# Request for Proposal Secure Mobile Messaging Solution for Healthcare Provider Organization Paste logo here Paste logo here [Type the company name] # RFP Name: <insert name> RFP Number: <insert number> Table of Contents 1. General Information and Background....................................................................... 2 2. Overview of Requirements ............................................................................................ 2 3. Questions ............................................................................................................................. 2 4. Schedule & Submittal Instructions ............................................................................. 3 5. Proposal Response and Presentation ........................................................................ 5 6. Scope of Work & System Requirements .................................................................... 6 7. Implementation and Support .................................................................................... 10 8. References ........................................................................................................................ 12 Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 1 RFP Name: <insert name> RFP Number: <insert number> 1. G eneral Information and Background General Information & Background of ORGANIZATION. Provide a summary of your company including: Office location(s) Incorporation (state) Number of years in operation Number of employees Organization structure Business functions (product/service lines) 2. O verview of Requirements ORGANIZATION is accepting proposals from qualified firms to provide a secure, robust, interactive, reliable, high-speed messaging solution to be used for secure communications in a healthcare or related environment. The solution will be an integral part of the internal communication processes at ORGANIZATION. The system must be available to initiate and deliver messages 24 hours a day, 7 days a week, 365 days a year. 3. Q uestions All questions about this Request for Proposal must be submitted in writing and delivered electronically to Name/email address on or before the required due date. Written answers to the questions will be provided to all respondents of the RFP in accordance with the schedule of events. Questions received after the deadline for submitting questions will not be answered. Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 2 RFP Name: <insert name> RFP Number: <insert number> 4. S chedule & Submittal Instructions 4.1. S chedule of Events Task Date Initial mailing of RFP Deadline for submission of questions (time w/time zone) Deadline for submission of proposals (time w/time zone) Contract award (estimated) Date Date Date Date 4.2. S ubmittal Instructions COST TO PREPARE AND SUBMIT RESPONSES All costs incurred in the preparation and submission of responses to the RFP shall be the responsibility of the Respondent. LATE PROPOSALS Proposals received after the due date and time will not be considered and will be returned unopened to the sender. Regardless of the method used for delivery, Respondents shall be wholly responsible for the timely delivery of submitted proposals. PREPARATION Proposals should be prepared in such a way as to provide a straightforward, concise delineation of capacities to satisfy the requirements of the RFP. Expensive bindings, color displays, promotional materials, etc., are not necessary or desired. Emphasis should concentrate on conformance to the RFP instructions, responsiveness to RFP requirements, and on completeness and clarity of content. All proposals and accompanying documents become the property of ORGANIZATION. PROPRIETARY INFORMATION ORGANIZATION should insert its standard proprietary information policy. PROPOSAL DELIVERY INSTRUCTIONS Submit proposals and mark boxes or envelopes plainly as indicated below: ORGANIZATION Person or department to deliver to RFP: Name/Number Opening Date: Date Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 3 RFP Name: <insert name> RFP Number: <insert number> Address 1 Address 2 Address 3 Email Address For: Secure Messaging System Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 4 RFP Name: <insert name> RFP Number: <insert number> 5. P roposal Response and Presentation 5.1 Proposal Submittal Options Hard-Copy Proposal: Each proposal response shall consist of (#) binder(s)—submit one master, (#) paper copies, and (#) electronic copy response in single document in Adobe PDF format only on a CD. Clearly label and index binders with appropriate section and sub-section numbers as referred to herein. Email Proposal: Email a single copy of the proposal response to the contact stated in section 4.5. The proposal response must be a single document in Adobe PDF format only. 5.2 Format of Response Label and include the following sections in the proposal. Number each page individually and provide a table of contents: Respondent Experience and Personnel – A description of the respondent’s company, including the organization’s experience and history with providing services to similar organizations. Customer References – Provide three customer references by completing the Customer Reference form in Section 12 of this RFP. Scope of Work & System Requirements – Describe the approach to be taken including, but not limited to, how the project will be organized, number and types of staff involved. Complete the matrix and answer all questions in Section 6 of this RFP and include them in section 5.4 of your response. Implementation Schedule – Provide a schedule of events that clearly indicates the time sequence for tasks that are required to perform major components of the implementation. See Section 7 of this RFP for more detailed instructions. Pricing – Provide pricing information. See Section 8 of this RFP for more detailed instructions. Additional Information – Respondent(s) may provide additional information that is relevant to this proposal for consideration. Additional information must be limited to two pages or less. Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 5 RFP Name: <insert name> RFP Number: <insert number> 6. S cope of Work & System Requirements 6.1. S cope of Work Provide a secure, robust, interactive, reliable, high-speed messaging solution to be used for secure communications in a healthcare or related environment. The solution will be an integral part of the internal communication processes at ORGANIZATION. The system must be available to initiate and deliver messages 24 hours a day, 7 days a week, 365 days a year. Using the Response Codes below please indicate if your system meets the system requirements listed in the table in this section. Response Code Definition 1: Meets Requirement The requirement will be met by the core functionality of the system proposed. This functionality is already operational at other sites. 2: Under Development Requirement will be met by software that is currently under development, in beta test, or not yet released. Provide target release date. 3: Minor Modification Requirement will be met with minor modifications to existing software. All work will be performed by the vendor and pricing must be included. This work must be noted in the project plan and schedule. 