VITL is seeking written proposals from individuals or firms with a deep understanding of federal privacy and security requirements, including (but not limited to) National Institute of Standards and Technology (NIST) SP800-53, and the Health Insurance Portability and Accountability Act (HIPAA) and Minimum Acceptable Risk Standards for Exchanges (MARS-E), to augment VITL staff in the implementation of business continuity, disaster recovery, and cyber incident response projects.
Key elements of those projects would include:
• Evaluation of existing business continuity, disaster recovery and incident response policies and procedures in accordance with state and federal guidelines and regulation
• Assistance with enhancing policy and procedure to align with state and federal guidelines and regulations
• Training for staff with roles in incident response and disaster recovery plans
• Developing and conducting annual disaster recovery and incident response tests
