THE PRESIDENT'S MANAGEMENT AGENDA comprehensive security assessment at its Medicare contractors to determine compliance with NIST, GAO, OMB, and legislative requirements, and to assess security risks and vulnerabilities. That assessment identified numerous systems control weaknesses. These weaknesses were documented in the HHS Inspector General's Report on the HHS Consolidated/Combined Financial Statements for FY 2001, with specific problems related to access controls and systems software issues. Because of the volume and sensitivity of personally-identifiable data, CMS assumes significant risk in not remediating known vulnerabilities. The assessment performed at the Medicare contractors identified access controls as CMS applied $14 million in FY 2002 to begin to address these security gaps. The FY 2003 budget request contains no more than $2 million to continue this risk mitigation effort. CMS also spent $4.2 million in FY 2002 to develop SSPs for these systems. CMS is requesting $34 million in FY 2004 through its multi-year Revitalization Plan. This investment will enable CMS to address the most serious known security risks and vulnerabilities and to implement a robust ongoing security assessment program. CMS (and HHS) risks continued and increased criticism in delaying substantial risk mitigation of known security vulnerabilities. Until all security gaps are addressed the Department faces continuing risks of: unauthorized disclosure of personally identifiable health information; o non-compliance with HIPAA security and other requirements; and o material weaknesses in future CFO audits of the Medicare contractors. Integration of Financial and Performance Systems: o The Unified Financial Management System (UFMS) will replace five legacy accounting systems currently used across the DHHS operating divisions. The UFMS will integrate the Department's financial management structure and provide DHHS leaders with a more timely and coordinated view of critical financial management information. It will also promote consolidation of accounting operations, thereby reducing substantially the cost of providing accounting services throughout HHS. By generating timely, reliable, and consistent financial information, UFMS will enable program administrators to make more timely and informed decisions regarding their operations. CMS is requesting $3.0 million to support this effort in FY 2004. THE PRESIDENT'S MANAGEMENT AGENDA EXPANDING E-GOV CMS is committed to working with HHS and OMB to develop and implement a plan that supports the President's Management Agenda (PMA) e-gov goals. CMS is already taking a lead role in supporting HHS as the managing partner for the Consolidated Health Informatics (CHI) initiative, one of two OMB e-gov “QuickSilver" initiatives (along with E-Grants) for which HHS is the managing partner. The CHI initiative was received as a "business case only" initiative. A business case will be presented to the President's Management Council and the PMC will make a determination whether to support subsequent execution of the business case. The CHI initiative will overcome the single most significant obstacle to governmentwide heath data interoperability - the lack of universal messaging and clinical health data standards. CHI will enable all Federal agencies to "speak the same language" by adopting a portfolio of existing health data interoperability standards for all Federal agencies to use within the Federal enterprise-wide business and technology architectures. CHI includes designing the change-management work needed following the adoption process to keep the enterprise-wide health data architecture viable. For the first time, CHI will "bring to the table" and institutionalize executive-level strategic and technical coordination among all Federal users of health information. Business partners are informed of our intent and decisions and given the opportunity to coordinate their business/technology architecture decisions and investments. When completed, CHI would enable agencies to establish health enterprise architecture leading to the following benefits: The ability to capture health data at one point and allow reuse many times over, O Faster and more complete electronic health records access resulting in fewer errors and lower administrative costs; o Strengthened national public health efforts and disaster preparedness; and o Improved quality in healthcare by accelerating clinical decision-making. In addition to its managing partner role on CHI, CMS is proposing as part of its FY 2004 budget request to leverage the advances made by other OMB e-gov initiatives, specifically, on such issues as PKI, electronic signatures, and authentication. CMS intends to pilot solutions identified and developed within these initiatives within CMS's business operations, both internally (to effectively automate business processes) and externally (e.g., in Medicare claims processing operations). During FY 2003, CMS will be engaged in the development of specific plans to leverage these solutions and incorporate them into our target enterprise architecture that will guide investment decision-making during FY 2004. CMS is also contributing in-kind labor resources to several other PMA e-gov initiatives: On-line Rulemaking, eAuthentication, eGrants, USA Services, GovBenefits and eVital. Given CMS's programmatic focuses and major systems responsibilities, great potential for leveraging results exists as these PMA initiatives deploy their solutions government THE PRESIDENT'S MANAGEMENT AGENDA wide. CMS monitors the work under all 24 initiatives to seek opportunities for alignment and cross-agency benefits. CMS's internal e-Government plan includes government-to-citizen (G2C), -business (G2B), and -government (G2G) activities focused on developing a culture of responsiveness. Major work has been initiated and in many cases completed for internal e-gov activities, such as: improved customer service relationship management through expanded 1-800-MEDICARE call center services (G2C); expanded and enhanced general web services improving national coverage decision making (G2C), improved access to R&D information (G2B), use of the web for collecting information and improving provider relations (G2B); using electronic rule making and on-line policy manuals (G2B); establishing various electronic State plan and enforcement tracking systems (G2G); and joining with other HHS operating divisions in using a central grant-making common portal for pre- and post-grant award work (G2G). Many of these local initiatives contribute to, or draw from, the 24 PMA initiatives. BUDGET AND PERFORMANCE INTEGRATION CMS's Annual Performance Plan (APP) complements and supports the agency's FY 2004 budget request and is integral to it. Our FY 2004 and revised FY 2003 APPs and our FY 2002 Annual Performance Report are attached at Tab VI. CMS has taken care to ensure that major budget categories, including both program benefits and program administration funds, have adequate coverage in the APP. The CMS performance plan and report are organized by budget category to provide a linkage of performance goals, program activities, and dollar amounts. These linkages ensure that, in setting performance goals, CMS selects goals that are representative of the full range of agency activities and resources. Beginning in FY 2004, agency budgets will focus on results-oriented government guided by performance. The Office of Management and Budget developed the Program Assessment Rating Tool (PART) to evaluate programs in a systematic and objective manner, using numeric scores which rate overall program effectiveness and highlight strengths and weaknesses. In 2002, two of CMS's programs, the Medicare Integrity Program (MIP) and the State Children's Health Insurance Program (SCHIP), were assessed using the PART. Both programs received high scores. As a result of the PART process, CMS has included in its FY 2004 APP two new program integrity goals measuring the Medicare contractor error rate and provider compliance rate. CMS's overall number of goals has remained relatively stable. CMS has increased the proportion of outcome-oriented goals that speak to fundamental program purposes and to the agency's role as a steward of taxpayer dollars. The total number of FY 2004 goals in the APP is 37, with reporting on 35 FY 2002 goals. |