CONTRACT FOR KENTUCKY HEALTH BENEFITS EXCHANGE
BETWEEN
THE COMMONWEALTH OF KENTUCKY
CABINET FOR FAMILY AND HEALTH SERVICES
AND
DELOITTE CONSULTING LLP
1633 Broadway
New York, New York 10019
Contact: Mohan Kumar
Telephone: (919) 264-6925
Email: mkumar@deloitte.com

MA 758-1300000392

*******************
This Master Agreement (―Contract‖) is entered into, by and between the Commonwealth
of Kentucky, Cabinet for Family and Health Services (―CHFS‖) (―the Commonwealth‖)
and Deloitte Consulting LLP (―Deloitte‖), as the Prime Contractor to establish a Contract
for the Kentucky Health Benefits Exchange.
The Commonwealth and Contractor agree to the following:
I. Scope of Contract
This Master Agreement Contract is being issued by the Commonwealth of Kentucky,
hereinafter referred to as the Commonwealth and the Cabinet for Health and Family
Services (CHFS), to design, develop and implement an integrated multi-layer Health
Benefit Exchange (HBE) solution that fulfills the certification requirements set out by the
Center for Medicare and Medicaid Services (CMS) and the Federal Government in
response the Affordable Care Act (ACA).
The HBE solution is comprised of two separate but closely integrated solutions. The
Contractor will implement the following primary functions:
An end-to-end Eligibility and Enrollment (E&E) solution that includes
functions required to process eligibility and enrollment for all Medicaid
members (both MAGI and non-MAGI) and other health insurance
1

 affordability programs offered on the HBE, as well as supporting functions
such as Workflow, Notifications, Scheduling, Document Management,
Business Rules Management, and associated business processes
required to launch and continuously operate an efficient and effective E&E
System.
A Plan Maintenance and Billing (PMB) solution that includes functions
required to offer and maintain individual and group insurance products
including QHP Certification, Premium Billing, Collections & Reconciliation,
Enrollment Maintenance, and more, required to offer individual and group
health insurance products on the HBE and both support and sustain its
seamless operation.
After successful implementation of the above stated solutions, the Commonwealth‘s
strategic vision is to extend the E&E solution to support additional human services
programs including, but not limited to, SNAP and TANF in subsequent phases of
implementation.
In order to provide a flexible, innovative, and extensible HBE framework for key
stakeholders within CHFS including the Office of Health Policy (OHP), the Department
for Medicaid Services (DMS), the Department for Community Based Services (DCBS),
and the Office of Administrative and Technology Services (OATS); as well as the
Department of Insurance (DOI), the HBE will become a key component to expanding
health benefit coverage to new populations across the Commonwealth.
With a challenging goal of managing healthcare costs while continually providing the
highest level of quality of services and benefits to newly eligible populations within the
Commonwealth, Kentucky‘s HBE vision will become reality with the Contractor who
understands and can deliver an innovative HBE.
The Contractor demonstrates innovative approaches, knowledge, experiences, and/or
recommendations to systematically assist the Commonwealth with expanding the
availability of health benefit coverage for eligible Kentuckians.
II. Contract Components and Order of Precedence
The Commonwealth‘s acceptance of the Contractor‘s offer in response to the Contract
RFP-758-1200000496, indicated by the issuance of a Contract Award by the Office of
Procurement Services, shall create a valid Contract between the Parties consisting of
the following:
1.
2.

Any written Agreement between the Parties;
Any Addenda to the Contract RFP-758-1200000496 ;
2

 3.
4.
5.
6.
7.

Contract RFP-758-1200000496 and all attachments thereto, including Section
40--Terms and Conditions of a Contract with the Commonwealth of Kentucky;
General Conditions contained in 200 KAR 5:021 and Office of Procurement
Services‘ FAP110-10-00;
Any Best and Final Offer;
Any clarifications concerning the Contractor‘s proposal in response to Contract
RFP-758-1200000496 ;
The Contractor‘s proposal in response to Contract RFP-758-1200000496.

In the event of any conflict between or among the provisions contained in the Contract,
the order of precedence shall be as enumerated above.
III. Negotiated Items
Section 30—Scope of Work
This section identifies the scope of work requirements for the selected Vendor in order
to fully implement an operational HBE (referred to herein variously as the ―System‖ or
―system‖ or ―HBE solution‖) in accordance with the January 1, 2014 timeline established
by the federal government.
It is important to note that this Contract reflects current knowledge. Federal guidance
regarding HBE establishment and functionality is still pending, and there may be
associated policy and process decisions to be made regarding this project. Therefore,
Vendors shall be prepared to adapt and respond to changes that arise from Federal
updates, future regulations, and associated policy decisions on behalf of the
Commonwealth. Such changes shall not be considered a change in the overall scope
of work, however, any impact of such changes on services, schedule, and/or fees shall
be addressed in a change order.
A.

The system shall meet all of the requirements for processing eligibility and
enrollment and ongoing maintenance for all Medicaid, subsidized, unsubsidized,
group and individual insurance, in accordance with 42 CFR 435, 42 CFR 457, the
ACA, and the functional and technical requirements detailed in Appendices A, B
and C to this RFP. Detailed requirements gathering as part of this scope of work
will further refine/define the requirements for this solution. These requirements
will be the basis for the selected Vendor to create usage scenarios and detailed
business process workflows. With the exception of Analytics/Reporting and
TANF/SNAP integration, the Commonwealth intends to implement all core
requirements for the solutions by the ACA mandated date of October 2013.
However, at the conclusion of the detailed requirements phase, the
Commonwealth expects the selected Vendor to work with the Commonwealth
team to prioritize requirements and if necessary, identify possible phases for
implementation of the overall requirements. Core requirements that are deemed
3

 essential for compliance with the ACA must be implemented in the initial phase.
The selected Vendor‘s Project Work Plan must be updated to identify all possible
phases of implementation.
B.

Throughout the Scope of Work, the Commonwealth requests Vendors to respond
to ―Option to Buy‖ and expanded functionalities which may or may not be
exercised within the contract. The Commonwealth requests that the Vendor
propose a solution for each ―Option to Buy‖ or expanded functionality component
and include the costs for each item separately in the Cost Schedules detailed in
Section 70. The ―Option to Buy‖ or expanded functionalities are identified within
the subsections of the RFP, as indicated below:
Commonwealth‘s ―Option to Buy‖
Section 30.210.010 – Contact Center
Section 30.220.010 – Operational Support Extension
Section 30.230 – Infrastructure Hosting
Section 30.230.010 – Hardware and Software
Section 30.230.020 – Commonwealth Data Center
Section 30.230.030 – Cloud Based Infrastructure
Section 30.240.010 – Disaster Recovery and Business Continuity
Alternate Site
Section 30.300.044.010 – Notification Fulfillment
Section 30.300.044.020 - Kentucky Health Card (Medicaid Card)
Fulfillment
Expanded Functionality
Section 30.300.058 – Phase-In – TANF/SNAP

C.

The Scope of Work Section of this RFP is divided into a number of parts:
1. Sections 30.010 to 30.060 outline the selected Vendor‘s responsibility to
comply with Commonwealth and CHFS standards.
2. Sections 30.070 to 30.280 outline the selected Vendor‘s responsibility for
program and project organization, structure, contract, deliverables, logistics,
system development methodology, implementation, staffing, project location,
support and general operations.
3. Section 30.290 and subsections outline the technical requirements for the
HBE.
4. Sections 30.300 and 30.310 outline the functional requirements for the HBE.
The Functional requirements section of this RFP is divided into two (2) distinct
subsections. The first is the functional requirements for the E&E Solution of
the HBE, outlined in Section 30.300, subsections, and appendices. This
4

 includes functions required to process eligibility and enrollment for programs
and products offered on the HBE, as well as supporting functions such as
Workflow, Notifications, Scheduling, Document Management and more,
required to operate an efficient and effective E&E Solution.
The second Functional subsection is for the HBE PMB Solution, outlined in
Section 30.310, subsections, and appendices. This subsection includes
functions required to offer and maintain group and individual insurance
products on the HBE.
The Commonwealth specifically requires a custom developed product for the
E&E Solution, that adheres to all Commonwealth technical and development
standards, as outlined in Section 30. However, it also seeks a best of breed
approach for procuring the overall solution for the HBE and understands this
may include products offered in a variety of ways as part of an integrated
solution. The Commonwealth requires that the HBE PMB Solution software
will be hosted outside of CHFS infrastructure. The Commonwealth requires
that the PMB solution be a product available through license or subscription
service, inclusive of maintenance and upgrade services.
D.

In its proposal, the Vendor must clearly demonstrate understanding of the
division of functions in the HBE Operating Model, Appendix E to this RFP, and
clearly distinguish between those functions required for the E&E Solution and
those required by the dependent HBE PMB Solution.
The Operating Model represents the combined vision for the operation of the
interdependent functions of both the E&E Solution and the PMB Solution, which
are necessary for the HBE. Included in the operating model are: administrative
functions to support oversight and operations; financial management functions to
ensure financial viability of the HBE and to support the administration of financial
programs and the processing of financial transactions; as well as several core
operational functions including:
1.
User interactions and exchange workers tools for management of daily
activities as well as eligibility and enrollment functions to support the
product type and subsidy level determinations and the election and
enrollment into a QHP or other eligible programs;
2.
Support service functions to assist user interaction with the HBE;
3.
Self Service Portal where customers can learn, apply and shop for health
insurance programs and products, including Medicaid or other programs
designated by the Commonwealth; and
4.
Analytics and reporting to support governance and management in
making policy and business decisions on the effectiveness and efficiency
of business processes, organizational units, and/or individual usage.
5

 E.

The HBE will serve a host of users including: individuals and employees seeking
eligible coverage; Employers (small and potentially large businesses) who offer
health insurance programs to their employees; Navigators seeking to educate
and guide customers through the application process; Consumer Assistance
Programs (ombudsmen) advocating for citizens and ensuring those seeking
public services are treated fairly; Agents assisting customers in the insurance
marketplace; Insurers offering QHPs on the HBE; and Exchange Workers,
including contact center representatives, walk-in center employees and
management supporting the operation of the HBE. To assist individuals and
employers who experience unique situations or complex circumstances, the HBE
will accommodate guardians, Powers of Attorney, and other interested parties
who may represent these individuals.

F.

Stakeholders foresee an environment that utilizes advanced technology and
multiple channels to reach an array of users. The HBE channels will include
online capabilities offering HBE functions via an online portal that is accessible
through a standard or mobile web browser. The Self Service Portal will support
communications between customers and the HBE, including web chat, email and
secure mailbox. A toll free hotline will provide customers with the opportunity to
access information via an Interactive Voice Response (IVR) or direct
conversation with an Exchange worker. Paper publications that provide
education and access to the HBE may be mailed on request or printed directly
from the Self Service Portal. The HBE is also considering using outbound text
messaging for notifications or alerts and voicemail functions for outbound call
campaigns. Finally the HBE will support channels for direct system-to-system
communication, including support for service-enabled devices through web
services interfaces that will enable data exchange between third parties,
including QHPs and regulatory bodies like HHS, IRS, and other State Agencies.
Where required, communication channels will be accessible to people with
disabilities in accordance with the Americans with Disabilities Act and section
508 of the Rehabilitation Act and will provide meaningful access for persons with
limited English proficiency.

G.

The Commonwealth‘s vision for two distinct but closely integrated technical
solutions capable of supporting both E&E and PMB functions, and providing
extensibility to support subsequent integration of additional human services
programs provided by the Commonwealth, will be realized through a multilayered application architecture approach. The E&E and PMB IT solutions will
adhere to architecture guidance and the seven conditions and standards for
enhanced federal funding as provided by CMS. In alignment with this guidance,
the technical solution architecture will employ a modular design, based on
Service Oriented Architecture design principles and the Medicaid Information
Technology Architecture (MITA) framework. The following sections address this
6

 solution approach and identify the technical requirements by each layer in the
application architecture design.
Section 30.000—Commonwealth Information Technology Forms
The selected Vendor and any subcontractors shall be required to adhere to and sign all
applicable Commonwealth policies and standards related to technology use and
security of which Vendor has been provided a copy in advance of execution hereof.
Section 30.005 — Regulatory Precedence
The selected Vendor shall comply with all applicable laws and regulations governing
HBE systems, system operation, and software and equipment ownership. Both Federal
and Commonwealth law control and have priority over other rules. The order of
precedence is as follows:
1. Federal statutes and regulations
2. Commonwealth statutes and regulations
If there is a conflict among the governing regulations regarding a specific standard, the
Commonwealth shall determine statutory interpretation or perceived conflict and will
seek guidance for the selected Vendor. In determining the appropriate standard, the
Commonwealth will allow consultation and input from the selected Vendor; however, the
final determination shall remain with the Commonwealth.
Section 30.010—Compliance with Commonwealth IT Enterprise Architecture and
Standards
The E&E IT solutions shall adhere to federal and Commonwealth standards as outlined
below:
A. The Commonwealth Office of Technology (COT) IT Enterprise Architecture and
Standards provide guidelines, policies, directional statements and sets of standards
for information technology which define, for the Commonwealth, functional and
information needs so that technology choices can be made based on business
objectives and service delivery. The selected Vendor shall remain knowledgeable
of, and shall adhere to, these standards for all related work resulting from this RFP.
Web links are as follows:
1.
COT Standards: http://technology.ky.gov/governance/Pages/architecture.aspx
; and
2.
COT Policies: http://technology.ky.gov/governance/Pages/policies.aspx
B. CHFS Standards reflect a set of principles for information, technology, applications,
and organization which shall be followed for any solution that will be hosted and
maintained by CHFS staff. CHFS OATS recognizes the COT Standards and
7

 additionally has standards to which any solution that will be hosted and maintained
by CHFS shall also adhere. Web links are as follows:
1.
CHFS Standards: http://chfs.ky.gov/itstandards; and
2.
CHFS Policies: http://chfs.ky.gov/itpolicies.
C. In the event that the Vendor‘s proposal contains solution components hosted and
maintained by CHFS that deviate from the CHFS Standards/ Policies referenced
above, the Vendor shall outline the reasons and benefits to the Commonwealth for
that deviation. If the Vendor‘s proposal is selected, these deviations are subject to
approval and acceptance by the Commonwealth. It should be noted that for the
proposed custom E&E solution, which the Commonwealth will eventually maintain
in-house, deviation from the core platform of Microsoft based technologies is not
acceptable and will disqualify the proposal from consideration.

Section 30.015—Compliance with Commonwealth Security Standards
The software deployment and all selected Vendor services shall abide by security
standards as outlined in the Commonwealth‘s Enterprise Information Technology
Policies.
Enterprise Policies
http://technology.ky.gov/ciso/Pages/InformationSecurityPolicies,StandardsandProcedur
es.aspx
Section 30.020—Compliance with Federal Regulations and Standards
The selected Vendor shall be responsible for ensuring that its work performed under
this Contract, including all deliverables, will meet the requirements of all applicable
federal and state laws, regulations, policies and guidance, including any amendments or
updates thereto during the life of the Contract. Adherence to these laws, policies,
regulations and guidance shall be a requirement of both the E&E and PMB solutions.
The Vendor shall consider any proposed regulations, including public comments
thereto, in formulating its proposal. These laws, regulations, policies, and guidance may
change, which may impact the requirements stated within this RFP. Therefore, an
impact assessment shall be conducted by the selected Vendor and the Commonwealth
at the time of any substantive changes and the proper measures will be taken in order
to ensure compliance, and the parties will promptly and in good faith negotiate
appropriate modifications or alterations to this Contract and any appropriate Change
Orders.
A. The relevant laws, regulations, policies and guidance include, but are not limited to,
the following:
1.
The ACA and any related regulations and guidance, including:
http://www.gpo.gov/fdsys/pkg/BILLS-111hr3590enr/pdf/BILLS-111hr3590enr.pdf;
final/interim rule for 45 CFR Parts 155, 156 and 157

8

 : http://www.ofr.gov/OFRUpload/OFRData/2012-06125_PI.pdf ; final rule for 45 CFR
Part 153: www.ofr.gov/OFRUpload/OFRData/2012-06594_PI.pdf
2.
Title XIX of the Social Security Act (the Medicaid statute), including any related
regulations and guidance. Some information may be found at:
http://www.cms.gov/home/medicaid.asp
3.
Title XXI of the Social Security Act (the CHIP statute), including any related
regulations and guidance. Some information may be found at:
https://www.cms.gov/CHIPRA/
4.
The requirements of Establishment Grant Opportunity Announcements, listed
under the Cooperative Agreement to Support Establishment of State-Operated Health
Insurance Exchanges.
http://cciio.cms.gov/resources/fundingopportunities/foa_exchange_establishment.pdf
5.
CFR Part 433, Medicaid Program: Federal Funding for Medicaid Eligibility
Determination and Enrollment Activities; Final Rule: http://www.gpo.gov/fdsys/pkg/FR2011-04-19/pdf/2011-9340.pdf
6.
The Office of the National Health Coordinator for Health Information Technology,
Guidance for Exchange and Medicaid Information Technology (IT) Systems, Version
1.0: http://cciio.cms.gov/resources/files/joint_cms_ociio_guidance.pdf
7.
The Office of the National Health Coordinator for Health Information Technology,
Guidance for Exchange and Medicaid Information Technology (IT) Systems, Version
2.0: http://cciio.cms.gov/resources/files/exchange_medicaid_it_guidance_05312011.pdf
8.
Health Insurance Portability and Accountability Act (HIPAA) and any related
regulations and guidance: http://www.gpo.gov/fdsys/pkg/PLAW-104publ191/pdf/PLAW104publ191.pdf
9.
Medicaid Information Technology Architecture (MITA):
http://www.cms.gov/MedicaidInfoTechArch/04_MITAFramework.asp#TopOfPage
10.
Section 504 of the Rehabilitation Act and any related regulations and guidance:
http://www.section508.gov/docs/Section504.pdf
11.
Clinger-Cohen Act (Public Law 104-106 , formerly the Information Technology
Management Reform Act of 1996)) and any related regulations and guidance:
http://www.cio.gov/Documents/it_management_reform_act_Feb_1996.html
12.
U.S. Chief Information Officer (US CIO) 25 Point Implementation Plan to Reform
Federal Technology Management. The current version may be found at:
http://www.cio.gov/documents/25-Point-Implementation-Plan-to-ReformFederal%20IT.pdf
13.
Federal Cloud Computing Strategy. The current version may be found at:
http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf
14.
The Office of the National Health Coordinator for Health Information Technology
Guidance Electronic Eligibility and Enrollment:
http://healthit.hhs.gov/portal/server.pt?open=512&mode=2&objID=3161

9

 B. The Vendor‘s proposal and, if the proposal is selected, the solution shall comply with
all regulations, policies, or requirements relating to Medicaid Systems as identified
by CMS:
1. Primary Medicaid System Regulations and Policies:
a.
42 CFR – Part 433 - Subpart C - Mechanized Claims Processing and
Information Retrieval Systems
b.
42 CFR – Part 95, Subpart F - Automatic Data Processing Equipment
and Services - Conditions for Federal Financial Participation (FFP)
c.
45 CFR 95.617 – States must include a clause in all procurement
instruments that provides the State will have all ownership rights in
software or modifications and associated documentation developed with
federal funding (at any level).
d.
45 CFR - Part 92 Administration of Grants 92.36
e.
42 CFR 434 Subpart B – Contracts with Fiscal Agents and Private Nonmedical institutions.
f.
State Medicaid Manual Part 11 - See 11205, 11210, 11215, 11227,
11237, 11238, 11240, 11241, 11242, 11250, 11255, 11260, 11265, and
11267 and other subsections for specific ADP requirements to be included
on contracts.
g.
State Medicaid Manual Part 2 - See sections 2080 thru 2083 for the
specific contract requirements and Proposed Contract Checklist
2. HIPAA Administrative Simplification
a.
45 CFR Part 160 – Administrative Data Standards (Transactions and
Code Set Standards)
b.
45 CFR Part 162 – Standard Unique Identifier for Health Providers (NPI)
c.
45 CFR Part 164 – Security and Privacy
3. Related Regulations that must be considered when contracting for Medicaid
Systems:
a.
42 CFR 431.15 – Methods of Administration
b.
42 CFR 431, Subpart F – Safeguarding Information on Applicants and
Recipients
c.
42 CFR 431.16-17 – Reports and Maintenance of Records
d.
42 CFR 432 – State Personnel Administration
e.
42 CFR 433.34 – Cost Allocation
f.
42 CFR 433, Subpart A – Federal Matching and General Admin
Provisions
g.
42 CFR 433, Subpart D – Third Party Liability
h.
42 CFR 447 – Payments for Services (including timely claims payment
requirements at 447.45 and 447.46)
i.
42 CFR 455 – Medicaid Program Integrity
j.
42 CFR 456 – Utilization Control
4. Certification and Technology Requirements
10

 a.
b.
c.

Medicaid Enterprise Certification Toolkit
https://www.cms.gov/mmis/09_MECT.asp
MITA Framework - Version 3.0
https://www.cms.gov/medicaidinfotecharch/04_mitaframework.asp

C. The proposal shall be in compliance with the seven conditions and standards set
forth by CMS. The following seven standards and conditions shall be met in the
selected Vendor‘s solution to receive enhanced federal match and for the Kentucky
Establishment grant:
1. Modularity;
2. MITA alignment;
3. Leverage and reuse within and among States;
4. Industry standard alignment;
5. Support of business results;
6. Reporting; and
7. Seamlessness and interoperability.

Section 30.030—Privacy, Confidentiality, and Ownership of Information
The CHFS is the designated owner of all data and shall approve all access to that data.
The selected Vendor shall not have ownership of Commonwealth data at any time. The
selected Vendor shall be in compliance with privacy policies established by
governmental agencies or by state or federal law. Such privacy policy statements may
be developed and amended from time to time by the Commonwealth and will be
appropriately displayed on the Commonwealth portal (Ky.gov). The selected Vendor
shall provide sufficient security to protect the Commonwealth and CHFS data in network
transit, storage, and cache.
Section 30.040—Software Development
Source code for software developed by the selected Vendor specifically for the
Commonwealth hereunder (―Software Deliverables‖) shall become property of the
Commonwealth. Additionally, except for any Vendor Technology contained therein, all
system and business processes work product developed by Vendor for the
Commonwealth hereunder (collectively with the Software Deliverables, the
―Deliverables‖) shall become the property of the Commonwealth. As such, design
processes and/or commodities, such as written material or other guidelines, may be
published and available for reference on the Federal CALT (Collaborative Application
Lifecycle Tool) or other Federal websites. CMS has deployed the CALT platform on
CMS‘s secured cloud computing environment and is making it available for use by all 50
states, the District of Columbia, US territories, and federal partners. Vendor hereby
11

 grants to the Commonwealth (and its contractors solely on its behalf in performing
services for the Commonwealth) the right to use, copy and modify any Vendor
Technology included in such Deliverables in connection with its use, copying or
modification of the Deliverables. Except for the foregoing license grant, Vendor or its
licensors retain all rights in and to all Vendor Technology. ―Vendor Technology‖ means
works of authorship, materials, information and other intellectual property created prior
to or independently of the performance of the services hereunder, or created by Vendor
or its subcontractors as a tool for their use in performing the services, plus any
modifications or enhancements thereto and derivative works based thereon. The rights
and license granted herein are subject to full payment to Vendor by the Commonwealth
for the applicable Deliverable.
Vendor shall provide the Commonwealth with a copy of the source code and updated
associated technical documentation for the software Deliverables, including, where
available, the accelerators that are contained therein: (i) upon approval of the final
system implementation software deliverable; (ii) as described in the Work Plan; or (iii) at
other times during the term of the Contract upon written request. Vendor shall provide
such source code and documentation at no additional cost, in a format agreed by the
parties. Nothing herein shall conflict with the Commonwealth‘s right to use, copy and
modify the Deliverables.
Section 30.050—Third Party Software Vendor shall be the primary point of contact
with respect to the HBE Solution, and will cooperate with the third party vendors of any
third party software or equipment contained therein in determining the cause of any
issues or non-conformities therein. Vendor shall not include in its software Deliverables
any third party software product that would require the Commonwealth to execute a
license agreement with such third party without pre-approval thereof by the
Commonwealth. In the event that the Commonwealth is considering whether to install
any upgrades of third party software comprising or interfacing with the Vendor‘s
software Deliverables, the parties will discuss whether to implement such an upgrade,
and if agreed to, will promptly and in good faith negotiate appropriate modifications or
alterations to the Contract and any appropriate Change Orders to provide for Vendor‘s
installation or maintenance thereof.
In accordance with 45 C.F.R. 95.617 and 45 C.F.R. 92.34, all appropriate State and
federal agencies will have a royalty-free, nonexclusive, and irrevocable license to
reproduce, publish, translate, or otherwise use, and to authorize others to use for HBE
or federal government purposes, software, modifications, and documentation designed,
developed or installed with Federal Financial Participation under 45 CFR Part 95,
subpart F or Federal Grant Funding under 45 CFR Part 92 under the Contract.

12

 Section 30.060 – Identity Theft Prevention and Reporting Requirements
In the delivery and/or provision of Information Technology hardware, software, systems,
and/or services through a contract(s) established as a result of this Contract, the
selected Vendor shall prevent unauthorized access to and disclosure of ―Identity
Information‖ including, but not limited to, an individual‘s first name or initial and last
name in combination with any of the following information:

1.
2.
3.
4.

Social Security Number;
Driver‘s License Number;
System Access ID‘s and associated passwords; and
Account Information –such account number(s), credit/debit/ProCard number(s),
and/or passwords and/or security codes.

