LaunchDarkly

• SORN Number:
• If not published: 

• OMB Approval Number:
• Expiration Date:
• Explanation: 

The Centers for Medicare & Medicaid Services (CMS) uses LaunchDarkly Feature Management and Experimentation to support CMS’ websites, including CMS.gov, Medicare.gov, HealthCare.gov, CuidadoDeSalud.gov, Medicaid.gov, InsureKidsNow.gov, and various subdomains of the above top-level domains (TLDs). These TLDs are hereafter referred to as “CMS’ websites.” LaunchDarkly is a technology platform that supports feature management to improve customer experience. 

CMS uses LaunchDarkly feature management to improve user’s website experiences and reduce risk with new functionality releases. Developers configure a LaunchDarkly Software Development Kit (SDK) to collect and transmit data about end-users to LaunchDarkly for the purpose of feature targeting. LaunchDarkly enables CMS to deploy persistent experiences, which can be delivered to users with specific behavioral profiles. The CMS staff analyzes and reports on the aggregated user-interaction data collected by LaunchDarkly. The reports are available only to CMS managers, teams who implement CMS represented on CMS’ websites, members of the CMS communications and web teams, and other designated federal staff and contractors who need this information to perform their duties.  

CMS uses this information to determine what types of changes need to be made to CMS’ websites to improve the user experience for visitors by delivering different user interfaces to consumers and observing which allows consumers to perform a task easier.

https://www.cms.gov/privacy-policy/ https://www.healthcare.gov/privacy/  

https://www.medicare.gov/privacy-policy  

https://www.medicaid.gov/privacy-policy/index.html https://www.insurekidsnow.gov/privacy-policy/index.html 

CMS uses LaunchDarkly in a manner that protects the privacy of consumers who visit CMS’ websites and respects the intent of visitors. CMS conducts periodic reviews of LaunchDarkly’s privacy practices to ensure its policies continue to align with agency objectives and privacy policies and do not present unreasonable or unmitigated risks to consumer privacy. LaunchDarkly is employed solely for the purposes of improving CMS’ services and activities online related to operating CMS’ websites. 

Potential Risk: In using LaunchDarkly to manage features, CMS applications send information to LaunchDarkly about the current request context in order to determine which features to enable or disable. Which information is provided about the current request context is at the discretion of CMS application developers and is kept to only the required minimum for a specific use case. 

Mitigation: Policies and procedures are created and communicated to clarify information that will not identify a person is only acceptable to send to LaunchDarkly for feature evaluation and experimentation. If consumers do not want Launch Darkly to collect information related to their visits to CMS’ websites, consumers can use other means of interaction, including but not limited to paper applications, call centers, or in-person assisters. In addition to these options, a consumer can use the Tealium IQ Privacy Manager on CMS’ websites privacy page(s) and "opt out" of having data collected about them by Launch Darkly. Alternatively, a consumer can disable their browser cookies if they do not want their information to be collected. Consumers can follow instructions published at https://launchdarkly.com/policies/privacy/. 

Another way this privacy risk is mitigated is through the strong protections of the privacy program of LaunchDarkly, which is audited against both ISO 27001 and NIST 800-53 privacy controls annually. These protections include data confidentiality and integrity controls, data retention and deletion controls, and privacy by design principles embedded in the software development process. 

Potential Risk: LaunchDarkly transfers browser information (cookies, user agent, and local storage) when CMS uses the LaunchDarkly JavaScript or React client-side Software Development Kit (SDK) which contacts LaunchDarkly directly. 

Mitigation: Users can opt-out of LaunchDarkly by using the Tealium IQ Privacy Manager on CMS’ websites privacy pages. Alternatively, a consumer can disable their cookies, if they do not want their information to be collected. LaunchDarkly's privacy policies, notices from CMS websites and LaunchDarkly informing consumers of its privacy policies, and the ability of consumers to opt out of providing their information to LaunchDarkly, mitigate risks to consumer privacy. CMS will not deploy the LaunchDarkly tool if the website is not using Tealium iQ.