Medical Protection Device Solution

The Province of Ontario is seeking a qualified vendor to deliver and implement a comprehensive medical protection device solution tailored for networked healthcare environments. The selected vendor will be responsible for providing an efficient, secure, and scalable system capable of discovering and managing all connected devices, including IT, OT, IOMT, and IoT assets, through methods such as passive traffic analysis, active scanning, and integration with existing asset management tools.

Key requirements include the ability to de-duplicate devices from various sources, reconcile interfaces, and perform passive vulnerability assessments while correlating advisories from authorities such as US-CERT, FDA, and Microsoft. The solution should support custom compliance-based risk scoring, risk simulation, and automated vulnerability triage, as well as integration with IT service management (ITSM) and computerized maintenance management systems (CMMS), such as ServiceNow. Additionally, orchestration of vulnerability scans via platforms like Rapid7, Qualys, or Tenable is expected.

The scope also covers advanced network mapping, detection of malicious communications and lateral movement, signature-based threat detection, and automatic alert response. Vendors must provide customizable reporting and dashboards related to vulnerabilities, risk trends, and recall management. The contract period will be three years, and questions regarding the opportunity must be submitted by February 6, 2026.