The selected Vendor shall also immediately notify the contracting agency, the Office of
Procurement Services, and the Commonwealth Office of Technology upon learning of
any unauthorized breach/access, theft, or release of Commonwealth data containing
―Identity Information.‖
Section 30.070 – Program Management
In its Enterprise Roadmap for the HBE (Appendix D), CHFS outlines a Program
Management work stream which focuses on planning, mobilizing, reviewing, and
managing a program with multiple projects.
The Vendor‘s proposal shall present a Program Management Plan outlining the
Vendor‘s strategy and approach to the overall project management of the HBE projects.
The proposed Program Management Plan shall address requirements specified in
sections 30.070.010, 30.070.030, 30.070.040, and 30.070.050.
Section 30.070.010 – Project Management Framework
The Program Management Plan shall include the Project Management Framework that
the Vendor shall follow for all projects in the program. The proposed Project
Management Framework shall meet industry standards and contain a Framework
Guide.
The Project Management Framework Guide shall contain, but not be limited to, a
complete and accurate recommendation for industry best practices, required project and
system documentation, plans and project metrics.
13

 The proposed Program Management Plan shall also include:
An Organization Chart
Standards for program and project communications including weekly and
monthly status reporting and Steering Committee meetings
A proposed integrated project Work Plan which shows the Vendor‘s approach
to completing all work for the E&E solution including integration of the PMB
Solution. The approach should include a work breakdown structure (WBS)
with Task and Subtask descriptions, associated Deliverables, and resource
requirements. The integrated project plan shall show details for all projects
within the program, including task descriptions, dependencies, resource
requirements, task assignments, effort, start and end dates for all activities
and tasks, durations, milestones including Deliverable dates and review
cycles and federal review dates, and project critical path for the delivery of the
HBE Program
Review and acceptance criteria for completion of each major phase of work
After the Vendor proposal has been accepted by CHFS, the Framework Guide shall be
considered as an addendum to the Contract. The selected Vendor shall follow practices
recommended by the Guide, and provide all necessary or recommended documentation
as stated therein. The plans, schedules and documents suggested in the Guide shall
be required Vendor deliverables and as such are subject to CHFS approval.
In addition, the selected Vendor shall provide the initial draft of a comprehensive
program management plan to the Commonwealth within 10 business days after project
initiation, which includes:
Program governance structures including Organization Chart and Steering
Committee members
Standards for program and project communications including weekly and
monthly status reporting and Steering Committee meetings
A schedule outline for regular status meetings and Program Board meetings
with associated required participants
A Program Charter which outlines the agreed responsibilities of all
participants in the program
A preliminary integrated project Work Plan which shows the selected
Vendor‘s approach to completing all work for the E&E solution including
integration of the PMB Solution. The approach should include a work
breakdown structure (WBS) with Task and Subtask descriptions, associated
Deliverables, and resource requirements. The integrated project plan shall
show details for all projects within the program, including task descriptions,
dependencies, resource requirements, task assignments, effort, start and end
dates for all activities and tasks, durations, milestones including Deliverable
dates and review cycles and federal review dates, and project critical path for
the delivery of the HBE Program
Review and acceptance criteria for completion of each major phase of work
14

 Section 30.070.020 – Concurrent Projects
CHFS has concurrent projects that will deliver solutions expected to integrate with the
solutions developed within this project. In addition, the projects will require the sharing
of limited resources, including CHFS staff. The selected Vendor for this project shall be
required to collaborate and cooperate with other Vendors and CHFS, as needed, in
order to develop and maintain a consolidated multi-project Work Plan.
As Vendors may have varying start dates, the Work Plan shall be a living document and
the selected Vendor shall be flexible and work with other Vendors and CHFS, as
needed, to modify, update and maintain the consolidated Work Plan.
The Integrated Project Work Plan and all updates shall be submitted to CHFS for review
and comment prior to approval or acceptance.
Section 30.070.030 – Deliverable and Artifact Management
The Vendor‘s proposal shall describe a Deliverable and Artifact Management approach
that ensures the expectations, requirements, and content associated with each
Deliverable and Artifact are clearly defined and agreed to in advance of actual delivery.
The selected Vendor shall use Deliverable Expectation Documents (DEDs), which will
be submitted to and reviewed with the Commonwealth to ensure the selected Vendor
and the Commonwealth have an agreed understanding of the expectations,
requirements, and content of each deliverable. The DEDs will be designed to maximize
the ability for deliverables to also serve as artifacts for required federal reviews (see
Section 30.140 for additional information). All deliverables and artifacts are subject to
review and approval from the Commonwealth. The review cycle time required for each
deliverable/artifact will be mutually established between the selected Vendor and the
Commonwealth in the course of finalizing the Integrated Project Plan and be further
reviewed and revised during the DED review cycles (with a default of ten (10) business
days if not otherwise established by the parties) (the ―review cycle period‖). The
selected Vendor shall be responsible for managing the schedule for all
deliverables/artifacts under the scope of work including the schedule for submission,
review, updates and final approval.
All deliverables and artifacts will be maintained by the selected Vendor in a Microsoft
SharePoint site that is accessible by Commonwealth staff and within the CHFS domain.
The Vendor shall be responsible for maintaining all document directory structures,
document versions and ensuring that all documents are accessible to Commonwealth
staff within the agreed deliverable schedule.
The selected Vendor shall present its deliverable/artifact schedule in the Integrated
Project Plan to be agreed with and approved by the Commonwealth prior to the
commencement of any work. The deliverable/artifact schedule shall conform to any
15

 milestones laid out by the Commonwealth‘s Enterprise Roadmap and CMS Exchange
Lifecycle and CCIIO Establishment reviews.
The selected Vendor shall deliver preliminary and interim versions of
deliverables/artifacts as required by the schedule for CMS Exchange
Lifecycle and CCIIO Establishment Reviews. As set forth in the Work Plan
and as requested by the Commonwealth, Vendor‘s developers and technical
staff will conduct software Deliverable code walk-throughs with the
Commonwealth and will demonstrate to Commonwealth staff the functions
and operations of the System in accordance with the Requirements, at no
additional cost. The final version shall be subject to review and approval by
the Commonwealth, regardless of any preliminary or interim versions
received and accepted for the purposes of CMS Exchange Lifecycle or
CCIIO Establishment Reviews. Payment shall not be issued until the final
version of all deliverable documents and artifacts required to meet a payment
milestone have been approved by the Commonwealth.
The Commonwealth shall approve each Deliverable that conforms in all material
respects to the relevant requirements for such Deliverable set forth in the
agreed-upon DED or previously approved Deliverable (the ―Requirements‖)
The Commonwealth shall not unreasonably withhold such approval. Within
the review cycle period described above, the Commonwealth shall provide
the Vendor with (i) written approval of such Deliverable or (ii) a written
statement which identifies in reasonable detail, with references to the
Requirements, all of the deficiencies preventing approval (the ―Deficiencies‖
or ―Defects‖). The Vendor shall have five (5) business days (or such other
period agreed upon by the parties in writing) from the date it receives the
notice of Deficiencies to complete corrective actions in order for such
deliverable to conform in all material respects to the applicable
Requirements. The Commonwealth shall complete its review of the
corrected Deliverable and notify the Vendor in writing of acceptance or
rejection in accordance with the foregoing provisions within five (5) business
days of receipt of such resubmitted Deliverable if not otherwise established
by the parties. The Commonwealth‘s review and approval of such corrected
or changed Deliverable shall be solely for the purpose of determining that
corrections have been made to remedy the identified Deficiencies and not for
any other purpose, including, without limitation, for format, style or the
incorporation of additional ideas or functionality. Approval of a Deliverable
shall be deemed given upon the earlier of (i) the Commonwealth‘s failure to
provide the Vendor with approval or a notice of deficiencies in writing for
such Deliverable within the review cycle period as described above, or (ii) the
Commonwealth‘s commencement of use of the Deliverable in production. To
the extent that any Deliverables are or have been approved by the
Commonwealth pursuant to the terms hereof, the Vendor shall be entitled to
16

 rely on such approval for purposes of all subsequent stages of its
performance hereunder.
The selected Vendor shall account for at least one resource dedicated to managing the
schedule of and repository for deliverables/artifacts. Responsibilities shall include but
not be limited to maintaining the SharePoint repository for deliverables/artifacts, tracking
the status of deliverables/artifacts in review and deliverables/artifacts approved, tracking
the completion of action items and comments on deliverables/artifacts, maintaining
communication records of signoffs or deliverable/artifact rejections.
The selected Vendor shall account for the deliverables and review artifacts listed in
Appendix U, Kentucky HBE Deliverables List and ELC Review Artifacts within its
deliverable schedule and Integrated Project Plan. For further details on reviews,
reference Section 30.140 of this RFP.
All deliverables/artifacts are expected to be of a level of quality and completeness that
indicates that they have been reviewed and proof read by the selected Vendor prior to being
delivered to the Commonwealth. Indicators of quality and completeness include but are not
limited to:
A standard of business and technical writing that limits ambiguity and rework by
CHFS
A level of English proficiency that limits CHFS edits for grammar and clarity
Content is in keeping with expectations set out in Deliverable Expectation
Documents and decisions captured in JAD sessions and other meetings
Appendix U to this RFP contains details of the deliverables and artifacts required as part of
the scope of work of the contract. The commonwealth reserves the right to revise Appendix
U as required prior to contract award.
Section 30.070.040– Change Control Management
Changes in scope may happen due to a variety of unforeseen factors. For the purposes
of this program, change is defined as a request originating from the Commonwealth that
affects scope, schedule, and/or cost to the Commonwealth.
It is known, at the time of issuing of this RFP, that there will be changes to the
requirements, presented herein, as rules and regulations evolve and are finalized by
CMS and by the Commonwealth. These rules and regulations are expected to change
through the lifecycle of the project. Changes in requirements due to evolution of Federal
and Commonwealth regulations do not constitute a change in scope for this program.
Potential changes to regulations, such as those pending legislation or judicial review,
that pose the potential to disrupt the delivery schedule shall be documented by the
selected Vendor in the Risk Log and managed accordingly.
17

 The overall delivery dates, operational dates and quality criteria required by CMS and
the ACA are not expected to change. If, however, CMS changes do affect delivery or
operational dates, the selected Vendor shall cooperate with CMS in good faith to adapt
and respond to those changes. As part of Change Control Management, the Vendor
shall document formal change control process to be reviewed and approved by CHFS
as part of the Program Management Plan.
The selected Vendor shall inform CHFS of any potential scope changes as soon as is
reasonably possible to discuss, analyze, and document the impact of the change in
scope, and determine direction and next steps. The assessment of the change in scope
shall include specific impacts to both schedule and costs. CHFS will work with the
selected Vendor to confirm/reconfirm Project scope for subsequent tasks, phases,
and/or milestones. Additional details of the changes to scope are available in Section
40.050 and 40.055 of this RFP.
Section 30.070.050 – Issue and Risk Management
CHFS will look to reduce the impact of issues and risks that arise during the program
life cycle by requiring the selected Vendor to implement robust Issue and Risk
Management processes that will lessen the time it takes to detect, resolve and mitigate
them.
The Vendor shall present in the proposal an Issue Management Plan that outlines the
procedures for documenting, escalating and resolving issues. This shall include:
Procedures and tools for documenting and tracking project and
program issues
Guidelines for determining severity of issues in terms of impact to the
project or program
Procedures for review of issue log and escalating issues where
required
Procedures for resolving issues including responsible parties for
decision making based on severity and impact
The Vendor shall present in the proposal a Risk Management Plan that outlines the
procedures for documenting, escalating and mitigating risk. This shall include:
Procedures and tools for documenting project and program risks
Guidelines for evaluation of risks in terms of probability and impact
Procedures for review of risk log and escalating risks where required
Procedures and guidelines for mitigating risks

18

 Section 30.080 – Systems Development Lifecycle Management
The Vendor‘s proposal shall present their SDLC Methodology which shall include the
Vendor‘s approach to the following stages in the SDLC:
Requirements Analysis
System Design
Development
Testing
Training
Implementation
The Vendor‘s proposal should note and identify the areas where their methodology
matches or compliments CMS‘s defined Exchange Life Cycle Model as defined in the
Collaborative Environment and Life Cycle Governance – Exchange Reference
Architecture Supplement.
Prior to the commencement of work, the selected Vendor shall submit a description of
the SDLC Methodology that it will use for the HBE, for review, comment, and approval
by CHFS.
The selected Vendor shall deliver the solution using a phased development approach
that supports the Commonwealth‘s requirement to review and test iterations of
development of logical functional groups of system components, before proceeding to
the System Test phase. Therefore, the plan for the Development Phase shall account
for durations of Commonwealth testing and feedback, and System updates by the
Vendor, prior to the completion of the Development phase for each iteration.
The selected Vendor shall use Team Foundation Server (TFS) for source code
management as well as the project repository for all usage scenarios, use cases,
requirements, designs, test scenarios, test cases, test results and other project artifacts.
The selected Vendor shall ensure that System Design documentation is kept up to date
through all phases, including updates which occur due to revisions or repairs.
Section 30.080.010 – Requirements Analysis
During the Planning and Establishment Phase, where the Commonwealth established
its Operating Model for the HBE, the team compiled a lengthy list of functional and
technical requirements through a series of meetings with integrated work groups
(Governance, Medicaid, Insurance and Technical) which discussed critical operational,
functional and technical design matters that are essential to the operations of the HBE.
These requirements are included in Appendices A, B, and C to this RFP. It is important
19

 to understand that while these preliminary requirements to some extent define the
scope and vision for the System, the requirements are not the final detailed
requirements for the System. The selected Vendor shall conduct a Requirements
Analysis Phase during which they will review, refine and seek approval for all
preliminary requirements, and add requirements where gaps are identified through a
detailed analysis exercise. The end result will be a set of detailed requirements to be
used for building the solutions. These requirements will be the basis for the selected
Vendor to create usage scenarios and detailed business process workflows. With the
exception of Analytics/Reporting and TANF-SNAP integration, the Commonwealth
intends to implement all core requirements of the solutions by the ACA mandated date
of October 2013. However, at the conclusion of the detailed requirements phase, the
Commonwealth expects the selected Vendor to work with the Commonwealth team to
prioritize requirements and if necessary, identify possible phases for implementation of
the overall requirements. Core requirements that are deemed essential for compliance
with the ACA must be implemented in the initial phase. The selected Vendor‘s Project
Work Plan must be updated to identify all possible phases of implementation. Once
approved, the updated Requirements Analysis schedule shall be included in the
Integrated Project Work Plan.
The Vendor‘s proposal shall outline as part of the SDLC Methodology, its approach to
requirements analysis, definition, refinement, approval and traceability. The selected
Vendor shall maintain a Requirements Traceability Matrix (RTM) throughout the
lifecycle of the program. The RTM shall document where each requirement is
accounted for within the design documents, code modules, test conditions, test
scenarios and test scripts as appropriate. The selected Vendor shall have the capability
to demonstrate through the RTM that all documented and approved requirements have
been traced through the development lifecycle. The selected Vendor shall use Microsoft
TFS for documenting requirements traceability.
The selected Vendor shall be responsible for meeting all review milestones for System
Design as laid out by CMS guidelines. High level review requirements are laid out in
Section 30.140 of this document, in Appendix D, HBE Enterprise Roadmap, and in
Appendix S, Collaborative Environment and Life Cycle Governance – Exchange
Reference Architecture Supplement.
Section 30.080.020 – System Design
The selected Vendor shall submit its plan for the System Design Phase for approval by
CHFS prior to the commencement of that phase of work. The plan shall include the
approach for collaborative design with functional and technical subject matter experts,
procedures for submission to, and review and approval by CHFS for each design
component, and the overall schedule for the System Design Phase. Once approved, the
updated System Design schedule shall be included in the Integrated Project Work Plan.
20

 During System Design the selected Vendor shall develop detailed specifications that
emphasize the physical solution to the information technology needs. The system
requirements and logical description of the entities, relationships, and attributes of the
data that were documented during the Requirements Analysis Phase are further refined
and allocated into system and database design specifications that are organized in a
way suitable for implementation within the constraints of a physical environment (e.g.,
computer, database, facilities).
The selected Vendor shall develop design documents for high level systems
architecture, technical components, functional components, database and interface
components including logical and physical data models and interface controls
documents. A formal review of the high-level architectural design is conducted by CMS
prior to detailed design of the automated system/application to achieve confidence that
the design satisfies the system requirements, is in conformance with the enterprise
architecture and prescribed design standards, to raise and resolve any critical technical
and/or project-related issues, and to identify and mitigate project, technical, security,
and/or business risks affecting continued detailed design and subsequent lifecycle
activities. During the Design Phase, the selected Vendor shall begin the initial strategy
for testing and training. In addition, the work planned for future phases is redefined, if
necessary, based on information acquired during the System Design Phase.
The System Design and its multiple components shall be developed in three stages.
The first shall be a Preliminary System Design which outlines the overall functions that
will be developed, their interactions, components, and high level architecture. The
second will be a Detailed System Design that will give the planned implementation
details of the design for each component, interactions and place in the overall technical
architecture. The third will be the Final System Design which will give the actual
implementation details of each component and sub-component from a functional and
technical perspective, including the final architecture implementation.
The selected Vendor shall be required to maintain current and up to date documentation
of all System components through the life of the project. The selected Vendor shall work
with the Commonwealth to agree on the templates and the appropriate level of detail for
documenting design for each system component. This includes, but is not limited to,
user interface, process flow, business logic, business rules, input validation, workflow,
forms, data model, data architecture, web services, infrastructure, system architecture,
IVR process flows, contact center scripts, and batch processing.
The selected Vendor shall be responsible for meeting all review milestones for System
Design as specified by CMS guidelines. High level review requirements are identified in
Section 30.140 of this document, in Appendix D, HBE Enterprise Roadmap, and in
Appendix S, Collaborative Environment and Life Cycle Governance – Exchange
Reference Architecture Supplement.
21

 Section 30.080.030 – Development Phase
The selected Vendor shall submit a plan for the Development Phase for review,
comment and approval by CHFS prior to the commencement of that phase of work. The
plan shall include the phased approach for system component development including
shared components and base classes. The plan shall also include the selected
Vendor‘s approach for code base management, development standards, individual
developer machine configuration requirements, build machine configuration
requirements, unit and integration testing procedures and reporting requirements
including code coverage targets, and code check-out and check-in procedures.
During the Development Phase, the selected Vendor‘s system development team takes
the detailed logical information documented in the System Design Phase and
transforms it into machine-executable form, and ensures that all of the individual
components of the automated system/application function correctly and interface
properly with other components within the system/application. As necessary and
appropriate, system hardware, networking and telecommunications equipment, and
COTS or externally hosted software is acquired and configured by the selected Vendor.
New custom-software programs are developed, database(s) are built, and software
components (COTS and custom-developed software and databases) are integrated by
the selected Vendor. Test data and test case specifications are finalized by the selected
Vendor. Unit and integration testing is performed by the selected Vendor‘s developers
with test results appropriately documented. Data conversion and training plans are
finalized and user procedures are baseline, while operations, office and maintenance
procedures are also initially developed.
The selected Vendor shall develop the solution using an iterative development
approach that supports the Commonwealth‘s requirement to review and test iterations
of development of logical functional groups of system components, before proceeding to
the System Test phase. Therefore, the plan for the development phase shall account for
durations of Commonwealth testing and feedback, and Vendor System updates, for
each logical functional group of system components.
The selected Vendor shall ensure that all System Design documentation is kept up to
date with updates to the design that occur due to technical implementation details,
change requests, or any other factors that cause a deviation from the original design.
The selected Vendor shall be responsible for meeting all review milestones for System
Design as laid out by CMS guidelines. High level review requirements are identified in
Section 30.140 of this document, in Appendix D, HBE Enterprise Roadmap, and in
Appendix S, Collaborative Environment and Life Cycle Governance – Exchange
Reference Architecture Supplement.

22

 Section 30.080.040 – Testing
The selected Vendor shall submit its Test Plan for all levels of testing for approval by
CHFS prior to the completion of the Requirements Definition Phase of work. The Test
Plan shall outline how the selected Vendor will test the System throughout the project
lifecycle. Once approved, the updated Test Plan schedule shall be included in the
Integrated Project Work Plan. The selected Vendor shall provide tools to track testing
that will be utilized in all phases of testing to record scenarios, indicate status, track test
results, manage relationships (i.e. to requirements or to specific application
components), and produce reports. The selected Vendor shall also establish testing
environments, along with the necessary data and application modules, to support unit,
integration, iterative functional, system, user acceptance, performance and operational
readiness testing activities. At the minimum, the selected Vendor shall address the
following:
•
•
•

Approach to testing including testing philosophy, test data, test standards,
verification approach, approach to non-testable requirements, test phases, test
techniques and methods.
Testing processes including test preparations, orientation and kickoff, test
execution, test monitoring, test status meetings and reporting, closure evaluation
criteria.
Approach to creating the test environments needed.

The selected Vendor shall use Microsoft TFS for source code management as well as
the project repository for all usage scenarios, use cases, requirements, designs, test
scenarios, test cases, test results and other project artifacts.
The primary purpose of the Testing Phase is to determine whether the automated
system/application software or other IT solution developed or acquired is ready for
implementation. During the Test Phase, formally controlled and focused testing is
performed to detect errors and bugs in the IT solution that need to be resolved. There
are a number of specific validation tests that are performed during the Test Phase.
Some testing activities will begin during the Development Phase, such as Unit Testing
and Integration Testing.
Section 30.080.040.010 – Test Plan
The Test Plan shall include the selected Vendor‘s testing approach, including test
scenarios, test conditions and test scripts for the following required testing:
•

Unit Testing: Unit testing is done to assess and correct the functionality of
individual or small groups of code or modules. Unit testing ensures the various
objects and components that make up the System are individually tested, and
23

 that errors are detected and corrected prior to exiting the development
environment.
The selected Vendor shall submit its approach to Unit Testing, including targets
for unit test coverage and pass rates, for approval to CHFS prior to the
commencement of the development phase.
Unit Testing may not be required for solution modules where CHFS does not
have access to the codebase, e.g. for COTS or hosted solution modules.
•

Integration Testing: Integration Testing is performed by developers after
integrating completed components or modules into the overall system codebase.
This testing is done in order to ensure that the completed components or
modules work at a high level and that existing components and shared
components have not been broken by the new module. The selected Vendor
shall include its approach to Integration Testing, including the recommended
environment for Integration Testing, in its Test Plan. Integration testing guidelines
shall be included in development standards documentation.

•

Iterative Functional Testing: Iterative functional testing ensures that the
components developed for each logical iteration of the system meet all functional
and technical requirements as defined and approved in the Test Plan and the
Requirements Definition Phase.

•

System Testing: System Testing assesses the functionality and interoperability
of the System and the multiple other systems and subsystems it interacts with,
such as databases, hardware, software, rules engine, document management
system, identity management system (KEUPS), workflow, interfaces and web
services, and their integration with infrastructure into an overall integrated
system. This test includes a test installation and configuration of the System, with
a subsequent functional regression test to confirm the installation‘s success.

•

Interface Testing: Interface Testing is conducted to ensure the completeness of
interface development and the readiness of developed interfaces for integration
in the wider system. The selected Vendor shall submit its approach for Interface
Testing for approval by CHFS in its Test Plan. This approach shall include
strategy for early detection of interface errors such as non-conformation to
interface contracts by either consumers or providers of services, and incorrect
data being returned through an interface. The Interface Testing approach shall
include an approach for testing of all interfaces error codes such as the network
errors and unavailable source systems. The Interface Testing approach shall
also outline the selected Vendor‘s strategy for reporting, managing and
mitigating defects for interfaces both within the control of CHFS (such as
24

 KAMES) and outside the control of CHFS (such as the Federal Hub or the State
Wage Database).
•

Regression Testing: Regression testing should be completed after integration
of each major component into the wider system to ensure that components which
have already been tested are still working. Regression testing should also be
completed after every migration of new build versions to each test environment.
Regression test scenarios shall be a subset of System Test scenarios, agreed
upon with CHFS, chosen to ensure maximum functional and technical coverage
of regression testing.
The selected Vendor shall include its approach to Regression Testing in its Test
Plan. The approach should include considerations that minimize the cycle time
and resources required to complete regression testing. The selected Vendor
shall consider in its Regression Test Approach, the use of the Microsoft Visual
Studio tools for automated regression testing. If the selected Vendor‘s
Regression Test Approach includes a tool other than Microsoft Visual Studio,
then the selected Vendor shall provide a cost benefit analysis of the use of its
proposed tool versus Microsoft Visual Studio, for CHFS to evaluate prior to
approval of the Regression Test Approach.

•

Security Testing: Security Testing is required by the selected Vendor on
functional, technical and infrastructure components to ensure the system meets
all system security requirements. Security Testing scenarios and strategy shall
be approved by the CHFS Information Security Office (CHFS ISO) prior to
execution and all Security Testing results shall be approved by CHFS and CHFS
ISO.
Additionally, the selected Vendor is required to conduct its own security risk
assessment prior to the Commonwealth engaging a Third Party Vendor to
conduct the Independent Security Review detailed in Section 30.252. The
selected Vendor shall provide a report of the results of its security risk
assessment, including all tools used, such as code scanning and application
scanning tools, and an action plan of remediation for vulnerabilities identified.

•

Performance Testing: Performance Testing is conducted in order to ensure that
the System meets the minimum performance service levels required by CHFS, in
terms of query and page response times under simulated load for a number of
users for multiple concurrent functions in a given period of time. Performance
testing scenarios shall take into account expected peak period volumes for
application processing such as closing of open enrollment periods. The
performance test shall be conducted on a production ready version of the
system, i.e. a version that has passed all requirements validation, system and
security testing. The performance test environment shall mirror the final
25

 production system specifications in order to accurately predict how the System
will behave in the production environment.
•

Usability Testing: Usability testing is conducted to ensure the System‘s user
interface design takes into account usability considerations for its target user
groups. Usability testing will include testing of the user interface for internal and
external users, power users, users with limited computer skills, prospective new
users, users who will require training in the system to complete their daily work,
and users with disabilities.
Feedback from usability testing shall be evaluated in terms of priority in
collaboration with the Commonwealth, and a plan shall be developed to include
the required updates into the final build.
The selected Vendor shall be responsible for developing a strategy for usability
testing that includes usability evaluation from usability experts, testing with
Commonwealth workers, samples of the public, Navigators, and special interest
groups such as advocacy groups, Community Based Organizations and
representation from organizations for peoples with disabilities. The usability
testing shall account for testing for compliance with sections 504 and 508 of the
American with Disabilities Act. The selected Vendor shall providing a report to
CHFS containing the results of the automated scanning tool used for 504 and
508 compliance testing, including an action plan to remediate any deficiencies
found.

•

Language Testing: The selected Vendor shall include in its Test Plan a strategy
for testing the system in both English and Spanish.

•

Browser Testing: Browser testing is conducted to ensure that the System
operates in the most likely configurations of browser versions and operating
systems. Browser testing shall be performed using a subset of System test
scripts that ensures maximum system coverage. The selected Vendor shall be
responsible for providing the machine configurations to perform all necessary
browser testing.

•

User Acceptance Testing: User Acceptance Testing (UAT) is conducted to
ensure that the developed system meets all expectations of the Commonwealth
and its eventual users. The selected Vendor shall be responsible for providing
data and environments and test scripts to the Commonwealth for the successful
execution of UAT. UAT test scripts shall cover all facets of the System. The
Commonwealth shall be responsible for identifying the participants involved in
UAT and for the overall execution of UAT scripts and ad-hoc UAT testing. The
selected Vendor will review all UAT results with the Commonwealth and a mutual
26

 strategy for mitigation shall be agreed for each defect based on severity, priority
and impact.
•

Data Migration Testing: Data Migration testing is done to ensure that data
migrated from legacy systems is brought across to the new system in a usable,
complete, correct, and expected state. The Data Migration Testing should use
automated tools where possible to test that all data migrated in the migration test
environment complies with the standards set out in the Data Migration Plan. The
Data Migration tools shall be adjusted depending on the test results until all
migrated data passes the appropriate tests. Data Migration exception tolerance
levels shall be agreed with and approved by CHFS prior to the commencement
of migration testing. Test results must be approved by CHFS prior to
commencement of production Data Migration.

Additional tests may be conducted to validate documentation, training, contingency
plans, disaster recovery, operational readiness and installation. The approach to these
additional tests will be evaluated in conjunction with CHFS to assess their necessity and
will be included in the final test plan to be approved by CHFS.
Section 30.080.040.020 – Additional Testing Responsibilities
The selected Vendor will be responsible for developing all test conditions, scenarios and
scripts. These are subject to approval by CHFS prior to execution of any test phase.
The selected Vendor is also responsible for preparation of all test data, including
identifying data required for each test phase that may require collaboration from
Commonwealth resources to acquire that data.
The selected Vendor shall ensure that all System Design documentation is kept up to
date with updates to the design which occurs due to changes or fixes that arise in the
Testing Phase.
The selected Vendor shall be responsible for meeting all review milestones for System
Design as laid out by CMS guidelines. High level review requirements are laid out in
Section 30.140 of this document, in Appendix D, HBE Enterprise Roadmap, and in
Appendix S, Appendix S - Collaborative Environment and Life Cycle Governance –
Exchange Reference Architecture Supplement.
Section 30.090 – Data Migration
The selected Vendor shall propose a Data Migration Strategy that will describe its
approach to migration of existing data from systems such as but not limited to KAMES,
SDX and MCAPS to the E&E Solution. The Data Migration Strategy must be submitted
to CHFS for review, comment and approval, prior to the development of a Data
Migration Plan. The Commonwealth foresees the execution of a successful data
27

 migration strategy and plan as one of the key challenges in the successful
implementation of the HBE. Therefore the selected Vendor shall complete a full analysis
to identify all systems from which data will be migrated to successfully implement the
E&E solution.
The Commonwealth requires a Data Migration Strategy that is highly automated and
minimizes both risk and the disruption to KAMES, SDX, MCAPS and other systems
service. The data migration strategy should include any data migration methodology,
including data analysis techniques and processes, checks and balances for ensuring
data quality and accuracy, as well as data migration toolsets that the selected Vendor
intends to employ.
The selected Vendor's data migration strategy shall allow for all existing Medicaid
recipients to be automatically imported to the new E&E Solution. To the extent feasible,
based on the proposed Modified Adjusted Gross Income (MAGI) rules, the migration
process should allow for automatic formation of assistance groups and determination of
eligibility.
Upon award of the contract the selected Vendor will work closely with CHFS to analyze
legacy data in KAMES, SDX and MCAPS and other legacy systems, develop a joint
data migration plan and set up any required software or toolsets to execute the data
migration plan.
Reference Appendix C, ARC-DAT054, ARC-DAT-012, ARC-DAT-028, ARC-DAT-029,
ARC-DAT-030, ARC-DAT-031, ARC-DAT-032, ARC-DAT-033, ARC-DAT-034, ARCDAT-035, ARC-INT-002, ARC-INT-002 for detailed data migration requirements.
Section 30.100 – Security Plan
The selected Vendor shall submit its Security Plan for all levels of security in HBE for
approval by CHFS prior to the completion of the System Design Phase of work. Details
of Security Plan requirements are given in Section 30.290.060 – 30.290.062
Section 30.110 - End User Training
Due to the scale of the organizational and system change involved in the
implementation of the HBE, the Commonwealth views the successful roll-out of a robust
end-user training program as one of the critical elements in the overall success of the
HBE. The selected Vendor shall be responsible for all aspects related to user training to
ensure the successful implementation of the HBE. This includes development and
maintenance of a Master Training Plan, training location and schedule management,
development and maintenance of all training material, appropriate delivery of material to
end users according to work functions, proficiency testing, quality control reviews, and
re-training where necessary. The selected Vendor is required to work cooperatively
28

 with the Commonwealth and any other vendors contracted by the Commonwealth to
coordinate all training efforts.
Section 30.110.010 - End User Training - Master Training Plan
The selected Vendor shall submit a Master Training Plan to CHFS for review, comment
and approval, prior to the completion of the System Design Phase. The selected Vendor
is responsible for maintaining updates to the Master Training Plan based on actual
components developed during the System Design and Development Phases. The
Master Training Plan will be used to govern and manage the overall activities, effort,
and scope of training for Exchange workers. The Master Training Plan will offer a
comprehensive, detailed picture of the plan to implement the training effort, and define
the approach used to develop and deliver the System training solution to the
Commonwealth.
The selected Vendor shall create, maintain, and update, as required, the approved
training plan. At a minimum, the training plan shall include the following:
1.
An overview of the training methodology for roles based HBE training
2.
Training and education methodology to address the certification and
licensing of Navigators
3.
Training objectives for each user role
4.
Roles and Responsibilities for the selected Vendor and Commonwealth
training staff
5.
Assumptions
6.
Training courses and associated course objectives, competency level and
skill set assessment tools, including the format and content of all training
material to be developed by the selected Vendor
7.
Timelines for the development, review, and completion of all training
materials
8.
Review and approval process for all training materials by the
Commonwealth
9.
An overview of the training presentation style and how concepts of Adult
Learning will be integrated into the delivery
10. Performance expectations for both instructors and students and approach
to performance measurement and reporting
11. Staffing plan that includes a 10:1 student to instructor ratio for all Instructor
Led Courses
12. The number of role based training sessions necessary to train all identified
users
13. The number of users to be trained by the type of training
14. The length of each training course
15. Procedures for implementing and maintaining a training
database/environment that is a mirror image of the production environment
including reports and notices
29

 16.
17.
18.
19.
20.
21.
22.

