All correspondence must be made through the Vendor Portal. Specifications include, but are not limited to: Parkland Health and Hospital System and its affiliate facilities and institutions operate an information technology systems architecture that is comprised of various major large-scale systems and platforms unique to healthcare as well as standard computing and storage approaches widely used today. Like most modern operations, we also employ the services of major cloud providers in a hybrid solution model that is beneficial for our service line modeling as well as our security posture and performance. Our preferred design approach is to utilize Cloud Based designs for typical IaaS, CaaS, PaaS, and other “as a” service models in a fully cloud based approach or a hybrid model as appropriate to the design and solution being offered or requested. The following are provided as high-level standards and requirements and are not an exhaustive list. Initial startup will require Offeror to remove and transport records from two existing locations to Offeror’s facility. Parkland has 4,924 open shelf files along with 11,167 boxes at one location and 1 million medical records at another location. These boxes, files and records will need to be relocated, categorized, labeled, and stored; 4.1.1 Capacity, Scalability and Disaster Recovery The system or solution should be capable of providing the initial properly sized capacity of service to meet runtime requirements. The system or solution should also be capable of providing monitoring and alerting as to capacity, security and performance alarms into standard monitoring systems approaches. The system or solution should be flexible and scalable to expansion of services and resources as needed, when the solution requires additional resources for proper runtime operation in its service life. Remote / Cloud Based providers as asked to deliver a full and comprehensive manifest of their current disaster recovery, availability and multi-site recovery models in practice as of the contact, to meet a 24x7x365 operational runtime expectation, given our obligations to the communities we serve. 4.1.2 General Network and Connectivity Microsoft© Active Directory compatibility and extensibility is a major requirement. The systems or solution must support standard and up to date networking protocols for local area networking, wide area networking and storage networking. The systems or solution must support standard TCP/IP services and associated protocols and subsystems, such as DNS, DHCP, NTP, SNMP, etc. The vendor’s solution should be compatible with Windows 2016 Server or higher, Active Directory Services domain functional level “Windows Server 2008“ or higher environment, including networking using DNS/IP and NOT relying on legacy windows protocols such as NetBIOS. The systems or solution must support IPv4 and IPv6 addressing methods. The systems or solution must support networking load balancing modalities, proxy server methods and standard security equipment and filtering techniques, such as proxy services forward and reverse configurations. 4.1.3 Security and Authorization/Authentication The system or solution is required to adhere to current security and information protection best practices as outlined in major frameworks such as HIPAA, HITRUST, NIST and PCI. The system or solution should be flexible and compatible with standard Role Based Access Control frameworks (RBAC) and be fully compatible with Microsoft© Active Directory Services. The system or solution, if integrated with windows, should not require its services to run as a privileged user (in a domain group such as ‘administrators’) and should not be required to run any services on a domain controller. The system or solution is required to allow for complex password configurations and policies and not allow blank or NULL passwords. Password data MUST be protected and not sent or stored in the clear.
