Skip to main content

Training Quality Content

Privacy Impact Assessment (PIA) published by CMS as an Operating Division of the U.S. Department of Health and Human Services

Date signed: 7/22/2022

View all CMS PIAs
PIA Information for Training Quality Content
PIA QuestionsPIA Answers  
OPDIV:CMS  
PIA Unique Identifier:P-6991902-132955  
  
Name:Training Quality Content  
  
The subject of this PIA is which of the following?Major Application  
  
Identify the Enterprise Performance Lifecycle Phase of the system.Operate  
  
Is this a FISMA-Reportable system?Yes  
Does the system include a Website or online application available to and for the use of the general public?No  
  
Identify the operator:Contractor  
  
Is this a new or existing system?Existing  
Does the system have Security Authorization (SA)?Yes  
Date of Security Authorization11/16/2023  
Indicate the following reason(s) for updating this PIA. Choose from the following options.PIA Validation (PIA Refresh/Annual Review)  
  
Describe in further detail any changes to the system that have occurred since the last PIA.None  
Describe the type of information the system will collect, maintain (store), or share. (Subsequent questions will identify if this information is PII and ask about the specific data elements)

TQC develops and stores training material for the CSRs to learn about Medicare and the ACA/ FFM programs. Training materials also include instructions for the CSRs on how to utilize the National Government Services (NGS) Next Generation Desktop (NGD) and other customer service tools such as Medicare Plan Finder for handling beneficiary and consumer inquiries. These are separate CMS systems that are not part of TQC and maintain their own PIAs for the security of the information contained within those information systems. 

The TQC system has four applications that are part of the system: Content Manager (CM), Learning Management System (LMS), Contact Recording (CR) and Agent Feedback (AF). 

The CSRs log into the TQC system with a username and password. Similarly, system users and administrators utilize a userID and password to access the system for system support activities. 

The TQC CM application contains the training material and content scripts about the Medicare and ACA benefits and ‘how to’ or ‘where to’ access information on the websites. The training and content scripts are informational reference material for CSRs to use when assisting consumers with questions about Medicare and/ or the ACA/FFM programs 

The TQC LMS Application contains CSR employee data about each CSR and includes the CSR’s learning history. CSR training is provided both as instructor led and e-learning. 

In the TQC CR application, the consumer/ beneficiary to CSR telephone interaction is recorded. Consumers that talk to a CSR may provide their name and phone number but it is not used in the TQC system directly. The telephone calls are voice-recorded for quality purposes. Quality Analysts review these interactions and create evaluations. These quality customer interaction evaluations contain data about the CSR and a summary of the telephone inquiry. 

In the TQC AF Application, agent feedback data from NGD is loaded and categorized for analysis and reporting.

  
  
Provide an overview of the system and describe the information it will collect, maintain (store), or share, either permanently or temporarily.

The TQC system contains or collects the following types of information to support training and auditing needs and requirements. TQC, CCO, and CMS can reference collected data in support of continuous improvements to training, knowledge, and ultimately, subscriber experience. The information is used to ensure CSRs are receiving correct, accurate, and timely training in order to provide the best customer experience possible. CMS and the CCO will have ongoing access to aged data (through reporting) to analyze issues.

The TQC CM Medicare and ACA benefits training material is informational reference material. The content scripts provide suggested responses and dialogue for conversations with customers. The current version of the training material and script content is maintained indefinitely. 

The CSR employee data in the TQC LMS Application information includes name, work email address, job code, employee status (date of hire and terminated date, if applicable), employee type, supervisor name, and NGD ID. The NGD ID is transmitted from daily feeds and stored in the database. Employee data is not purged but the NGD ID is purged from the CSR's records who are no longer with the CCO. Additionally, CSR learning history is captured, tracked and stored such as: courses taken, time to complete a module, exam results and feedback provided. Learning history data currently is not purged. CSR training is provided both as instructor led and e-learning. CSR employee data and learning history are shared with the CCO and CMS in the form of reports. 

