Overview Presentation

Enterprise Shared Services Overview Presentation GITEC Summit May 21, 2012

Enterprise Shared Services Summary (Horizontals) What: Scalable, reusable business/technical solutions that serve multiple business processes Why: Tight budgets, need to leverage solutions across business lines and enhance interoperability How: ACA IT Sprint process identified 20 possible shared services Three initial big hitters selected to be implemented Master Data Management (MDM) Enterprise Portal Enterprise Identity Management (EIDM) Enterprise Shared Services - Page 1

CMS Enterprise Shared Services Assumptions There are a number of assumptions underlying the successful implementation of shared services: A strong governance structure is in place to oversee ESS implementation Contracting vehicles are in place to engage in strategic and tactical development and implementation Funding is available for development and maintenance Business owners make a formal commitment to support the ESS development and implementation Enterprise Shared Services - Page 2

CMS Enterprise Shared Services Governance Enterprise Shared Services - Page 3

CMS Enterprise Shared Services Program Management Office (PMO) The Shared Services PMO serves as the primary communications interface for shared services needs Coordinates budget development and execution for shared services projects Works with business owners via the governance structure to determine priorities Enterprise Shared Services - Page 4

Challenge of Enterprise Services at CMS Systems are traditionally developed to support specific programs Large number of siloed systems already serving programs fairly well New large and complex programs make developing coordinated requirements and timelines difficult Wide variety of funding sources make timing a challenge CMS has multiple IT shops which makes it hard to coordinate enterprise IT strategies CMS IT is not organized operationally to support enterprise services Enterprise Shared Services - Page 5

Challenge of Enterprise Services at CMS cont d No working capital fund to support or governance structure to oversee the development, implementation, and operation of shared services ACA has created a greater need for enterprise services but short timelines have exacerbated all of these issues Enterprise Shared Services - Page 6

Shared Services Next Steps Governance Stand up structure to oversee shared services performance, establish priorities and identify candidate services Funding Establish a stable funding mechanism and allocation methodology that will permit contributions from multiple sources Communication Implement a communication plan to assure business awareness of shared services Enterprise Shared Services - Page 7

Enterprise Identity Management RIDP and EIDM Shared Services

CMS Enterprise Shared Services: EIDM Enterprise Portal Master Data Management Enterprise Identity Management Shared Service Providers will have a single identity for engaging in business with CMS that meets all federal security requirements Remote Identity Proofing (RIDP) User Identification, Verification and Authentication ti ti Enterprise Identity Management (EIDM) Managing connections from user to a CMS application Enterprise Shared Services - Page 9

RIDP & EIDM Shared Services Remote Identity Proofing (RIDP) Service First login: Can we validate you are who you say you are? Unique questions are asked to authenticate (OOW) CMS receives a confidence score that you are you CMS establishes a trusted ID Enterprise Identity Management (EIDM) Service After trust is established: authorization is granted for access EDIM passes the trusted person to the CMS application The application determines appropriate user rights Administrative functions: forgot ID, change demographics DRAFT Page 10

Business Drivers Adherence to federal identity requirements: White House and Legislative Priorities NIST SP 800-63-1, NISTIC, FICAM and OMB 11-11 Reduce overall CMS access management costs by combining existing authentication and authorization systems Over 175 CMS applications with 135,000 + users currently using seven different access management systems Meet the requirements to support the ACA Health Information Exchange Exchanges will add 30,000,000 to 50,000,000 users Legislation requires a simple and clear path for customer experience CMS security will be increased through strengthened identity proofing and assurance that information is being shared appropriately with authorized persons and/or surrogates. 11

RIDP and EIDM Projects Awarded January 31, 2012 for RIDP SAIC Prime Contractor, RIDP Project Management/Integration Experian Precise ID (Remote Identity Proofing) Symantec VIP (Multi-Factor Authentication) EIDM Procurement is in process Connection Service that allows existing applications to keep their own authorization mechanism while communicating to portals 12

The Challenges are not Technical Policy/Strategy Trade-offs We don t want to ask all these questions We have to handle the homeless, indigent, children, elderly We can t accept even 98% assurance The help desk will take care of it Data Use and Privacy Questions Collecting the Social Security Number: allowed, advised, or not? Financial Information: Credit Cards, Bank Accounts Validity of Remote Proofing Vendor Assumptions 95% is the probability of match being accurate, not the percentage passing Demographics are from the vendor s main business: credit approvals Introducing CMS-specific demographics and statistics into the analysis 13

DRAFT Page 14

CMS Enterprise Portal

CMS Enterprise Shared Services: Portal Master Data Management Enterprise Identity Management Enterprise Portal Shared Service A central preferred channel for beneficiaries, providers, organizations and States to receive CMS information, products, and services Secure access to enumeration, e-enrollment, e-registration, status checking, and reporting services Improved usability and higher customer satisfaction Enterprise Shared Services - Page 16

