Background

Many federal laws, regulations, and policies play a pivotal role in managing security and privacy within CMS. They shape governance and compliance standards and are crucial in defining how security and privacy are upheld across the organization.

Announcing a new resource!

The ISPG Policy Team and the Governance, Risk, and Compliance (GRC) Team collaborated to compile a comprehensive list of CMS-applicable laws, regulations, and policies, bringing all this vital information together in one centralized repository. You can see the new resource here: CMS Guide to Federal Laws, Regulations, and Policies.

Why is this important?

Navigating the intricate network of federal laws, regulations, and policies that influence CMS governance is challenging due to its complexity and breadth. Even the most seasoned professionals can find it difficult to filter through the vast array of regulations and identify those specifically relevant to CMS governance while also staying aware of changes or updates to federal policy.  

However, it is essential to be familiar with the federal regulations that impact security and privacy policy and practices at CMS. Compliance with federal laws and regulations is a legal requirement and essential for ensuring the security and privacy of sensitive information within CMS. Effective governance requires a clear understanding of the regulatory landscape to establish robust policies, procedures, and controls.

Your compliance companion

That is why we provide the handy CMS Guide to Federal Laws, Regulations, and Policies, a centralized repository you can reference anytime in your compliance-related work. This consolidated reference point streamlines compliance efforts, eliminating the need to navigate disjointed and contradictory sources of information.

Questions?

If you have questions about federal laws, regulations and policies that shape security and privacy at CMS, reach out to the experts on CMS Slack at #cms_fed_laws_policies who can help you get the answers you need.