23.
24.
25.
26.

27.
28.

Milestones for training
Training schedule and procedures for scheduling end users to their
appropriate courses
Plan for working cooperatively with and coordinating all training efforts with
other vendors, as needed and directed by the Commonwealth.
Procedures for updating course material due to system updates or
feedback from the initial rounds of training
Method for certifying that end users have successfully completed their job
based curriculum
Criteria for identifying where remedial training is necessary and plan for
providing that additional support
How the Learning Management System (LMS) will be used to manage the
training schedule, instructor/course evaluations, and student competency
measurements
Methodology for providing technical support for training
Methodology for capturing and answering frequently asked questions
(FAQs)
Documentation of all training sites and types of training equipment needed
and how the equipment will be deployed and used in the training process
Plan for testing and certifying that each training site is technically and
physically ready to meet the requirements to conduct HBE System user
training
Approach to assure that the training location and delivery is ADA compliant
An Instructor Checklist which identifies items necessary for the instructor in
preparation for classroom training:
a. Necessary technical support information
b. IDs and Passwords
c. Training Materials
d. On Site Preparation
e. Post-class administrative activities

The selected Vendor will identify any assumptions they have made in proposing the
training development and delivery plan.
Section 30.110.020 - End User Training Strategy
The selected Vendor shall provide a description of its vision, strategy, and approach for
conducting all training related operations. This description shall include detailed
information about the level of staffing and the various staffing roles. The selected
Vendor shall at a high level address each of the twenty-eight items noted above, that at
a minimum shall be in the Master Training Plan.

30

 Section 30.110.030 - End User Training Prerequisites
The selected Vendor will identify potential prerequisites to any training session. This will
also involve developing a plan for how trainees can fulfill the prerequisites. In this
section the selected Vendor shall describe their approach for measuring the skills sets
of future HBE System users.
Section 30.110.040 – End User Training Development
The selected Vendor shall ensure the training materials address the specific job
functions of the trainees. It is critical that the training materials are modified to reflect the
latest approved version of the HBE System. The materials shall incorporate currently
known concepts of adult learning. All training materials will be reviewed by the
Commonwealth at least 30 days prior to the beginning of the training window. Training
materials will be developed in, but not limited to, an Instructor Led Training (ILT) format
which takes place using a Training Environment and/or web based training (WBT)
modules. The format should be based on the extent and difficulty of the course, with
the more complex topics handled in the ILT format. Examples of training materials
include, but are not limited to, student guides, instructor guides, lesson plans,
Frequently Asked Questions (FAQs) documentation, online help, and online policy
manual. The selected Vendor will also develop an online training demonstration to guide
customers through the Self Service Portal‘s Self-assessment and Online Intake
Application.
Appropriate training materials shall be developed that can be used in a hands-on,
interactive manner, using data in the online training database that reflects real world
conditions. To assure that the materials focus on specific job functions and reflect real
world conditions, the selected Vendor will conduct an audience analysis for each
course. Once the content is assessed, the most appropriate delivery approach for
training is determined.
The selected Vendor shall meet all material development requirements indentified in the
Master Training Plan, including all review and completion timelines. The selected
Vendor will incorporate and integrate the training materials developed by any Third
Party Vendor into the review and completion process as identified in the Master Training
Plan.
The selected Vendor shall provide sufficient copies of all training material for all staff.
The selected Vendor shall provide all electronic source documents and graphics used in
the development and presentation of all aspects of training to the Commonwealth.
Section 30.110.050 – Updating Training Material and Version Control
31

 The selected Vendor shall identify a procedure for updating course material due to
system updates, feedback from the initial rounds of training delivery, etc. The selected
Vendor will use several inputs to support the identification and delivery of timely,
consistent and appropriate material updates. Updated material will be presented in the
classroom within 5 business days of the update being identified and approved. This
procedure will also document a version control plan.
Section 30.110.060 – End User Training Delivery
The selected Vendor shall develop a plan to identify delivery methodology ILT, WBT,
etc) for each course based on, but not limited to, the type and complexity of the content.
ILT will consist of structured presentations delivered by a qualified instructor using a
training environment that mirrors production. WBT allows the user to learn at his own
pace. The delivery methodology shall incorporate concepts of adult learning and have
techniques identified to train personnel who have varying computer skills and job
knowledge.
To assure that training delivery is role based and reflects the new business process, the
selected Vendor will establish a plan to integrate change request and management
decisions into the training delivery process. The selected Vendor will also identify a
process for capturing unanswered business process questions that arise in the training
classroom, and feeding these back through the deficiency management and change
control processes.
Section 30.110.070 - Post Implementation Delivery
Following classroom instruction, individual assistance will be available at the work
location of the employee. Selected Vendor staff will be available to assist with
conversion issues and use of the new system. This assistance can be one-on-one or in
small group sessions. These training sessions should be in short timeframes and
narrowly geared toward a specific topic or functionality that needs additional
explanation.
Section 30.110.080 - Trainers and Trainer Preparation
The selected Vendor shall identify strategies for recruiting and preparing trainers. The
selected Vendor will provide staff necessary to develop, deliver, and maintain the
training effort. The Staff will be maintained at a level to meet both the classroom training
needs and the ongoing post-implementation training.

32

 The selected Vendor will provide trainers who, at a minimum, are either Medicaid
program knowledgeable and/or experienced in adult education techniques. Ideal
candidates should have strengths in both areas.
Section 30.110.090 - Performance Expectations (Instructors, Material, and
Students)
The selected Vendor shall identify, in conjunction with the Commonwealth, performance
expectations for Instructors and students. This plan will identify expected performance
and the expected outcomes of each type of training. A methodology for determining
these standards will be developed and a reporting mechanism identified. The selected
Vendor will develop evaluation survey tools to determine whether the trainings produced
the expected results. The evaluation will consist of assessments administered to
trainees and an evaluation to identify weaknesses in the training program and delivery.
The selected Vendor will work with the Commonwealth to develop a remediation plan to
assist those students who did not meet the performance expectations.
The selected Vendor will propose their plan for measuring performance expectations
and specific tools for measuring both instructor and student performance. The selected
Vendor shall remediate any deficiencies in training material or delivery that are identified
through training evaluation, or through the consistent failure of trainees to meet
performance expectations.
Section 30.110.100 - Navigator and Agent Education
The selected Vendor shall submit a training and education approach for Navigators to
meet the certification/licensing requirements to CHFS for approval. The selected Vendor
shall include options for educational tools to support Navigators in facilitating enrollment
in programs and products provided through the HBE.
The selected Vendor shall submit their training and education approach for Agents who
will use the HBE to enroll individuals in programs and products provided through the
HBE.
Section 30.110.110 - Learning Management System (LMS)/Scheduling
The selected Vendor shall submit with its Master Training Plan an outline of its
proposed LMS. CHFS shall approve the LMS tool selection prior to procurement of the
required licenses. The selected Vendor shall populate and maintain the LMS tool
including training schedule, course listing, students, instructors, and training sites. The
LMS will also allow students to take learning assessments and complete
33

 instructor/course evaluations. The LMS will be able to automatically generate email
reminders to staff about upcoming trainings.
The selected Vendor shall develop a training plan to ensure ―just in time‖ training
activities that meet federal guidelines and timeframes for the implementation of the
HBE. No trainee shall complete their final course of training more than three (3) weeks
prior to implementation. To accomplish this goal, it is expected that while the majority of
trainees will attend ILT courses as much as three (3) months in advance of the
implementation, trainees will be required to complete top-up courses in the three (3)
week window prior to implementation, as required. The selected Vendor shall include in
its Training Plan details of how top-up courses will be delivered to trainees.
The selected Vendor shall work with the Commonwealth to develop a Master Training
Schedule and regional training schedule. It is recommended that various schedules be
proposed, addressing both a centralized and regional training approach. By proposing
various approaches, the Commonwealth will be able to decide what is most feasible in
terms of travel policies and the need to minimize disruption to normal work duties. A
validated and detailed training schedule and plan shall be included in the Master
Training Plan.
The training schedule should include a training day that consists of a maximum of 6.0
hours of training, a 1 hour lunch, and two 15 minute breaks. The selected Vendor will
develop a schedule that assures no more than 50% of an individual office‘s eligibility
staff are scheduled for HBE training at one time. Each scheduled class shall have no
more than 20 students at one time. The schedule will also allow for additional classroom
capacity of 5% to support make-up or remedial class sessions.
A schedule of all proposed training sessions shall be submitted to the Commonwealth at
least 60 days prior to their actual implementation. Training sessions shall be set in
accordance to a time and date that is agreed to by the Commonwealth.
Section 30.110.120 - End User Training Sites, Facilities, and Equipment
The selected Vendor shall prepare and dismantle all required training sites. The
selected Vendor, in accordance with the training schedule, shall determine the number
and location of training sites as well as the number and size of each classroom at each
location. The sites shall be located in accordance with the training schedule to minimize
extended travel by Commonwealth staff. The selected Vendor shall document within the
Master Training Plan all training sites and types of training equipment needed and how
the equipment will be deployed. The selection of facilities shall be based on the
capability of the site to meet the requirements identified below:
Facilities should be located near the office locations to optimize travel
arrangements for the majority of employees
Facilities should be comfortable and conducive to learning
34

 Each training facility shall have restroom facilities to accommodate trainers and
students
Facilities shall comply with the ADA requirements
The selected Vendor shall ensure that sites shall have sufficient equipment to conduct
training on the HBE. Each training site shall be equipped sufficiently to deliver HBE
training in an effective classroom environment.
The selected Vendor shall prepare each site in a timeframe that allows the
Commonwealth to inspect the site no less than two weeks before training begins. If the
site meets HBE Training requirements it will be certified as ready for training. If the site
does not meet the requirements the selected Vendor has two weeks to resolve the
issue.
Section 30.110.130 - End User Training Transition Plan
The selected Vendor will develop a Training Transition Plan which documents all
training activities related to the transition of HBE system training to the Commonwealth.
The Training Transition Plan shall address the selected Vendor‘s plan to assure the
Commonwealth staff:
Understand the training curriculum and the process and tools used to develop it.
Develop an understanding of the revision process for training materials.
Can successfully deliver HBE training.
The selected Vendor will conduct a Training for Trainers (T4T) to prepare its staff and
Commonwealth staff to deliver Instructor Led Training. During T4T trainers will learn at
a minimum: Presentation and instruction skills, all training materials, HBE functionality,
steps to prepare and conduct training, and the logistics of training delivery. They will
receive instruction on how to implement Change Management, and the impact of the
HBE on business processes, procedures, form changes, and reporting functionality. The
Commonwealth training staff will provide all trainers with an overview of KAMES.
Section 30.110.140 – End User Training Reports
The selected Vendor shall develop training reports that include information such as, but
not limited to, the number of training sessions, type of training, training locations,
number of trainees, and information regarding the actual training results and
recommendations for follow up training.
The selected Vendor shall provide bi-weekly training reports which shall summarize all
training delivered to Users, document the effectiveness of this training (including the
results from the approved User proficiency test) and provide recommendations for
further training activities or processes.
35

 Section 30.120 – Implementation
The selected Vendor shall submit its Preliminary Plan for the Implementation Phase for
approval by CHFS prior to the completion of the Design Phase of Work. The Preliminary
Implementation Plan will outline the high level tasks that will be accounted for in the
Implementation Phase, as well as the selected Vendor‘s overall strategy for the
production launch of the HBE, and any potential risks associated with that strategy.
The selected Vendor shall submit its Final Plan for the Implementation Phase for
approval by CHFS prior to the completion of the Testing phase of Work. The Final
Implementation Plan will outline the detailed tasks required for a successful launch of
the HBE, including, but not limited to infrastructure configuration readiness, operation
readiness, ―Go/No Go‖ checklist, training readiness, production launch risk mitigation
strategies, roll back procedures and post launch monitoring and support procedures.
The Commonwealth requires a single launch for all core HBE functionality which will
support the processing of eligibility determinations, application processing, supporting
business and customer support processes and provision of Medicaid, subsidized,
unsubsidized, group and individual products through the HBE, in accordance with the
federally mandated schedule for the operation of the HBE.
In its Enterprise Roadmap (Appendix D to this RFP), the Commonwealth outlines a high
level Schedule for the Implementation Phase of the program. The selected Vendor shall
use this high Level schedule as a baseline when preparing its Preliminary and Final
Implementation Plans.
The selected Vendor shall be responsible for meeting all review milestones for System
Design as laid out by CMS guidelines. High level review requirements are laid out in
Section 30.140 of this document, in Appendix D, HBE Enterprise Roadmap, and in
Appendix S, Collaborative Environment and Life Cycle Governance – Exchange
Reference Architecture Supplement.
Section 30.130 – Enterprise Roadmap Milestones
In its Integrated Project Work Plan, the selected Vendor shall document all Enterprise
Roadmap Milestones that are relevant to this Scope of Work.

Milestone
M15

Description
Complete Final requirements documentation
(including System Design, Interface Control, Data
Management, & Database Design).

36

Year
2012

Quarter
Q4

 M16

Begin systems development.

2013

Q1

M17

Begin system development, including any systems
development needed by Other Applicable State
Health Subsidy Programs (OASHSPs). (and other
programs as appropriate).
Establish Governance Structure.
Complete Preliminary business requirements and
develop an IT architectural and integration
framework.
Complete Systems Development Life Cycle (SDLC)
implementation plan.
Complete Preliminary and Interim development of
baseline system and review and ensure compliance
with business and design requirements.
Complete security risk assessment and release
plan.
Complete Preliminary detailed design and system
requirements documentation (e.g. technical, design,
etc.).
Complete Final development of baseline system
including software, hardware, interfaces, code
reviews, and unit-level testing.
Submit content for informational website to HHS for
comment.
Finalize IT and integration architecture. Complete
Final business requirements and Interim detailed
design and system requirements documentations
(e.g. technical, design, etc.).
Complete testing of all system components
including data, interfaces, performance, security,
and infrastructure.
If the State chooses to operate these functions
within the Exchange, establish protocols for
appeals of coverage determinations including
review standards and timelines and provision of
help to consumers during the appeals process.
Draft scope of work for building capacity to handle
coverage appeals functions.
Analyze data collected by consumer assistance
programs and report on plans for use of information
to strengthen QHP accountability and functioning of
Exchanges.
Complete systems development and final user
testing of informational website.
Begin system development, including any systems
development needed by OASHSPs. (and other

2013

Q1

2012
2012

Q2
Q4

2012

Q2

2013

Q1

2012

Q3

2012

Q3

2013

Q2

2012

Q3

2012

Q4

2013

Q3

2013

Q1

2013

Q1

2013

Q1

2013

Q2

2013

Q1

M18
M19

M20
M21

M22
M23

M24

M25
M26

M27

M28

M29
M30

M31
M32

37

 M36

programs as appropriate).
Complete systems development and prepare for
final user testing.
Launch plan management and bid evaluation
system to allow upload of QHP bids and other
required information.
Launch contact center functionality and publicize 1800 number. Prominently post information on the
Exchange website related to contacting the contact
center for assistance.
Launch information website.

M37

Collect and verify plan data for comparison tool.

2013

Q2

M38

Begin final user testing, including testing of all
interfaces.
Complete final user testing – including testing of all
interfaces.
Complete pre-operational readiness review to
validate readiness of all system components.
Complete end-to-end testing and security control
validations.
Prepare and deploy all system components to
production environment. Obtain security
accreditation.
Test comparison tool with consumers and
stakeholders before open enrollment.

2013

Q2

2013

Q3

2013

Q3

2013

Q3

2013

Q3

Launch comparison tool with pricing information but
without online enrollment function.
Launch fully functioning comparison tool with
pricing information and online enrollment functions
on the first day of open enrollment.
Determine Navigator grantee organizations and
award contracts or grants.
Complete user testing, including full end-to-end
integration testing with all other components.
Begin conducting eligibility determinations for
OASHSPs, coordinating all relevant business
functions, and receiving referrals from OASHSPs
for eligibility determination.
Begin enrollment into QHPs.
Begin utilizing applications and notices to support
eligibility and enrollment process.
Begin receiving and adjudicating requests.
Support business operations and maintenance of
all systems components.

2013

Q3

2013

Q3

2013

Q3

2013

Q3

2013

Q3

2013
2013

Q3
Q3

2013
2014

Q3
Q1

M33
M34

M35

M39
M40

M41

M42

M43
M44

M45
M46
M47

M48
M49
M50
M51

38

2013

Q2

2013

Q2

2013

Q2

2013

Q1

 Table 1: Enterprise Roadmap Milestones. Reference: Appendix D –HBE Enterprise
Roadmap
Section 30.140 –Reviews
In addition to the Deliverables listed in Appendix U, the selected Vendor shall also be
responsible for creating any artifact or documentation that is required by a CMS or
CCIIO review, or for approval of the HBE solution, that is not covered in a listed
Deliverable.
Section 30.140.010 – SDLC Reviews
In its Integrated Project Work Plan, the selected Vendor shall account for the eight (8)
SDLC Reviews, prescribed in CMS‘s Exchange Life Cycle (ELC), referred to in the
Collaborative Environment and Life Cycle Governance – Exchange Reference
Architecture Supplement, Appendix S to this RFP. The selected Vendor‘s Integrated
Project Work Plan shall adhere to the ELC review schedule.
Reviews are required at the end of each phase to provide for independent review
and approval of key elements of the HBE‘s project development or operation.
Reviews consist of an independent confirmation that project managers satisfactorily
produced all the required deliverables and adequately met all exit criteria for the
phase to permit advancement to the next phase. The selected Vendor‘s project
manager is also responsible for providing documentation of known issues and plans
to mitigate the risks, if any.
The SDLC reviews include:
R1 – Architecture Review (AR)
R2 – Project Startup Review (PSR)
R3 – Project Baseline Review (PBR)
R4 – Preliminary Design Review (PDR)
R5 – Detailed Design Review (DDR)
R6 – Final Detailed Design Review (FDDR)
R7 – Pre-Operational Readiness Review (PORR)
R8 – Operational Readiness Review (ORR)
The selected Vendor shall be responsible for preparing any documentation required for
CMS ELC Lifecycle Reviews. The selected Vendor should reference Appendix U – HBE
Review Cycles Deliverables and Artifacts, which outlines artifacts that are anticipated to
be part of a CMS Review at this time.
Section 30.140.020 – Exchange Establishment Reviews
39

 The selected Vendor shall establish a timeline for CCIIO Establishment Reviews. These
reviews should align with the SDLC reviews for the Exchange Lifecycle.
Additionally, the selected Vendor shall be responsible for preparing any documentation
required for CCIIO Establishment Reviews. The Establishment Review process will
consist of three separate reviews – a Planning Review, a Design Review, and an
Implementation Review. The Planning Review was performed by the Commonwealth
prior to the procurement of the Vendor. However, the selected Vendor should be
prepared to participate in the two remaining reviews – the Design Review and the
Implementation Review. More information on these reviews can be found in Appendix V
– Overview of Establishment Review Process.
Section 30.140.030 – Other Federal Reviews
In the event that the Commonwealth is required to undergo an IRS or SSA review
relating to the system, the selected Vendor shall be responsible to prepare
documentation requested as described in this Contract. Vendor also agrees to comply
with additional reasonable requests for information needed to assist in passing such
IRS or SSA reviews.
Refer to Appendix X for IRS information.
Section 30.150 – Value Added Services
Value-added services provide additional functionalities and capabilities that enhance a
Vendor‘s solution. This is an opportunity for Vendors to distinguish themselves from
competing Vendors. The vendor should recommend, in summary format, innovative
Practices, Business Strategies and value-added services that will be offered by the
vendor to enable the Commonwealth to be successful in this effort.
Section 30.160 – Configuration Management
The selected Vendor shall present their Configuration Management Approach to CHFS
for review, comment and approval prior to the commencement of any development
activity. The Configuration Management Approach must demonstrate how the selected
Vendor will manage the multiple configurations of the System including:
Code base management
Environment management
Build management
Deployment management
Network management
Disaster recovery site management and cutover procedures
40

 Section 30.170 – Staffing
The selected Vendor shall submit a plan for Project Staffing prior to the commencement
of any work, to be approved by CHFS. The Staffing plan shall describe the selected
Vendor‘s staffing approach and team organizational structure for the prime Vendor, and
all subcontracted Vendors, to complete all phases of work, functions, requirements,
roles, and duties associated with this Project. All E&E Vendor staff in key roles shall
have recent (in the last three years) experience with implementing and/or supporting
Eligibility Systems (Medicaid, SNAP, TANF, etc.). All PMB Vendor staff in key roles
shall have recent (in the last three years) experience with implementing and/or
supporting Health Care industry automated systems, preferably a major health plan or
claims processing environment.
A. The Project Staffing Plan shall include resumes for each of the selected Vendor‘s
proposed staffing choices for the Key Roles described below:
1. Project Manager: Primary point of contact with HBE‗s Project Manager for
activities related to contract administration, project management, scheduling,
correspondence with HBE staff, and deliverable reviews. Must have a Bachelor‘s
Degree, a current Project Management Professional (PMP) Certification, and at
least ten (10) years of management experience.
2. Technical Manager: Primary point of contact with HBE Technical Staff. Will serve
as the Technical SME over the selected Vendor‘s team. Must have a Bachelor‘s
Degree and at least seven (7) years of similar experience.
3. Functional Manager: Responsible for the overall functional design of all system
components, functional procedures, program applications, and functional
documentation. Also responsible for liaising with business SMEs on any
functional decisions. Must have similar experience in E&E Solution Development
of similar size and complexity as HBE. Must have a Bachelor‘s Degree and at
least seven (7) years of similar experience.
4. System Architect: Responsible for the design, maintenance, procedures, and
architecture related to data, program applications, and systems documentation.
Must have similar experience in E&E Solution Development of similar size and
complexity as HBE. Must have a Bachelor‘s Degree and at least seven (7) years
of similar experience.
5. Implementation Manager: Primary point of contact with Commonwealth staff
regarding system implementation. Must have a Bachelor‘s Degree and at least
five (5) years of similar experience.
41

 6. Service Center Manager: Responsible for internal staff User Support and Contact
Center Help Desk operation. Must have a Bachelor‘s Degree and at least five (5)
years of similar experience.
7. Operations and Maintenance Manager: Responsible for system operations and
ongoing maintenance after implementation. Must have a Bachelor‘s Degree and
at least five (5) years of similar experience.
8. Data Manager: Responsible for overall data architecture of the System including
Master Data Management planning and implementation, data exchange planning
and implementation and data migration. Must have a Bachelor‘s Degree and at
least five (5) years of similar experience.
9. Librarian: Responsible for maintaining the SharePoint repository for
deliverables/artifacts, tracking the status of deliverables/artifacts in review and
deliverables/artifacts approved, tracking the completion of action items and
comments on deliverables/artifacts, maintaining communication records of
signoffs or deliverable/artifact rejections. Must have at least three (3) years
experience in documentation and data base management. Experience in health
and human services and/or government sector is desirable.
The selected Vendor shall provide an Organizational Chart that will account for all
Key Roles as well as the Lead roles listed below.
B. Lead roles shall be filled by selected Vendor staff with appropriate levels of
experience.
1. System Test Lead: Responsible for overall effort involved in system testing,
including test strategy, planning, execution and status reporting. Must have a
Bachelor‘s Degree and at least seven (7) years of similar experience.
2. Training Lead: Responsible for overall effort involved in end-user training,
including training strategy, schedule, planning, training materials, delivery and
status reporting. Must have a Bachelor‘s Degree and at least seven (7) years of
similar experience.
3. Organizational Change Lead: Responsible for the creation, implementation and
coordination of the Organizational Change Management strategy and plan for the
HBE. Must have a Bachelor‘s Degree and at least five (5) years of similar
experience.
4. Infrastructure Lead: Responsible for the assessment, planning, procurement,
installation, configuration, maintenance and monitoring of all infrastructure
components required for the HBE. Responsible for the HBEs server, network and
42

 data center operations for all environments including test, production, and
disaster recovery sites. Must have a Bachelor‘s Degree and at least five (5) years
of similar experience.
5. Security Lead: Responsible for the assessment, planning and implementation of
all security standards, practices and components required for the HBE.
Responsible for adherence to CHFS security standards, communications with
CHFS ISO, compliance with HIPAA requirements, and IRS Federal Tax
Information. Must have a Bachelor‘s Degree, CISM, GIAC or CISSP certification
and at least five (5) years of similar experience.
6. Application Development Lead: Responsible for the planning, coordinating, and
supervising of all activities related to system design and development. Must have
a Bachelor‘s Degree and at least seven (7) years of similar experience.
7. Technical and Business Writing Quality Assurance Lead: Responsible for
providing standards to be adhered to for technical and business documents and
all deliverables. Responsible for enforcing and tracking compliance with quality
standards and procedures including peer review processes, quality checks and
remediation actions. Must have five (5) years experience in technical and
business writing.
C. All individuals assigned to Key Roles shall be located on the project site in Frankfort,
Kentucky for the duration of the project. All individuals assigned to Lead Roles shall
be located on the project site in Frankfort, Kentucky, at a minimum for the duration of
the activities they lead, but ideally for the duration of the project. Any deviation from
this requirement is subject to review with CHFS prior to approval of an alternate
staffing location for individuals in Key Roles for any period of time.
The selected Vendor shall explain in its Staffing Plan how each individual meets the
requirements of the proposed role. All proposed Vendor staffing for Key Roles is
subject to approval by CHFS. CHFS reserves the right to reject the Vendor‘s
proposed individuals for Key Roles. In such a case the selected Vendor shall be
required to provide an alternative staffing proposal for that Key Role. CHFS reserves
the right to interview individuals proposed to Key Roles, if desired, prior to approval
of any staffing.
CHFS and its stakeholders will be interacting with the selected Vendor‘s staff on an
ongoing basis, and as such the selected Vendor shall submit in its plan an
organizational chart for Staffing that describes how the selected Vendor‘s team will
interact with CHFS staff and key Commonwealth stakeholders.
In addition, the selected Vendor may need to interact with other Vendors associated
with the delivery of the HBE. The selected Vendor shall cooperate with all resources
43

 involved in the HBE project to ensure the successful integration of all components of
the solution and the overall delivery of an operationally efficient and effective HBE.
D. CHFS recognizes that changes in the selected Vendor‘s level of Staffing may
happen due to a variety of unforeseen factors. However, the selected Vendor will be
held responsible for ensuring the appropriate experienced staffing level is
maintained throughout the project to ensure the objectives of this Project are met on
time.
To mitigate risks associated with changes in Vendor staffing, CHFS shall require the
selected Vendor to include a contingency plan with the Project Staffing Plan. The
contingency plan shall address staffing changes to include: replacement of key
personnel or other proposed staff, staff augmentation plans in the event of an
inability to meet performance standards, and a method for deploying and bringing
new team members up to date with the project.
Section 30.180 – Cost Allocation
The selected Vendor shall be required to be familiar with and provide deliverables
related to the states financial reporting requirements as it relates to Federal cost
allocation in accordance with Office of Management and Budget (OMB) Circular A-87
and the selectee Vendor shall utilize the CAM Toolkit for these deliverables where
appropriate. The high degree of interaction and seamlessness required between
Exchanges, Medicaid, and CHIP necessitates highly integrated systems and therefore,
execution of a federally approved cost allocation methodology. There will be a federally
approved methodology required for both system build/implementation as well as a
federally approved methodology post go-live for on-going operations.
The initial cost allocation methodology has been established between the Exchange,
Medicaid, and CHIP. However, the selected Vendor shall be required to provide a new
amended methodology for the future inclusion of other state programs such as SNAP
and TANF, etc. based on the final requirements, gap analysis and roadmap.
For post-implementation on-going operations, the selected Vendor will be required to
provide a recommended cost allocation methodology, the recommended
mechanisms/data to capture and the reports/mechanisms to support the approved
methodology of cost allocation for both IT systems and program administration in
accordance with OMB Circular A-87 between the Exchanges, Medicaid, CHIP, and
other included programs.
As an example: based on Federal guidance, the services or functions necessary to
adjudicate eligibility for premium tax credits and reduced cost sharing, Medicaid, or
CHIP based on MAGI must be cost allocated among those programs. At a minimum,
44

 states must allocate the costs for the following services or functions among Exchange,
Medicaid, and CHIP etc:
Health Care Coverage Portal – the online service that allows direct input and
interface from other systems for population of the single, streamlined application
required under section 1413 of ACA.
Business Rules Management and Operations System – the system that contains
and applies the rules associated with eligibility for individuals covered by MAGI.
This includes functionality and processing logic to register, defines, classify, and
manage the rules; verify consistency of rules definitions; define the relationship
between different rules; and relate some rules to IT applications that are affected
or need to enforce these rules for such purposes as adjudicating eligibility based
on MAGI or supporting workflow for the resolution of discrepancies.
Interfaces to federal data services hub.
Interfaces to other verification sources.
Account creation and case notes – the electronic casefile containing all the
information supplied by the applicant, electronic returns/verifications, eligibility
determinations and enrollment information, notices, and notes from the
discrepancy resolution process, ready to transfer for ownership to the appropriate
program.
Notices – communications to applicants concerning results of determination,
including if applicable, notice of referral to Medicaid for applicants who may be
eligible on a basis other than MAGI.
Customer Service technology support – to assist applicants in completing online
or print applications and support call centers and related applications. Interfaces
to community assisters or other outreach organizations. States should also
allocate costs for the necessary enabling services to support these functions,
such as identity management and security and privacy controls.
Section 30.190 – Site and Location of Vendor Operations
CHFS will provide space for up to 310 staff in total, including up to 40 Commonwealth
staff who will be assigned to the project and 160 contact center staff. Therefore, if the
selected Vendor proposes, in its Staffing Plan, to have in excess of 110 staff on site at
any time, it will need to provide additional facilities for those staff.
For any activities performed outside of the facilities provided by CHFS, the selected
Vendor shall be responsible for providing any required hardware, software and network
capabilities for access to CHFS networks and tools, in order to perform those
operations. The selected Vendor shall also be responsible for acquiring the required
permissions and certifications from CHFS ISO in order to perform such remote
functions.

