The vendor is required to provide to securely digitizing, storing, and transferring physical confidential student records while ensuring compliance with the policies and regulations of the county.
- All required security measures and quality control processes to maintain the integrity, confidentiality, and security of the data throughout the digitization process.
- Project planning and compliance assessment
- Review of policies and procedures
• The contractor shall integrate the school record management system which meets all security policies for processing and transferring confidential records.
- Record assessment and categorization
• The contractor will conduct a comprehensive review of the different types of records, including academic records, health records (including immunization information), birth certificates, testing labels, and others, to understand the distinctions between each type.
• Business rules must be developed to ensure that each record is scanned, verified, and securely processed according to agency needs and regulatory requirements.
- Record organization and categorization
• The contractor shall organize and categorize the physical records for digitization, ensuring that all records are systematically grouped based on type, sensitivity and urgency
• A secure system for identifying, tracking, and categorizing records will be established to prevent misplacement or improper handling.
- Authorization and access control
• Only authorized personnel, including those with appropriate security clearances, will be allowed to handle and access the records.
• The contractor shall create and maintain a comprehensive log of all individuals who handle or access the records to track any movement of physical documents.
- Digital filing system structure
• The contractor will design a digital filing system structure that adheres to FERPA, HIPAA, and agency guidelines; the structure will ensure easy retrieval, organization, and security of digitized records.
• The contractor shall provide digital imaging of scanned records in tiff format, including metadata in text file, and a batch number.
- Physical scanning of records
• The contractor shall perform the physical scanning of the records using secure, high-resolution scanning equipment that guarantees accurate, clear, and legible digital copies of the documents.
• Each record must be scanned in compliance with both FERPA and HIPAA requirements for security and confidentiality.
- Data encryption
• All digital files, including images of documents and metadata, must be encrypted during both transfer and storage to prevent unauthorized access or tampering.
- Metadata tagging
• For files from paper records, the contractor shall implement metadata tagging for each digitized record to facilitate ease of retrieval and auditing; this metadata must include essential details such as student full name, date of birth, school name and location code, and student index number from paper records.
• For files from microfilm records, the contractor shall implement metadata tagging for each digitized record to facilitate ease of retrieval and auditing; this metadata must include essential details such as school name, reel number, reel year range, student full name, date of birth, and student index number.
- Cloud and on premise storage solutions
• The contractor will store all digitized records in a secure, encrypted cloud-based environment or an approved on-premises server solution.
• The storage system must meet agency security requirements and ensure that records are protected against unauthorized access.
• The contractor shall include a secure file transfer protocol (FTP)
- Non-retention of records
• Once the digital files have been transferred to agency, the contractor shall not retain any form of the student records (physical copies, microfilm, or digital) in any capacity for any duration.
- Contract Period/Term: 1 year
- Questions/Inquires Deadline: March 21, 2025