Opportunity
Amtrak #X097-181-26
Amtrak Seeks Enterprise-Wide HIPAA Security and Privacy Risk Assessment Services
Buyer
National Railroad Passenger Corporation Office of the Inspector General
Posted
January 01, 2025
Respond By
January 08, 2025
Identifier
X097-181-26
NAICS
541512
This opportunity is for Amtrak, which is seeking IT consulting services for a comprehensive HIPAA security and privacy risk assessment across its enterprise. - Government Buyer: - Amtrak - OEMs and Vendors: - No specific OEMs or vendors are named in the solicitation - Products/Services Requested: - IT consulting services for an enterprise-wide HIPAA security and privacy risk assessment - Assessment covers creation, access, processing, storage, and transmission of sensitive and regulated data - Includes evaluation of Amtrak systems and any third-party systems or service providers managing such data - Unique or Notable Requirements: - Focus on evidence-based assessment of HIPAA compliance and data security - Scope is enterprise-wide, including third-party providers - No products, part numbers, or purchase quantities specified - Category: Information Technology Services (NonConstruction)
Description
Amtrak is seeking to engage a vendor to perform an enterprise-wide HIPAA security and privacy risk assessment. The objective is to establish a comprehensive, evidence-based understanding of how sensitive and regulated data is created, accessed, processed, stored, and transmitted across Amtrak systems and any third-party systems or service providers that manage such data on Amtrak’s behalf. This procurement falls under Information Technology Services and is categorized as NonConstruction. The solicitation was posted on the Amtrak procurement portal with dates indicating it is a historical or closed opportunity.