HHS Seeks Smartcard PKI Information
Cost in an important consideration at every step of the Department of Health and Human Services process for acquiring products and services to comply with the common identification standard requirements set out in Homeland Security Presidential Directive 12.

HHS is currently looking for information on vendors and technologies that could support their PKI needs with respect to Personal Identity Verification (PIV) smartcards. As part of that search, the Department's Request for Information (RFI) encourages qualified vendors to provide "no-cost evaluation software and/or no-cost access to on-line demonstration systems."

The RFI also specifies the requirements that any potential solution must meeting including "all FIPS 201 and Federal PKI Common Policy Certificate Issuance and Management Requirements" and interoperating with "third-party certificate authorities that are federally approved shared service providers...."

HHS emphasizes that they are seeking information on the "market availability, technical characteristics, and functionality of solutions, tools, or products capable of satisfying the requirements of this RFI."

The process by which the Department evaluates the data received will be crucial for how any solicitation based on the information is developed. Moreover, when considering potential vendors, HHS will need to utilize a transparent methodology in assessing the cost-effectiveness of each solution that meets that stated technical requirements.

CyberSecure.US will be monitoring and reporting on HHS's implementation of their PVI PKI requirements.