In the TQC CR application, the consumer/ beneficiary and CSR telephone interaction is recorded. All phone calls and 10 to 20% of the screens are recorded and stored for review by TQC and CCO Quality Analysts. The screen recordings are stored for 90 days and voice recordings are stored for one year but select recordings maybe used for training and retained indefinitely. Consumer caller information may contain name and phone number. Consumers that talk to a CSR may provide their name and phone number but it is not used in the TQC system directly. The telephone calls are voice-recorded for quality purposes and therefore, caller information may be retained but it is not utilized by TQC.

Quality Analysts review these interactions and create evaluations. These quality customer interaction evaluations contain data such as the CSR name, CCO site, Automatic Number Identification (ANI), CSR UserID (NGD ID), Quality Analyst name, contact reason summary and scores. This data is retained for a minimum of one year and is shared with the CCO and CMS in the form of Quality Call Monitoring (QCM) scorecards. Additionally, extracts of this evaluation data are provided to the CMS National Database Warehouse (NDW). The NDW maintains its own PIA for the information contained in it. 

In the TQC AF Application, agent feedback data from NGD is loaded and categorized for analysis and reporting. The agent feedback data contains data such as CSR UserID, ANI and CSR feedback comments. This data is shared with CMS in the form of analytics reports.

The TQC system users (CSRs, Quality Analysts, Trainers and system support/infrastructure staff) are CMS employees and direct contractors and utilize a UserID and password to access the TQC system.

  
  
Does the system collect, maintain, use or share PII?Yes  
  
Indicate the type of PII that the system will collect or maintain.
  • Name
  • E-Mail Address
  • Phone Numbers
  • Employment Status
  • Other - User ID, Password, employment information – evaluations, feedback.
  
  
  
  
  
  
Indicate the categories of individuals about whom PII is collected, maintained or shared.
  • Employees
  • Public Citizens
  
  
  
How many individuals' PII in the system?5,000-9,999  
For what primary purpose is the PII used?

The CSR PII is used to identify a CSR to assign/provide the appropriate training, conduct performance evaluations and provide feedback applicable to that CSR. 

The Beneficiary/Consumer PII data is used by the TQC and CCO Quality Analysts to analyze, evaluate and report on CSR consumer/beneficiary interactions in order to provide recommendations for improvement.

  
  
Describe the secondary uses for which the PII will be used (e.g. testing, training or research)n/a  
  
Describe the function of the SSN.n/a 
  
Cite the legal authority to use the SSN.n/a  
  
Identify legal authorities​ governing information use and disclosure specific to the system and program.(PPACA) (Public Law 111-148) as amended by the Health Care and Education Reconciliation Act of 2010 (Public Law 111-152), collectively the Affordable Care Act. Title 42 U.S.C. 18031, 18041, 18081-18083 and section 1414 of the Affordable Care Act. 5 U.S.C. 301 - Departmental regulations  
  
Are records on the system retrieved by one or more PII data elements?Yes  
Identify the number and title of the Privacy Act System of Records (SORN) that is being used to cover the system or identify if a SORN is being developed.

09-70-0560 HIX (Health Insurance Exchange Program) 10/23/2013

09-70-0535 1-800 Medicare Choice, 2/26/2008

  
  
Identify the sources of PII in the system: Directly from an individual about whom the information pertainsIn-Person  
  
Identify the sources of PII in the system: Government SourcesWithin the OPDIV  
Identify the sources of PII in the system: Non-Government SourcesMembers of the Public  
Identify the OMB information collection approval number and expiration dateN/A  
Is the PII shared with other organizations?No  
Describe the process in place to notify individuals that their personal information will be collected. If no prior notice is given, explain the reason.

The TQC system does not notify the system support staff users that personal information is collected. That notification is part of the normal employment and onboarding process because it is required of employment. 

CMS beneficiaries that call for information are notified with a pre-recorded message stating that the call will be recorded.

  
  
Is the submission of the PII by individuals voluntary or mandatory?Voluntary  
Describe the method for individuals to opt-out of the collection or use of their PII. If there is no option to object to the information collection, provide a reason.

For TQC system users there is no method to opt-out of the collection of PII because it a requirement of employment.

There is not an opt-out option for beneficiaries when providing their PII because it is not required for the purpose of TQC. CMS beneficiaries that call for information are notified with a pre-recorded message stating that the call will be recorded.