4: Major Customization Requirement will be met by major modifications to existing software or by new custom software development. All work will be performed by the vendor and any additional costs must be noted 5: Third-Party Requirement can be provided through a third-party solution partner. When responding with a 2, vendors must describe how the functionality will be achieved and whether any set-up work will be done by the vendor or customer. 6: Other Tools Requirement will be met by the use of proposed software tools such as a report writer, query language or spreadsheet. When responding with a 3, vendors must describe how the requirement should be met and whether the set-up work will be done by the vendor or customer. 7: Not Available Vendor cannot meet requirement. Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 6 RFP Name: <insert name> RFP Number: <insert number> Req. No Requirement Response Code Comments / Explanation 6.2. S ystem Requirement Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 7 RFP Name: <insert name> RFP Number: <insert number> 1.1. Feature requirements 1.1.1. Send and receive secure messages on mobile devices 1.1.2. 1.1.9. 1.1.10. Send and receive secure messages through the web Send and receive secure messages from mobile devices to web and web to mobile devices Receive message alerts/notifications Ability to customize alert tones Ability to receive backup email and SMS notifications See when sent messages have been delivered and read Search for and select message recipients from directory Send secure texts within groups Ability to create distribution lists 1.1.11. Send and receive images 1.1.12. Send and receive files 1.1.13. Send and receive videos 1.1.14. Send and receive voice notes 1.1.15. 1.1.16. Set message lifespan Ability to recall messages once sent Set a custom status Receive pages within solution application Other 1.1.3. 1.1.4. 1.1.5. 1.1.6. 1.1.7. 1.1.8. 1.1.17. 1.1.18. 1.1.19. Please specify 1.2. Technical capabilities 1.2.1. Does your solution require any hardware on-premise? 1.2.2. Does solution require server(s) on-premise? 1.2.3. Is solution cloud-based/SaaS? 1.2.4. Is solution available greater than 98% of time? 1.2.5. Are messages sent and received Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) If “Yes”, please provide details If “Yes”, please provide details 8 RFP Name: <insert name> RFP Number: <insert number> 1.2.6. 1.2.7. 1.2.8. 1.2.9. 1.2.10. 1.2.11. 1.2.12. in real-time? Is solution location agnostic? Does solution permit messaging to end-user mobile devices from a PC and from a mobile device to a PC? Does solution work on Wi-Fi networks? Does solution work on cellular networks? Can users access solution via web portal/PC? Please list all mobile devices (including tablets) supported by solution from which a user can access the application Please provide architectural and workflow diagrams for solution N/A N/A Please specify any operating system and browser limitations Please specify Please attach to submission 1.3. Administrative Controls Requirements 1.3.1. Does your solution contain an administrative portal? 1.3.2. Can administrators set system locks at an organization level? 1.3.3. Can administrators set system locks at a user level? 1.3.4. Are administrators able to add/delete/modify/suspend users? 1.3.5. Does solution allow users/administrators to set message lifespans? 1.3.6. Can administrators wipe any user account without wiping that user’s entire device? 1.3.7. Does solution support the use of a number pin for authentication? 1.3.8. Can administrators use Active Directory with solution? 1.3.9. Are administrators able to interact with MDM systems through solution? Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 9 RFP Name: <insert name> RFP Number: <insert number> 1.4. Integration Requirements 1.4.1. Does your solution support Active Directory integration? 1.4.2. Does solution support MDM system integration? 1.4.3. Does solution support EMR integration? 1.4.4. Does solution support phone system integration? 1.4.5. Does solution support on-call or other scheduling software integration? Does solution support integration with other clinical systems and departments (e.g. lab, pharmacy, etc.)? Does solution support answering service integration? 1.4.6. 1.4.7. 1.4.8. If “Yes”, please provide details If “Yes”, please specify which providers If “Yes”, please specify which providers If “Yes”, please specify which providers If “Yes”, please specify which providers If “Yes”, please provide details If “Yes”, please specify which providers If “Yes”, please provide details Does solution support any other 3rd party system integrations? 1.5. Security Requirements 1.5.1. Is your solution HIPAA compliant? 1.5.2. Are messages encrypted in transit? 1.5.3. Are messages encrypted at rest? 1.5.4. How is data encrypted? Please specify which areas are encrypted (e.g. user passwords, message contents, etc.) 1.5.5. Can unique user names or numbers be assigned to each account? 1.5.6. Is there a default inactivity timeout for the application? 1.5.7. Do you have a data backup plan in place? 1.5.8. Do you have a disaster recovery plan in place? Please provide details N/A Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) Please provide details Please provide details Please provide details 10 RFP Name: <insert name> RFP Number: <insert number> 1.5.9. Do controls exist to safeguard your facility and equipment from unauthorized use or theft? Do controls exist to safeguard access to your data center? Have you been associated with any HIPAA Security Rule violations? Have you implemented safeguards to protect ePHI? Please provide details 1.5.13. Do you regularly perform security risk assessments? Please provide details 1.5.14. Have you performed a self or external evaluation of your operations in accordance with HIPAA Security Rule? Please provide details 1.5.10. 1.5.11. 1.5.12. Please provide details If “Yes”, please provide details Please provide details 6.3. A udit Logs P rovide an overview of the audit log functionality of your solution. Please address the following questions o H ow is audit log secured? o H ow is audit log sent to client? o H ow is audit log stored by client? o W hat data is included in audit log? Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 11 RFP Name: <insert name> RFP Number: <insert number> 7. I mplementation and Support 7.1 Implementation Process Describe your solution’s implementation process including: Support service during implementation User and administration training process Timeline for implementation Maximum/minimum number of users supported by solution 7.2 Support System Provide a detailed description of your support system for the proposed solution. Additionally, describe policies/procedures for the following: Update and maintenance process Support documentation Problem resolution process 8. R eferences Provide three references from healthcare clients that have implemented your proposed messaging solution. Please include: Client name and address Contact name and phone number Products and services installed and length of product or services in place . Secure Mobile Communication Solution for Healthcare Provider Organization Sample Request for Proposal (RFP) 12