British Embassy Jakarta opens call for proposals to enhance cyber security health sector in Indonesia

British Embassy Jakarta has announced an invitation for bids to help create a health ministry Computer Emergency Response Team and a Health Data and Cyber Security Coordination Group.

The health sector is vulnerable globally. In Indonesia, the threat to healthcare has been similarly singled out for attention; the Directorate of National Critical Information Infrastructure Protection within BSSN has produced an extensive Whitepaper on the state of cyber and information security in the Healthcare sector, stating that almost 69% of health institutions (based on their sampling) have weak cyber security levels and securing health data and systems is a key priority for the Ministry of Health.

The objective of this new project, under the Indonesia Digital Health Programme (Phase 1), is to start the implementation of two of these – to establish a Computer Emergency Response Team (CERT) and a multi-agency Health Data Protection and Cyber Security Coordination Group. Related UK funded work is supporting incident simulation training, a security outcomes framework and a privacy impact assessment of electronic medical record data. The implementer(s) of this project will be expected to maintain close alignment with these activities.

This programme will also align with HMGs country plan for Indonesia, particularly the KPIs around facilitating skills development in the health sector. It will directly contribute to delivering the KPI of improving Indonesia’s National Cyber Security Plan which takes into account UK concerns and enhances protection of Indonesia’s Critical national Infrastructure – of which health is one key sector. Indonesia is about to issue a National Cyber Security Strategy and Parliament is considering a Data Protection Law.

The development of digital health services is recognised as critical for increasing the quality of service and access to healthcare across this huge archipelago. Private systems have seen a huge increase in demand during the COVID restrictions but security concerns contribute to a lack of public trust in the services.

The Ministry of Health has recently created a Data Transformation Office, complementing the Centre for Data and Information. The digital platforms and services, however, are the responsibility of other delivery units. The incident response team will need to bring together resources from across the Ministry. The proposed Coordination Group will also include other ministries and agencies across the government.

The establishment of health ministry Computer Emergency Response Team (CERT) and a multi-agency Health Data Protection and Cyber Security Coordination Group, will act as a focal point for strategic risk management relating to healthcare data and systems, an area which is currently lacking and undermines operational planning and incident response capability.

CERTs usually provide a combination of reactive services (e.g. alerts, warnings, incident response coordination) and proactive services (e.g. announcements, security assessments, development of tools). The MoH is already in discussions with BSSN over the remit and functions of their CERT, so an important area of this work will be selecting the right services to underpin the definition of the MoH CERT.

Proposals should include the following: the foundational activities in the establishment of a CERT which will be delivered in the period, the key agencies and organisations to be engaged in the Coordination Group and realistic (potential) agenda for the period and finally, proposed monitoring. Bids are welcomed from not-for-profit organisations including academia, NGOs, inter-governmental organisations and not-for-profit arms of commercial entities.

Potential implementers should submit a completed project proposal form (PPF) (ODT, 61.8KB), Activity Based Budget (ABB) template (ODS, 10.4KB), Staff Daily Rate Card, together with confirmation they are content to use the FCDO Grant Agreement/MoU template (ODT, 86.3KB), to zoe.dayan@fcdo.gov.uk by 13 September 2021, 23:00 WIB Jakarta.

Successful project proposal for funding will be announced by 22 September 2021. The British Embassy aims to sign grant agreements with the successful project implementer by 28 September 2021.

Bids will be assessed against the following criteria:

  • value for money – criteria for economy, efficiency, effectiveness, equity, and cost- effectiveness
  • alignment with the requirements
  • understanding of and familiarity with the local context
  • project viability, including capacity and capability of implementing organisation(s)
  • project design, including clear, achievable objectives/outputs/outcomes/impact
  • good risk, issue and stakeholder management
  • implementer experience, past performance
  • sustainability

Potential implementers should submit a completed project proposal form (PPF) (ODT, 61.8KB), Activity Based Budget (ABB) template (ODS, 10.4KB), Staff Daily Rate Card, together with confirmation they are content to use the FCDO Grant Agreement/MoU template (ODT, 86.3KB), to zoe.dayan@fcdo.gov.uk by 13 September 2021, 23:00 WIB Jakarta.

Successful project proposal for funding will be announced by 22 September 2021. The British Embassy aims to sign grant agreements with the successful project implementer by 28 September 2021.

Share
Tweet
Post

Related posts

Scroll to Top