Easy Access to System Information
Privacy Impact Assessment (PIA) published by CMS as an Operating Division of the U.S. Department of Health and Human Services
Date signed: 7/24/2023
OPDIV: | CMS |
---|---|
PIA Unique Identifier: | P-2072611-566340 |
Name: | Easy Access to System Information |
The subject of this PIA is which of the following? | Major Application |
Identify the Enterprise Performance Lifecycle Phase of the system. | Operate |
Is this a FISMA-Reportable system? | Yes |
Does the system include a Website or online application available to and for the use of the general public? | No |
Identify the operator: | Agency |
Is this a new or existing system? | Existing |
Does the system have Security Authorization (SA)? | Yes |
Date of Security Authorization | 4/14/2023 |
Indicate the following reason(s) for updating this PIA. Choose from the following options. | Other - ATO Renewal |
Describe in further detail any changes to the system that have occurred since the last PIA. | No major changes to system since the last PIA |
Describe the purpose of the system | Easy Access to System Information (EASi) is a resource channel for CMS internal stakeholders (Chief Information Officer, Business Owners, System Owners, or Navigators) to access CMS systems information on a single platform. The goal is to help stakeholders easily find information at a high level and then if needed, provide other channels or dashboards that have detailed features. The purpose is to meet the expectations of stakeholders of connecting systems information and providing a more integrated and unified customer service experience. |
Describe the type of information the system will collect, maintain (store), or share. (Subsequent questions will identify if this information is PII and ask about the specific data elements) | The information system utilizes Identity Management (IDM) (Okta) for user authentication and utilizes system information from CMS Enterprise Data Analytics Repository (CEDAR). The information system maintains data about form information if a user has not submitted information to CEDAR and leaves session. IDM and CEDAR are covered under their own Privacy Impact Assessments (PIAs). |
Provide an overview of the system and describe the information it will collect, maintain (store), or share, either permanently or temporarily. | The EASI system will navigate system users to the following platforms: 508 Process; Authorization to Operate (ATO) Process; Navigator Process; Governance Profile Process; Technical Review Board Process (TRB); CMS Census; and Clarity, among others |
Does the system collect, maintain, use or share PII? | No |