45

 Section 30.200 – Organizational Change Management and Business
Transformation
The Commonwealth seeks a multi-layered Organizational Change Management and
Business Transformation approach and strategy that includes but is not limited to early
participation in design and testing from end-users, early education for Commonwealth
staff, a robust training program for all HBE participants, and a collaborative and
participatory approach to all stages of the creation of the HBE by all parties involved
including key stakeholders, Vendors, interested parties and supervisory bodies, so that
all participants are sufficiently involved in the process to enable a successful
implementation of the HBE for Kentucky.
The selected Vendor shall submit its Organizational Change Management and Business
Transformation Plan for approval by CHFS prior to the commencement of the System
Design phase. The Organizational Change Management and Business Transformation
Plan shall outline the Change Management activities that the selected Vendor and other
stakeholders will conduct at each phase of the Exchange Lifecycle including postimplementation. The Change Management and Business Transformation Plan shall
identify all organizations, groups, bodies, and individuals from the private sector that will
be required to participate in Change Management activities. The plan will also outline
the schedule, expectations, design documents and participants involved in Business
Process Design as part of change management and business transformation activities.
It is anticipated that the Exchange may operate as a quasi-government agency whose
vision and direction will be managed by a board that will bring together the combined
expertise of the various departments that currently operate in government, individual
and employer insurance, healthcare finance, and finance and IT planning. The agency
will capitalize on the strengths of the public and private sector as they pertain to health
care benefits management and will be made up of individuals from varied backgrounds
and from key stakeholder agencies such as DCBS, DMS, DOI, OHP and OATS, as well
as individuals from the private sector. As such, the Operational Change Management
Plan shall account for the activities to design and roll out HBE business processes and
operational procedures and to train all HBE staff in the use of the new System and the
business processes of the new agency.
The Organizational Change Management and Business Transformation Plan shall be
considered a living document, after its initial approval by CHFS. The level of
organizational change will be high due to the scale of the program and the number of
participating organizations, including new organization and governance structures that
will be set up specifically to run the Exchange. The Commonwealth seeks an approach
to Organizational Change Management that allows smooth transition for
Commonwealth staff to new job expectations and roles, and for minimum service
disruption to existing Medicaid recipients. Therefore the plan will need to evolve with the
changing needs of the program as new organizational challenges develop. Updates to
46

 the Change Management and Business Transformation Plan shall be submitted for
review and approval to CHFS prior to their implementation.
The selected Vendor shall account for up to 4,500 existing Commonwealth staff to be
trained in the new business processes and operating procedures as well as core and
specialized system functions.
Section 30.210- Contact Center
Section 30.210.010 - Contact Center - Commonwealth ―Option to Buy‖
The Commonwealth intends to procure hardware, software and services for the
implementation and operations of a Contact Center that will provide customer support
over the phone and on-line chat for various Exchange user types. The design, build and
operations of the Exchange Contact Center are outside of the scope of this RFP. While
the Commonwealth has developed some high level requirements relating to contact
center operations, the full scope of contact center implementation and operations is not
fully defined at the time of issuing this RFP. The Commonwealth expects the vendor to
propose a plan outlining their approach and strategy for conducting an as-is analysis of
existing Call Centers currently involved in DMS as well as a detailed analysis of the
Commonwealth‘s requirements for implementation and operations of the Exchange
Contact Center.
If this option is selected, within 15 days of the execution of the contract, the selected
Vendor shall begin conducting a full analysis of the Commonwealth‘s requirements for
implementation and operations of the Exchange Contact Center. The analysis shall
incorporate input from Commonwealth stakeholders gathered during JAD sessions, to
produce a full set of detailed contact center implementation and operations
requirements. It shall contain an analysis of existing CHFS Contact Center resources
including hardware, software, facilities and staff, and make recommendations for the
implementation and operations of the Contact Center and the possibility of leveraging
existing resources.
Section 30.210.020 - Contact Center Integration Requirements
Regardless of whether or not the Commonwealth exercises the option to buy the vendor
services for the analysis of the Contact Center requirements, during the System
Development Life Cycle for the Exchange, the selected Vendor shall work with any
vendor(s) selected by the Commonwealth for Contact Center implementation and
operations, to define all interactions between the E&E and PMB solutions and Contact
Center systems. The selected Vendor shall design and develop all codependent
business process between the systems as well as all required Application Programming
Interfaces (APIs) and web services. The selected Vendor shall make available the
47

 necessary business and technical staff to participate in Contact Center interface and
business process design to ensure a seamless integration between all Exchange
systems.
Section 30.220 – Operational Support and Warranty
Ongoing operations activities shall begin upon Release 1 Go Live and shall end on the
date that is one hundred eighty (180) days after Release 4 Go Live (the ―Operational
Support and Warranty Period‖). Operational activities shall consist of operating,
supporting, and maintaining the HBE. The selected Vendor will be responsible for
creating a detailed Operational Transition Plan to provide to the Commonwealth postimplementation.
Operational support activities shall consist of the following:
System maintenance (includes testing, documentation, etc.)
Software enhancements and updates subject to mutual execution of a change
order for such enhancements and updates;
System availability monitoring
Network Infrastructure monitoring
Interface maintenance
Helpdesk and user support
Security management
Policy and process changes (business rules engine updates and changes)
subject to mutual execution of a change order for such changes;
Notifications maintenance (paper and electronic)
Self Service Portal maintenance
Documentation maintenance and version control
Production of ongoing operational reports
Performance monitoring and tuning
System Defects resolution, including system changes and modifications for such
Defects resolution (record, track, resolve, report) (as described below)
Cooperate and comply with State and Federal audit requests
The selected Vendor shall take into account the high level operational activities
referenced above, as well as any additional operational activities the selected Vendor
deems necessary for the successful ongoing operation of the System when creating an
Operational Transition Plan. The Operational Transition Plan shall be approved by
CHFS prior to commencement of Operational Support Activities.

Vendor shall also correct any Deficiencies in the System that are identified in writing to
Vendor during the Operational Support and Warranty Period, at no additional cost,
provided that for any such Deficiency identified by the Commonwealth, the
48

 Commonwealth describes the Deficiency and provides Vendor with reasonable
documentation and evidence (as available) to reproduce such failure, in each case
within the Operational Support and Warranty Period. Vendor shall have no obligation or
liability to the Commonwealth under this Section to the extent that a Deficiency results
from (i) modifications to the System by the Commonwealth or its third party contractors
where such modification was not made pursuant to the Requirements or Vendor‘s
guidance, instruction, training or recommendation (provided that, for clarification
purposes, routine and standard maintenance of the existing infrastructure shall not be
subject to such exception); (ii) the operation or use of the System with other items
Vendor did not supply or approve in writing, or as provided in the Requirements; (iii) the
Commonwealth‘s failure to use any new or corrected version of the System, in whole or
in part, that complies with the Specifications and that is not causing a loss of
functionality or performance, and that was made available by Vendor; or (iv) Vendor‘s
adherence to the Commonwealth‘s specifications or instructions, unless Vendor agreed
with such specifications or instructions.

Section 30.220.010 - Operational Support Extension – Commonwealth ―Option to
Buy‖
Beginning at the end of the Operational Support and Warranty Period, if the
Commonwealth chooses to exercise the option to buy Operational Support Extension,
the Vendor shall provide up to seven (7) FTEs to the Commonwealth to perform the
below listed operational support services for E&E for 2 additional 12 month periods
beginning at the end of the Warranty Period. During the Operational Support Extension
period, the Commonwealth will direct the priorities and work assignments to Vendor
resources, as it relates to the below listed operational support services.
System maintenance (includes testing, documentation, etc.)
Software enhancements and updates
System availability monitoring
Network Infrastructure monitoring
Interface maintenance
Helpdesk and user support
Security management
Policy and process changes (business rules engine updates and changes);
Notifications maintenance (paper and electronic)
Self Service Portal maintenance
Documentation maintenance and version control
Production of ongoing operational reports
Performance monitoring and tuning

49

 System Defects resolution, including system changes and modifications for such
Defects resolution (record, track, resolve, report) (as described above in Section
30.220)
Cooperate and comply with State and Federal audit requests
Section 30.220.020 – Operations Transition Plan
The selected Vendor shall submit its Preliminary Operations Transition Plan for
approval by CHFS prior to the completion of the Development phase. The Preliminary
Operations Transition Plan will include the selected Vendor‘s proposal for knowledge
and skills transfer for Commonwealth staff such as Business Analysts, Developers,
Testers, Operations, Project Managers etc. to learn the functional, technical and
process management details of the HBE, in order to facilitate the eventual takeover of
HBE Operations by the Commonwealth. The plan shall identify key skills that will need
to be developed within the Commonwealth‘s HBE team, including but not limited to
business rule analysis, business rule development, web service development and
maintenance, workflow development, report development, forms development, technical
architecture, data architecture, business rule testing, automated regression testing, web
service testing, operational procedures, change request processing, test management
and stakeholder management. The selected Vendor shall work with the Commonwealth
to identify the appropriate staff to assign to individual roles in order to meet the skills
transfer objectives of the Preliminary Operations Transition Plan through on-the-job
training and work shadowing.
The Preliminary Operations Transition Plan shall also outline a high level schedule of
the operations transition activities that will take place in the implementation and post
implementation phases. The Preliminary Operations Transition Plan will also include a
preliminary list of all documentation required for the ongoing maintenance of the
system, including but not limited to user guides, functional documentation, as-built
technical documentation, system architecture diagrams, relational data model diagrams,
run books, release management procedures, technical operations procedures and
configuration management procedures.
The selected Vendor shall submit its Final Operations Transition Plan for approval by
CHFS prior to the commencement of the Implementation phase. The Final Operations
Transition Plan will outline a detailed schedule of all activities required to transition the
operation of the HBE to the Commonwealth or another vendor. The Final Operations
Transition Plan will outline the key roles that will need to be filled by the Commonwealth
or another vendor, including the level of skill and experience required for that role, and
the activities that have occurred to date to develop those skills in Commonwealth staff, if
applicable. The Final Operations Transition Plan will also include a list of all User
Manuals delivered for the ongoing maintenance of the system. User Manuals shall
contain sufficient detail of system operations for the HBE for Commonwealth staff or
another vendor to operate the E&E solution on an ongoing basis. This includes, but is
50

 not limited to user manuals on administrative tools, standard operating procedures,
change control processes, end user system manuals, run books, infrastructure maps
and more.
The Operations Transition Plan shall also include ―End of Contract‖ services where the
selected Vendor details the transition activities and schedule for the transfer of physical
infrastructure, virtual infrastructure, software, code or any other system components to
an alternate location for all E&E system operations, including development, test and
training operations, to be transitioned to the Commonwealth or another vendor.
The Final Operations Transition Plan shall include readiness review procedures so that
the Commonwealth can assess the Commonwealth‘s readiness for the takeover of HBE
Operations, and the selected Vendor‘s readiness to transition operations, at least three
months prior to the end of the selected Vendor‘s Operational Support contract.
Section 30.230 – Infrastructure Hosting – Commonwealth ―Option to Buy‖
The Vendor shall propose a plan to host all infrastructure required to support the
development, test, implementation and operations of the PMB solution.
The Commonwealth is interested in maximizing its efficiency by exploring all available
infrastructure hosting options for the E&E solution. This includes the possibility of using
the Commonwealth‘s existing Data Center in COT or a Vendor provided cloud based
infrastructure.
For details on the Commonwealth‘s infrastructure requirements, the Vendor shall
reference Section 30.290.050 of this RFP.
Regardless of the hosting option selected by the Commonwealth, all performance and
availability requirements shall be met in full.
Section 30.230.010 – Hardware &Software – Commonwealth ―Option to Buy‖
The Vendor shall propose a plan to provide all hardware and software required for
development, test, implementation, production operations and disaster recovery site
operations for the E&E solution.
Section 30.230.020 – Commonwealth Data Center – Commonwealth ―Option to
Buy‖
The Vendor shall propose to assume responsibility for installing and configuring the
necessary hardware and software with the appropriate coordination of CHFS/ OATS.
51

 The support from CHFS/OATS shall include areas such as network and security access
to the Commonwealth network, building/facility access, data farm and server room
access on as-needed basis, shared BizTalk environment access, and file server
access. The schedule for the installation and setting up of various environments shall
be mutually agreed and finalized in the work plan. All hardware and software shall be
implemented and appropriately configured by the selected Vendor in the environment
prior to the start of the relevant phase based on the schedule in the project work plan.
Section 30.230.030 – Cloud Based Infrastructure – Commonwealth ―Option to
Buy‖
The Vendor‘s proposal should include a hosting solution to utilize cloud technologies
during the development, test, implementation and operations for hosting the E&E
solution, while continually remaining in compliance with the CMS Cloud Computing
Standards. The Vendor shall plan for, equip, manage, and maintain all Project hosting
sites.
Within the Vendor hosting Facilities, the Vendor shall procure, install, configure, and
operate equipment and software for the E&E Solution. The Vendor is required to
propose a solution that complies with Data center and architecture requirements,
standards, and federal, State, and Exchange regulations.
Section 30.240 – Disaster Recovery & Business Continuity
System availability and business continuity is of critical importance to the success of the
HBE. The Vendor shall propose a plan to the Commonwealth outlining its strategies and
approaches for implementation of Disaster Recovery and Business Continuity for the
HBE. The Vendor should outline the merits of that strategy including tradeoffs that apply
to an appropriate balance between cost, operational efficiency, and risk mitigation.
Production infrastructure shall be architected for recovery to an alternate site.
In the event of a disaster to the primary physical hosting site, the HBE shall have the
ability to recover and be fully operational in an alternate site.
The vendor's Business Continuity / Disaster Recovery Plan shall address how the
vendor will safely recover in the event of a disaster without compromising the integrity of
any required or dependent synchronizations between the recovered systems. The
selected Vendor shall submit a Disaster Recovery Plan to CHFS for approval prior to
the implementation of any disaster recovery site.
Reference: Appendix C: ARC-OPR-028 -029, ARC-INF-046 -048

52

 Section 30.240.010 – Disaster Recovery & Business Continuity Alternate Site –
Commonwealth – ―Option to Buy‖
The Vendor shall propose a plan inclusive of the items required to operate an alternate
disaster recovery site for the continued operation of the E&E solution in the event of a
disaster. The Vendor will provide options for recovery within 60minutes, 12 hours, 24
hours and 48 hours of the disaster event. This ―hot‖ disaster recovery site shall be built,
configured, and maintained by the Vendor. The Vendor shall include in its plan a
description of all services, hardware, software, software licenses, and infrastructure
required for this functionality. The alternate site shall be configured to the same system
performance specifications as the primary hosting site for all systems in the HBE.
Section 30.250 – Independent Verification and Validation
The selected Vendor shall cooperate with any Third Party Vendor(s) that the
Commonwealth engages for the purposes of Independent Verification and Validation
(IV&V) of the Program or the System at any point in the program lifecycle. The selected
Vendor shall, upon request and as required, provide documentation to CHFS and the
IV&V Vendor to facilitate the independent verification process.
Section 30.251 – Independent Architecture Review
The selected Vendor shall cooperate with any Third Party Vendor(s) that the
Commonwealth engages to review the system architecture design. The selected Vendor
shall assess with CHFS, any recommendations from that review, and agree and
prepare an action plan to address any risks or issues identified.
Section 30.252 – Independent Security Review
The selected Vendor shall cooperate with any Third Party Vendor(s) that the
Commonwealth engages to complete a Certification and Accreditation of the system
controls prior to go-live, in accordance with CHFS standards and policies for
Certification and Accreditation.
All HBE system components including sub systems and components delivered by subcontractors are subject to the independent review.
The Vendor shall reference Appendix P CHFS Certification and Accreditation
Procedures for details on CHFS security certification and accreditation requirements.
Reference Section 30.290.060
Section 30.253 – Capacity Plan
53

 The selected Vendor shall develop a capacity plan needed for the project based on the
approved project schedule and the tasks outlined in the project work plan. The capacity
plan shall be reviewed and assessed periodically to manage the application load.
CHFS/OATS shall provide all available information needed to accurately develop the
capacity plan including network capacity and throughput, network performance, office
hardware and software information, office bandwidth, and performance and statistics of
the shared BizTalk environment. Collection of any information not readily available for
inclusion in a comprehensive capacity plan shall be the responsibility of the selected
Vendor.
Reference: Appendix C: ARC-INF-042, ARC-INF-044, And ARC-OPR-006

Section 30.260 - Vendor Responsibilities
The selected Vendor shall be responsible for the following activities listed in Sections
30.260.010, Sections 30.260.020, and Sections 30.260.030. Failure to fulfill these
responsibilities may result in the assessment of liquidated damages to the selected
Vendor.
Section 30.260.010 - Vendor Contract Management Responsibilities
1. Develop, maintain and provide access to records required by CHFS, state and
federal auditors.
2. Utilize Commonwealth provided SharePoint site as the single repository for all
Project Management artifacts and activities, including: tracking of all risks and
issues; submission of deliverables, invoices, and status reports; posting of
meeting schedules and meeting minutes etc.
3. Provide reports necessary to show compliance with all performance standards,
including documentation requirements (artifacts) for CMS Certification audits,
SDLC Reviews, CCIIO Exchange Establishment Reviews, and any other contract
requirements. Assist with the provision of responses and required activities as a
result of the above reviews.
4. Provide to CHFS status reports regarding the selected Vendor‘s activities at
agreed upon intervals. The selected Vendor shall provide reports with content
and format agreed upon with CHFS. The intent of the reports is to provide CHFS
and the selected Vendor with reliable up to date information to manage the
progress of the HBE project.
5. Prepare and submit to CHFS requests for system changes and notices of system
problems related to the selected Vendor‘s operational responsibilities.
6. Prepare and submit for CHFS approval suggestions for changes in operational
procedures and implement the changes upon approval by CHFS.
7. Maintain operational procedure manuals and update the manuals when changes
are made.
54

 8. Ensure that effective and efficient communication protocols and lines of
communication are established and maintained both internally and with CHFS
staff. No action shall be taken which has the appearance of or effect of reducing
open communication and association between CHFS and the selected Vendor‘s
staff. Communication protocols shall be outlined in the Exchange Program
Management Plan.
9. Meet regularly with key stakeholders in the HBE to review account performance
and resolve issues between the selected Vendor and CHFS.
10. Provide to CHFS progress reports on the selected system Vendor's activity as
requested by CHFS, and outlined in the status report requirements in the
Program Management Plan.
11. Meet all federal and state privacy, confidentiality and security requirements within
the selected Vendor‘s operation, including HIPAA compliance and compliance
with IRS 6103(l)(21).Work with CHFS to implement quality improvement
procedures that are based on proactive improvements rather than reactive
responses. The selected Vendor(s) shall understand the nature of and participate
in quality improvement procedures that may occur in response to critical
situations and will assist in the planning and implementation of quality
improvement procedures based on proactive improvement.
12. Monitor the quality and accuracy of the selected Vendor's own work.
13. Submit quarterly reports electronically or in hard copy of the overall project
quality assurance activities including quality assurance reviews, findings and
corrective actions (if any) to CHFS.
14. Perform continuous analysis based on lessons learned to improve performance
of contractor functions and report the results of the analysis to CHFS.
15. Provide CHFS with a description of any changes to agreed processes for
approval prior to implementation of the change.
16. For any performance falling below a Commonwealth-specified level, explain the
problems and identify the corrective action to improve the rating. The selected
Vendor shall be subject to the assessment of liquidated damages in accordance
with the negotiated contract, for any failures that result in a delay in schedule or a
loss of funding for failure to meet federal approval or schedule requirements.
17. Provide a written response, including descriptions of resolution to the issues or
answers to the questions, to CHFS via e-mail within two business days of receipt
of e-mail on routine issues or questions.
18. Provide a written response, including descriptions of resolution to the issues or
answers to the questions, to CHFS via e-mail within one business day of receipt
of e-mail on emergency requests as defined by the Commonwealth.
19. Maintain CHFS-approved documentation of the methodology used to measure
and report completion of all requirements and attainment of all performance
standards.
Section 30.260.020 – Vendor Project Management Responsibilities
55

 1. Prepare an outline and obtain approval from CHFS for the contents and format of
each deliverable document before beginning work on the deliverable.
2. Responsible for taking minutes at meetings and providing written meeting
minutes within two business days of the occurrence of that meeting. The
selected Vendor shall provide sufficiently qualified business and technical staff to
document decisions, actions and questions coming out of each meeting.
3. Provide all written documents and deliverables with a level of quality and
completeness that indicates that they have been reviewed and proof read by the
selected Vendor prior to being delivered to the Commonwealth. Indicators of
quality and completeness include:
a. A standard of business and technical writing that limits ambiguity and
rework by CHFS;
b. A level of English proficiency that limits CHFS edits for grammar and
clarity; and
c. Content is in keeping with expectations set out in Deliverable Expectation
Documents and decisions captured in JAD sessions and other meetings.
4. Provide an implementation project manager and staff to conduct design
sessions.
5. Obtain written approval from the Commonwealth on all final deliverables.
6. Revise deliverables, if required, using Commonwealth review findings to meet
content and format requirements.
7. Develop, obtain approval for, and maintain project work plan.
8. Identify issues related to the project using the Commonwealth-approved process
for documenting issues, processes for assigning issues to resources, and
resolving issues.
9. Use Commonwealth-approved change control / management processes for
implementing changes in scope.
10. Report progress against the work plan through weekly written status reports, at
weekly review meetings with the CHFS Project Manager, and through a weekly
update of the work plan / task schedule.
11. Deliver written status reports and updated work plans / schedules one business
day before the status meeting.
12. Identify scope of work issues. Specify the basis upon which an issue is out of
scope, including appropriate RFP references.
13. Maintain all project documentation within the CHFS SharePoint domain, with
access provided to Commonwealth staff. Access restrictions may apply to some
documentation such as folders containing financial or contract information. All
documentation restrictions shall be approved by the CHFS Project Manager prior
to loading of documents on the SharePoint.
Section 30.260.030 – Vendor Certification and Review Responsibilities
The Commonwealth and the Vendor agree that passing external reviews, passing
the CHFS Security Accreditation Process, and obtaining approval of the
56

 Commonwealth’s Blueprint to operate a State Based Exchange are primary
objectives of this Contract.
1. The selected Vendor shall provide on a timely basis, the information, data, forms,
System modifications, documentation, correspondence, consultation, and assistance as
described in this Contract to be provided by Vendor to assist the Commonwealth in
passing all external reviews for the E&E and PMB solutions.
Details of reviews can be found in Section 30.140 and its subsections. Reviews include:
a.
Federal reviews
i.
CMS ELC Reviews
ii.
CCIIO Establishment Reviews
b.
Independent Security Reviews
c.
Independent Architecture Review
d.
IV&V
2. The selected Vendor shall be held responsible for the E&E and PMB solutions
passing CHFS Security Accreditation requirements.
3. The selected Vendor shall provide on a timely basis, all information, data, forms,
System modifications, documentation, correspondence, consultation, and assistance as
described in this Contract to be provided by Vendor to assist the Commonwealth with
achieving final CMS Approval to operate a State-based Exchange.

Section 30.270 - CHFS Responsibilities
CHFS is the principal contact with the selected system services Vendor(s) for the HBE
solutions. CHFS shall be responsible for the following activities:
Section 30.270.010 – CHFS Contract Management Responsibilities
1. Monitor the contract performance and compliance with contract terms and
conditions.
2. Serve as a liaison between the selected Vendor(s) and other Commonwealth users.
3. Initiate or approve system change orders and operational procedures changes.
4. Assess and invoke damages and/or penalties for the selected Vendor(s)
noncompliance.
5. Monitor the development and implementation of enhancements and modifications to
the system.
6. Review and approve completion of the selected Vendor‘s documentation as required
by CHFS.
7. Develop, with participation from the selected Vendor(s), compliance with
performance standards, negotiate reporting requirements and measure compliance.
57

 8. Review and approve selected Vendor's invoices and supporting documentation for
payment of services.
9. Coordinate state and federal reviews and assessments.
10. Consult with the selected Vendor(s) on quality improvement measures and
determination of areas to be reviewed.
11. Monitor the selected Vendor(s) performance of all Vendor(s) responsibilities.
12. Review and approve proposed corrective actions taken by the selected Vendor(s).
13. Monitor corrective actions taken by the selected Vendor(s).
14. Communicate and monitor facility concerns.
Section 30.270.020 – CHFS Project Management Responsibilities
1. Perform overall monitoring and management overview of the project to ensure
timely and satisfactory completion of all tasks and activities.
2. Review and approve the proposed outline format and content of all deliverable
documents.
3. Review the selected Vendor deliverables, determine the approval status of the
deliverable, and provide written comments to the selected Vendor in accordance
with the Quality Assurance Review Process agreed upon with the selected
Vendor.
4. Participate in weekly and monthly status meetings with the selected Vendor to
review progress against the work plan.
5. Review weekly status meeting work products with the selected Vendor to review
progress against work plan.
6. Analyze project issues and approve issue resolutions.
7. Monitor the selected Vendor‘s progress toward achievement of task milestones
and vendor‗s adherence to the work plan and schedule.
8. Analyze proposed project scope of work changes, and authorize those that are
approved.
9. Provide notice to the selected Vendor of inadequate performance; request and
approve plans of correction.
10. Assign project resources to the various phases of the contract.
11. Report on risk and status to the project Steering committee per project
management standards.
Project Program Manager
The Commonwealth shall appoint a Project Program Manager for this Contract who will
provide oversight of the activities conducted hereunder. The Project Program Manager
will be the principal contact for Vendor concerning business activities under this
Contract. The Commonwealth shall notify Vendor, in writing, when there is a new
Program Manager assigned to this Project. The Project Manager will be responsible for
all tasks identified in the RFP and Work Plan, including without limitation the following:
a) Coordinating the reporting, review and Contract compliance process;
58

 b) Facilitating the effective participation of Commonwealth staff;
c) Resolving questions raised by Vendor requiring clarification of the Commonwealth
requirements, policies, and procedures;
d) Monitoring the progress of all principal Project participants, including Vendor and
other Commonwealth entities;
e) Administering and managing this Contract; and
f) Facilitating the timely resolution of issues raised by Project participants.

