Joint Warfighting Cloud Capability (JWCC) Contract Number: HC105023D0004 Procurement Title: Electronic Health Record (EHR) Network and Core Services Enclave Requesting Agency: Defense Health Agency (DHA) / Program Executive Office (PEO) Medical Systems / Chief Information Officer (CIO) J6
This action is to issue a firm-fixed-price task order (TO) against the JWCC Indefinite Delivery/Indefinite Quantity Contract for EHR Network and Core Services Enclave. This TO will be issued directly to Oracle. The anticipated period of performance is for a 12-month base period, plus two, 12-month option periods.
DHA PEO Medical Systems requires compute and storage resources to establish a separate virtual enclave boundary and demilitarized zone protections (Virtual Datacenter Security Stack (VDSS) & Virtual Datacenter Management System (VDMS)) for EHR applications and services.
This enclave will include cybersecurity tools, infrastructure and network foundations, and core services such as Active Directory, Domain Name Services, and monitoring workloads, in order to support the EHR applications as they are migrated into a cloud environment.
The EHR Network and Core Services Enclave within the Oracle Cloud Infrastructure (OCI) commercial cloud environment will be an enduring capability supporting the overall DHA Information Technology strategy due to the migration of the Federal EHR to the OCI environment. Protections and operational support of this commercial cloud hosting environment must be established to support the migration of on-prem workloads to this cloud service offering (CSO).
In July 2015, the Department of Defense (DoD) awarded a multibillion-dollar DoD Healthcare Management System Modernization contract to support the EHR to the Leidos Partnership consisting of four core partners – Leidos, Cerner Corporation, Accenture, and Henry Schein. Cerner provided the on-prem hosting environment for the EHR, that is directly connected to the Medical Community of Interest (Med-COI) network and serves all beneficiaries. In December 2021, Oracle acquired Cerner which included the EHR contract. With Government approval, Oracle developed a strategy to migrate the Cerner on-prem environment to OCI cloud environment.
Per the Security Requirements Guide (SRG), DHA is required to provide a VDSS/VDMS that is implemented within the CSO applications. The VDSS/VDMS provides DHA enterprise-level cloud security and management services. This provides a standard approach for boundary and application-level security for Impact Level (IL) 4 and IL5 data hosted in commercial cloud environments.
DHA needs to be connected to the EHR environment within the same CSO in order to comply with the SRG. This will allow DHA to perform cybersecurity functions, control network infrastructure, and provide DHA shared services as outlined in the SRG. Oracle is the only Cloud Service Provider (CSP) capable of providing cloud services in this OCI environment. Migrating these services to another CSP would negate DHA’s ability to access the OCI environment, which would result in mission failure. Oracle is the only CSP capable of transitioning DHA’s existing workload seamlessly to JWCC with no impact to mission critical services.
DHA PEO Medical Systems requires IL5 services to support the cybersecurity tools, infrastructure and network foundations, and core shared services to support the migration of the EHR. A VDSS/VDMS environment will also be required to support the CSP data centers in Ashburn and Chicago.
DHA requires compute and storage to provision four Windows servers and seven Red Hat Enterprise License (RHEL) servers at two production sites. There is also a requirement for a Key Management Server Vault to manage and control the encryption keys for data stored in the CSO environment. A test environment will be needed containing four RHEL servers and should be co-located at the Ashburn production site.
DHA PEO Medical Systems requires IL5 services to support the cybersecurity tools, infrastructure and network foundations, and core shared services to support the migration of the EHR. A VDSS/VDMS environment will also be required to support the CSP data centers in Ashburn and Chicago.
DHA requires compute and storage to provision four Windows servers and seven Red Hat Enterprise License (RHEL) servers at two production sites. There is also a requirement for a Key Management Server Vault to manage and control the encryption keys for data stored in the CSO environment. A test environment will be needed containing four RHEL servers and should be co-located at the Ashburn production site.