Current State CMS Portal Environment Multiple Entry Points IACS Individual s Authorized Access to CMS Systems EHR Demo MAS QIPS CROWN Web RDS COB MAC1 Noridian PQRS HETS DBids EUA Enterprise User Administration HPMS HQA FID PECOS Legacy Quality Net Registration System HCAHPS Non-IACS, EUA, QIPS, Quality Net NPPES MAC 2 Provider Portals WPS PECOS Web MAC 3 Palmetto PQRS HITECH... PS&R RHQDAPU Siloed investments made in portal development and implementation across the Agency The majority of the existing portals do not interface with one another or other major CMS data systems Providers are required to visit multiple CMS sites and use multiple logins to engage g in CMS business There is an inconsistent user interface design that does not support a single face of CMS 17

Future State Enterprise Portal Vision The CMS Enterprise Portal will be the preferred channel for receiving CMS information, products, and services, and will provide high satisfaction to CMS internal and external customers. Law Enforcement View Researchers View States View CMS Enterprise Portal Provider View Employee View MACs View Beneficiary View Partners View 18

The Portal How it works Basic View Claims Status Role Based Shared Savings Plan Provider Personalization Customization Security Enrollment Eligibility Sam mple Applic cations Navigation Dashboards Integration Glass Simplified Sign On Medicaid Collaboration Vertical Applications 19

Today & Looking Ahead Tactical Roadmap Single User Experience Claims Status Portal Administrator/ Integrator Personalization Customization Navigation Role Based Security Remittance Advice Provider Enrolment Eligibility Early Warning Dashboard Vertical Efforts/ Portlet Developers Consistent & Enhanced Customer Experience Single Sign On Integration Glass Portal Integration Guidelines (Playbook) Content Management Collaboration Standard Integration Methodology Today Business Context & Transactions Reporting Services Portal Framework Evolving Platform Business Context & Transactions Collaboration Services Reporting Services Interaction & Access Services Portal Framework Common Content Publishing Approach Integration Layer Content Integration Layer Application Adapters Robust and Distributed Platform Data Portal Framework Data BDC Evolving Platform Exchanges BDC Warrenton Multi Data Center Support & Cloud Computing 20 Platform - Enterprise Data Centers HP CDS 20

Landing Page A Visual Mock up 21

Today Current Portal Platform Portal Users: Approximately 1,400 Operational/System Environment: Software & Hardware (Internet/Extranet) IBM Web sphere Portal Server 6.1 on Z/Linux migrating to Version 7 Portal Database on Oracle on Z/Linux Security Oracle Access Manager 7.1 for Authentication Oracle Access Manager J2EE Policy Agent 3.0 (Simplified Sign On) Oracle/Sun One LDAP for User Profiles (Authorization Repository) Collaboration IBM Lotus Quickr, document sharing - limited (wikis, blogs, calendar) Content Authorship/Publishing Tool IBM Web Content Management (WCM) - limited 22

Today Challenges Integrations - There have been significant, silo-ed investments made in website/portal development and implementation across CMS Redundancies - The majority of the existing websites/portals do not interface with one another, or other major CMS data systems. Branding -There is an inconsistent user-interface design that does not support a single face of CMS. A CMS branding must have the flexibility to provide levels of personalization for CMS Programs. Governance - Establish and adopt a sustainable governance model Budget & Contractual landscape Pursuing Parallel tracks Alignment of schedules Platform Enhancements Application Integrations 23

CMS Master Data Management

CMS Enterprise Shared Services: MDM Enterprise Identity Management Enterprise Portal Master Data Management Shared Service A suite of data records and services that will allow CMS to link and synchronize beneficiary, provider and organization data to multiple disparate sources Provider and beneficiary profiles (book of record) will be obtainable through a singe call to a trusted, t authoritative ti data service that is part of the MDM system Relationships between beneficiaries, i i providers and organizations can be tracked across all CMS programs Enterprise Shared Services - Page 25

Master Data Management at CMS For CMS, MASTER DATA is information about our Providers, Beneficiaries, Organizations/Plans, and Programs The Initiate Enterprise Master Index will allow us to integrate data on these entities from many disparate data sources The MDM Warehouse will store relationships and profiles for each of these entities Data will be made available to business applications through Enterprise Data Services and BI Tools Enterprise Shared Services - Page 26

September, 2012:MDM Release 1 Laying the Foundation Medicare Provider Data: PECOS and NPICS Medicare Beneficiary Data: CME Basic Business Intelligence Coordinated Care Organizations Beneficiaries to Organizations, Programs Providers to Organizations, Programs Advanced Payment and Care Management Fee Tracking Data Services and Extracts Enterprise Shared Services - Page 27

CMS MDM Release 1 - High Level Concept Enterprise Shared Services - Page 28

CMS MDM Challenges Affordable Care Act Legislatively Driven Dates Huge New Initiatives Interim Solutions Cross-Component Collaboration Data from States Customer Education and Expectations Data Stewardship and Governance Data Quality Budgeting for Shared Services Enterprise Shared Services - Page 29

February, 2013: MDM Release 2 Candidates Medicaid Terminated Providers data from States Preparing for Transformed Medicaid Data (tmsis) Medicare Provider Quality Profiles PQRS, CREW, QRUR Additional Medicare Provider Data HITECH, GPRO Groups Health Insurance Exchanges Requirements Enterprise Shared Services - Page 30

Open Discussion Enterprise Shared Services - Page 31