Motor Vehicle Insurance Verification System

The Vendor is required to provide motor vehicle insurance verification system must be fully designed, developed, tested.
- System include:
• System design, development, and configuration.
• Secured cloud hosted solution with potential consideration for secure vendor hosted solution
• Implementation and integration with insurer systems and relevant state systems.
• Development and support of an alternative method (such as a csv upload) for small insurers (those with fewer than 1,000 vehicles insured in state) per SB 42.
• Thorough testing, including system, integration, performance, security, and user acceptance testing.
• Training for all user groups.
• Ongoing system operation, maintenance, and technical support.
• Disaster recovery and business continuity services.
• Compliance with all security and data handling requirements.
• End-of-contract transition services.
• Provide accurate and real-time verification of motor vehicle liability insurance.
• Be the sole electronic system used for this purpose in state.
• Facilitate easy and secure access for authorized users.
• Ensure the confidentiality and integrity of all data handled by the system.
• Support the state’s efforts to reduce the number of uninsured motorists.
- The system shall support industry standard secure web services for real-time, bi-directional communication with insurer systems.
- The system shall transmit requests to insurers for verification of motor vehicle liability insurance via secure web services established by the insurers.
- The system shall, at minimum, have the ability to display the following information:
• Customer name
• Insurance policy number
• Insurance company number (NAIC#)
• Insurance company name
• Policy effective date
• Policy end date
• Vehicle identification number
• Vehicle make
• Vehicle model
• Vehicle year
- All nonpublic information (NPI) must be encrypted both at rest (while stored in databases, backups, or archives) and in transit (during transmission across any network). 
• Industry-standard strong encryption algorithms must be utilized.
- The system must generate comprehensive, immutable audit logs for all system activities. 
• This includes, but is not limited to, user logins (successful and failed), all data queries, data modifications, administrative actions, changes to security settings, and system-generated security events.
- Strong password policies must be enforced, including minimum length, complexity (mix of character types), history (preventing reuse of recent passwords), and regular expiration.
- The system must employ secure methods for all data exchange activities, including real-time web service communications with insurers and any batch file transfers or dedicated secure connections with state agencies.
- Data Handling and Exchange:
• Data validation and error handling processes must be implemented for all data received from insurers to ensure accuracy and completeness. 
• This includes at minimum checks for data format, valid values, and consistency.
• Must propose procedures for identifying, reporting, and resolving data discrepancies found during validation or through system operation.
• The system should include tools for monitoring data quality and generating reports on data submission errors or inconsistencies from participating insurers.
- Contract Period/Term: 2 years
- Questions/Inquires Deadline: July 25, 2025