The Centers for Medicare and Medicaid Services (CMS) provides health care to over 75 million Americans.
To help enhance the agency's security posture, CMS awarded Fearless the sole source CyberGeek contract. On this project, we’re developing a searchable, centralized portal for security information.
Background on CyberGeek.
Providing health care to tens of millions is a massive undertaking, and it requires an entire ecosystem of digital tools and products. To protect sensitive personal information and government data, CMS’s Information Security and Privacy Group (ISPG) holds these products to a high standard of security.
One of ISPG’s most critical functions is guiding and supporting users as they complete security-related tasks. Because these tasks are often very complex, ISPG personnel spend a large percentage of their time responding to help desk tickets and direct inquiries.
As part of our work on the Rapid Authority to Operate contract with CMS, Fearless started working to reduce the burden on ISPG staff. We delivered a public-facing security.cms.gov pilot in just 12 weeks. This created a baseline for an authoritative, human-centered source of security information. Through the new CyberGeek contract, we'll be continuing this important work.
About the CMS CyberGeek contract.
On the CyberGeek contract, we’re using our pilot to create a unified portal for ISPG information. We're consolidating data from a variety of disparate sources into an easily searchable one-stop shop for information.
Fearless' Health & Sciences Portfolio Director, Nichole Weems, is excited about the effect the contract will have on CMS.
“This is a content and information architecture heavy project,” Nichole said. “But it’s not just about how we organize information. It’s about determining what information is of value and then figuring out the best way to provide that information to users.”
To make the platform easy to use and understand, we’re writing content in plain language and taking a context-driven approach. We're also integrating with OKTA for single sign-on, which will allow us to tailor users' experiences based on their roles. And for the search experience, we’re taking inspiration from Google itself.
In this way, we’re building an intuitive, human-centered gateway for ISPG’s security information. The portal will reduce the burden on ISPG employees and empower users across CMS with the security information they need when they need it.