Repository for iEHR Laboratory RFI Responses

Repository for iEHR Laboratory RFI Responses

RFI Lab Support  available at

Capability Statement: (state organizational experience with performing similar work in scope and magnitude, ability to meet initial proposed technical requirements and include all other pertinent procurement information, detailed description of the work, explanation of how work relates to potential future requirements)


Recommended Approaches: (An innovative but proven approach to providing product licensing and hardware, implementation and support services is the desired outcome.)



Application Architecture and Functionality

General Design

Is your product extensible or has the ability to custom design plug-ins?  Do you provide a Software Development Kit (SDK)?

Does your product use open source frameworks? What open source frameworks, if applicable, does your application utilize/support?

Does your product have an API used between the presentation layer and the business layer.

Please provide any additional architectural details that you feel will help us understand the design and functionality of your product.

What type of database(s) does your product use?

Does your product provide GUIs that are HL7 Clinical Context Object Workgroup (CCOW) compliant?

Does your product’s GUI follow recognized user interface standards? If so, which ones?

Is the user interface capable of being a portlet or widget in a portal framework?

Tell us how you measure reliability, provide your historical reliability metrics, etc.

How do you provide end to end performance support? i.e. from the initial engagement to the completion of the order.

Give examples of what some of the services you will need to interface with an integrated electronic health record such as orders, alerts.


What is your licensing structure?

Would the IPO be required to separately obtain licenses through third party vendors?

How are licenses structured for maintenance and support for future releases?  Is there any cost adjustments for major or minor upgrades?

Please describe application software, client access licensing structure as it pertains to user/device licensing model. In a thin client architecture with your application leased per user session, is the license released at the termination of each session and available for the next session request?

Are there limits to the number of facilities/users that are accessing the system at any given time, before seeing degrades in performance?

Interfacing/Data Sharing

Does the product have standard, documented interfaces and support for interfaces?

Does your product have an ability to interface with an external clinical record service that serves as the authoritative source of patient laboratory information?

Does your product have an ability to interface with an external patient demographics service that serves as the authoritative source of patient demographic information?

Does your product have an ability to interface with an external materiel management system that serves as the authoritative source for ordering and receipt of the pharmaceutical commodity?

Is the database(s) configured as distributed or centralized?

Does your system support report generation at local and enterprise levels?


"How does your software handle the following?

   o Single Sign-On

   o Identification/authenticity

   o Data confidentiality

   o Data integrity

   o Authorization"

Does your software adhere to any security standards?

Do you use any third party or open source security solutions, and if so, which ones?

Does your product store security and audit logs on a separate system?

Does your product provide support for integrating into any specific privacy, security or Public Key Infrastructure (PKI) environment? If so, what capabilities are provided?

Can your system support patient identity management provided thorugh an ESB/SOA service and patient information passed via a web-service?

"How are user capabilities controlled in your product (i.e., what level of control is available for types of users and how are users authorized for different levels of system activities)?


How many types of access controls can be supported?"

Does your product support attribute-based access control (ABAC)?

What type of code checking and security scanning do you peform on your product?


Does your project have a new major version in development? Describe any planned changes in your product architecture (e.g., new APIs, supporting new platforms) for the next two years.

How long do you plan on offering support for the current version of the software?

Will new releases of the software be backwards compatible?  If not, please describe your typical upgrade path in detail.

How easy is your product modified to correct faults, improve performance or other attributes, adapt to a changed environment (like an upgraded OS or a new OS)?

Describe any of your standard support packages that will provide support after the product is installed, deemed operational, and being used in a production environment.

How are software defects discovered, reported and corrected?

What is your current release cycle? Describe past history release cycles. Describe the anticipated future release cycle.

Are there any third party licenses required for your product? If so, please list them

Deployment Architecture and Functionality


What is a typical deployment configuration? Include typical specifications of the configured systems used.  What are the platforms of the equipment needed to make the system operational?

Discuss potential deployment environments, for instance application servers, Type 1 Hypervisor compatibility, operating systems, etc.

Is your application compatible with thin computing technologies to include streaming, virtualization, and server process (thin clients)?

Provide information on database capacity and flexibility in your typical configuration. This information includes how much space is set up in the database for each table (i.e., number of records that each table can hold, etc.), flexibility in relation to database expansion, flexibility in database configuration processes and utilities.

List types of tools that can be used to test your product(s) in an integrated environment. Can the following tools be used with your product to provide meaningful test results?  Mercury Winrunner, Loadrunner, Wiley Introscope, Rational TestManager.

System Performance

Is your product scalable?  Please give examples of your smallest and largest installations.

What are the bandwidth characteristics of the application?

What are the performance characteristics or requirements of the middleware, if applicable?


What methods are used by the system to ensure 24/7 access to functionality and data and what is the recommended disaster recovery solution?

If redundancy is used in the architecture, how long does it take for a failover to occur?

What is the average downtime associated with routine system updates, support upgrades, maintenance, and backups?  What is the frequency of system updates and/or backups?

Compatibility with Operating Environment

What operating systems, database management systems,  application platforms, scripting languages, and Web browsers does your  product(s) support?

Describe how your product(s) operates in a Web-client environment with transaction computing, flexibility in deployment, without a high sensitivity to WAN latency.