business associate agreements, letters of agreement or sub-contracts used

14. What support model does the Industry provide for large health care systems with multiple facilities where internal support staff may not be readily available including system administration, database management, network engineering, IT security certification support staff and others

15. Please provide a description of pricing models typically used in the IT technical support and security support industry that could help us in determining a budgetary estimate (for planning only) based on historical market data.

16. In the IT technical support and security support Industry, what has been your biggest nightmare related to device protection programs and what were the lessons learned

17. What upcoming changes and future trends in the IT technical support and security support industry should customers look for

18. What regulatory and compliance publications dictate or influence the IT technical support and security support industry

19. Are there any IT technical support and security support industry related websites that you recommend we visit to gain additional information about the market place

VA may utilize the responses to this RFI to conduct additional market research. It is possible that the VA may invite some respondents to meet with VA officials in person for oral presentations and/or question and answer sessions. Information obtained in this information request may be utilized to assist VA in developing a Request for Quotation (RFQ) or a Request for Proposals (RFP).


For more stories covering the world of technology, please see HispanicBusiness' Tech Channel

Source: FedBizOpps

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters