WAN Services-CMSNet-Verizon
Privacy Impact Assessment (PIA) published by CMS as an Operating Division of the U.S. Department of Health and Human Services
Date signed: 1/26/2024
| PIA Questions | PIA Answers | |
|---|---|---|
| OPDIV: | CMS | |
| PIA Unique Identifier: | P-2041224-446922 | |
| Name: | WAN Services-CMSNet-Verizon | |
| The subject of this PIA is which of the following? | General Support System | |
| Identify the Enterprise Performance Lifecycle Phase of the system. | Operate | |
| Is this a FISMA-Reportable system? | Yes | |
| Does the system include a Website or online application available to and for the use of the general public? | No | |
| Is this a new or existing system? | Existing | |
| Does the system have Security Authorization (SA)? | Yes | |
| Date of Security Authorization | 4/17/2024 | |
| Indicate the following reason(s) for updating this PIA. Choose from the following options. | PIA Validation (PIA Refresh/Annual Review) | |
| Describe in further detail any changes to the system that have occurred since the last PIA. | There have been no changes to the type of service that CMSNet-WAN-Services provides. No PII or PHI is stored or transmitted from the CMSNet-WAN-Services infrastructure. | |
| Describe the purpose of the system | The purpose of CMSNet (network) Wide Area Network (WAN) is to provide the physical infrastructure to allow communications and data transmission between CMS business-related entities. | |
| Describe the type of information the system will collect, maintain (store), or share. (Subsequent questions will identify if this information is PII and ask about the specific data elements) | The CMSNet WAN only contains network devices, such as routers, switches, firewalls, and intrusion detection system (IDS) tools. The equipment does not collect, store, or share data. | |
| Provide an overview of the system and describe the information it will collect, maintain (store), or share, either permanently or temporarily. | CMSNet (WAN) only contains network devices, such as routers, switches, firewalls, and IDS tools. The equipment does not collect, store, or share data including user credentials- meaning the equipment/devices are not accessed by user credentials. This is the physical infrastructure/components that make up the network. | |
| Does the system collect, maintain, use or share PII? | No |