Digital Square RFA #2024-012

Global Goods Rapid Projects – Multilingual Support and Security

Digital Square is requesting applications from qualified vendors or consortiums focused on enhancing existing Digital Square–approved software global goods in one or both of the following aspects of software maturity:

1. Multilingual support through localization (i10n) and internationalization (i18n).
   Internationalization refers to the process of designing and building a software application so that it can be easily adapted to various languages and regions without needing engineering expertise. Localization refers to the process of adapting internationalized software for a specific region or language by translating text and adding locale-specific components. Through these small awards for multilingual support, we aim to make global goods more accessible and more usable for users across a wider user base and contribute to a more inclusive digital health marketplace.
   
   Enhancements in this aspect may include, but are not limited to, the following examples:

   • Documentation: technical and/or user documentation, guidelines, and training resources available in one or more additional languages.

   • Multilingual user interfaces

   • Internationalization: ability to support additional languages, character sets, right-to-left text, or additional calendar formats.

   • Multilingual code systems

   • Translation: multilingual FHIR implementation guides.

2. Security and privacy.
   Through these small awards for cybersecurity and data privacy for existing global goods, we aim to support initiatives that foster innovation, awareness, and practical solutions in the realm of digital security. We seek to empower global goods innovators that contribute to enhancing cybersecurity practices, developing privacy-centric technologies, and promoting a safer digital ecosystem. The awards are designed to encourage research and implementation of measures that address emerging threats, protect sensitive data, and align with evolving industry standards and regulations in global good tools/projects. We are particularly interested in supporting efforts that demonstrate creativity, inclusivity, and effectiveness in tackling cybersecurity and data privacy challenges, ultimately contributing to a more secure and trustworthy digital environment for all.
   
   Enhancements in this aspect may include, but are not limited to, the following examples:

   • Improvements to software: upgrade standard authentication to latest technologies according to best practices; implement at rest encryption; conduct code reviews focused on privacy and security.

   • Improvements to processes: include security measures in the DevSecOps pipeline—such as setting up ongoing vulnerability scanners, etc.; and setting up a vulnerability disclosure program.

   • Security audits and assessments: conduct assessments of software and hosted SaaS that review access control (authentication and authorization), encryption, key management, and other aspects of compliance to best practices.

   • Incident response planning: develop incident response plans and strategies to mitigate the impact of cybersecurity incidents.

   • Community guidance: provide implementation guides that focus on setting up secure environments and security considerations when implementing the global good technology; develop a cybersecurity toolkit specifically for the global good’s community developers/implementers that helps them to establish robust security measures within typical budget constraints.

   • Innovative solutions: encourage applications that bring innovative approaches to cybersecurity and data privacy, such as novel encryption techniques, secure authentication methods, or advanced threat detection mechanisms. Example: explore the integration of artificial intelligence for predictive threat analysis and proactive cybersecurity measures.

   • Privacy-centric technologies: Improvements designed to enhance data privacy, such as decentralized identity systems, privacy-preserving analytics, or secure communication platforms.