UNM Health and Health Sciences

The buyer is seeking to conduct a pilot vulnerability risk assessment for a proposed technology solution. The assessment aims to evaluate security risks, threats, vulnerabilities, and controls to ensure the technology meets the buyer's security standards. The process involves completing a detailed questionnaire on various security practices and providing technical specifications and implementation plans. The buyer requires this assessment to safeguard patient data and comply with HIPAA regulations.

• 6/3/2024 - Proposal Due Date

• Conduct vulnerability risk assessment of proposed technology solution
• Evaluate security risks, threats, vulnerabilities, and controls
• Assess if technology meets UNMHHS security standards
• Review physical, administrative, and technical controls
• Ensure technology does not pose risk to patient data
• Complete detailed questionnaire on security practices
• Provide network, data flow, and workflow diagrams
• Detail technology specifications and implementation plans
• Address medical device security requirements if applicable
• Outline disaster recovery and incident response procedures