Section 30.280—Vendor Selection
The CHFS seeks to award a Contract to a knowledgeable and responsive Vendor
having experience in the development and implementation of statewide web-based
multi-layered integrated solutions in the arenas of Integrated E&E, Health Insurance
Payer, Data Exchange and Business Transformation. The selected Vendor shall
provide innovative, cost-efficient and appropriate business management and technology
solutions for designing, developing and implementing the envisioned software.
Section 30.285 – Vendor Experience Requirements
The Vendor selected for this initiative shall have:
1.
A clear, complete, and comprehensive vision for the direction of the business;
2.
Evidence of fiscal stability, including being able to demonstrate that this project
will not have a material impact on the Vendor organization‘s financial status;
and
3.
Recent experience (past three years) in implementing and/or supporting an
Eligibility System (Medicaid, SNAP, TANF etc).
Section 30.290 – Technical Requirements
This section of the RFP outlines the narrative descriptions of each of the technical areas
of the HBE, which will form the foundational platform upon which the Commonwealth‘s
operational vision for the HBE will be built. These technical narratives should be cross
referenced with the requirements in Appendix C - HBE Technical Requirements.
Vendors shall use these narratives and requirements as their baseline when creating
their proposals. Solution shall meet all technical requirements as laid out in Appendix C
- HBE Technical Requirements.
Section 30.290.010 - Access and Presentation Services
The Access and Presentation Services layer of the technical solution is the architecture
layer that addresses all user interface components and system access channels. The
59

 system can be decomposed into two user interaction layers, access channels and
presentation.
Section 30.290.011 - Access and Presentation Services - Access Layer (ACC)
The system‘s access layer provides a flexible framework for managing and providing
internal and external communications over a variety of different channels. The system
shall provide the Commonwealth the ability to deliver communications to customers
over email, phone (data and voice), and mail. Customers shall also have the flexibility to
access services provided by the HBE over a variety of channels that may include, but
are not limited to, web, phone, email, or mail. The system will feature a full service
contact center that integrates an Interactive Voice Response (IVR) component. The IVR
component will provide intelligent call routing, access to individuals with disabilities and
language deficiencies, Computer Telephony Integration (CTI), and support collection of
metrics for reporting and analysis capabilities. The IVR system will provide users the
ability to access account information and access help information using automated
voice prompts. An integrated online chat feature will allow external users to request help
from any page on the public site.
Requirements: Appendix C: ARC-ACC-001-024
Section 30.290.012 - Access and Presentation Services - Presentation Layer (PRE)
The presentation layer provides users access to the system using a robust, thin-client,
browser based solution delivered over the Internet. The selected Vendor will be required
to adhere to CHFS graphical user interface (GUI) standards and policies. The site shall
provide services to persons with disabilities by complying with mandates listed in the
Rehabilitation Act of 1973, Section 508 and W3C‘s Web Content Accessibility
Guidelines 2.0. The public facing site shall be accessible to individuals in English and
Spanish, and shall provide the ability to extend support to different languages in the
future. The solution shall support usable, mobile-friendly browsing and enable access
to the site‘s features and services using ―smart‖ phones, tablets, and PDAs. The
solution shall also be extensible to support creation of and consumption by mobile
applications (―apps‖) in the future. Exchange workers accessing the portal from the
CHFS Intranet will have access to internal functions not available to external users on
the public site.
Requirements: Appendix C: ARC-PRE-001-022
Section 30.290.020 - Integration Services (INT)

60

 The Integration Services layer of the HBE technical solution is the architecture layer that
enables sharing of application services. The layer enables the system to share data,
information, and processes that operate across application boundaries.
The integration layer features a shared services offering provided by the
Commonwealth for Enterprise Service Bus (ESB) capabilities. CHFS has chosen
Microsoft BizTalk Server as the standard messaging infrastructure to be used for
messaging, routing, guaranteed delivery, transformation, and translation. The ESB will
provide services for, but not limited to, SOAP XML web services, HL7, HIPAA, and
legacy integrations.
The system shall align to CMS guidance for service oriented architectures (SOA). The
selected Vendor will be required to demonstrate that the system is delivered using
collection of distributed systems and services. The technical and business services shall
be designed to promote reuse, modularity, and interoperability. A key component of
SOA will be a UDDI compliant registry and repository for web services. The repository
will provide a centralized directory for service metadata definition, location, search,
management, versioning, and governance. This will enable the HBE‘s supporting
services to be leveraged by applications external to the system. The selected Vendor
will be required to build the system based on key web service architecture standards
defined in MITA such as SOAP, XML, WSDL, UDDI, and SAML. The selected Vendor
will be required to leverage an information exchange model that is fully compliant with
NIEM requirements during data integration and information exchange between the
system and external services (federal, state, or external business entities).
In accordance with MITA guidance, the selected Vendor will provide a business process
centric design for the delivery of Exchange and Medicaid functions. The business
process driven design shall be extensible to human services programs the HBE may
integrate with in the future. The system will feature a robust workflow engine/framework
that supports developing, monitoring, administering, configuring, and executing
workflows. The workflow engine shall provide the ability to control the processing of
human and system activities that may be required to execute in sequence or parallel.
The workflow engine will provide the ability to configure rules, roles, and execution
paths for any supported workflow managed business process. Support for configuration
of notifications, alerts, and business activity monitoring (BAM) operational reports will
enable the business to adapt to changing business needs quickly. The system shall
provide rich task and activity features for managing and administering cases, service
requests, and Exchange worker assignment queues. The task and activity service shall
at the minimum support configuration of assignment rules, notification triggers, and alert
channels.
Requirements: Appendix C: ARC-INT-001-055
Section 30.290.030 - Application and Shared Services (APP)
61

 The Application Services layer of the technical architecture is the layer that provides
reusable commodity features and functions within the system. The Shared Services
layer is a sub-set of Application Services that can be exposed externally to other
systems, applications, or external entities for reuse.
The architecture will feature a set of services that are classified as Shared Services to
promote reuse and leverage based on guidance from CMS. The selected Vendor will be
required to provide seamless integration between the HBE systems with the existing
CHFS Document Management System, so that document search, retrieval, and upload
appear to be native operations of the portal to the user. The CHFS Document
Management System will:
1.
Serve as the primary repository for storage of all HBE documents and
content including, but not limited to, outbound communications, inbound
documents (applications and verification documents), content (web, help,
and communications), and document templates;
2.
Provide document management functions to assist with processing of
inbound documents that include features like indexing, scanning, and
workflow;
3.
Provide advanced search capabilities, document versioning, and change
notifications;
4.
Leverage a shared forms service capability for the development of online
forms. The forms solution will provide a user interface for form
configuration, management, versioning, and deployment. The system shall
provide the ability to use wizards to facilitate data entry for forms, as well
as, direct user entry into the online form.
The customer appointment requirements must be delivered using customer scheduling
functions and features delivered as a shared service. Some key features offered by the
customer scheduling services are the ability to configure alerts and notifications and the
ability to synchronize appointments with the CHFS resources, such as Outlook
Exchange, KAMES, etc.
The solution will feature batch processing architecture components for supporting batch
processes in the system, for technical and business functions. The system will feature
batch scheduling services to be delivered using the existing scheduling asset approved
by CHFS standards. At a high-level, the batch architecture will provide the ability to
report, monitor, and execute batch jobs.
The system will feature a full-featured architecture component for developing,
managing, maintaining, and versioning business rules external to application code. The
business rules engine shall provide the ability to: quickly adapt program rules to policy
changes, maintain business rules using business analysts rather than developers, and
express rules using language that can be understood by the general public. The
solution shall provide open standard interfaces so that it can be leveraged as a shared
service.
62

 The system will provide reusable architecture services to facilitate the various types of
reports required by the HBE that include, but not limited to, static pre-defined, dynamic
parameter based, and ad-hoc reports. The system shall leverage Microsoft SQL Server
Reporting Services for delivery of the system‘s basic reporting features as directed by
CHFS standards. The architecture shall provide capabilities and controls aimed at
preventing ad-hoc reports from negatively affecting system performance. The reporting
solution will consist of executive dashboards and custom reports for operations,
business, and federal reporting requirements. The system will provide business
intelligence (BI) capabilities for the storage, retrieval, and analysis of historical data. The
system will include extract, transform, and load capabilities for loading data to analytic
database (data warehouse). The system shall leverage Business Objects XI 3 for BI
features in compliance with CHFS IT standards.
The system will feature Application Services that will be utilized by the application to
deliver basic commodity features and provide domain business services to the
application. The system shall include services for data integration with KAMES, other
state agencies, and the Federal Data Services Hub for eligibility information verification.
CHFS mandates that application business services that are custom developed and
require ongoing maintenance by CHFS be developed and delivered using the Microsoft
technology stack, specifically the .NET platform.
Requirements: Appendix C: ARC-APP-001-096
Section 30.290.040 - Data and Information Management Services (DAT)
The Data and Information Management Services layer of the HBE technical solution is
the architecture layer that provides services for data management. This layer includes
the definition of data services, reporting and analytics components, and the master data
management features of the system.
The data services layer will provide the application with highly-available, redundant,
consistent data. The layer consists of the infrastructure, processes, and management
tools required to deliver data services to the application. The system shall provide a
normalized extensible relational data model that aligns to the business domain. The
selected Vendor‘s data architecture strategy shall include a data modeling solution that
utilizes any or all of the CHFS approved tools for modeling. The data services layer
shall maintain data integrity and consistency throughout the system life. Included in the
data layer, the selected Vendor shall provide the strategy for converting data from
KAMES in order to minimize the ongoing operational processes and costs of KAMES.
The conversion architecture shall include components and business processes required
to load the master data management solution. The conversion strategy includes
reporting, error handling, and security controls consistent with the application security
controls defined in the security services architecture layer.
63

 The system shall include a Master Data Management (MDM) solution for managing
master reference data. The selected Vendor is required to provide the system
architecture components and strategy for master data management.
The system‘s data management functions will include the ability to create, update, and
delete master data entries, along with advanced features such as validate, search,
cluster, match, and merge. The system shall provide a matching engine that includes
the ability to configure rules and thresholds for probabilistic matching. The MDM
solution shall expose open standards interfaces and APIs to allow the service to be
exposed as a shared service.
Requirements: Appendix C: ARC-DAT-001-055
Section 30.290.050 - Infrastructure Services (INF)
The Infrastructure Services layer is the HBE layer that provides the application servers,
database platforms, programming libraries and runtime framework for the application.
The Infrastructure Services layer shall be designed to enable quality, high-performing,
scalable delivery of application services to the end-user.
The selected Vendor‘s solution shall provide infrastructure components that conform to
published CHFS platform, environment, and operating standards. The selected
Vendor‘s E&E solution shall be capable of leveraging existing shared infrastructure (e.g.
Microsoft BizTalk) as made available and required by CHFS in alignment with published
CHFS standards. Where it is cost effective and advantageous for the implementation
and operation of the E&E solution, the selected Vendor shall present options for review
and approval to CHFS for leveraging such shared infrastructure. The selected Vendor
shall identify the capacity and resource requirements necessary to support the vendor‘s
solution. The selected Vendor shall also perform a capacity analysis with CHFS to
determine the feasibility of extending existing CHFS infrastructure to fulfill the
infrastructure needs of the solution.
The selected Vendor‘s solution shall leverage the CHFS standard for Microsoft SQL
Server for all databases deployed in support of the system. All application services and
infrastructure requiring ongoing maintenance by CHFS shall be hosted on virtualized
environments in the Commonwealth‘s on-site COT data center and shall conform to
published CHFS virtualization standards. The production environment shall leverage
physical servers for all production databases; exceptions/deviations from this standard
will only be considered with proper justification from the selected Vendor. The Vendor
shall identify the network design required in support of the system, including load
balancers, VPN gateways, XML gateways, firewalls, intrusion detection system, DMS
configurations, and proxies.

64

 The Infrastructure Services layer shall provide logical environments for each testing
phase. The selected Vendor‘s infrastructure strategy shall provide the ability to create,
deploy, load and manage multiple environments that operate concurrently. The selected
Vendor‘s environment strategy shall closely align with the work stream and testing
strategy. The infrastructure layer will be required to interoperate with the KAMES
system for testing of mainframe/legacy integration. The selected Vendor shall include a
strategy for sharing the existing four partitioned environments for the KAMES
mainframe between the various testing environment instances that may be required.
The selected Vendor‘s infrastructure design shall include high availability design for all
application service hosting infrastructure components. The system shall demonstrate
fault tolerance and redundancy to prevent applications from becoming unavailable due
to component failures. The system design shall provide clustered application server
environments, load balanced applications and application components, redundant
application data and storage designs for all data stores (data, logs, messages, message
queues, etc.).
Requirements: Appendix C: ARC-INF-001-048
Section 30.290.060 - Security
The software deployment and all selected Vendor services shall abide by security
standards as outlined in the Commonwealth‘s Enterprise Information Technology
Policies.
Enterprise Policies: http://technology.ky.gov/governance/Pages/policies.aspx
Section 30.290.061 – Security Services
Both the E&E and the PMB solutions shall integrate with and utilize the CHFS security
and enterprise user provisioning system, KEUPS, for user registration, authentication,
authorization, provisioning and de-provisioning. In addition, users of both solutions shall
utilize a common identity for a seamless single sign-on experience.
The Security Services layer of the HBE technical solution is a cross-cutting virtual
architecture layer that addresses security concerns in each facet of the application and
technical architecture layers. A core, key component of the HBE security services
architecture will be realized through re-use of the KEUPS, which will provide capabilities
for addressing the HBE‘s identity and access management controls. KEUPS will provide
user provisioning, de-provisioning, self-service registration, authentication, single-signon, and coarse-grained authorization services for the HBE, and will facilitate the handoff
of security tokens for application use within the HBE.
65

 The HBE will be a claims-aware, Active Directory Federation Services (ADFS)
compliant application, and shall provide for configurable, maintainable role-based
access to business functions through both public and private HBE channels.
The HBE Security Services will implement security controls in compliance with NIST
special publication 800-53 rev. 2 guidance for high baseline controls in accordance with
CHFS security standards, and will comply with all relevant state and local security and
privacy regulations, as well as federal security and privacy standards adopted by the
U.S. Department of Health and Human Services for Exchanges. The selected Vendor is
required to cooperate with any Third Party Vendor that the Commonwealth engages to
conduct a Certification and Accreditation of the system controls prior to go-live, in
accordance with CHFS standards and policies for Certification and Accreditation.
Security services within the HBE shall be exposed as standards-compliant, reusable
web services whenever feasible, and shall align to the MITA Maturity Model and MITA
security and policy standards.
The HBE shall be built using leading practices for secure application development, and
shall protect the privacy and disclosure of sensitive, protected health information and
personally identifiable information in accordance with HIPAA Security and Privacy
Rules.
Requirements: Appendix C: ARC-SEC-001-071
Section 30.290.062 – Security Plan
The Security plan will detail all the Security procedures and controls that will be
employed in the implementation of the HBE to ensure the integrity of the system and
compliance with all security appropriate regulations. The Security Plan shall also include
a schedule of Security related activities, including the completion of Security
requirements such as the Information Security Risk Assessment.
Section 30.290.063 – HIPAA Compliance
―Personal Health Information‖ or ―PHI‖ shall mean Protected Health Information (as
such term is defined in 45 CFR § 160.103) that is received from, or on behalf of, the
Commonwealth, by Vendor pursuant to performance of the services under this
Contract. ―Personally Identifiable Information‖ or ―PII‖ means any nonpublic
information capable of individually identifying a natural person, in written or
electronic form, that is received from, or on behalf of, the Commonwealth by Vendor
pursuant to performance of the services under this Contract.

66

 The HBE is a covered entity bound by HIPAA; as such the selected Vendor shall ensure
that all its actions associated with the HBE are compliant with HIPAA rules for access,
authentications, storage and auditing, and transmittal of electronic PHI (e-PHI).
Standards include HIPAA Version 5010 standards for electronic health transactions
(effective January 1, 2012). Adherence to the HIPAA standards is required to meet the
Federal requirements of the HBE and to interface with HBE Third Parties to include but
not limited to Kentucky Health Information Exchange (KHIE), HHS, U.S. Department of
Homeland Security, IRS, National Association of Insurance Commissioners, and
Insurers.
The selected Vendor shall establish and maintain HIPAA compliant controls and
procedures that protect, define, and limit circumstances for access, use, and disclosure
of PHI in performing the Services. As the HIPAA Security and Privacy rules provide
comprehensive coverage for many types of data security and privacy, it should not be
assumed that all aspects of HIPAA are relevant to the HBE. As such, an analysis shall
be performed by the selected Vendor during the System Design phase to provide for
compliance with the relevant HIPAA requirements.
The selected Vendor shall be responsible for ensuring that Business Associate
Agreements are in place in order to exchange Personal Identifiable Information (PII) and
Personal Health Information (PHI), following DHCS policies, best practices, and HIPAA
regulations.
The HBE HIPAA compliance controls and procedures shall be submitted to CHFS for
review and approval, prior to the inclusion of any of these controls in the overall System
Design.
The selected Vendor shall not be permitted to use or disclose health information for any
reason other than that mandated in performing its obligations within this RFP.
Section 30.290.070 - Operations and System Management Services (OPR)
The Operations and System Management Services layer is the HBE architecture layer
that provides system and application administration and monitoring capabilities.
The selected Vendor‘s solution will be required to monitor and report the health and
status of all applications, services, and system components for the solution. The
application monitoring solution will provide operations users the ability to view health
and availability of application resources, application uptime, and service utilization. The
server resources will be monitored against similar server specific metrics. Adherence to
MITA requires the collection of operational data in order to establish and meet Service
Level Agreements (SLAs) for the system. The selected Vendor shall utilize Microsoft
System Center Operations Manager (SCOM) for all systems and applications
monitoring capabilities as directed by CHFS IT standards. SCOM management packs,
67

 third-party management packs, and custom management packs shall be developed and
maintained to support the collection of monitoring data from application and
infrastructure services. The Vendor‘s proposal shall describe where the use of SCOM is
not advisable, and provide alternatives better suited to meet the requirements.
The system shall provide the tools, configurations, and processes necessary for
administering and maintaining the solution. The CHFS standard backup and recovery
tool shall be used by the selected Vendor for all backup requirements that include, but
are not limited to, database, core and custom software, software and database
configuration, server, and user preferences. Batch scheduling shall leverage the CHFS
standard approved tool for enterprise scheduling. The selected Vendor‘s solution shall
include all operations materials, manuals, configuration specifications, and
documentation required to support the system and related processes. In the event that
the Commonwealth chooses to utilize existing print facilities instead of the services bid
as part of the ―Option to Buy‖ functionality at Section 30.300.044.010 of this proposal,
the system shall be required to integrate/interoperate with the Commonwealth‘s print
facilities for CHFS maintained application components with bulk printing needs. The
selected Vendor shall provide a business continuity disaster recovery plan that includes
the solutions approach to providing business continuity, and demonstrate how the
solution safely recovers from a disaster event without compromising data integrity,
security, or data synchronization between the recovered and connected systems.
Requirements: Appendix C: ARC-OPR-001-029
Section 30.290.080 - Development Architecture and Services (DEV)
The selected Vendor shall utilize a well established formal methodology across the
Software Development Lifecycle (SDLC). The selected Vendor shall deliver the solution
using a phased development approach that supports the Commonwealth‘s requirement
to sign off on iterations of the system test results of the solution before proceeding to
the next development phase.
The selected Vendor shall leverage existing asset investments and technologies for
development of Microsoft based solutions that include: Microsoft Visual Studio for .NET
development and code maintenance, Microsoft Team Suite for automated testing,
Microsoft Team Foundation Server for configuration management, and CHFS standard
tools for data modeling. The selected Vendor‘s solution shall include a robust
development framework that includes support for Continuous Integration.
The selected Vendor‘s testing methodology shall include full testing to include the
following test cycles: unit testing, integration testing, performance testing, load testing,
stress and capacity testing, data conversion testing, user acceptance testing, and
disaster recovery testing.
68

 Requirements: Appendix C: ARC-DEV-001-018
Section 30.300 – Eligibility and Enrollment Functional Requirements
This section outlines the narrative descriptions of each of the functional areas of the
HBE Operating Model that are related to the Eligibility and Enrollment scope of work.
These functional narratives should be cross referenced with the requirements in
Appendix A - HBE Eligibility and Enrollment Solution Functional Requirements.
The selected Vendor shall use these narratives and requirements as their baseline
when planning their solutions. Technical solutions shall meet all functional requirements
as laid out in Appendix A - HBE Eligibility and Enrollment Solution Functional
Requirements.
Section 30.300.010 – Administration
The HBE will have a complete set of administrative functions to govern the products and
programs offered on the HBE. A governing board will set the policy and direction for the
Exchange and support oversight on products offered on the HBE, the Navigator
Program and Program Integrity. The governing board will develop and implement a
certification criteria and process for Navigators to ensure program adherence. In
addition, a program integrity plan will be developed to prevent, detect, and minimize
fraud, waste, and abuse. Medicaid policies and procedures will continue to be managed
under the DMS.
Section 30.300.011 – Administration – Navigator Program Management
Administrators of the HBE will be responsible for the development and administration of
the Navigator Program. This will include the definition of the Navigator role, the
development of selection criteria, a recruitment plan, an application and certification
process, and a financial model for Navigator compensation.
Requirements: Appendix A: ADM-NPM-046-059
Section 30.300.012 – Administration – Program Integrity
The Program Integrity function includes planning and prevention of waste, fraud and
abuse. The E&E Solution will seek to prevent fraud and abuse through the use of clear
and simplified eligibility and enrollment rules and processes that maximize the use of
verified data through Federal and State data sources. The E&E Solution will do this
through the establishment of unique IDs for customers, and the matching and
69

 synchronization of identities already existing in the system and across other state
systems such as KAMES.
The Exchange will seek to counteract fraudulent activity through the use of data mining
and analytic techniques that match patterns of activity in order to detect potential fraud.
The Exchange will have the authority to terminate coverage based on the detection and
proof of fraudulent activity. Where appropriate, the Exchange will refer cases to
insurers, DOI, and/or DMS. The Exchange will report statistics regarding fraud,
including statistics related to dollars lost due to fraud.
Requirements: Appendix A: ADM-INT-060-080
Section 30.300.020 – Users
The E&E Solution will serve a range of users including: individuals seeking eligible
coverage; Navigators seeking to educate and guide customers through the application
process; Consumer Assistance Programs (ombudsmen) advocating for citizens and
ensuring those seeking public services are treated fairly; and HBE workers, including
contact center representatives, walk-in center employees, and operations management.
Reference: Appendix N - HBE Users and Channels Matrix

Section 30.300.030 – Channels
The Exchange foresees an environment that utilizes advanced technology and multiple
channels to reach an array of users. HBE E&E functions will be offered via an online
self service portal that is accessible through a standard or mobile web browser. The self
service portal will support communications between customers and the HBE, including
web chat, email and secure mailbox. A toll free hotline will provide customers with the
opportunity to access information via an Interactive Voice Response (IVR) or direct
conversation with a worker. Paper publications that provide educational materials
regarding the Exchange can be requested to be mailed or printed directly from the self
service portal. The Exchange is also considering using outbound text messaging for
notifications or alerts and voicemail functions for outbound call campaigns. Finally, a
web service function will provide data transmission between third parties, including
QHPs and regulatory bodies like HHS, IRS, and other State Agencies.
Where required, communication channels will be accessible to people with disabilities in
accordance with the Americans with Disabilities Act and sections 504 and 508 of the
Rehabilitation Act and provide meaningful access for persons with limited English
proficiency.
Reference: Appendix N - HBE Users and Channels Matrix
70

 Section 30.300.040 – Core Operations
Core Operations encompasses all of the user touch points with the HBE and provides
workers the tools to manage their daily work of supporting eligibility and enrollment.
Customers will interact with the E&E Solution through conducting pre-screening for
potential eligibility, scheduling of appointments, the uploading and management of
documents, submitting changes to their personal information and receiving notifications.
Core Operations also includes setting the administration of the open and special
enrollment periods. Finally, operations will confirm quality by offering a complete Quality
Assurance Process along with performance management functions and a set of cost
avoidance and recovery functions.
Section 30.300.041 – Core Operations – Customer Scheduling
Customer scheduling provides the ability to set-up and manage a centralized calendar
of phone and in-person appointments. Scheduling of customer appointments can be
automated or performed manually by customers or workers, who will have the option to
schedule an appointment based on location, appointment type, and available timeslots.
Alerts will be sent to appropriate staff regarding current, upcoming, or changes to
appointments. Appointment notices will be sent to customers via a variety of channels
including, secured mailbox, mail or voicemail. Changes to appointments will vary based
on user role.
Requirements: Appendix A: COP-SCH-001-020
Section 30.300.042 – Core Operations – Workflow
Workflow provides the ability to manage a case through the lifecycle, from registration to
closure. This includes the ability to view, assign, and redistribute work, automatically or
manually, between offices, groups, and workers in accordance with business policies,
procedures and resource capacity. Workflow will support process efficiency by allowing
any worker to review previous actions and complete next steps required to process a
request.
Requirements: Appendix A: COP-WOR-021-082
Section 30.300.043 – Core Operations – Document Management
Document Management provides the ability to view, capture and attach scanned
images to individual cases. The functionality includes the ability to link scanned and
verified images to a customer that may exist in other systems. In an effort to reduce
71

 costs, the HBE will leverage the existing Document Management System used by the
Commonwealth to the fullest extent possible.
Requirements: Appendix A: COP-DOC-083-098

Section 30.300.044 – Core Operations – Notifications
The HBE will distribute several types of notifications to HBE customers (i.e., Insurers,
Employers, Employees, and Individuals). Notifications may be triggered automatically
through workflow events, through scheduled processes (i.e., Annual Enrollment Period
Notices), or manual requests. HBE notifications will uphold all the legislative
requirements and standards of communication and accessibility to those with
disabilities.
Appendix J to this RFP includes a preliminary list of the notifications that will be required
for the processing of Medicaid cases through the E&E Solution. The selected Vendor
shall, prior to or during the System Design Phase, conduct discovery activities to
compile a complete and final list of all notifications required to process eligibility and
enrollment and case lifecycle management for all programs and products provided
through the HBE. The design and implementation of these notifications shall not
constitute a change in scope for this project.
Requirements: Appendix A: COP-NOT-099-369, Appendix J: HBE Notifications
Inventory
Section 30.300.044.010 – Commonwealth ―Option to Buy‖ - Notification
Fulfillment
The Vendor shall submit a proposed plan for the fulfillment of all notifications for the
processing of eligibility, enrollment, case lifecycle management and renewals through
the HBE. The plan shall provide the equipment, software, training, and facilities to
support the processing of high-volume print Processing Functionality. This includes, but
is not limited to, the printing of all notices, forms, letters, postcards, flyers, brochures,
enrollment packages, and ad hoc mass mailings.
Section 30.300.044.020 – Commonwealth ―Option to Buy‖ – Kentucky Health Card
Fulfillment
The Vendor shall submit a proposed plan for the fulfillment of Kentucky Health Cards.
The current volume is approximately 11,600 new cards issued per month. Monthly
replacement requests equal approximately 6,000 per month. Cards are expected to be
72

 produced and mailed within 24 hours of receipt of the card production file. The plan
shall provide the equipment, software, training, and facilities to support the production
and delivery of Kentucky Health Cards.
The Vendor shall include all costs related to Notification Fulfillment in Attachment B –
Cost Proposal Tab I.
Section 30.300.045 – Core Operations – Business Rule Management
Business Rules Management is the maintenance of all business rules affecting eligibility
and enrollment within the system. The functionality will allow designated workers the
ability to maintain or update the system in an easily referenced format. The system will
support the frequent changes typical of health insurance program policies including the
management of a variety of open and special enrollment period rules and rate
variations. The functionality will allow corrections for a prior period of coverage, even
after a rule change, as policy rules will be date driven and version controlled.
Requirements: Appendix A: COP-BRM-166-177
Section 30.300.046 – Core Operations – Open and Special Enrollments
The system will define and manage open and special enrollment periods for SHOP and
individual health benefit plan customers. Initial and ongoing annual open enrollment
periods will be determined by the Exchange in accordance with legislation. Special
enrollment periods, based on non-qualified life events and qualified life events, allow a
customer to make or change health benefit plan elections outside of open enrollment
periods. The allowable changes to health benefit plan elections may vary by life event
and qualifying situation which will be managed and defined by the HBE in accordance
with legislation (e.g., 60 days from the triggering event). The HBE will also manage the
distribution of notifications related to open and special enrollment periods to all
customers (employers, employees, individuals).
Special and open enrollment periods will be managed in the HBE through the definition
and maintenance of business rules and policies that will control how and when
customers can apply for and enroll in programs and products.
Requirements: Appendix A: COP-OPE-213-227
Section 30.300.047 – Core Operations – Customer Maintenance
Customer maintenance generally describes a change to a customer record due to a life
event (e.g., birth, adoption, marriage, death, loss of income etc.) or a demographic
73

 modification (e.g., address change, name change, etc.) that occurs after an initial
application intake and eligibility determination. All updates to a customer‘s record that
impact eligibility (e.g., income data changes), enrollment, and benefit-related events are
included in the maintenance. Maintenance activities may require supporting
documentation to verify and process transactions. Maintenance also includes functions
to allow the lookup of information on a case such as case status, eligibility periods, and
for the capturing of notes by a worker on a case.
Limited maintenance functionality will be provided through the Self Service Portal and
via mobile browsers, allowing customers to report changes to their circumstances and
to check the status of their application. Since maintenance activities have the potential
to affect eligibility, depending on the type of update, the maintenance functionality will
be closely integrated with other system functions such as workflow and notifications.
Requirements: Appendix A: COP-MAN-228-330
Section 30.300.048 – Core Operations – Quality Assurance
The System will facilitate a Quality Assurance (QA) process to monitor and evaluate
quality. The QA process will randomly sample cases based on selection criteria
parameters to detect erroneous eligibility and enrollment processing to improve
customer service, training efforts, and assist in policy decision making. The system will
allow for flexibility in the types of reviews conducted (e.g., Single State Audit, Federal
Re-reviews, Quality Control Reviews, etc.). The QA process will be integrated with
workflow and QA forms will be captured and stored within the system.
Requirements: Appendix A: COP-QUA-331-356
Section 30.300.049 – Core Operations – Performance Management
The System will gather, analyze, and output data that can be used by the
Commonwealth and/or partners to make business decisions on the effectiveness and
efficiency of business processes, organizational units, or individuals. HBE performance
results will be available for research analysis, and evaluation to assist in the
identification of best practices to improve performance and decrease costs.
The HBE will produce reports on workload size, number of applications, type of case,
location, assignee, application processing time, quality assurance results, etc., which
will give decision makers the ability to monitor, review and reconfigure workload and
workflow processes to achieve optimal operational efficiency.
Requirements: Appendix A: COP-PMG-357-367; COP-MAN-375
74

