Specifications include, but are not limited to: 1. Must provide a computer-based data collection repository for case entry and management. a. The cases consist of medical records maintained for each patient and stored in the databases which are maintained and accessible by the TPCN users. b. The TPCN has an archive database with data dating back to 1999 and has an estimated 8 terabytes of stored data. The TCRM must be able to create, read, update, and transmit all current and archived data. 2. Must interface and connect with Micromedex via an integrated application programming interface (API) to be able to search for records of substances. Those records of substances must be able to be retrieved from Micromedex for analysis then pushed back to the TCRM and saved to the case. a. Micromedex is a comprehensive medical reference system which provides access to drug information resources, including drug identification, packaging information, interaction and contraindication information, international formulations, occupational safety sheets, and safety in pregnancy. b. Micromedex is available in a primary instance through the internet and a secondary backup instance through the intranet within the TPCN environment. The TCRM must be able to interface with Micromedex in both the primary and secondary instance. c. TCRM must automatically store user login credentials including the user’s password to access TPCN’s Micromedex account. 3. Must be able to perform auto-uploads of unredacted exposure cases maintained in the TCRM in near real time to the American Association of Poison Control Centers (AAPCC) National Poison Data System (NPDS). a. The auto-uploads must meet the formatting requirements and include the required fields as defined in the AAPCC NPDS Coding Users Manual. b. NPDS requests auto-upload interval of no greater than 8 minutes. This means approximately 800-1000 records must be auto-uploaded to the NPDS each day from the TCRM. 4. Must perform network database replications daily using a virtual private network (VPN) to the Department of State Health Services (DSHS). a. Network database replications must occur every 24 hours. b. Network database replications must be in SQL format. c. Yearly backups must also be sent to DSHS using the archived data from the prior year. 5. Must be capable of being hosted in a VMware (government) cloud on Amazon Web Services (AWS) environment. 6. Must meet National Institute of Standards and Technology (NIST) and Health Insurance Portability and Accountability Act (HIPAA) and Texas Medical Records Privacy Act (TMRPA) privacy and security requirements within the environment the TCRM is hosted. a. TCRM must be able to de-identify protected health information including ePHI and other sensitive information, or the data fields containing such information, in a manner complying with HIPPA and TMRPA, as applicable. 7. Must allow for data rollups to a single network database and contain a validation routine. a. The single instance of the TCRM must allow configured users to utilize the software. Access to the software will only be available to CSEC approved and licensed TPCN users. b. The validation routine must consist of toxicology validation, missing data, empty fields, improper data entry, or improper field formatting. 8. Must have a single record display window for each case record. 9. Must consist of an electronic medical record (EMR), an ad-hoc query tool, and dashboard for analytics. a. Each EMR must contain the 50 fields as required by the AAPCC in the NPDS Coding Users Manual. 10. Must be able to perform extensive reporting, charting, and contain analysis tools with various view options (grid view, graph view, and pivot tables) for medical and substance analysis. a. Reports must be able to be exported in Excel, Portable Document Format (PDF), or CommaSeparated Values (CSV) format. b. Reports must consist of medical information to report against exposures by substance, date, age, race, geographical area of exposure, treatment, current medications, and recommendations. c. Report must be able to be automatically run or from user initiation. 11. Must be accessible using virtual machines with a single network database. 12. Software must be encrypted and transmitted over secure VPNs, when applicable. 13. Customer and technical support must be provided for the TCRM.
