Proposed New System
CCHCS is seeking a Health Insurance Portability and Accountability Act (HIPAA) compliant COTS electronic health records solution that includes an electronic dental record component, meeting the CCHCS-developed requirements in Attachment B: EHDRS RFI Requirements Spreadsheet, and Attachment A: EHDRS RFI Statement of Work (SOW) through configuration changes or minor programming adjustments. The Respondent should provide implementation cost estimates as well as fixed rate estimates for support services and hosting within Attachment C: EHDRS RFI Cost Estimate Workbook.
The EHDRS scope includes the following functions which are believed to be common or “core” to a standard COTS Electronic Medical Records (EMR) solution: Computerized Physician Order Entry (CPOE), Electronic Medication Administration Record, Pharmacy Orders, Point of Care Medication Administration, Document Management, Medical Provider Documentation, Medication Reconciliation, Chronic Condition Management, Clinical Decision Support, Treatment Planning, Nursing Care Plans, Billing, Picture Archiving Communication System (PACS), Labs, Radiology, Health Information Management (HIM).
CCHCS expects that functionality may require significant customization and/or new development to meet all of CCHCS’ system requirements. The method of meeting the requirements will be determined by the Respondent so long as it seamlessly integrates the additional customization/development with the COTS EMR, giving the user the appearance that it is a single application.
The EHDRS must include, among other things, the following components:
a. A patient principal calendar/scheduler that will interface with other calendars, including California Department of Corrections and Rehabilitation (CDCR) Strategic Offender Management System, and other external calendars to avoid patient scheduling conflicts.
b. Data analytics capability, possibly as part of a data warehouse, to allow statistical analysis ofhealth care and treatment trends of patients.
c. Capability of tracking and managing e-health record uses and disclosures to comply with HIPAAand the California Information Practices Act (IPA). d. Migration of legacy data that must be incorporated into the EHDRS.
Contractor Responsibilities
- The proposed Contractor is responsible for providing all hardware, software, design, development, configuration, testing, and implementation services. In addition, the proposed Contractor is responsible for supporting all Contractor-provided Solution components (including but not limited to environments, software, and required operations). The proposed Contractor must:
- Comply with all applicable CCHCS policies and procedures.
- Produce and deliver the specified Deliverables in accordance with SECTION XX. CONTRACTOR DELIVERABLES
- Implement an EHDRS that meets all functional and non-functional requirements specified in EXHIBIT X.X: NON-FUNCTIONAL REQUIREMENTS and EXHIBIT X.X: FUNCTIONAL REQUIREMENTS.
- Provide unencumbered, unequivocal, and all necessary licenses to the State of all software necessary to operate and utilize the solution, and for any Contractor-provided software elements, including third party products included in the Contractor’s solution, as listed in EXHIBIT B1: Cost Workbook
- Perform the services required in a manner that minimizes disruption to CCHCS operations
- Ensure that each of its employees, and any subcontractor staff, are made aware of, understand, and comply with the provisions, policies and procedures of CCHCS, which may include criminal background checks, including Live Scan background checks (https://oag.ca.gov/fingerprints)
- Ensure each of its employees, and any subcontractor staff, are aware of the Contractor’s obligations as outlined in EXHIBIT D: HIPAA Business Associate Agreement and have signed the Oath of Confidentiality. EXHIBIT X.X: OATH OF CONFIDENTIALITY.
- Designate a Contract Representative to whom all project communications to and with the State may be addressed and who has the authority to act on all aspects of the services.
- Provide contract management functions, management of resource(s), and meeting attendance as necessary.
- Be responsible for identifying and managing all Contractor key resources and sub-contractors to the Contractor to ensure compliance with the resulting contract.
- Designate key resources and other Contractor resources necessary to successfully fulfill the terms of the proposed contract
- Participate in information gathering meetings, fact-finding meetings, working sessions, status reporting (both written and verbal), presentations, and general communication(s) to ensure success of the project activity performance.
- Return all State property including security badges, work products, etc., prior to termination of the Agreement.
- Complete all required CCHCS documentation and on-boarding requirements and forms for all key staff to obtain security access badge, network access, email accounts, etc.
- Provide 24/7/365 Support, defined as twenty-four (24) hours a day, seven (7) days a week, year-round.
- Install appropriate patches and version upgrades.
- Make and test configuration changes
- Troubleshoot any issues related to the software, which includes functionality, privacy issues, data, etc.
- Resolve defects, escalating where appropriate to CCHCS and Contractor management.
- Maintain defect/bug logs.
- Track incident and problem tickets including corrective maintenance and resolution to include root cause analysis and resolution type; ticket status updates; and application maintenance – incident correction, enhancements, version updates.
- Backup and Restore: Contractor must provide processes and systems to ensure that data, images, application software, and configuration stored prior to full system acceptance are backed up and can be restored in the event of a failure. From the date of full system acceptance by CCHCS, the Contractor will use the designated Backup/Recovery Contractor facilities for backup and recovery for restoration, as needed.
- Contractor must ensure these processes and systems are operating correctly.
- Monitor logs and backup outputs to detect and correct defects/bugs, including enhancements in the backup and restore process.
- Verify backup and recovery processes are complete and correct following equipment, software or configuration updates or changes.
- Regularly test restorations to demonstrate that the recovery strategy remains effective over time.
Requirements will be updated upon the release of a new solicitation.
