CMS Secures Beneficiary Health Records, Improves Workforce Efficiency

Challenge

For the past 15 years, the Centers for Medicare & Medicaid Services (CMS) has looked to Guidehouse to help secure the health records of its beneficiaries through testing and evaluation of the information security programs at Medicare Administrative Contractors. These programs must comply with the requirements set forth in the Federal Information Security Management Act of 2002.

Solution

Guidehouse has been contracted to perform procedures, established by CMS, across nine areas, such as privacy and penetration testing. These initiatives include instructor-led trainings and technical papers on topics, including those listed in the table below.

Impact

• Helped CMS payers improve information security through testing and extensive continuing professional education programs
• Substantially reduced the number of high-risk information security vulnerabilities identified in new testing areas
• Significantly increased security admins’ ability to perform their job, improving workforce efficiency, according to program participant survey results

Ranked the second largest healthcare consulting firm in 2022 by Modern Healthcare, Guidehouse has delivered cybersecurity solutions to commercial and public sector organizations, including the Centers for Medicare & Medicaid Services, the Centers for Disease Control and Prevention, Anthem, and multiple healthcare providers. Our team includes experts formerly responsible for protecting U.S. national security systems against cyberthreats.