 Section 30.300.050 – Eligibility
Eligibility is the process of systematically determining a customer‘s qualifications for
enrollment in Medicaid or other Insurance Affordability Programs, QHP, or Small
Business Health Options Program (SHOP) through the HBE. The eligibility process
begins with a customer, or a qualified entity, completing the application process,
including pre-screening and registration. Once an application is complete the system
will validate, verify and use the customer provided data and predefined business rules
to determine eligibility for specific programs and products (Medicaid, QHP, or SHOP).
Eligibility also includes processing individual exemptions, eligibility determination
appeals, and maintenance.
Section 30.300.051 – Eligibility – Pre-Application Screening
Prior to applying for a health benefit plan, customers will have the ability to provide
minimal and anonymous information, via the Self Service Portal, to determine potential
eligibility for the products and programs (Medicaid, Individual, Group insurance,
State/Federal programs) available through the portal. The results of the pre-application
screening will provide information on programs and products that they are deemed
potentially eligible for and information on the application process. If a customer chooses
to apply for health benefit plan coverage, the system will pre-populate the online
application with data collected during the pre-application screening, where applicable.
Requirements: Appendix A: ELG-PRE-001-014
Section 30.300.052 – Eligibility – Registration
Registration is the recording of demographic information about a customer to track
requests for coverage in the HBE. The information recorded during the registration
process is used to create case numbers and unique customer identification records
(client index numbers). During the registration process, the HBE performs search and
match functions to identify customers that are already known to the system, to prevent
duplicate records and to ensure each customer can be uniquely identified in the system.
Registration will occur through all channels that a request comes through (e.g. online, in
person, paper, telephonically).
Requirements: Appendix A: ELG-REG-015-035, ELG-REG-140-147
Section 30.300.053 – Eligibility – Application Intake
Application Intake is the process of capturing customer data in a single application for
health benefits. Applications will be accepted online, via telephone, on paper and in
75

 person. The process will capture all data elements required to calculate eligibility and
apply for each product within the HBE, as well as communicate with the customer on an
ongoing basis. This data includes but is not limited to income and personal
demographic information. The application intake process will also capture an applicant‘s
agreement to the terms and conditions of the application for insurance coverage, as well
as a signature as proof of agreement to those terms. Signatures can be physical,
electronic or telephonic, depending on the channel through which the customer applies.
Requirements: Appendix A: ELG-REG-138-139; ELG-APP-036-051; ELG-APP-148;
ELG-APP-157
Section 30.300.054 – Eligibility – Eligibility Determination
Eligibility determination is the process of applying a complex set of eligibility rules to
specific data associated with a customer, to identify coverage under one or more
established programs provided within the HBE. The determination process for eligibility
is evaluated continuously throughout the customer‘s association with the HBE; at initial
application, during scheduled periodic reviews and whenever specific program eligibility
requirements change or new ones are added per federal and state guidelines.
Requirements: Appendix A: ELG-APP-156; ELG-ELG-052-087; ELG-ELG-149-154;
ELG-APE-155; ELG-DIS-158-160
Section 30.300.055 – Eligibility – Individual Exemptions
The ACA states that the HBE shall have functionality to track, ―receive and adjudicate
requests‖ for individual exemption from the individual responsibility requirements (e.g.,
exempt based on religious sect or division). Processing individual exemptions will allow
customers to document their reasons for exemption and to provide supporting
documentation for exemption verification. The HBE will issue certificates of exemption
to eligible individuals. Individuals denied exemption eligibility will be able to submit an
appeal. Final exemption decisions will be communicated to HHS for transmission to the
IRS.
Requirements: Appendix A: ELG-IEX-088-095
Section 30.300.056 – Eligibility – Appeals
The ACA provides the right for an individual, employer or qualified entity to request and
submit an appeal related to eligibility determination decisions made by the HBE. The
appeal process includes a reconsideration request, hearing, and may result in further
legal action. An individual, employer or qualified entity can begin the appeal process
76

 through a reconsideration request, but this step may be bypassed to a formal hearing.
Appeals may be submitted through multiple channels including online, in-person, or
over the phone, but regardless of channel a written form shall be completed. Once a
customer has filed an appeal of any kind, the HBE will send a notification related to the
appeal process and the opportunity to review his or her file and present evidence as
needed.
Requirements: Appendix A: ELG-APE-096-136
Section 30.300.057 – Eligibility – TANF and SNAP
The selected Vendor shall present a solution that allows for the phase-in of TANF and
SNAP eligibility processes to the E&E solution as well as provides for a seamless
interface with the Child Care system, without adversely affecting the implementation
timeframe specified by the ACA. The transfer of TANF/SNAP eligibility functions to the
E&E allows the Commonwealth to maximize use of the modernized processes and
platforms that are an integral part of this proposal. Elements such as the configurable
business rules engine, improved access to applications via the Self Service portal,
state-of-the-art workload maintenance, and high-quality analytics and reporting are
equally applicable to these programs.
The business rules engine will already contain many of the technical requirements
applicable to these two programs, and should easily be expanded to include such
additional elements as work registration, felony status, eligibility for expedited benefits,
and lifetime limits.
During the initial stages of the HBE project, the Commonwealth requires the selected
Vendor to conduct detailed requirements and analysis sessions to establish the
iterations needed to implement the first phase of the project as well as identify gaps in
major business processes and system components between
Medicaid/KCHIP/Exchange and TANF/SNAP. The Commonwealth further expects the
selected Vendor to develop a plan outlining the detailed road map necessary for
incorporating SNAP and TANF as well as of building a seamless real-time interface with
the Child Care system. This plan should further outline incremental project phases for
migration of SNAP and TANF functionalities from KAMES by 12/31/2015. The
requirements and analysis activities and creation of the plan shall be included in the
selected Vendor‘s integrated work plan and shall be delivered no later than May 1,
2013.

77

 Section 30.300.058 - Expanded Functionality Phase-In – TANF/SNAP
The Commonwealth will evaluate the detailed plan and associated costs for
TANF/SNAP phase-in. Based on the evaluation, the Commonwealth may choose to
execute the expanded functionality.
Requirements: Appendix A: ELG-ELG-069, ELG-ELG-070
Section 30.300.059 - Eligibility – Asset Verification Program
The selected Vendor shall incorporate an Asset Verification Program (AVP). This
functionality is necessary for determining resource eligibility for Non-MAGI Medicaid
applicants, in accordance with 42 USC 1396w. The AVP shall provide for automated
inquiry against the individuals‘ financial information as part of the online application
process, as well as manual inquiry by Exchange workers.
Requirements: Appendix A: ELG-APP-051; Appendix C: ARC-INT-031
Section 30.300.060 - Enrollment
Enrollment is the process of facilitating plan selection for a customer who has been
determined eligible and elects to enroll into a QHP and/or Medicaid. During the
enrollment process, the HBE will determine individual responsibility based on subsidy
calculation. The customer may utilize Shop and Compare Tools to assist in the QHP
election process. These tools include the display of health plan quality ratings, plan
benefit summaries, premiums, and cost sharing amounts. More robust comparison tools
will provide customers with a more personalized comparison based on their historical
experience (i.e., average number of office visits, primary care physician, average
number or cost of prescriptions, etc.). Medicaid customers subject to managed care
may select an MCO and other customers will select a QHP. The HBE will transmit all
required enrollment data to MMIS or the specific QHP on behalf of the customer. The
enrollment process also includes the ability to maintain a customer record, renew health
plan elections, and disenrollment, or termination of coverage.
Section 30.300.061 – Enrollment - Subsidy Calculations
The HBE will include functionality to calculate premium tax credits, cost sharing, and
individual responsibility. This information will be displayed to customers and integrated
with Shop and Compare Tools available on the Self Service Portal. Calculator outputs
78

 will be based on information entered by the participant and verified during eligibility
determination. A customer can opt out of a subsidy at various points throughout the
eligibility and enrollment process, including at the calculation stage.
The premium assistance available to HBE participants will be based on household
income, family size, applicable percentage (taxpayer's required share of premiums
based on household income), benchmark plan premium (second tier silver plan), and
the premium for the plan in which the customer enrolls. The premium tax credits may be
received in an advanced form (via IRS payments directly to the QHP) or claimed via
income tax filings. Reconciliation processes will be the joint responsibility of the IRS and
the customer.
Requirements: Appendix A: ENR-SUB-010-021
Section 30.300.062 – Enrollment – MCO
In addition to allowing individuals to choose a MCO, the system shall integrate with
MCAPS for an MCO auto-assignment process for individuals eligible for Medicaid/CHIP,
who are required to participate in Managed Care. This assignment process, together
with associated notices and reports is currently performed by MCAPS in a batch
process. The E&E solution shall provide a synchronized, cohesive version of these
processes.
MCO selection, auto-assignment, notice production, and reporting functions currently
addressed by MCAPS shall be incorporated into the E&E solution.
Requirement: Appendix A: ADM-INT-073, COP-OPE-214, COP-OPE-219, COP-MAN295, COP-MAN-296
Section 30.300.063 – Enrollment – PE and BCCTP
The selected Vendor shall incorporate a process to enroll individuals in Medicaid, who
are determined eligible through web-based applications for the Presumptive Eligibility
(PE) and Breast and Cervical Cancer Treatment Program (BCCTP). Eligibility
processing for these programs will be incorporated into the E&E solution.
Requirements: Appendix A: ELG-ELG-150, ELG-ELG-151, ELG-ELG-152, ELG-ELG153, ELG-ELG-154, ELG-ELG-161

79

 Section 30.300.070 – Programs and Products
The purpose of the HBE is to support enrollment into qualified programs and products,
based on eligibility determinations. Individuals may be eligible for Medicaid. If an
individual does not qualify for, or declines, Medicaid, he or she will have the opportunity
to select an Individual Product that has been certified by the Exchange. Employers on
SHOP will have the opportunity to review and pre-select a grouping of Group Products
that have been certified by the Exchange. Employees will have the option to select from
this subset of QHPs. Individual and group products will be differentiated by affordability,
type of coverage, and premium costs associated with cost-sharing requirements
(platinum, gold, silver and bronze).
In the future, the Commonwealth will support other State and Federal Programs like
TANF and SNAP through the HBE. Furthermore, the Commonwealth will consider
offering Other Health Products. The solution should be easily extensible to
accommodate additional programs and products the Commonwealth wishes to integrate
into the HBE in the future.
Section 30.300.080 - Support Services
The HBE offers a variety of services aimed at all users, including: customers, Agents,
Navigators, consumer assistance program employees, community based organizations,
and QHPs. Supported by a contact center, the HBE will aid users with general inquiries,
eligibility and enrollment questions, and technical issues that may arise from utilizing the
Self Service Portal. Support will also extend to the community and commercial partners
in an effort to educate customers and provide support when interacting with the HBE, to
ensure a high quality customer experience. Support services take the HBE from a
website that determines eligibility and facilitates enrollment, to a fully integrated health
benefits plan shopping experience where both consumers and partners have the
materials, information and personal support needed to make the best health benefit
decisions for the families of Kentucky.
Section 30.300.081 – Support Services - Customer Service
The HBE will offer comprehensive customer service to support assistance requests
from customers, employers, Navigators, and Agents. The Commonwealth will utilize
customer service channels to include: live in-person support in local offices, a contact
center, mail correspondence, secure fax and email correspondence, and online web
chat assistance. Customer service functions will assist users with a variety of assistance
requests to include application assistance, SHOP employer premium aggregation
80

 questions, password resets, and log-on issues. HBE customer service functions will
coordinate with QHPs to minimize duplication of effort with customer service functions
that already exist with insurers.
HBE customer service functionality will be primarily administered via a contact center
accessible by a toll-free phone line. Initiating customer service requests through the
contact center will allow the HBE to offer consistent high quality support to everyone,
regardless of their assistance request. In addition, the contact center will allow each
service support encounter to be documented and saved for future reference.
Unresolved service requests will be routed to specialized workers for follow-up and
resolution.
Requirements: Appendix A: SUP-CUS-001-056
Section 30.300.082 – Support Services - Education & Outreach
The HBE will provide a robust education and outreach program to inform customers and
employers about the HBE and the new health care coverage options available to them.
Education and outreach activities will target customers and employers most likely to
benefit from the HBE, communicate the value proposition of purchasing health care on
the HBE and educate them on purchasing health insurance coverage through the HBE
including: an overview of ACA and the federal mandate, information on QHPs,
certification standards, and the availability of subsidies such as Premium Tax Credits
and Cost Sharing Reductions.
The Commonwealth will leverage lessons learned from prior education and outreach
campaigns, like the successful KCHIP Program, and will deploy an education and
outreach strategy that uses a blended approach. While Navigators will be key players in
both learning and distributing Exchange education and outreach, multiple entities
including QHP‘s, healthcare providers, agents, and education personnel will be used for
outreach and the delivery of HBE messaging. In addition, the education and outreach
strategy will utilize multiple access channels for communication including: public media
and web campaigns, telephone outreach, and printed materials to target potential HBE
customers and employers.
Education and Outreach activities will be performed outside of the scope of this
Contract. However, the solution is intended to contain functionality to enable reporting
on education and outreach activities, tracking of the effectiveness of the efforts, creation
and retrieval of available surveys, and retention of outcome data. The selected Vendor
shall cooperate with the Commonwealth, and any Third Party Vendor the
Commonwealth engages for the delivery of Education and Outreach campaigns, to
provide information related to the Exchange IT systems, business processes or
operational data.
81

 Requirements: Appendix A: SUP-ENO-057-067
Section 30.300.083 - Technical Support
The HBE will offer technical support to all customers, Navigators, Agents, QHPs, third
parties, and internal workers using knowledgeable and technically trained support
personnel. Technical support personnel will assist HBE customers and workers with
technical issue resolution including, hardware and internet setting configurations,
password or log-on difficulty, user security problems, screen/navigation errors, interface
issues, and any additional issues of a technical nature that may arise while accessing
the HBE.
HBE technical support will offer a variety of resources and options to quickly resolve
customer and worker technical issues. Technical support resources will include live
technical support available through a toll-free phone line, online web chat, technical
FAQs posted on the Self Service Portal, online user manuals with system help
documentation, and emergency support to assist with critical system issues. Technical
support for non-critical technical issues will be available during reasonable hours of
operation to be determined by the Commonwealth, while emergency technical support
will be available to assist with system critical issue resolution.
Requirements: Appendix A: SUP-TEC-068-077
Section 30.300.090 - Self Service Portal (SSP)
The Self Service Portal (Portal) will serve as a one stop shop for residents of the
Commonwealth of Kentucky seeking health benefit coverage. The Portal will operate
under a "no wrong door" policy allowing all Kentuckians to view comparative information
on health benefit options, submit a single application for health benefit eligibility
determination (Medicaid, Unsubsidized, Subsidized, and SHOP), enroll in the selected
coverage option, obtain information on the administration and operations of the HBE,
and access contact information for Navigators, Agents and other consumer assistance
services. Other state and federal programs, such as TANF and SNAP will be accessible
via the Self Service Portal in the future.
The Portal will not only serve as an entry point for applicants seeking coverage, but will
also serve other Qualified Entities including: Employers (small and potentially large
businesses) who offer health benefits to their employees; Navigators seeking to guide
Kentuckians through the application process; Agents looking to bring individuals into the
insurance marketplace; Workers managing eligibility and enrollment across different
programs; Contact Center Representatives who resolve HBE customer inquiries;
Ombudsmen advocating for citizens and ensuring those seeking public services are
82

 treated fairly; and Healthcare Providers looking to introduce their patients to available
benefits and services.
The Portal will be deployed as a public facing website allowing meaningful access
(Section 508 compliant) and accessible from any device that has internet access,
including mobile devices such as PDAs, cell phones, iPads, etc. The Portal will utilize
available information from multiple sources (HealthCare.Gov, MMIS, Health Plans,
State and Federal Hubs, etc.) to provide customers with real time access to their health
benefit information.
Requirements: Appendix A: SSP-SSP-001-070
Section 30.300.100 – Business Intelligence, Analytics & Reporting (ANR)
The HBE will be equipped with a robust reporting platform that supports ad-hoc and
canned reports as well as provides for a comprehensive data warehouse/business
intelligence solution. In addition, it will provide the functionality to build, create and run
operational analytics and reports to support the governance in making policy decisions
and management in making business decisions on the effectiveness and efficiency of
business processes, organizational units, or individuals. The reporting solution will
provide reports to support key system and business functions, giving users the ability to
quickly and easily access timely and useful information. The HBE will have the ability to
produce a variety of report outputs in a variety of media and formats for maximum
flexibility. The HBE will also support analytics and reporting functionality that allows for
communication with Federal Agencies, Insurers, Employers, and other State Agencies
through the utilization of multiple interfaces.
The Commonwealth intends to implement the desired reporting solution in phases. The
initial phase of this implementation (targeted for October 2013) should support ad-hoc;
parameter based reporting to include at a minimum the following types of reports:
1. Basic Management Reports (sortable by worker, unit, county, region, and state
level, as well as by category of assistance):
a. Method of application – online, walk-in, navigator assisted, etc.;
b. Applications processed immediately as opposed to those pended for agency
action, of those held pending, how many were processed within defined
timeframes, outside of allowable timeframes, or are still pending disposition;
c. Applications denied and active cases discontinued - by reason;
d. Caseload activity – number of actions taken on active cases by workers & by
recipients;
e. Redeterminations coming due, processed administratively, worker
processed, (timely and untimely), and past due; and
f. Active caseload.
2. Data matching:
83

 3.
4.

5.
6.

a. Number of successful matches to outside data sources (Federal, State, etc.),
unsuccessful inquiries, total inquiries.
b. Reconciliation of enrollment information with QHPs
Quality Control Reports:
a. Sample collection.
Mandatory federal Reports:
a. Motor Voter;
b. IEVS timeliness; and
c. Required reports for HHS (CMS, CCIIO) and the IRS.
CHFS internal Security:
a. Unauthorized attempts.
Application processing timeframes analysis.

Please note the above stated reports are not a definite and complete list of reports
needed. They are provided as examples. The selected Vendor will be responsible for
developing the final list of desired reports during requirements and design sessions.
The Commonwealth desires to implement a full blown business intelligence (BI) solution
encompassing multiple human services programs in a subsequent phase following the
initial implementation. In addition to ad-hoc reporting capabilities, the business
intelligence solution shall provide the following capabilities: establishing data trends and
patterns, data drill downs, user configurable dash boards and predictive data modeling.
Example of reports that may be part of this BI solution includes:
1. Impact on caseload size of online approvals;
2. Cases approved through online matches, later discontinued due to updated
(batch) match data;
3. Evaluation of workload management strategies;
4. Evaluation of quality improvement strategies;
5. Assessment and calculation of health care quality and outcomes; and
6. Evaluation of Program integrity measures
Please note: The selected Vendor will be responsible for defining the requirements and
design necessary for the BI solution.
Requirements: Appendix A: ANR-ANR-001-033, Appendix K – HBE Reports Inventory
Section 30.300.110 - Third Parties
Third Parties include organizations or entities that may interact with the HBE.
Interactions will include the transmission of information through an interface for data
population, verification or reporting. Third Parties include the following organizations or
entities: Kentucky Health Information Exchange (KHIE), Health and Human Services
(HHS), Office of Personnel Management (OPM), Internal Revenue Service (IRS),
Homeland Security, National Association of Insurance Commissioners (NAIC),
84

 Department of Insurance (DOI), Cabinet for Health and Family Services (CHFS), and
Health Insurers (such as Anthem, Humana, etc.).
Section 30.300.120 – Interfaces
Some key elements of the functional requirements of the HBE, such as the concepts of
real-time determinations of eligibility and administrative renewals, hinge on the
availability of data from various sources, both internal and external to CHFS and the
Commonwealth, in real time. The selected Vendor shall account for these interfaces,
listed in Appendix H to this RFP, in its technical solution and its Preliminary Project
Plan. Appendix H lists all known interfaces at the time of issuing this RFP. It is
understood that the interfaces listed in Appendix H may not represent all the interfaces
required for final implementation of the HBE. The selected Vendor shall include in its
System Design Phase a period for interface discovery and design, to identify and design
all interfaces required for the fulfillment of the HBE functional requirements.
Identification of new interfaces during this phase shall not constitute a change in scope
for this project.
The Commonwealth requires that all interfaces are real time where technically feasible.
In the case where real time interfaces are not feasible, the selected Vendor shall submit
a design for batch, or near real-time interfaces for approval by CHFS, and propose
SLAs for both parties in that data exchange. It is important to note that while the HBE
will establish and own the relationship with any third parties with whom data sharing will
occur, the selected Vendor shall design, develop and test all necessary physical
interfaces, web services, file sharing specifications and batch processes for data
exchange.
Reference: Appendix H – HBE Integration and Interface Blueprint and Inventory
Section 30.310 – HBE Plan Maintenance and Billing Functional Requirements
This section outlines the narrative descriptions of each of the functional areas of the
HBE Operating Model that are related to the HBE PMB scope of work. These functional
narratives should be cross referenced with the requirements in Appendix B - HBE Plan
Maintenance and Billing Solution Functional Requirements.
The selected Vendor shall use these narratives and requirements as their baseline
when planning their solutions. Technical solutions shall meet all functional requirements
as laid out in Appendix B - HBE Plan Maintenance and Billing Solution Functional
Requirements.

85

 Section 30.310.010 – Exchange Governance
The Exchange, which may be a ―quasi-government agency‖, will be established with a
clear and accountable governance structure. The established governance structure will
ensure the Exchange is acting in accordance with defined and published governing
principles. In addition, the Exchange will implement ethical policies and procedures to
also include the disclosure of financial interests of Exchange board or governance body
members.
The governance structure will support an Exchange that is publicly accountable, and
transparent, with technically competent leadership. This leadership will have the
capacity and authority to take all actions necessary to meet Federal standards,
including making policy decisions and determining whether health plans offered through
the HBE are in the interests of qualified individuals and employers.

Requirements: Appendix B, ADM-EXG-001-004
Section 30.310.020 – QHP Certification
The Exchange will establish a certification process that will grant a ―qualified‖ status to
each health plan that wishes to participate on the HBE. The certification process will
include an application, insurer rate and benefit information, transparency in coverage,
accreditation, network adequacy, and a process for recertification and decertification.
Today, the Department of Insurance (DOI) conducts a qualification process that
includes a review of network adequacy, benefit information and rates for plans
conducting business in the Commonwealth of Kentucky. To the extent possible, the
Exchange will contract with DOI to conduct portions of the QHP certification on behalf of
the Exchange.
Health plans will have the opportunity to appeal a certification decision and will follow a
certification appeal process that the Exchange will define in the future.

Requirements: Appendix B, ADM-CER-005-042
Section 30.310.030 – Health Plan Quality Ratings
The Exchange will assign quality ratings in accordance with quality rating system
guidelines which will be issued by HHS and further developed in accordance with state
policies. In order to assign quality ratings, the Exchange will develop a criteria for QHP
86

 Ratings by reviewing existing national quality rating systems (e.g., NAIC and NCQA)
and State standards. In an effort to increase transparency, and to limit perceived
preferential treatment and administrative burden, the Exchange will contract with a third
party quality rating service to conduct ratings on behalf of the Exchange, based on the
Exchange determined criteria.
The Health Plan Quality Rating process and criteria will be displayed on the Self Service
Portal to support transparency and accountability. Health Plan Quality Ratings will be
included in the criteria for QHP certification.

Requirements: Appendix B, ADM-RAT-043-045

Section 30.310.040 – Financial Management (FIN)
The HBE will have a robust set of tools and processes to administer the many financial
transactions of the HBE. These functions will serve as the foundation for SHOP
premium aggregation, facilitating processes and checkpoints to confirm all dollars are
properly flowing from the employer all the way to the insurer. In addition, the HBE will
host a complete set of services to manage the collection of premium payments from
customers, the ability to reconcile payments with amounts owed and a vehicle to notify
and collect those debts.
Section 30.310.041 – Premium Aggregation Administration (SHOP)
The HBE will produce and send monthly premium bills to each SHOP participating
employer for payment of their employees‘ health plan coverage. The SHOP participating
employers will submit payments to the HBE on behalf of both the Employer and the
employees. The HBE will collect a single payment and remit premiums owed to each
QHP. The HBE will reconcile any enrollment and premium payment discrepancies with
the QHPs on a monthly basis.
Requirements: Appendix B, FIN-PRA-001-009
Section 30.310.042 – Premium Billing, Collections, & Reconciliation
The HBE will produce and send premium bills on a monthly basis to enrolled individuals.
Individuals will remit payment of premiums for their coverage to the HBE. Individual
payments made by check, cash, EFT, money order and credit card will be accepted.
The HBE will make multiple channels (web and mail) available to individuals to facilitate
their payment of premiums. Failure to pay premiums will trigger a collection and
87

 notification process but will ultimately result in coverage being cancelled. The HBE will
support the customer‘s right to send payment directly to the QHP.
The HBE will produce and send a premium report, based on enrollment, to each QHP.
The HBE will send aggregate premiums owed to each QHP along with the premium
report. On a monthly basis, the HBE and QHPs will reconcile any enrollment and
payment discrepancies.
Requirements: Appendix B, FIN-BCR-010-052
Section 30.310.043 – Exchange Sustainability
The Exchange will establish a plan to support self-sufficiency and ensure financial
viability by January 1, 2015. The sustainability plan will be compliant with section 1311
(d) (5) of the ACA and may enable assessments and user fees on participating issuers
as a means for Kentucky to secure operational funding for the HBE. The Exchange may
also seek to establish additional methods of funding to sustain Exchange operations.
Requirements: Appendix B, FIN-EXS-053-056
Section 30.310.044 – Risk Management Programs
The HBE will include functionality to operate risk management programs including the
risk adjustment, transitional reinsurance, and risk corridors programs in accordance with
federal standards. These functionalities may be operated outside of the HBE in part, or
in full, by Federal partners. The HBE will enable data collection capabilities to collect
health plan encounter data to include demographic, diagnostic, and prescription drug
data.
Requirements: Appendix B: FIN-RMP-057
Section 30.310.050 – SHOP Employer Setup
The HBE will support the functionality required to operationally manage the setup of
Employers on SHOP. SHOP Employer setup will include the application process with
identification of employees, determination of SHOP eligibility, definition of contribution
strategy, QHP elections, and any financial processing information required to support
premium aggregation and payments.
The HBE will allow Employers with 1 to 50 employees to participate on the SHOP
Exchange. Employers that exceed this number of employees after the initial open
enrollment period will be permitted to remain on the SHOP Exchange (i.e., Employers
who exceed 50 employees in 2015 can remain in SHOP).
88

 Requirements: Appendix B: COP-SHP-178-212
Section 30.310.060 – Shop & Compare Tools
Shop & Compare Tools are a set of consumer assistance resources available on the
Self Service Portal that support customers in the health benefit plan selection process.
Individuals will have the ability to view standardized comparative information on each
available QHP side-by-side, quality ratings, benefit summaries, and including premium
tax credits and cost sharing through the development of an HBE calculator as outlined
in the ACA. The Shop and Compare Tools will provide more detail on specific customer
health information and will display a further level of comparative information (e.g.,
average number of doctor visits, total number of prescriptions, how much can you afford
per month?). Employers will also have Shop & Compare tools to help in the plan
selection process, which will include tools to test affordability for their employees. All
Shop & Compare Tools are optional for the customer and not a formal recommendation
for selection by the HBE.
Requirements: Appendix B: ENR-SCT-001-009

Resource Operations Support Manager and Resume:
Amol V. Sathaye shall be the operations support manager. See Attachment A, Key
Resource Ops Support Manager Resume.

