Laboratory Collection and Third-Party Administrator Services

The Vendor is required to provide on an as required basis, to laboratory and collection services (mobile collection, on-site dedicated collectors, and fixed site locations) as well as to provide third party administrator services through a medical review officer.
- System requirement:
•    The system complies with obligations for website, web application and digital content accessibility according to the act and accessibility policy.
•    The system along with its data transmission, storage, and disposal procedures must comply and in accordance with all government legislation, including but not limited to the personal health information protection act, 2004 (PHIPA) and municipal freedom of information and protection of privacy act R.S.O. 1990 (MFIPPA).
•    The system shall contain current and historical information in the form of reports and dashboards.
•    The system shall support communication between the contractor and relevant commission staff and the candidate (for appointment reminders, follow-up documentation requests, and other administrative communications relevant to the assessment process).
•    The system must support the generation of a computer based random selection list of designated employees on a weekly basis using validated algorithms to ensure true randomness.
•    The system should provide commission with secure means to respond to requests for follow-up documentation including the upload of additional forms and documents.
•    The system must support enterprise authentication standards, including multi factor authentication (MFA) and single sign on.
•    Digital systems or platforms that are capable of coordinating testing activities, including scheduling, data submission, chain-of-custody tracking, and communication workflows.
•    The system should support secure role-based access, multifactor authentication (MFA) or equivalent authentication, encryption in transit and at rest, and personal health information protection act, 2004 and the municipal freedom of information and protection of privacy act R.S.O. 1990 compliant data handling.
•    Hosted digital platforms are used, the contractor must ensure that commission data is protected from unauthorized access, disclosure, or commingling with data belonging to other customers.
- Data migration activities are expected to include, at a minimum, the following:
•    Data cleansing, including the identification and removal of duplicate records; correction of inaccurate or invalid data; standardization of data formats (e.g., dates, identifiers, phone numbers); resolution of missing or incomplete data; and exclusion of obsolete or out of scope records. 
•    Data mapping to identify and document corresponding data fields, structures, and formats between the existing system and the contractor’s system. 
•    Data extraction from the existing system. 
•    Data conversion and transformation in accordance with approved data mapping specifications. 
•    Data loading, including the secure and controlled loading of converted data into the contractor’s system, with controls to prevent data loss, duplication, or unauthorized access.
•    Data validation to confirm that migrated data is complete, accurate, and correctly populated in the target system with validation results subject to commission review and acceptance.