  
  
Describe the process to notify and obtain consent from the individuals whose PII is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changes since the notice at the time of original collection). Alternatively, describe why they cannot be notified or have their consent obtained.

There is no process in place to directly notify the beneficiaries should major changes occur to the system. If there was a major change affecting the PII in the system, then the SORNs that apply to TQC would be updated and are available for the general public’s access. 

Staff that support the TQC application are notified of any major changes that happen in the system that requires additional PII from their supervisor.

  
  
Describe the process in place to resolve an individual's concerns when they believe their PII has been inappropriately obtained, used, or disclosed, or that the PII is inaccurate. If no process exists, explain why not.A TQC system user would contact the TQC help desk or administrators to resolve a concern about their PII. For a consumer, there is not direct process because their PII is not actively collected by the system, it would be volunteered at the time of the interaction.  
  
Describe the process in place for periodic reviews of PII contained in the system to ensure the data's integrity, availability, accuracy and relevancy. If no processes are in place, explain why not.The PII data of internal System users and CSRs is verified and validated to ensure data integrity and accuracy before it’s ingested into the TQC System. This data verification is an automated process that is executed daily. The QCM process (Quality Call Monitoring) is used to ensure data integrity of the Contact monitoring data on an ongoing basis.  
  
Identify who will have access to the PII in the system and the reason why they require access.
  • Users: Some users, who are not administrators, have access to PII. For example, the Quality Analyst role has access to PII in the Training Records for the purpose of grading/rating/monitoring a CSR’s training. The Supervisor role has access to PII of the users that report to them for employment related activity.
  • Administrators: LMS Administrators possess access to PII to correct requested data corrections and ensure content deployment gets to the right individuals.
  • Developers: Developers possess access to perform system maintenance & data loads. The data loads include the HR feed data containing Job position; Contact Call Center Site; user credentials (login ID); required job training and training results. Access to this information is necessary to troubleshoot data imports/exports
  • Contractors: CMS direct contractors in their roles as users, administrators and developers will have access to PII based on those roles. 
  
  
  
  
  
Describe the procedures in place to determine which system users (administrators, developers, contractors, etc.) may access PII.Role-based access is applied to enforce least privilege rights to system users. User accounts are reviewed periodically to ensure the appropriate access is being enforced.   
  
Describe the methods in place to allow those with access to PII to only access the minimum amount of information necessary to perform their job.Roles are applied to user accounts to ensure the minimum amount of data exposure necessary that still allows for the successful execution of job functions. Roles strictly limit the functions and information accessible and available to the users of the system.   
  
Identifying training and awareness provided to personnel (system owners, managers, operators, contractors and/or program managers) using the system to make them aware of their responsibilities for protecting the information being collected and maintained.TQC system users are required to take annual information security and privacy awareness training and agree to comply with system Rules of Behavior prior to access.  
  
Describe training system users receive (above and beyond general security and privacy awareness training)Not applicable   
  
Do contracts include Federal Acquisition Regulation and other appropriate clauses ensuring adherence to privacy provisions and practices?Yes  
  
Describe the process and guidelines in place with regard to the retention and destruction of PII. Cite specific records retention schedules.The TQC system follows the National Archives and Records Administration (NARA) Records Control Schedule (RCS) DAA-0440-2015-0007 which states that beneficiary records are retained up to 10 years. For TQC user/ employee records, the TQC follows the NARA General Record Schedule (GRS) that address Federal employment. They include GRS 2.1 to 2.8 and any revisions. These GRS state that records are retained for a minimum of 2 years but may be retained indefinitely as required or necessary for business, legal or investigative requirements.   
  
Describe, briefly but with specificity, how the PII will be secured in the system using administrative, technical, and physical controls.

The TQC system(s) follow the Centers for Medicare and Medicaid Services' (CMS) Acceptable Risk Safeguards

(ARS) 3.1 for specific security controls guidance.

 

The TQC system and supporting infrastructure is housed in a CMS accredited datacenter. Entry is controlled by Physical Access Cards and facility personnel who limit access to individuals who have a legitimate business or technical need to enter the facility.

 

Administrative controls implemented for the TQC system include role-based access, training of personnel and regular account review, which includes disabling accounts.

 

The technical controls in place include network firewalls, two-factor authentication and encryption of information.