Assumptions:
Deloitte Consulting (―Deloitte‖) has made the following assumptions which form the
basis of our proposed price and which are incorporated into the final contract for the
project.
1. Project start date is on or before October 01, 2012.
2. The Commonwealth will provide the following full time staff: Project Manager,
Technology Lead, Testing Lead, Implementation Lead, Training Lead, Lead for each
work stream, at least one functional expert per work stream, and owners for each
identified work stream / functionality / interface / stakeholders (i.e., Health Plans,
DOI) to work with their corresponding peers in the Deloitte project team.
3. The Commonwealth will collaboratively and actively work with the Deloitte team in
resolving, within one week of being identified, any policy/program issues that may
potentially impact the overall project timeline. We recognize that some
policy/program issues will require timeframes greater than 1 week for resolution.
89

 Unresolved issues that impact project timeline will be addressed through the Project
Management issue escalation and risk mitigation process.
4. Deloitte‘s ability to meet the project schedule and the proposed fixed-price is
predicated on interface partners and data providers (e.g. MMIS, Federal HUB) being
ready per the project timelines. We recognize that Deloitte and the Commonwealth
have little control over federally provided solutions. These and other external
dependencies to the HBE project timeline will be actively monitored and mitigated as
a risk in the Project Risk Management process. If action or inaction by the
Commonwealth, or its suppliers‘ failure to perform their responsibilities in a timely
manner, prevents Deloitte from or delays Deloitte in performing the services, Deloitte
will promptly notify the Commonwealth thereof and submit a change request therefor,
and Deloitte will be entitled to a change order where a reasonable adjustment will be
made to the schedule for performance and the compensation otherwise payable to
Deloitte under the Contract to address the adverse impact to Deloitte. In such event,
the parties will promptly and in good faith negotiation appropriate modifications or
alterations to the Contract and any appropriate change orders.
5. The Commonwealth will be responsible for establishing Business Associate
Agreements (BAA) required by HIPAA with all parties that will be receiving
Exchange electronic PHI or PII, as applicable.
6. The Commonwealth will act as liaison with federal (e.g., CMS) and other
Commonwealth agencies during the term of the contract. Deloitte will be
responsible for supporting and facilitating technical working sessions, defining
technical interface specifications, coordinating and conducting necessary testing to
identify issues with interfaces and work with the technical contacts with respective
agencies to help resolve technical issues.
7. The Commonwealth is responsible for business operations related to call center,
marketing and outreach (including communication materials), reporting of
communication effectiveness, and management of eligibility and exchange
operations. Deloitte will be responsible to provide assistance and support in defining
contact center related business processes supporting the new system, and to
provide deliverables defined in the Contract to support the communication and
outreach. Deloitte will be responsible to provide integration services with the Contact
Center solution as described in the Contract.
8. The Commonwealth will provide staff as required to lead and participate in all CMS
gate and deliverable reviews.
9. Per RFP Section 70.060, The Commonwealth reserves the right to approve any or
all hardware and software purchases. Deloitte and the Commonwealth will work
together to define a comprehensive hardware and software BOM and the associated
price for the HBE project. The hardware and software BOM shall not include any
developer machines and/or development software. If the Commonwealth decides as
an ‗option to buy‘ installation services from Deloitte, Deloitte will provide required
90

 services for installing and configuring the necessary hardware and software with
appropriate coordination with CHFS/Office of Administrative and Technology
Services (OATS). The support from CHFS/OATS shall include areas such as
network and security access to the Commonwealth network, building/facility, data
farm and server room, shared environments such as BizTalk, and file servers.
10. The proposed price for the HBE solution is predicated on the Commonwealth
procuring all the mandatory scope items described in our Technical and price
proposals. If the Commonwealth decides to remove items from mandatory scope,
we will work with the Commonwealth to redefine the price of the items remaining in
the final scope. The Commonwealth will work with Deloitte to finalize all BOMs and
service offerings prior to commitment of purchase.
11. The PMB component of the HBE solution is being offered as a service in a dedicated
instance for each environment of the PMB solution and infrastructure for the KY HBE
solution specified in the Contract that meets agreed upon SLAs. The Commonwealth
will have complete flexibility to implement KY specific requirements as specified in
the Contract without any dependencies on other states and other parties. The
Commonwealth will purchase software licenses for products used in the PMB
solution directly from such third party vendors.
12. No sales tax has been included on any component of our Price Proposal. If sales
tax is required, a Change Request will be required to cover sales tax.
Requirements and Scope
13. The project team will execute up to nine requirements validation sessions
concurrently. The Deloitte and Commonwealth functional leads will jointly develop a
plan for requirements validation sessions including specifics of each session – topic,
agenda, and purpose. Commonwealth will schedule and make available appropriate
participants for each session to meet the timelines established in the integrated
Project Work Plan.
14. Adequate support and involvement from Commonwealth resources (2 to 5 per track)
is required for requirements validation, design, testing and all other phases per the
approved project work plan. The Deloitte and Commonwealth PMO teams will work
together to mitigate risks/issues in the event of conflicts in schedule and/or
availability of required staff for sessions that impact the project timeline.
15. Deloitte‘s price as set forth in this Contract for the KY HBE solution is based on the
following: Maximum of 60 Interfaces to/from the HBE solution. An Interface for the
purpose of this Contract is defined as a unique data exchange specification (for
batch exchanges - data layout, and direction; for real-time exchanges – one per realtime data source) between the HBE solution and external source agency / entity.

91

 16. Notification Fulfillment solution will generate printed, mail-ready copies of notices,
forms, letters, postcards, flyers, brochures, enrollment packages, and ad hoc mass
mailings. Postage will be paid by the Commonwealth and is not included in our
proposed price.
17. The price for the Notification Fulfillment solution is based on generating notices for
the HBE population only, and does not include other programs. The Fulfillment price
is based on processing 4.4 Million notices per year, 2.2 Million of which are simplex,
and 2.2 Million are duplex or mixed plex. The per item fulfillment price for these
types of notices is provided in Deloitte‘s price to derive budgetary estimates for
larger projected volumes.
18. The PMB Solution will be hosted in the CGI data center with connectivity to the
Commonwealth E&E primary site. If the Commonwealth E&E primary site is down,
all existing connections to the E&E primary site will automatically fail over to the
Commonwealth DR Site for E&E. Services hosted at the CGI site to support DR is
the responsibility of Deloitte, Services hosted at the Commonwealth site to support
DR is the responsibility of the Commonwealth.
19. Knowledgeable Commonwealth subject matter and policy experts will be available
throughout the project to support JAD sessions, and Technical/Architecture
integration with Commonwealth applications. The Deloitte and Commonwealth PMO
teams will work together to mitigate risks/issues in the event of conflicts in schedule,
and unavailability of key staff for sessions that impact project timeline.
20. The Commonwealth will provide all available documents related to the Exchange at
the start of the project. This includes documents submitted to CMS, such as
Architecture Reviews, Project Baseline Reviews, etc.
21. Returned mail will be processed by the Commonwealth. Pursuant to and during the
Operational Support and Warranty Period, Deloitte will be responsible for resolving
system Deliverable Deficiencies if any, in a timely manner, that may have caused
the return mail.
22. Lockbox service charges are not included in the PMB solution
23. PMB solution supports English and Spanish. Price related to provide other
languages is not included.
24. PMB Cloud Hosted Solution is based on 48 Hour Recovery Time Objective (RTO) &
30 Minute Recovery Point Objective (RPO). Deloitte has additionally provided a
price for 12 hour and 24 hour RTO options.
25. E&E Cloud Hosted Solution is based on 48 Hour Recovery Time Objective (RTO) &
30 Minute Recovery Point Objective (RPO). Deloitte has additionally provided
priceestimates for the following DR configurations:

92

 a. 12 hour RTO or 24 hour RTO – Commonwealth hosted E&E Primary site and DR
site hosted by Deloitte.
b. 12 hour RTO or 24 hour RTO – Deloitte hosted E&E Primary site and DR site
hosted by Deloitte.
26. PMB Cloud Hosted Solution Line Item Pricing is based on Commonwealth
contracting for all the environments specified in the RFP.
27. E&E Cloud Hosted Solution Line Item Pricing is based on Commonwealth
contracting for all the SDLC environments specified in the RFP.
28. PMB solution price proposal did not include subscription fees related to SERFF and
NIPR services. Commonwealth will be responsible for subscription fees for the
SERFF and NIPR services.
29. Deloitte is responsible for performance Service Level Agreements (or ―SLAs‖)
specified in the Contract associated with the HBE solution and the infrastructure that
are exclusively installed in support of the HBE (such as web, application, data
servers). The Commonwealth is responsible for the performance SLAs for the
portions of the HBE solution that are dependent on the Commonwealth‘s network
infrastructure and any shared enterprise infrastructure (SSRS server, BizTalk,
KEUPS, etc). Deloitte will assist the Commonwealth in determining the optimum
network infrastructure needs (capacity, bandwidth etc.) as well as optimum capacity
needs for shared services utilized by the Commonwealth‘s solution including
BizTalk, SSRS, etc. for the HBE system to operate and Deloitte will document these
findings in its Capacity Analysis and Plan deliverable.
30. Notices will be available in English and Spanish.
31. The following potential member enrollment count per year will be applicable for the
Healthation TERM license, supporting PMB financial management, as indicated in
our PMB software licensing fee section based on Kaiser‘s Non–Elderly Uninsured
numbers that are greater than or equal to 139% FPL– 178,000 individual members
enrolled in Year 2. 219,000 individual members in Year 3, 239,000 individual
members in Year 4, 252,000 individual members in Year 5. These individual
member counts do not include programs such as Medicaid, CHIP, SNAP, TANF as
those members do not have financial transactions associated with PMB and
therefore do not affect the TERM license.
32. Commonwealth Security and Document management systems integration API's will
be available as per the project schedule
33. Level 2 Service Desk is non-consumer facing and receives contacts from the
Commonwealth‘s Level 1 Contact Center. Deloitte will provide Level 2 Service Desk
(Application help desk support) providing support for the PMB Cloud Hosted Solution
and the optional E&E Cloud Hosted Solution.

93

 34. Level 3 application help desk that supports E&E solution will receive contacts from
the Commonwealth‘s Level 2 or Level 1 help desk. Deloitte will provide Level 3
application help desk support.
35. If employers have specific questions about the status of appeals, or the enrollment
periods that are reflected in the employer shopping portal, or the premium payment
amounts that are reflected in the employer or employee shopping portal, or about
the premium aggregation that is done through the financial management function,
employers must contact the call center either by calling or using the live chat
functionality. Deloitte will provide on-line help on the portal that will explain
terminology such as enrollment period.
36. If a carrier has difficulties using the upload tools, the carrier will be required to
contact the call center either by phone or through live chat in order to get assistance.
The plan management component of the PMB solution will have online functionality
to support Qualified Health Plans to conduct maintenance tasks such as updating
provider directories and prescription drug benefits.
37. If carriers have difficulty utilizing the online certification or re-certification processes
provided in the carrier portal, the carriers will need to contact the call center either by
phone or live chat in order to get assistance. In addition, all inquiries about why a
plan was decertified, beyond the correspondence provided by the Exchange at the
time of the decertification, will need to be made to the call center either by phone or
through live chat. The plan management component of the PMB solution will have
online functionality to support CHFS staff to track certification, recertification and
decertification of plans.
38. Ability for the Exchange to establish a sustainability model in compliance with
section 1311 (d)(5) of the ACA will be based on review and approval by
Commonwealth Exchange staff. Deloitte will provide the deliverables specified in
the Contract to assist the Commonwealth with the development of the sustainability
plan.
39. Operating risk adjustment and reinsurance programs will be in accordance with
Federal standards and upon approval by Commonwealth Exchange staff. The
Commonwealth will allow the feds to complete the risk adjustment and reinsurance.
Design, Development and Testing
40. Operational Readiness Testing will be performed as part of User Acceptance
Testing in the PROD environment.
41. Appropriate knowledge, artifacts, and software associated with Federal Data Hub
and other external entities will be available to support each phase of the SDLC. If the
HUB is not available to support the phase of the SDLC. Deloitte will assist the
Commonwealth in development of temporary workarounds that will allow completion
of that phase for system testing. Deloitte will integrate with the Federal HUB, if it is
available prior to UAT.
94

 42. Features and functions associated with Deloitte's framework and assets which are in
addition to the HBE requirements defined in this RFP will be delivered 'as-is'. If
changes to those ‗additional‘ features and functions are identified during the SDLC
process, then those changes will be addressed through the change control process.
Commonwealth agrees to the implementation of the additional features and
functions to the extent that the additional features and functionalities do not
negatively impact Commonwealth‘s business processes. In the event that these
features and functions negatively impact the Commonwealth, they will be turned off
per Commonwealth request.
Hardware, Software and Operations
43. Network capacity (network access to PMB solution in the cloud, and network
connectivity between PMB solution and E&E solution) is estimated using a maximum
of 1000 concurrent users. Deloitte has included incremental pricing (in increments of
additional 500 concurrent users) in its price.
44. Chat software license included in software licensing price is based on no more than
10 CSRs utilizing Chat functionality at any given time. Deloitte has included
incremental pricing (increments of 10 additional Chat software licenses) in its price.
45. During Capacity and Performance Testing, if it is determined that additional capacity
is required beyond what was initially estimated jointly by Deloitte and the
Commonwealth while developing the BOM, the added cost for the additional
capacity will be a pass through to the Commonwealth.
46. The Commonwealth data center facilities will comply with all approved policies,
procedures, standards and guidelines for the Exchange. The Commonwealth will be
responsible for adhering to regulatory requirements for data center facilities.
47. The Commonwealth will ensure that all infrastructure security configurations will be
made to support compliance with regulations as specified by Exchange Security
Blueprint. The Commonwealth will be responsible for updating the security
configurations for the entire infrastructure security configuration per the established
configuration and change management processes.
48. The Commonwealth will select an independent evaluator to perform the following
assessment as required by the Exchange Blueprint. Deloitte will provide necessary
deliverable documents and access to the independent evaluator.
a. Conduct Annual independent evaluation security reports (FISMA)
b. Ensure Annual Safeguard Activity Report (IRS)
c. Ensure PCI security and privacy compliance (annual report)

95

 49. SMS texting is one of the channels named in the RFP. Implementation and
integration of this component is not included in the price because detailed technical,
functional and capacity requirements need to be finalized for accurate pricing. A
high-level price estimate has been provided to the Commonwealth.
50. IVR system implementation is not in scope. Deloitte will provide required service
objects for an IVR solution to integrate.
51. The price for Kentucky Health Card Fulfillment supports an assessment of the
possible vendors for printing of cards based on the desired operational goals
collaboratively defined with the Commonwealth
52. The Commonwealth of Kentucky will provide Virtual Private Network (VPN) access
to the project development resources in order for these resources to perform
development, testing, and production support activities in a timely manner. Remote
access will be provided on a 24x7 basis for Deloitte's project team during the
duration of this project.
53. The Commonwealth will be responsible for PCI compliance and performing the
independent certification for processing PCI related transactions in the KY HBE
solution. The KY HBE solution will allow capture and transmitting of credit card
information to the Commonwealth‘s selected banking partner which will be subject to
PCI compliance.
54. The Commonwealth will be responsible for the development, implementation and
maintenance of the corresponding security and privacy policies, procedures and
standards applicable for the KY HBE solution. Deloitte will provide guidance on this
effort.
55. Application roles will be defined, developed and implemented for access to the KY
HBE solution. An enterprise level assessment and optimization/rationalization of
roles beyond the KY HBE solution is not in scope.
56. Deloitte will support Security CMS, SSP, IRS Safeguard Reporting for HBE
requirements through the implementation and warranty phases of the project.
57. The Commonwealth will work with Deloitte to finalize all BOMs prior to purchase,
including products for Web Services security and Security Information Event
Management.
58. Deloitte will perform application and server security testing for KY HBE and the
server infrastructure exclusively supporting the solution (web, application data
servers). CHFS will perform external network vulnerability assessments as part of
PCI, IRS, NIST and HIPAA requirements as part of the overall infrastructure. CHFS
will obtain appropriate approvals from COT via COT-F110 before Deloitte conducts
any security server vulnerability and application security tests.
59. To the extent allowable by the OEM licensing agreements, server software licenses
for production environment will be leveraged for disaster recovery.
96

 Training
60. Training delivery overlaps with the UAT timeline. Specific dates for training delivery
will be established in the approved project work plan.
61. 3rd party product training to the Commonwealth staff on the COTS 3rd party products
that are part of the HBE solution is not included in scope. As an example, Deloitte
will provide knowledge transfer and training to Commonwealth staff to help them
maintain and operate the solution components included in the HBE solution
(add/change business rule in Corticon, add/update BI Report/Dashboard). However,
product training on the specific 3rd party COTS products (i.e. Corticon and SAP
Business Objects) is not included in the scope and price.
62. Because Deloitte will develop and deliver a blended learning program (providing
various learning delivery methods for various audiences based on how each will use
the HBE system) not all audiences will receive instructor-led training.
63. 25 percent of users (up to a maximum of 1500 users) will receive instructor-led
training. The remainder of users will receive training through other delivery methods.
All public users and navigators will be trained via computer-based simulations. The
universe of users includes CHFS and DOI employees, and Contact Center
employees. Incremental pricing (increment of additional 100 users) for providing
training to additional users is provided in Deloitte‘s price. Training facility (as
described in Section 30.110.120) will be the responsibility of the Commonwealth.
64. The HBE system will be deployed in four releases. Deloitte will train relevant users
for each release of the system as well as Train-the-Trainers during the Operational
Support and Warranty Period.
65. Deloitte will use Adobe® RoboHelp® for the development and maintenance of
Online Help.
66. English language and Spanish language training materials will be created for public
facing WBT courses. Internally focused E&E and PMB materials for exchange case
workers will be in English only.
67. It is assumed that Deloitte will use Moodle or the Commonwealth‘s Learning
Management System as the Learning Management System.
68. Deloitte will provide role based user training that encompasses various user groups.
Deloitte‘s training will be customized for each user type and cover end to end
business processes relevant to each user group.
Timeline:
See Attachment B, Revised Release Timeline.
97

 Service Level Agreement and Exhibit 1 Key Roles:
See Attachment C for Service Level Agreement (SLA) and Attachment A for Exhibit 1,
Key Roles.
IV. Terms and Conditions
Section 40.015—Final Agreement
The Contract represents the entire agreement between the parties with respect to the
subject matter hereof. Prior negotiations, representations, or agreements, either written
or oral, between the parties hereto relating to the subject matter hereof shall be of no
effect upon this Contract.
Section 40.016—Agencies to Be Served
This contract shall be for use by the following agencies of the Commonwealth of
Kentucky:
All State Agencies
No shipments shall be made except upon receipt by Vendor of an official Delivery Order
from a using agency.
Section 40.017—Political Subdivisions
Under Kentucky Statutes, political subdivisions of this State including cities, counties
and school districts may participate in All State Agency Master Agreements to the same
extent as agencies of the Commonwealth.
Section 40.018—Extending the Contract Use to Other Agencies
The Office of Procurement Services reserves the right, with the consent of the
Contractor, to offer this Master Agreement to other state agencies requiring the
product(s) or service(s).
Section 40.019- Quantity Basis of Contract – Estimated Quantities
Any and all quantities mentioned in this Contract are purely estimates, and are not to be
implied nor inferred as being guarantees. The State is obligated to buy only that
quantity needed by its agencies during the term of the contract. Requirements may
exceed the quantities shown and the contractor will be required to furnish all
requirements shown on Delivery Orders dated during the life of the contract.
98

 Section 40.020—Contract Provisions
If any provision of this Contract (including items incorporated by reference) is declared
or found to be illegal, unenforceable, or void, then both the Commonwealth and the
Contractor shall be relieved of all obligations arising under such provision. If the
remainder of this Contract is capable of performance, it shall not be affected by such
declaration or finding and shall be fully performed.

Section 40.025—Type of Contract
The contract proposed in response to this Contract shall be on the basis of a firm fixed
unit price for the elements listed in this Contract. This Contract is specifically not
intended to solicit proposals for contracts on the basis of cost-plus, open-ended rate
schedule, nor any non-fixed price arrangement.
Section 40.030—Term of Contract and Renewal Options
This Contract shall be for the period from contract award estimated beginning on or
about October 1, 2012 and ending six (6) months, December 31, 2014, post
implementation of the scope of the E&E and PMB solutions as defined in the RFP. At
the sole option of the Commonwealth/Exchange, the contract period may be
extended in whole or in part annually for up to five (5) additional years based on
the proposed annual rate. Such agreement shall take the form of an addendum to the
Contract under Section 40.050—Changes and Modifications to the Contract.
The Commonwealth reserves the right not to exercise any or all renewal options. The
Commonwealth reserves the right to extend the contract for a period less than the
length of the above-referenced renewal period if such an extension is determined by the
Commonwealth Buyer to be in the best interest of the Commonwealth.
The Commonwealth reserves the right to renegotiate any terms and/or conditions as
may be necessary to meet requirements for the extended period. The Vendor will be
advised of any proposed revisions prior to the renewal periods. In the event proposed
revisions cannot be agreed upon, either party shall have the right to withdraw without
prejudice from either exercising the option or continuing the contract in an extended
period.
Section 40.035—Basis of Price Revisions
PRICE ADJUSTMENTS: Unless otherwise specified, the prices established by the
Contract resulting from this Contract shall remain firm for the contract period subject to
the following:
99

 A: Price Increases: A price increase shall not occur during the first twelve (12) months
of the contract. A vendor may request a price increase after twelve (12) months of the
contract, which may be granted or denied by the Commonwealth. Any such price
increase shall be based on industry wide price changes. The Contract holder must
request in writing a price increase at least thirty (30) days prior to the effective date, and
shall provide firm proof that the price increase(s) is justified. The Office of Procurement
Services may request additional information or justification. If the price increase is
denied, the Contract holder may withdraw from the Contract without prejudice upon
written notice and approval by the Office of Procurement Services. Provided, however,
that the Vendor must continue service, at the Contract prices, until a new Contract can
be established (usually within sixty (60) days).
B: Price Decreases: The Contract price shall be reduced to reflect any industry wide
price decreases. The Contract holder is required to furnish the Office of Procurement
Services with notice of any price decreases as soon as such decreases are available.
C: Extended Contract Periods: If the Contract provides for an optional renewal period, a
price adjustment may be granted at the time the Contract is renewed, subject to price
increase justification as required in Paragraph A ―Price Increases‖ as stated above.
Section 40.040—Multiyear Contracts
If this Contract is for a term that extends beyond the end of the biennium in which the
Contract was made, payment and performance obligations for succeeding fiscal years
are subject to the availability of funds thereof. When funds are not appropriated or
otherwise made available to support continuation of performance of the Contract
beyond the biennium, the Contract for such subsequent year(s) may be canceled and
the Contractor shall be reimbursed in accordance with Section 40.150—Provisions for
Termination of the Contract.
Section 40.045— Contract Usage
This contractual agreement with the selected Vendor will in no way obligate the
Commonwealth of Kentucky to purchase any services or equipment under this contract.
The Commonwealth agrees, in entering into any contract, to purchase only such
services in such quantities as necessary to meet the actual requirements as determined
by the Commonwealth.
Section 40.048—Addition or Deletion of Items or Services
The Office of Procurement Services reserves the right to add new and similar items,
with the consent of the Vendor, to any contract awarded from this Contract. The Office
of Procurement Services to effect this change will issue a Contract Modification. Until
100

 such time as the Vendor receives a Modification, the Vendor shall not accept Delivery
Orders from any agency referencing such items or services.

Section 40.050—Changes and Modifications to the Contract
Pursuant to KRS 45A.210(1) and 200 KAR 5:311, no modification or change of any
provision in the Contract shall be made, or construed to have been made, unless such
modification is mutually agreed to in writing by the Contractor and the Commonwealth,
and incorporated as a written amendment to the Contract and processed through the
Office of Procurement Services and approved by the Finance and Administration
Cabinet prior to the effective date of such modification or change pursuant to KRS
45A.210(1) and 200 KAR 5:311. Memorandum of understanding, written clarification,
and/or correspondence shall not be construed as amendments to the Contract.
If the Contractor finds at any time that existing conditions made modification of the
Contract necessary, it shall promptly report such matters to the Commonwealth Buyer
for consideration and decision.
Section 40.055—Changes in Scope
The Commonwealth may, at any time by written order, make changes within the general
scope of the Contract. No changes in scope are to be conducted except at the approval
of the Commonwealth through the process described in Section 40.050—Changes and
Modifications to the Contract.
Section 40.060—Contract Conformance
If the deliverables due under the Contract resulting from this Contract are not approved
as being in conformance with the terms and conditions of the Contract and the mutually
agreed-upon project plan, the Buyer may request the Contractor to deliver assurances
in the form of additional Contractor resources and to demonstrate that other major
schedules will not be affected. The Commonwealth shall approve Contractor‘s plan for
the quantity and quality of such additional resources and failure to comply may
constitute default by the Contractor.
Section 40.065—Assignment
The Contractor shall not assign the Contract in whole or in part or any payment arising
therefrom without the prior written consent of the Commonwealth Buyer. Any purported
assignment is void.

