Security News

CMS to Update Infrastructure for Quality Payment System

CMS partners with Okta to implement an advanced IDaaS solution in compliance with the Quality Payment Program.

By Elizabeth O'Dowd

- The Centers for Medicare and Medicaid Services (CMS) has selected Okta Identity Cloud to improve security, scalability, and user experience in its build up to the official start of the Quality Payment Program as part of MACRA implementation

CMS partners with Okta

The federal agency announced the final rule for the Quality Payment System last week, which begins Jan. 1, 2017, for eligible clinicians.

CMS selected Okta to assist their transformation into an advanced and flexible identity architecture. Okta Identity Cloud improves user experience for healthcare providers by modernizing CMS backend systems, making IT infrastructure agile and able to scale with the federal agency’s increasing number of authentications.

Okta Identity Cloud is an identity and access management-as-a-service (IDaaS) solution, a web-delivered service that establishes and enforces control access levels for individual users based on the data each user is qualified to access.

IDaaS solutions contain a database with users IDs and passwords and allows users to reset their passwords if needed as an administrator manages user activity. For security and convenience, the IDaaS solution connects all of an organization’s services (e.g., SaaS applications, development platforms) to the database of user information, often providing users with single-sign in to access all applications . IDaaS manages users accessing information and connects their identity the devices each individual uses to access the network.

Okta prepares to solve common problems CMS often faces by integrating with CMS’s existing identity and access control system to improve usability and security.

According to the official release, Okta Identity Cloud provides organizations with:

  • Scalability: Okta’s cloud-based architecture provides a solution that can accommodate millions of users and scale up during peak periods.
  • Security: Okta enables CMS to securely control user access to the Quality Payment Program (QPP) website and other services, quickly provision and deprovision users, enable multifactor authentication and mitigate unauthorized access.
  • Agility: With Okta, CMS IT architecture is more agile, allowing for much faster deployment of applications, services and new functionalities, removing the need for patching, maintenance and upgrades.
  • User experience: Okta improves the user experience for system administrators, employees and customers by upgrading the user interface and enabling self-service features such as automated password reset.

“We’re in the midst of a massive technological transformation, and the public sector has the opportunity to bring the benefits of the cloud to the public at scale and with impact that surpasses any other industry,” said Frederic Kerrest, co-founder and chief operating officer of Okta. “Agencies like CMS are passionate about better serving their constituents and are working to close the innovation gap by adopting best-of-breed technologies and building cloud services portfolios.”

Earlier this year, Okta achieved HIPAA compliance to “better serve the highly-regulated and security conscious healthcare industry.” Okta’s desire to work with federal agencies interested in identity management demonstrates their commitment to provide the highest standards of security and availability.

Okta claimed that, “security is the number one priority for healthcare IT as the industry grapples with constant threats and growing cost of breaches. Organizations need to implement policies and procedures tailored to their work, size, and openness, but still meet requirements to keep sensitive data encrypted and protected from hackers and security breaches.”

Okta is currently pursuing Federal Risk and Authorization Management Program (FedRAMP) authorization for their information security management system. FedRAMP is a government-wide, standardized approach to security assessment, authorization and continuous auditing for Federal agencies that want to adopt cloud products and services.

A Gartner market overview of IDaaS technology credits the growth of the market to the need for managing identities for SaaS applications, gain faster access than traditional on-premise software, avoid IAM implementation failures, and reduce IAM costs for implementation.

Gartner claims that by 2020, 40 percent of identity and access management (IAM) purchases will use the IDaaS delivery model, up from less than 20 percent in 2016.

CMS has partnered with Okta in an effort to continue towards a modern and technology driven IT infrastructure.

Dig Deeper: