An organization in Manitoba, Canada is seeking to establish a two-year contract for the provision and implementation of a comprehensive data masking solution. The desired solution must offer advanced capabilities for automatically discovering and identifying sensitive data elements—such as personal, health, financial, and claim-related data—across supported data sources. This discovery should utilize metadata inspection, pattern recognition, and configurable detection logic to ensure accuracy, with the ability to refine detection rules to minimize both false positives and negatives.

The selected solution will enable the configuration, management, and maintenance of data classification and masking rules consistent with organizational data standards and privacy requirements. It must accommodate multiple masking techniques, including substitution, tokenization, shuffling, nulling, and encryption-based methods. The flexibility to apply distinct methods based on data type, sensitivity, and business context is essential. Additionally, the solution should maintain referential integrity and preserve data relationships across tables, schemas, and databases to support application functionality and analytical processes post-masking.

Consistency and repeatability in masking results are required across recurring data refreshes and multiple non-production environments, such as development, testing, training, and business intelligence. The solution must also include thorough monitoring, logging, error handling, and auditing features, ensuring all masking activities can be evidenced and tracked. Role-based access controls and segregation of duties are critical, limiting configuration and execution of masking tasks to authorized users only.

The contract for this data masking solution will be valid for two years. Interested parties must submit their questions regarding this opportunity by February 12, 2026.