101

 Section 40.070—Notices
After the Award of Contract, all programmatic communications with regard to day-to-day
performance under the contract are to be made to the Agency technical contact(s)
identified below:
Carrie Banahan, Executive Director
Office of the Kentucky Health Benefit Exchange
12 Millcreek
Frankfort, KY 40621
502-564-7940
Carrie.banahan@ky.gov
After the Award of Contract, all communications of a contractual or legal nature are to
be made to the Commonwealth Buyer identified below:
Don Speer, Executive Director
Office of Procurement Services
702 Capitol Avenue
Frankfort, KY 40601
502-564-4510
Don.Speer@ky.gov

Section 40.075—Payment
The Commonwealth will make payment within thirty (30) working days of receipt of
Contractor's invoice or of approval of Deliverables in accordance with KRS 45.453 and
KRS 45.454.
Payments are predicated upon successful completion and approval of the Deliverables.
Invoices for payment shall be submitted to the Agency Contact Person or his
representative.
In the event of a failure to meet the Contract or performance standards requirements,
the Contractor agrees that the Commonwealth may assess and withhold from payments
due its liquidated damages for the losses defined below in Section 40.075.020, and in
the Service Level Agreement attached hereto as Attachment C and incorporated
herein by this reference, at the Commonwealth's discretion. The liquidated damages
provided for in this Contract shall constitute the Commonwealth‘s sole remedy, and
102

 Contractor‘s sole liability to the Commonwealth, for the relevant failure giving rise to
such liquidated damages.
Section 40.075.010 Design, Development and Implementation (DDI) and
Operational Support and Warranty Period Milestone payments retainage
The Commonwealth seeks to financially promote successful outcomes as well as
assess liquidated damages in the event of certain failures. The Commonwealth shall
require a retainage in an amount equal to twelve and a half percent (12.5%) of the fees
allocated to Contractor‘s Deliverables under this Contract.
Section 40.075.010.010 Payment of Retainage
Payment of the retainage shall be made as follows:
50% of the total retained amount shall be paid to Contractor upon approval of the
System Test Results Deliverable Release 4;
The total remaining retained amount shall be paid to Contractor at the end of the
Operational Support and Warranty Period described in Section 30.220.
Section 40.075.020 –Liquidated Damages, Identity Theft Violation
If the Contractor or any subcontractor of Contractor makes or causes a use or
disclosure of PHI or PII in breach of this Contract that results from Contractor‘s or its
subcontractor‘s negligence or intentional misconduct, and notification of such breach is
legally required to be made under any law applicable to Contractor in connection with
this Contract, then Contractor will, up to an aggregate amount of Two Hundred and Four
($204) per record, reimburse the Commonwealth for its reasonable, out-of pocket costs
of (i) any legally-required notifications to the affected individuals and (ii) credit
monitoring (including identity theft insurance for affected individuals) for no more than
twelve (12) months from the date the individual enrolls in credit monitoring, provided
that such credit monitoring is an appropriate remedy given the circumstances of the
breach (e.g., credit monitoring may be appropriate if social security numbers with other
identifiers have been subject to unauthorized disclosure).
Section 40.080—Contractor Cooperation in Related Efforts
The Commonwealth of Kentucky may undertake or award other contracts for additional
or related work, services, supplies, or commodities, and the Contractor shall fully
cooperate with such other contractors and Commonwealth employees. The Contractor
shall not commit or permit any act that will interfere with the performance of work by any
other contractor or by Commonwealth employees.
103

 Section 40.085—Subcontractors
The Contractor is permitted to make subcontract(s) with any other party for furnishing
any of the work or services herein. The Contractor shall be solely responsible for
performance of the entire Contract whether or not subcontractors are used. The
Commonwealth shall not be involved in the relationship between the prime contractor
and the subcontractor. Any issues that arise as a result of this relationship shall be
resolved by the prime contractor.
All references to the Contractor shall be construed to encompass both the Contractor
and any subcontractors of the Contractor.
Section 40.090—Contractor Affiliation
"Affiliate" shall mean a branch, division or subsidiary that is effectively controlled by
another party. If any affiliate of the Contractor shall take any action that, if done by the
Contractor, would constitute a breach of this agreement, the same shall be deemed a
breach by such party with like legal effect.
Section 40.095—Performance Bond
Pursuant to 200 KAR 5:305, the Contractor shall furnish a performance bond
satisfactory to the Commonwealth in an amount equal to $10 million as security for the
faithful performance of the Contract. The bond furnished by the Contractor shall
incorporate by reference the terms of the Contract as fully as though they were set forth
verbatim in such bonds. In the event the Contract is amended, the penal sum of the
performance bond shall be deemed increased by like amount.
The initial bond shall be submitted to the Commonwealth Buyer within thirty (30) days of
execution of this Contract. Any required amendment to the bond shall be submitted to
the Commonwealth Buyer within thirty (30) days of said amendment.
Section 40.100—Commonwealth Property
The Contractor shall be responsible for the proper custody and care of any
Commonwealth-owned property furnished for Contractor's use in connections with the
performance of this Contract. The Contractor shall reimburse the Commonwealth for its
loss or damage by Contractor, normal wear and tear excepted.
Section 40.105—Insurance
The Contractor shall provide professional liability insurance for its professional
employees, public liability, property damage, and workers' compensation insurance,
insuring as they may appear, the interest of all parties of agreement against any and all
104

 claims which may arise out of the Contractor's operations under the terms of this
Contract. In the event any carrier of such insurance exercises cancellation, notice of
such cancellation shall be made to the Commonwealth Buyer at least 30 days in
advance.
Section 40.110—Confidentiality of Contract Terms
The Contractor and the Commonwealth agree that all information communicated
between them before the effective date of the Contract shall be received inconfidence
and shall not be necessarily disclosed by the receiving party, its agents, or employees
without prior written consent of the other party. Such material will be kept confidential
subject to Commonwealth and Federal public information disclosure laws.
Upon signing of the Contract by all Parties, terms of the Contract become available to
the public, pursuant to the provisions of the Kentucky Revised Statutes.
The Contractor shall have an appropriate agreement with its Subcontractors extending
these confidentiality requirements to all Subcontractors‘ employees.
Section 40.115—Confidential Information
The Contractor shall comply with the provisions of the Privacy Act of 1974 and instruct
its employees to use the same degree of care as it uses with its own data to keep
confidential information concerning client data, the business of the Commonwealth, its
financial affairs, its relations with its citizens and its employees, as well as any other
information which may be specifically classified as confidential by the Commonwealth in
writing to the Contractor. Contractor shall abide by all applicable Federal and State
Regulations and Statutes related to confidentiality. The Contractor shall have an
appropriate agreement with its employees to that effect, provided however, that the
foregoing will not apply to:
-Information which the Commonwealth has released in writing from being maintained in
confidence;
-Information which at the time of disclosure is in the public domain or publicly available
by having been printed an published and available to the public in libraries or other
public places where such data is usually collected; or
-Information, which, after disclosure, becomes part of the public domain or publicly
available as defined above, through no act of the Contractor or information required to
be disclosed by applicable law, rule, regulation, subpoena or summons.
The Contractor shall have an appropriate agreement with its Subcontractors extending
these confidentiality requirements to all Subcontractors' employees.

105

 Section 40.120—Advertising Award
The Contractor shall not refer to the Award of Contract in commercial advertising in
such a manner as to state or imply that the firm or its services are endorsed or preferred
by the Commonwealth of Kentucky.
Section 40.125— Patent or Copyright Infringement
The Contractor shall report to the Commonwealth promptly and in reasonable written
detail, each notice of claim of patent or copyright infringement based on the
performance of this Contract of which the Contractor has knowledge.
The Commonwealth agrees to notify the Contractor promptly, in writing, of any such
claim, suit or proceeding, and at the Contractor's expense give the Contractor proper
and full information needed to settle and/or defend any such claim, suit or proceeding.
If, in the Contractor's opinion, the equipment, materials, or information mentioned in the
paragraphs above is likely to or does become the subject of a claim or infringement of a
United States patent or copyright, then without diminishing the Contractor's obligation to
satisfy any final award, the Contractor may, with the Commonwealth's written consent,
substitute other equally suitable equipment, materials, and information, or at the
Contractor's options and expense, obtain the right for the Commonwealth to continue
the use of such equipment, materials, and information.
The Commonwealth agrees that the Contractor has the right to defend, or at its option,
to settle and the Contractor agrees to defend at its own expense, or at its option to
settle, any claim, suit or proceeding brought against the Commonwealth on the issue of
infringement of any United States patent or copyright or any product, or any part
thereof, supplied by the Contractor to the Commonwealth under this agreement. The
Contractor agrees to pay any final judgment entered against the Commonwealth on
such issue in any suit or proceeding defended by the Contractor.
If principles of governmental or public law are involved, the Commonwealth may
participate in the defense of any such action, but no costs or expenses shall be incurred
for the account of the Contractor without the Contractor's written consent.
The Contractor shall have no liability for any infringement based upon:
-the combination of such product or part with any other product or part not furnished to
the Commonwealth by the Contractor
-the modification of such product or part unless such modification was made by the
Contractor
-the use of such product or part in a manner for which it was not designed.

106

 Section 40.130—Permits, Licenses, Taxes and Commonwealth Registration
The Contractor shall procure all necessary permits and licenses and abide by all
applicable laws, regulations, and ordinances of all Federal, State, and local
governments in which work under this Contract is performed.
The Contractor shall pay any sales, use, and personal property taxes arising out of this
Contract and the transaction contemplated hereby. Any other taxes levied upon this
Contract, the transaction, or the equipment or services delivered pursuant hereto shall
be borne by the Contractor.
Section 40.135—Contract Claims
The Parties acknowledge that KRS 45A.225 to 45A.290 governs contract claims.
Section 40.140—Rights and Remedies
The rights and remedies of the Commonwealth provided in Section 40 shall not be
exclusive and are in addition to any other rights and remedies provided by law or under
this Contract.
Section 40.145—EEO Requirements
The Equal Employment Opportunity Act of 1978 applies to All State government
projects with an estimated value exceeding $500,000. The Contractor shall comply with
all terms and conditions of the Act.
Section 40.150—Provisions for Termination of the Contract
This Contract shall be subject to the termination provisions set forth in 200 KAR 5:312.
Section 40.160—Bankruptcy
In the event the Contractor becomes the subject debtor in a case pending under the
Federal Bankruptcy Code, the Commonwealth's right to terminate this Contract may be
subject to the rights of a trustee in bankruptcy to assume or assign this Contract. The
trustee shall not have the right to assume or assign this Contract unless the trustee (a)
promptly cures all defaults under this Contract; (b) promptly compensates the
Commonwealth for the monetary damages incurred as a result of such default, and (c)
provides adequate assurance of future performance, as determined by the
Commonwealth.

107

 Section 40.170—Conformance with Commonwealth & Federal Laws/Regulations
This Contract is subject to the laws of the Commonwealth of Kentucky and where
applicable Federal law. Any litigation with respect to this Contract shall be brought in
state or federal court in Franklin County, Kentucky.
Section 40.190—Recycling
The Contractor is required to comply with the recycling requirements of 200 KAR 5:330.
Section 40.200—Funding Limitations
If this Contract exceeds the amount of funding available, then the Finance and
Administration Cabinet, Office of Procurement Services, reserves the right to cancel this
contract.
Section 40.210—Accessibility
Vendor hereby warrants that the products or services to be provided under this Contract
comply with the accessibility requirements of section 504 of the Rehabilitation Act of
1973, as amended (29 U.S.C. § 794d), and its implementing regulations set forth at Title
36, Code of Federal Regulations, part 1194. Vendor further warrants that the products
or services to be provided under this Contract comply with existing federal standards
established under Section 255 of the Federal Telecommunications Act of 1996 (47
U.S.C. § 255), and its implementing regulations set forth at Title 36, Code of Federal
Regulations, part 1193, to the extent the Vendor's products or services may be covered
by that act. Vendor agrees to promptly respond to and resolve any complaint regarding
accessibility of its products or services which is brought to its attention.
Section 40.230— Access to Records
The contractor, as defined in KRS 45A.030 (9) agrees that the contracting agency, the
Finance and Administration Cabinet, the Auditor of Public Accounts, and the Legislative
Research Commission, or their duly authorized representatives, shall have access to
any books, documents, papers, records, or other evidence, which are directly pertinent
to this contract for the purpose of financial audit or program review. Records and other
prequalification information confidentially disclosed as part of the bid process shall not
be deemed as directly pertinent to the contract and shall be exempt from disclosure as
provided in KRS 61.878(1) (c). The contractor also recognizes that any books,
documents, papers, records, or other evidence, received during a financial audit or
program review shall be subject to the Kentucky Open Records Act, KRS 61.870 to
61.884.
108

 In the event of a dispute between the contractor and the contracting agency, Attorney
General, or the Auditor of Public Accounts over documents that are eligible for
production and review, the Finance and Administration Cabinet shall review the dispute
and issue a determination, in accordance with Secretary's Order 11-004.
Section 40.240—Funding-Out Provision
The Vendor agrees that if funds are not appropriated to the agency or are not otherwise
available for the purpose of making payments, the agency shall be authorized, upon
sixty (60) days written notice to the Vendor, to terminate this contract. The termination
shall be without any other obligation or liability of any cancellation or termination
charges, which may be fixed by the contract.
Section 40.250—Reduction in Contract Worker Hours
The Kentucky General Assembly may allow for a reduction in contract worker hours in
conjunction with a budget balancing measure for some professional and nonprofessional service contracts. If under such authority the agency is required by
Executive Order or otherwise to reduce contract hours, the contract will be reduced by
the amount specified in that document.
Section 40.260 – Limitation of Liability
The liability of the Commonwealth related to contractual damages is set forth in KRS
45A.245.
Except for Claims (as defined below) for which the Contractor is obligated under Section
40.125 above, damages arising from the bad faith or willful misconduct of the
Contractor, and damages for bodily injury (including death) and damages for physical
injury to tangible personal property or real property, Contractor shall not be liable to the
Commonwealth for any claims, liabilities, or expenses relating to this Contract (―Claims‖)
for an aggregate amount in excess of (i) in the case of Claims arising during the initial
term of this Agreement, the greater of $20,000,000 or the amounts paid by the
Commonwealth to Contractor pursuant to this Agreement for services performed during
the initial term of this Agreement, and (ii) in the case of Claims arising during any such
optional extension term, the amounts paid by the Commonwealth to Contractor
pursuant to this Agreement for services performed during the applicable optional
extension term of this Agreement, in each case excluding, for clarification purposes, any
pricing for hardware or software resale contained in Contractor‘s proposal for the
Commonwealth‘s informational purposes. In no event shall the measure of damages
payable by the Contractor include, nor shall Contractor be liable for, any amounts for
loss of income, profit or savings or indirect, incidental, consequential, exemplary,
punitive or special damages of the Commonwealth, unless a court of competent
109

 jurisdiction deems this provision to be an unconstitutional indemnification or assumption
of legal risk of another party by the Commonwealth.
V. Pricing
Cost Summary
Description
1

Solution Development Cost Summary

2

PMB Solution Integration Cost Summary

3

PMB Hosting Cost Summary

4

PMB Software Licensing Cost Summary

Total Contract

Price
$59,229,693
$23,393,323
$11,498,500
$7,378,484
$101,500,000

Option To Buy
5

E&E Hardware and Software Cost Summary (Pass-Thru)

6

E&E Cloud Based Infrastructure Cost Summary

7

E&E Software Licensing Cost Summary

8

Operational Support Extension Cost Summary

9

Fulfillment Cost Summary

10

Disaster Recovery and Business Continuity Cost Summary

$14,933,841
$
$13,674,32
No Cost
$4,125,000
$4,254,987
$4,550,000

Hourly Rates - The presented blended rates supports a leverage model currently
defined for DDI and M&O. Staffing for enhancements will be estimated using the same leverage
model, otherwise they will be priced at mutually negotiated rates.
11
12
13
14
15
16
17
18

2012
2013
2014
2015
2016
2017
2018
2019

$ 125.00
$ 128.00
$ 132.00
$ 137.00
$ 143.00
$ 150.00
$ 150.00
$ 167.00

110

 VI. Approvals
This Contract is subject to the terms and conditions as stated. By executing this
Contract, the parties verify that they are authorized to bind this agreement and that they
accept the terms of this agreement.
This Contract may be executed electronically in any number of counterparts, each of
which shall be deemed to be an original, but all of which together shall constitute one
and the same Contract.

1st Party: Deloitte Consulting, LLP, as Contracting Agent
___Mohan Kumar________________
Printed name

__Director___________________
Title

______________________________
Signature

___________________________
Date

2nd Party: Cabinet for Family and Health Services
Office of the Kentucky Health Benefit Exchange
___Carrie Banahan______________
Printed name

___Executive Director__________
Title

______________________________
Signature

___________________________
Date

Approved by the Finance and Administration Cabinet
Office of Procurement Services

Donald R. Speer_________________
Printed name

Executive Director_____________
Title

______________________________
Signature

___________________________
Date

111

 ATTACHMENT A

Exhibit 1
Vendor Key Personnel – Key Roles

This Exhibit 1 describes the Vendor Key Personnel in Key Roles for the Commonwealth of Kentucky
HBE project.

Project Role
Project Executive
Project Manager
Functional Manager
System Architect
Technical Manager
Implementation Manager
Data Manager
Operations Manager
Librarian
Service Center Manager

Individual
Mohan Kumar
Prasad Yarlagedda
Andy Demchak
Thomas Beck
Philip Truche
Mary Schweitzer
John Tarbutton
Amol Sathaye
Brinkley Meyers
Bill Dinneen

112

 ATTACHMENT B

Release

Function

Revised Release Timeline
2014

2013
Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun
0

1

2

3

4

5

6

7

8

9

10

Jul

2015

Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

34

35

36

37

38

39

40

41

42

Oct
43

Nov Dec
44

Project Management
Initiate & Plan
Technical Activities

Plan Maintenance

1 Define

Go Live Date

Design
Develop
System Test
User Acceptance Test

AUG 03 2013
Plan Financial Management & Billing
Self Service Portal
APTC Determination
Medicaid Eligiblity Screening (MAGI vs. Non-MAGI)
Federal Data HUB Integration
OCT 01 2013
KAMES Enhancements by CHFS
Medicaid Eligiblity Determination (Group - 1 TBD)
Case Management Functions (Group - 1 TBD)
Integration with MCAPS and other State systems

Training
2 Define
Design
Develop
System Test
User Acceptance Test
Training
3 Define
Design
Develop
System Test
User Acceptance Test

DEC 16 2013

Training

Medicaid Eligiblity Determination (Group - 2 TBD)
Case Management Functions (Group 2 - TBD)
Fraud Analytics
All remaining interfaces including DMS & TPL

4 Define
Design
Develop
System Test
User Acceptance Test
Training

Dec 2012

SNAP TANF Roadmap
Data Conversion

JUN 02 2014

MAR 29 2013

Help Desk
Warranty & Operations

Figure 1. KY HBE Revised Release Plan.
Revised release plan extends implementation of KY HBE functionality in 4 Releases that extend to June 2014 while meeting ACA
timelines.

Based on discussions with the Commonwealth on Wed, Aug 8 we have mutually agreed
to a phased release strategy and revised timeline for the HBE project. Following is the
high level description of the four proposed releases:
Release 1 (August 05 2013)
Release 1 delivers Plan Maintenance functionality to support Health Plan Providers and
KY Department of Insurance to certify and upload plan information into the portal.
Release 2 (October 01 2013)
Release 2 delivers the remainder of the Plan Management and Billing (PMB)
functionality and the E&E Self Service Portal. The following functionality is delivered in
this release:
Application Intake processing in Self Service Portal for all MAGI Medicaid and other
Insurance affordability program clients that includes real time data verification
capabilities. Workers and Navigators are allowed to enter applications in Self
Service Portal on behalf of end clients.
A PMB solution that supports all high level functions for Administration, Reporting,
Financial Management, Core Operations, Plan Management, and Enrollment and
113

45

 allow for integration with existing systems like SERFF where applicable. The
specifics of these interfaces will be defined in JADs.
BI reports to support functionality in Release 2 (TBD in JADS)
Release 3 (December 16 2013)
This release delivers the first set of case management functions that are part of the
Eligibility & Enrollment system (E&E) for MAGI Medicaid and some of the other KY
Medicaid programs. The following functionality is delivered in this release:
Applications taken between October 2013 and 2014 will be automatically processed.
This may require worker intervention depending on CHFS policy and process
decisions.
An end to end Eligibility System with real time eligibility determination, benefit
calculation and case management capabilities for all Magi Medicaid applicants
(excluding Aged, Blind, and Disabled population and Title IV-E (foster care & special
adoption) kids from KAMES) and Insurance affordability programs.
The E&E solution must support role based access and navigation for a
comprehensive user group (Appendix N of RFP). Each user is expected to perform a
set of unique and several common functions; thus the E&E must allow for different
navigation and views based on user types.
KAMES systems enhanced by CHFS to integrate with Master Client Index (MCI)
hosted by HBE system.
BI reports to support functionality in Release 3 (TBD in JADS)
The Commonwealth intends to establish the specifics of data migration in JADS;
however, the Commonwealth envisions migrating individuals whose eligibility will be
determined by the MAGI methodology with Medicaid recertification date on or before
the end of March 2014, in the month of March (after their March Medicaid Eligibility
is already effective -post 1st of the month). MAGI eligibility for these migrated
individuals will be effective 1st April 2014.
The Commonwealth recognizes that existing Medicaid recipients that will ultimately
transition under MAGI may have to be in KAMES for a period of time. The
Commonwealth further envisions a monthly utility to support migration of individuals
with recertification date post March 2014. This monthly utility (executed after that
month‘s Medicaid Eligibility is already effective -post 1st of the month) should target
migration of all individuals whose recertification dates fall within that month; for their
MAGI eligibility to be effective the 1st of the following month.
Please note: The last month that this conversion utility will need to be executed will
be December 2014. This timeframe falls within warranty period.
114

 Release 4 (June 02 2014)
Migration of all data, for Aged, Blind and Disabled population and Title IV-E (foster care
& special adoption) kids from KAMES. An end to end Eligibility System with eligibility
determination, benefit calculation and case management capabilities for Aged, Blind
and Disabled clients and Foster Care Title IV-E kids.
BI reports to support functionality in Release 4. Fraud Analytics functionality is also
included in Release 4.

SNAP TANF Integration
High level requirements for SNAP TANF integration to support federal cost allocation
documentation will be completed along with requirements for Release 1, 2, & 3. This will
be delivered in Dec 2012.
Details requirements for SNAP TANF integration will be completed along with
requirements for Release 4.

115

 ATTACHMENT C
Service Level Agreement
Item

1

2

3

4

Performance
Area

Key Personnel

Performance Requirement
Commitments of individuals for Key
Roles, as listed in Exhibit 1 hereto
and as described in Section 30.170
of this Contract, as contained in the
Contract for all phases of the
contract for the level of efforts set
forth in the Contract shall not be
changed without prior written
approval of the HBE Contract
Administrator unless due to the
death, disability, resignation,
illness, serious personal
circumstances, termination or
military recall of any such named
Key Roles.

Key Personnel

The Vendor shall replace
personnel in Key Roles within 10
business days.

DDI Period
Deliverables

The critical deliverables listed in
Exhibit 1 attached hereto shall be
delivered by the date agreed to in
the approved Detailed Project
Work Plan (―Critical Deliverables‖).

System
Availability

All components of E&E and PMB
solution should be available to ALL
users at least 98.5% of the time
during a calendar month excluding
regular maintenance window.

116

Liquidated Damages the
Commonwealth May Assess

Up to thirty thousand dollars ($30,000)
for each occurrence.

Up to one thousand dollars ($1,000)
per each business day exceeding such
10 business day period, for which a
Key Role goes unfilled due to the lack
of an acceptable replacement being
provided.
Up to one thousand ($1,000) per each
business day the Vendor fails to meet
the Critical Deliverable delivery due
date specified in the approved Detailed
Project Work Plan, up to a maximum of
30 calendar days.
Grace Period: No liquidated damages
shall be assessed until the final ninety
(90) days of the Operational Support
and Warranty Period.
If such failure was solely attributable to
Vendor‘s acts or omissions, and the
Commonwealth has performed a root
cause analysis demonstrating the
same, the Commonwealth may, upon
written notice describing in reasonable
detail such analysis and the results
thereof, assess up to $1,000 per hour

 Item

Performance
Area

Performance Requirement

5

Batch Processing
Performance

Process inbound files within agreed
upon schedule

6

Batch Processing
Performance

Create outbound files within agreed
upon schedule

7

Backup, Disaster
Recovery and
Business
Continuity

The system must not exceed a 48
hour period without a successful
daily incremental backup, or
exceed a 216 hour period (1 week,
2 days) without a successful
weekly full backup. Backup
windows and thresholds may be
extended under special
circumstances if prior approval is
granted by the Commonwealth.

8

Backup, Disaster
Recovery and
Business
Continuity – only
applicable if
Vendor is to host
the system per
option

Disaster Recovery: System shall
be recovered within agreed upon
timeframe from the disaster point,
100% of the time, with minimal
data loss not exceeding 30 minutes

117

Liquidated Damages the
Commonwealth May Assess
Grace Period: No liquidated damages
shall be assessed until the final ninety
(90) days of the Operational Support
and Warranty Period.
If such failure was solely attributable to
Vendor‘s acts or omissions, and the
Commonwealth has performed a root
cause analysis demonstrating the
same, the Commonwealth may, upon
written notice describing in reasonable
detail such analysis and the results
thereof, assess up to $2,500 per
occurrence
Grace Period: No liquidated damages
shall be assessed until the final ninety
(90) days of the Operational Support
and Warranty Period.
If such failure was solely attributable to
Vendor‘s acts or omissions, and the
Commonwealth has performed a root
cause analysis demonstrating the
same, the Commonwealth may, upon
written notice describing in reasonable
detail such analysis and the results
thereof, assess up to $2,500 per
occurrence
Grace Period: No liquidated damages
shall be assessed until the final ninety
(90) days of the Operational Support
and Warranty Period.
If such failure was solely attributable to
Vendor‘s acts or omissions, and the
Commonwealth has performed a root
cause analysis demonstrating the
same, the Commonwealth may, upon
written notice describing in reasonable
detail such analysis and the results
thereof, assess up to $5,000 per
occurrence
Grace Period: No liquidated damages
shall be assessed until the final ninety
(90) days of the Operational Support
and Warranty Period.
If such failure was solely attributable to
Vendor‘s acts or omissions, and the
Commonwealth has performed a root
cause analysis demonstrating the
same, the Commonwealth may, upon
written notice describing in reasonable
detail such analysis and the results
thereof, assess up to $10,000 per

 Item

9

10

11

Performance
Area

System
Availability

Change Request
Management

System
Performance
Online
Transaction
Response Times

Performance Requirement

Notice of Outages: The vendor
shall notify the Commonwealth 48
hours in advance for scheduled
outages unless otherwise agreed
upon in a given instance
Written change order
proposal/response from Vendor to
all Change Requests must be
delivered to the Commonwealth
within 15 Business Days of receipt
of a Change Request or as
otherwise negotiated with the
Commonwealth.
Online transaction Response times
for users accessing the System
during the Operational Support and
Warranty Period will meet the
following Performance Standards
on a monthly basis (except during
scheduled batch and maintenance
periods), provided that the HBE
network and systems are adequate
to deliver the transaction in a timely
manner to the end user. The
following Performance Standards
will be measured and reported
monthly.
Record Search and/or Retrieval
Time: The response time for a
search command (involving
retrieval of a list of matching
records) will not exceed 3 seconds
for at least 95%of all record
searches/retrievals, and will have a
monthly median response time of
less than 2.5 seconds
Screen Edit Time: The response
time for screen editing (involving
the editing of fields, with the errors
highlighted) will not exceed 3

118

Liquidated Damages the
Commonwealth May Assess
occurrence

Grace Period: No liquidated damages
shall be assessed until the final ninety
(90) days of the Operational Support
and Warranty Period.
Up to $2,500 per occurrence

Up to $100 per business day for each
day such a change order
proposal/response is not timely
received.

Grace Period: No liquidated damages
shall be assessed until the final ninety
(90) days of the Operational Support
and Warranty Period.
If such failure was solely attributable to
Vendor‘s acts or omissions, and the
Commonwealth has performed a root
cause analysis demonstrating the
same, the Commonwealth may, upon
written notice describing in reasonable
detail such analysis and the results
thereof, assess up to:
Median response time exceeds
Performance Standard up to 1 second
$ 2,000 per month
Median response time exceeds
Performance Standard up to 2 seconds
$ 5,000 per month
Median response time exceeds
Performance Standard up to 3 seconds
$10,000 per month
These preliminary Response Time
commitments will be recalibrated

 Item

Performance
Area

Performance Requirement
seconds for 95% of the
transactions, and will have a
monthly median response time of
less than 2.5 seconds.
Next Screen Page Time: The
response time for the request of a
new screen will not exceed 3
seconds for 95% of the
transactions, and will have a
monthly median response time of
less than 2.5 seconds.

12

13

SLA Reports

User Acceptance
Test Environment
Availability

Liquidated Damages the
Commonwealth May Assess
during performance testing and revised
between the parties to reflect the final
response time commitments as agreed
upon by the parties. Such recalibration
will allow the parties to discuss and
focus on different response times for
different categories of transactions.

Vendor must provide a monthly
SLA Report that includes all SLA
performance areas as required by
th
the Contract by the 10 day of the
following month.

Up to $200 per business day for each
day a System Performance Report in
accordance with the Contract is not
timely received.

Vendor and HBE will agree upon a
schedule for user Acceptance
testing during business hours.
During those scheduled times,
Vendor must make the User
Acceptance Test Environment
available in accordance with the
Contract 95% of the scheduled
time within a given month

If such failure was solely attributable to
Vendor‘s acts or omissions, and the
Commonwealth has performed a root
cause analysis demonstrating the
same, the Commonwealth may, upon
written notice describing in reasonable
detail such analysis and the results
thereof, assess up to $100 per hour for
each hour the User Acceptance Test
Environment does not meet this
Performance Standard, not to exceed
$1,000 per business day.

Exhibit 1
Critical Deliverables:

1. Requirements Defined – General Design Deliverable Release 1, 2, 3 (combined
deliverable);
2. Requirements Defined – General Design Deliverable Release 4 (includes E&E
functions for Release 4, SNAP/TANF Requirements, Fraud Analytics, and any other
functionality mutually agreed to be moved to Release 4);
3. Design Complete – Detail Design Deliverable 1, 2, 3 (combined deliverable);
4. Design Complete – Detail Design Deliverable Release 4;
5. Development Complete – System Test Results Deliverable Release 1;
6. Development Complete – System Test Results Deliverable Released 2;
7. Development Complete – System Test Results Deliverable Release 3; and
8. Development Complete – System Test Results Deliverable Release 4.

119