Περιγραφή της προμήθειας
We expect tenderers to have expertise and knowledge on the following topics:
— understanding of the European regulatory framework e.g. NIS Directive, the GDPR, the EU Telecoms Package,
— network and information security of eHealth systems, infrastructures and services (services like ePrescription, HER, PHR, etc.),
— policy and regulatory issues related to the resilience of healthcare security services as well as eHealth policies at national and/or European level,
— security for medical devices, such as mobile devices, wearable devices, implantable devices, etc.,
— network and information security issues e.g. internet and web security, cryptography, testing, security management, etc.
The objectives of the consultancy services in the area of threat analysis may take but are not limited to, the following forms:
— perform stocktaking on the topics mentioned above; relevant existing literature, reports, white papers, legislation, policies, strategies, initiatives and other research projects,
— perform threat identification and assessment for specific systems and services of healthcare organisations,
— identify relevant stakeholders and engage them in dialogue on the topics mentioned above, including experts from the supply side (Policy makers, city deciders, manufacturers, solution vendors, industry associations, standards bodies, certification organisations), as well as the user side (SMEs, SME associations, customer associations, government organizations, large enterprises, etc.),
— design and implement interviews, surveys, questionnaires with relevant stakeholders (conducted face-to-face, via telephone or on-line means, etc.) on the topics mentioned above,
— analyse and present the results from interviews, surveys and questionnaires,
— draft reports on the basis of information collected (via interviews and surveys) or on the basis of desk studies,
— assess the impact of policies and regulations on the development of healthcare services,
— perform SWOT analysis for various kinds of technical and organisational cases, including emerging technologies and application,
— make specific recommendations on practices (good practices, design choices...) and operational requirements to address identified issues in relation to the domain of the Healthcare services studied,
— prepare technical design documents, if needed, such as: system requirements definition and analysis, analysis of technical requirements, use case analysis, system design ,etc.,
— present effectively achieved results by using presentation techniques (paper documents, on-line documents, slides, demonstrators, graphs, videos, etc.
Various specific contracts based on the annual ENISA work programme specifically in the area of healthcare services will be launched periodically to the successful framework Contractors based on the “Reopening of competition” procedure. Depending on the needs of the Contracting Authority and budget availability, this overall budget could be increased by up to 50 % using a “negotiated procedure without prior publication of a contract notice”.