Skip to main content

Application Programming Interface Gateway

Privacy Impact Assessment (PIA) published by CMS as an Operating Division of the U.S. Department of Health and Human Services

Date signed: 10/31/2023

PIA information for Application Programming Interface Gateway

OPDIV:

CMS

PIA Unique Identifier:

P-9663994-266073

Name:

Application Programming Interface Gateway

The subject of this PIA is which of the following?

Major Application

Identify the Enterprise Performance Lifecycle Phase of the system.

Operate

Is this a FISMA-Reportable system?

Yes

Does the system include a Website or online application available to and for the use of the general public?

No

Identify the operator:

Agency

Is this a new or existing system?

Existing

Does the system have Security Authorization (SA)?

Yes

Date of Security Authorization

12/11/2024

Indicate the following reason(s) for updating this PIA. Choose from the following options.

  • Internal Flow or Collection

  • PIA Validation (PIA Refresh/Annual Review)

Describe in further detail any changes to the system that have occurred since the last PIA.

External connectivity capability has been deployed in FY23Q1 following coordinated design details with TRB.  Their 10/12/2022 recommendations were implemented.

Access to the Investigative View in Tomcat (web) component was opened to CIDR 0.0.0.0 (all access allowed) using a distinct security group assigned ONLY for Investigative View.  This was approved and documented via the Attestation process (JIRA ticket CLDSPT-38597) in accordance with the Exemption Policy Guide AWS Security Hub.

Describe the purpose of the system

The CMS Center for Program Integrity (CPI) goal for Application Programming Interface (API) Gateway (APIGW) is to improve access to CPI provider and investigative data by providing application programming interfaces (APIs) using the MuleSoft Anypoint Platform as the full life-cycle API management tool that:
1. Provides robust data security through a robust authentication and authorization platform that supports CPIs data governance goals.
2. Provides real time access to provider and investigative data through APIs to support CPI’s goal of data liberation with openness and collaboration. This capability enables provider and investigative systems to accept data directly from respective systems. This is anticipated to improve provider enrollment efficiency across the CPI portfolio.
3. Minimize dependency on batch files/data extracts replacing them with APIs wherever possible to decreases the number of stand-alone point-in-time data extracts in CPI’s portfolio.
4. Produces batch/extract files leveraging APIs and deliver them from a centralized platform
Supports an event-driven architecture that supports triggers/notification to the stakeholders of material changes to provider and investigative systems.
5. Improves system utilization and reduces cost of operation.

Describe the type of information the system will collect, maintain (store), or share. (Subsequent questions will identify if this information is PII and ask about the specific data elements)

APIGW facilitates the extraction of data from external data sources such as Advanced Provider Screening (APS), National Plan and Provider Enumeration System (NPPES), Provider Enrollment Chain and Ownership System (PECOS), and Unified Case Management System (UCM).  Information respective to each of these are listed below.  APIGW itself consists of Application Programming Interface (API) information about the connections that facilitate these extractions with the goal of providing the association of more accurate data from various sources.

  1. APS validates provider and supplier enrollment application information using various public and private databases as well as automatically checking other referential databases.
  2. NPPES assigns National Provider Identifiers (NPI) in compliance with Health Insurance Portability and Accountability Act (HIPAA) mandate for standard unique identifiers for health care providers and plans. 
  3. PECOS enables registered users to securely and electronically submit and manage Medicare enrollment information.
  4. UCM is a national database that UPICs (Unified Program Integrity Contractors) use to enter and update Medicare and Medicaid fraud, waste, and abuse data analysis projects, leads, and investigations initiated by the UPIC. 

Provide an overview of the system and describe the information it will collect, maintain (store), or share, either permanently or temporarily.

The CPI API Gateway will temporarily share but not store Personally Identifiable Information (PII) (e.g., Social Security Number (SSN), Taxpayer ID, Data of Birth, and Medicare Administrative Contractor (MAC) ID, Medicare ID).  PII is visible only to users with unmasked rights which are controlled by Identity Management (IDM)/Okta for the Law Enforcement (LE) view and through API Governance in the API Portal for APIs. 

At a high level, the system is comprised of: 

1. The MuleSoft Anypoint Platform Private Cloud Edition (PCE), a commercial off-the-shelf (COTS) full life-cycle COTS application programming interface (API) management tool and associated integrations.
External connections exist to CPI provider and investigative system APIs:

    a. Advanced Provider Screening (APS)
    b. National Plan and Provider Enumeration System (NPPES)
    c. Provider Enrollment, Chain, and Ownership System (PECOS)
    d. Unified Case Management (UCM)

    Services including IDM and Security information and event management (SIEM) are provided through Integrated Service Providers:
    a. CMS IDM/Okta (authentication and authorization) systems
    b. Cloud Computing Services (CCS) Splunk in AWS to implement centralized logging
    c. "erwin" (CMS’ data governance tool)

2. Salesforce to implement an API Portal for API Governance

CMS IDM/Okta (authentication and authorization) systems integrate with MuleSoft Anypoint Platform APIs


3. User Interface (UI): Search, Provider 360, Law Enforcement Integrates with:
CMS IDM/Okta (authentication and authorization) systems
MuleSoft Anypoint Platform CPI provider and investigative system APIs


4. Confluent Kafka for Provider Alerts
Confluent Kafka monitors events as material changes about a Provider from respective provider and investigative systems.
Large data sharing from provider and investigative systems

Does the system collect, maintain, use or share PII?

No

  

Other Federal Agency/ Agencies Explanation:

PII only traverses APIGW without being stored.  PII data is restricted to authorized Law Enforcement personnel during their investigations.

  

Others Explanation:

Users designated with the role of Law Enforcement will have access during the conduct of their investigations.

  

Session Cookies - Collects PII?:

No