Overview
Type: IT
Category: Software
File Name: Tender-20123
Available to: OPS/Non-OPS
Effective Date: 04/27/2025
Original Expiry Date: 04/27/2028
Current Expiry Date: 04/27/2028
Description
Supply Ontario has established a new Vendor of Record (VOR) arrangement for Artificial Intelligence Solutions – AI Scribe. This arrangement includes multiple vendors who have been pre-qualified through a competitive Request for Bids (RFB) process.
The AI scribe VOR is part of Ontario’s broader initiative to promote the responsible and effective adoption of digital health technologies and to assist healthcare providers. This program was developed in partnership with key organizations, including the Ministry of Health, Ontario Health, and OntarioMD.
The VOR arrangement, which is effective from April 27, 2025 through to April 27, 2028, is for a term of three (3) years, with one (1) additional optional extension term of one (1) year. The VOR arrangement is optionally available to non-OPS entities including entities in public healthcare sector.
This VOR arrangement will introduce a digital tool designed to reduce the administrative burden on healthcare practitioners, allowing them to focus more on patient care. This will enhance patient engagement, improve care coordination, and optimize clinical workflows.
Qualified Vendors
Show
entries
| Organization Name |
|---|
| 12677776 Canada Ltd./EMERGE Healthcare Co. |
| 3M Healthcare Canada Company Limited (DBA Solventum) |
| 4530019 Nova Scotia Limited, dba SpeechMD Voice Recognition |
| ADGTECH SOLUTIONS INC. |
| Aya Health Technologies Inc. |
| Laboratoire CoeurWay Inc. |
| Data Centre Intelligence Inc. |
| Deljoo Inc. |
| DocSplain AI Doctor Inc. |
| 8137862 Canada Inc. (O/A MarkiTech) |
Showing 1 to 10 of 20 entries
«
‹
12
›
»
More Information
To ensure a fair and consistent evaluation of potential vendors, Supply Ontario and its project partners created a set of core criteria, including both mandatory and scored requirements, across four main categories:
- clinical and business (ensuring solutions provide high-quality service which can integrate effectively with existing clinical workflows),
- legal/privacy (establishing that data is used, collected, and disclosed appropriately and remains compliant with appropriate privacy laws), and
- security (designed to ensure vendor’s maintain best practices in cybersecurity and protect sensitive information).
Below is an overview of some of the key evaluation criteria to help those considering using the VOR Program better understand the expectations, rationales, and outcomes of the procurement process.
Clinical & Business
- Transcription: The solutions must provide near-instant transcription (within 30 seconds) of the patient-clinician conversations. The solution should also have features to pause/resume without data loss, filter out background noise and irrelevant content, and differentiate multiple speakers (e.g. patient, caregiver, clinician).
- Note Creation & Editing: The solution must be able to automatically generate detailed, high-quality notes reflecting the full patient visit, while adhering to CPSO documentation standards. Clinicians must be able to review/edit these notes within the platform using typing or voice dictation, ensuring accuracy, completeness, and control over final notes.
- Templates: The solution should offer a range of structured note templates such as SOAP, referral, consult, and summary formats. Clinicians will be able to customize existing templates or create their own and have the flexibility to switch between templates mid-session without losing previously captured data.
- Language Capabilities: The solution must accurately transcribe and generate notes in English and be able to process diverse accents and medical slang and standard clinical acronyms. The solution’s interfacing must be available in English by default. Scribes should also be optionally available in French (and other languages), French-language interfacing may also be offered.,
- Patient-Facing Summaries: The solution should generate patient-friendly visit summaries and care instructions, with the ability to adjust language for different reading levels.
- Workflow Integration: Clinicians should be able to easily transfer finalized notes into their EMRs. The solution should work on multiple platforms (web, mobile, desktop), and offer offline functionality with automatic sync when connectivity is restored.
Privacy & Legal
- Compliance with Privacy Laws: The solutions must comply with Canadian and Ontario privacy laws, including the Personal Health Information Protection Act (PHIPA), Personal Information Protection and Electronic Documents Act (PIPEDA), and the Freedom of Information and Protection of Privacy Act (FIPPA).
- No Use of Personal Data for Training or Secondary Use: The solutions cannot use patient information (even if de-identified) for training or improving their AI models or any data from clinicians/patients for anything other than its intended purpose. The sole exception being using information solely for the benefit of the clinician using it. In the latter case, the vendor must remove identifying details.
- Location of Data Storage: All PHI must be stored and processed in Canada, unless: both the user and buyer are given appropriate notification (including a statement informing the buyer and user of their obligation to include this information in their publicly available privacy policies) and in compliance with applicable privacy laws where required, in a location and with a cloud provider that meets equal or higher security standards as those required of the vendor themselves.
- Business Continuity: Continuity of service is required on termination or if the solution is ever shut down or a clinician stops using the solution. The clinician must still be able to access its data and smoothly switch to another provider, without disruption. In the event there is a need for disaster recovery, vendors will have a written plan that explains how service will continue, even during technical failures or emergencies, and including how data will be recovered and how any service interruptions will be minimized.
- Secure Deletion of Notes: The solution should destroy all summary notes from patient visits (and other related personal information) once a clinician has reviewed and uploaded the clinical note to their EMR.
Security
- Security Operations: The vendors must have technical safeguards in place to prevent data breaches or misuse, on top of following lobal security standards, including:
- Intrusion detection and prevention systems (IDS/IPS)
- Monitoring systems (SIEM)
- Endpoint security (EDR)
- Data loss prevention (DLP)
- Network security configurations
- Long-term log storage for auditing purposes
- Threat Risk Assessment/Privacy Impact Assessment: Vendors must regularly conduct Threat Risk Assessments (TRAs) and Privacy Impact Assessments (PIAs), using qualified independent professionals.
- Security by Design: The Vendors were asked to ensure security is fully integrated into its tools early in the process of planning, selecting, designing and modifying technology.
- Security Certifications: Vendors were required to provide at least one industry-recognized certification which assisted to confirm their scribe meets rigorous security standards.
- Accepted certifications included: SOC 2 Type II (certified within the past 12 months), ISO 27001, and HITRUST r2.
- Data Backup & Disaster Recovery: Vendors were required to have systems in place in order be able to automatically back up their data regularly and have them be secure and encrypted and have in place a plan to restore systems and data in case of failures, outages, or emergencies to ensure clinicians experience minimal disruption.
- Warning of Missing Data: Vendors solutions must notify the user if part of a conversation is not fully processed or transcribed, ensuring that clinicians are aware of missing data.