Skip to main content

Easy Access to System Information

Privacy Impact Assessment (PIA) published by CMS as an Operating Division of the U.S. Department of Health and Human Services

Date signed: 7/24/2023

PIA information for Easy Access to System Information

OPDIV:

CMS

PIA Unique Identifier:

P-2072611-566340

Name:

Easy Access to System Information

The subject of this PIA is which of the following?

Major Application

Identify the Enterprise Performance Lifecycle Phase of the system.

Operate

Is this a FISMA-Reportable system?

Yes

Does the system include a Website or online application available to and for the use of the general public?

No

Identify the operator:

Agency

Is this a new or existing system?

Existing

Does the system have Security Authorization (SA)?

Yes

Date of Security Authorization

4/14/2023

Indicate the following reason(s) for updating this PIA. Choose from the following options.

Other - ATO Renewal

Describe in further detail any changes to the system that have occurred since the last PIA.

No major changes to system since the last PIA

Describe the purpose of the system

Easy Access to System Information (EASi) is a resource channel for CMS internal stakeholders (Chief Information Officer, Business Owners, System Owners, or Navigators) to access CMS systems information on a single platform. The goal is to help stakeholders easily find information at a high level and then if needed, provide other channels or dashboards that have detailed features. The purpose is to meet the expectations of stakeholders of connecting systems information and providing a more integrated and unified customer service experience. 

Describe the type of information the system will collect, maintain (store), or share. (Subsequent questions will identify if this information is PII and ask about the specific data elements)

The information system utilizes Identity Management (IDM) (Okta) for user authentication and utilizes system information from CMS Enterprise Data Analytics Repository (CEDAR).  The information system maintains data about form information if a user has not submitted information to CEDAR and leaves session.  IDM and CEDAR are covered under their own Privacy Impact Assessments (PIAs).

Provide an overview of the system and describe the information it will collect, maintain (store), or share, either permanently or temporarily.

The EASI system will navigate system users to the following platforms: 508 Process; Authorization to Operate (ATO) Process; Navigator Process; Governance Profile Process; Technical Review Board Process (TRB); CMS Census; and Clarity, among others

Does the system collect, maintain, use or share PII?

No