Award

Vulnerability Management Service

DIGITAL HEALTH & CARE WALES

This public procurement record has 1 release in its history.

Award

24 Mar 2026 at 12:55

S2W Notice - Website Contract Award Notice
Summary of the contracting process

Digital Health & Care Wales is seeking to enhance its cyber security capabilities through a procurement process for a Vulnerability Management Service. This service, located in Cardiff, falls under the industry category of IT services and is crucial for ensuring the reliability and security of the digital health estate. The procurement process, currently at the Award stage, culminated in March 2026, following the signing of the contract with the supplier, Insight Direct (Uk) Ltd, on 27th February 2026. The initiative addresses national obligations under the NIS Regulations and supports frameworks such as the NCSC CAF and NHS DSPT, reflecting the organisation's commitment to maintaining stringent cyber security standards.

This tender presents substantial opportunities for businesses specialising in IT consulting, software development, and cybersecurity services. Organisations with expertise in managing enterprise-level security platforms can leverage their skills to support Digital Health & Care Wales in its efforts to safeguard sensitive data and streamline operations across its digital infrastructure. With a project value of £145,853.80, businesses focused on delivering robust IT services and solutions would find suitable growth avenues, especially those with experience working within regulatory frameworks pertinent to healthcare and national cybersecurity strategies.

Find more tenders on our Open Data Platform.
How relevant is this notice?

Notice Information

Notice Title

Vulnerability Management Service

Notice Description

The Authority requires ongoing support and maintenance for its existing enterprise vulnerability management capability to ensure continuity of service, currency of vulnerability intelligence, and reliable operation of the platform across the DHCW estate.This requirement supports DHCW's national cyber security obligations, including the identification and management of technical vulnerabilities, and provides assurance evidence in support of the Network and Information Systems (NIS) Regulations, the NCSC Cyber Assessment Framework (CAF), and the NHS Data Security and Protection Toolkit (DSPT).

Notice Details

Publication & Lifecycle

Open Contracting ID
ocds-kuma6s-163286
Publication Source
Sell2Wales
Latest Notice
https://www.sell2wales.gov.wales/search/search_switch.aspx?ID=163286
Current Stage
Award
All Stages
Award

Procurement Classification

Notice Type
S2W Notice - Website Contract Award Notice
Procurement Type
Standard
Procurement Category
Services
Procurement Method
Not Specified
Procurement Method Details
Not specified
Tender Suitability
Not specified
Awardee Scale
Not specified

Common Procurement Vocabulary (CPV)

CPV Divisions

72 - IT services: consulting, software development, Internet and support

CPV Codes

72000000 - IT services: consulting, software development, Internet and support

Notice Value(s)

Tender Value
Not specified
Lots Value
Not specified
Awards Value
£145,853 £100K-£500K
Contracts Value
Not specified

Notice Dates

Publication Date
24 Mar 20261 weeks ago
Submission Deadline
Not specified
Future Notice Date
Not specified
Award Date
27 Feb 20261 months ago
Contract Period
Not specified - Not specified
Recurrence
Not specified

Notice Status

Tender Status
Not Specified
Lots Status
Not Specified
Awards Status
Not Specified
Contracts Status
Active

Buyer & Supplier

Contracting Authority (Buyer)

Main Buyer
DIGITAL HEALTH & CARE WALES
Contact Name
Available with D3 Tenders Premium →
Contact Email
Available with D3 Tenders Premium →
Contact Phone
Available with D3 Tenders Premium →

Buyer Location

Locality
CARDIFF
Postcode
CF11 9AD
Post Town
Cardiff
Country
Wales
Major Region (ITL 1)
TLL Wales
Basic Region (ITL 2)
TLL5 South East Wales
Small Region (ITL 3)
TLL52 Cardiff and Vale of Glamorgan
Delivery Location
Not specified
Local Authority
Cardiff
Electoral Ward
Riverside
Westminster Constituency
Cardiff West

Supplier Information

Number of Suppliers
1
Supplier Name

INSIGHT DIRECT (UK

Further Information

Open Contracting Data Standard (OCDS)

View full OCDS Record for this contracting process

Download

The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts. 

{
    "tag": [
        "compiled"
    ],
    "id": "ocds-kuma6s-163286-2026-03-24T12:55:31Z",
    "date": "2026-03-24T12:55:31Z",
    "ocid": "ocds-kuma6s-163286",
    "initiationType": "tender",
    "parties": [
        {
            "id": "org-21",
            "name": "Digital Health & Care Wales",
            "address": {
                "streetAddress": "Ty Glan-yr-Afon, 21 Cowbridge Road East,",
                "locality": "Cardiff",
                "postalCode": "CF119AD"
            },
            "contactPoint": {
                "name": "Digital Health & Care Wales",
                "telephone": "+44 2920500500"
            },
            "roles": [
                "buyer"
            ]
        },
        {
            "id": "org-24",
            "name": "Insight Direct (Uk) Ltd",
            "address": {
                "streetAddress": "1St Floor St Paul's Place, 121 Norfolk Street,",
                "locality": "Sheffield",
                "postalCode": "S12JF"
            },
            "contactPoint": {
                "name": "Jay Buckley",
                "url": "http://www.uk.insight.com"
            },
            "roles": [
                "supplier"
            ]
        }
    ],
    "buyer": {
        "name": "Digital Health & Care Wales",
        "id": "org-21"
    },
    "tender": {
        "id": "ocds-kuma6s-163286-tender-163286",
        "title": "Vulnerability Management Service",
        "description": "The Authority requires ongoing support and maintenance for its existing enterprise vulnerability management capability to ensure continuity of service, currency of vulnerability intelligence, and reliable operation of the platform across the DHCW estate.This requirement supports DHCW's national cyber security obligations, including the identification and management of technical vulnerabilities, and provides assurance evidence in support of the Network and Information Systems (NIS) Regulations, the NCSC Cyber Assessment Framework (CAF), and the NHS Data Security and Protection Toolkit (DSPT).",
        "mainProcurementCategory": "services",
        "additionalClassifications": [
            {
                "id": "72000000",
                "description": "IT services: consulting, software development, Internet and support",
                "scheme": "CPV"
            }
        ]
    },
    "awards": [
        {
            "id": "ocds-kuma6s-163286-award-163286-18",
            "value": {
                "amount": 145853.8,
                "currency": "GBP"
            },
            "suppliers": [
                {
                    "id": "org-24",
                    "name": "Insight Direct (Uk) Ltd"
                }
            ],
            "items": [
                {
                    "id": "ocds-kuma6s-163286-awarditem-163286-18"
                }
            ]
        }
    ],
    "contracts": [
        {
            "id": "ocds-kuma6s-163286-award-163286-18",
            "awardID": "ocds-kuma6s-163286-award-163286-18",
            "status": "active",
            "dateSigned": "2026-02-27T00:00:00Z"
        }
    ],
    "bids": {
        "statistics": [
            {
                "id": "ocds-kuma6s-163286-bidsstatistic-163286-18",
                "measure": "bids",
                "value": 2
            }
        ]
    },
    "noticetype": "S2W Notice - Website Contract Award Notice"
}