A healthcare security RFP is only as strong as the questions inside it. Most templates ask about price and headcount and stop there — which is exactly how facilities end up with a vendor that looked fine on paper and fell apart on the floor. A hospital is a specialized, privacy-sensitive, high-risk environment, and your RFP should interrogate whether a provider can actually operate in it. Below are the 12 questions that separate a serious bid from a generic one. For the bigger picture of what strong healthcare coverage involves, start with our healthcare security services.
Credentials and compliance (Questions 1–3)
A quick note on how to use these: the value isn’t in asking the questions — it’s in demanding evidence for the answers. A capable provider responds with numbers, documents, and references; a weak one responds with adjectives. Score each answer on proof, not polish, and treat vague or defensive replies as findings in themselves. With that lens, start here.
Before anything else, confirm they can legally and safely operate in your setting.
- Is every officer properly licensed for our province, and how do you verify it? In Ontario that means valid PSISA licensing; a strong provider verifies and tracks it continuously, not once at hire. Ask how they handle a licence that lapses mid-contract — the answer reveals how tightly they actually run compliance.
- What specific healthcare experience do you have? General guarding doesn’t transfer cleanly to a hospital — the privacy rules, clinical coordination, and code response are all different. Ask for healthcare clients, settings, and the kinds of incidents they’ve handled, and be wary of a provider who pivots to retail or construction experience when you ask.
- What insurance and liability coverage do you carry? Confirm the coverage is appropriate for a healthcare environment and that it sits with the agency, not the individual officer. Ask to see proof, not a promise to send it later.
People and training (Questions 4–6)
Your coverage is only as good as the people standing the posts.
- What healthcare-specific training do officers complete, and how often is it refreshed? Look for de-escalation and crisis intervention such as NVCI-based mental health response, plus privacy training aligned to PHIPA obligations.
- How do you supervise officers and assure quality? Ask about site supervision, spot checks, and how they catch and correct a post that’s slipping.
- What are your staffing, turnover, and shift-fill rates? High turnover and unfilled shifts are where healthcare security quietly fails. A post left empty overnight, or a rotating cast of unfamiliar faces who never learn your building, undoes everything the pitch promised. Get real numbers, not reassurances, and ask how they cover a last-minute callout.
Delivery and accountability (Questions 7–9)
A good provider can prove what it does, not just describe it.
- How do you handle incident reporting and data? Reporting must be accurate, secure, privacy-conscious, and available to you — and it should feed your risk assessments under Bill 168.
- What KPIs and service levels will you commit to? Response times, fill rates, reporting turnaround — the metrics should be in writing, with consequences if they’re missed. A provider confident in its delivery will agree to be measured; one that resists specifics is telling you something.
- How do you integrate with our technology and clinical teams? From access control and camera systems to hospital codes, ask how they’ll work with what you already have.
Partnership and transition (Questions 10–12)
The relationship starts before day one and outlasts the honeymoon. These last three questions test whether a provider is built for a long, stable partnership or just a strong first month.
- Can you provide healthcare references we can actually call? Ask for comparable facilities and speak to them directly about reliability and responsiveness.
- What does your transition and onboarding plan look like? A botched handover creates a dangerous gap — see our risk-managed vendor transition guide for what “good” looks like.
- What drives your pricing, and what’s included? You’re not asking for the lowest number — you’re asking what shapes it: training, supervision, insurance, and fill guarantees. Understand what’s included so you can compare bids fairly. A suspiciously low bid usually means something has been stripped out — supervision, training hours, or the wage that keeps good officers from leaving — and you’ll pay for it later in turnover and incidents.
Building or reviewing your RFP now? Book a consultation and we’ll help you pressure-test it.
Once bids are in, evaluate them against real operating standards, not polish. The signs of a vendor that isn’t delivering are the same weaknesses a sharp RFP should surface before you sign, and the details you agree to should land in a well-read service agreement.
Frequently Asked Questions
1. How long should a healthcare security RFP process take?
It varies, but allow enough time for a thorough evaluation, site visits, reference checks, and a proper transition — rushing the process is how facilities end up switching again a year later.
2. Who should be on the evaluation committee?
Typically facilities or security leadership, plus clinical, privacy, and procurement input. Involving the people who work alongside security day to day surfaces issues a purely procurement lens misses.
3. Should we weight price or quality more heavily?
In healthcare, quality and reliability should carry significant weight, because the cost of a poor-performing vendor — incidents, turnover, liability — far exceeds a small difference in rate.
4. How many vendors should we invite to bid?
Enough for genuine comparison without overwhelming your evaluators — a shortlist of qualified, healthcare-experienced providers usually beats a large field of generalists.
5. Should we include our incumbent vendor in the RFP?
Often yes, if performance has been acceptable, so you can benchmark them objectively. The RFP should still hold them to the same standard as everyone else.
6. What’s the most overlooked question in security RFPs?
Shift-fill and turnover rates. Facilities focus on the pitch team and forget to ask who will actually stand the posts, and how reliably.
7. How do we compare bids that include different things?
Standardize what you’re asking for so every bid answers the same scope, then compare what drives each price rather than the headline number alone.
8. Should we do site visits or interviews before deciding?
Yes. Meeting proposed supervisors and seeing how a provider operates elsewhere tells you far more than a written proposal ever will.
9. How long should the resulting contract term be?
Long enough to build stability and recover onboarding effort, but with clear performance terms and exit provisions so you’re not locked into an underperformer.
10. What happens after we choose a vendor?
A structured transition and onboarding period, then ongoing performance reviews against the KPIs you agreed. The RFP sets the standard; the contract and reviews enforce it.
A healthcare security RFP is your best chance to filter out providers who can’t operate in a hospital before they’re standing in one. Ask these 12 questions, insist on evidence over assurances, and you’ll choose a partner instead of just a price.
Ready to build an RFP that actually protects your facility? Request a consultation with our healthcare team.
