QualityNet Communications Hub

Versions Compared

Old Version 260

changes.mady.by.user Thomas Letkiewicz

Saved on

compared with

New Version Current

changes.mady.by.user Thomas Letkiewicz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Align


Horizontal Navigation Bar
idSpaceContent
titleQualityNet Content


Horizontal Navigation Bar Page
idQNETITSvcs
titleQualityNet IT Services


As CMS looks to the future of supporting our Nation’s healthcare, we have taken an aggressive approach to modernize and enhance many common technologies within QualityNet. The result of this effort has resulted in the following QualityNet IT Services. *Note, access to these services is contingent upon COR and Service Lead Approval.



Section


Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/FileCloud


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleFileCloud
System Status -
Excerpt Include
HS:FileCloud
HS:FileCloud
nopaneltrue

FileCloud allows users to upload, download, and share contract-related files and documents while operating within the HCQIS Cloud.




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/HARP


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleHARP

System Status -

Excerpt Include
HS:HARP
HS:HARP
nopaneltrue

HCQIS Access Roles and Profile (HARP) is a secure identity management portal provided by CMS. A HARP account provides a user ID and password that can be used to sign into many CMS applications.





Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/Managed+File+Transfer


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleMFT
System Status -
Excerpt Include
HS:Managed File Transfer
HS:Managed File Transfer
nopaneltrue

Managed File Transfer (MFT): Automates and secures data exchange to meet the needs for reporting and sharing data between both internal and external resources using a centralized enterprise-level approach.






Section


Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/pages/viewpage.action?pageId=49381706


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleData & Analytics

System Status -

Excerpt Include
DATA:FAQs
DATA:FAQs
nopaneltrue

Data & Analytics: The centralized data repository (CDR) in the HCQIS Cloud and CCSQ Analytics Platform (CAP) tools.

  • The CDR offers convenient, secure, and timelier access to CCSQ Quality data and claims data sourced from CMS systems of record.
  • The CAP currently offers cloud-enabled, analytics engine that provides quick, accurate, and reliable analytics insights. It provides data wrangling and visualization, basic statistics, and advanced modeling capabilities.





Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/QualityNet+Atlassian


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleQualityNet Atlassian
System Status -
Excerpt Include
HS:QualityNet Atlassian
HS:QualityNet Atlassian
nopaneltrue

QualityNet Atlassian: A collection of collaboration and planning services. The Atlassian suite includes the following tools

  • Jira:  A work management system designed around the way software development and Agile teams do work, which provides the ability for individuals and teams to create, manage, and track tasks. 
  • Confluence: A group collaboration and content management tool that provides content spaces with blog and repository functionality.




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/pages/viewpage.action?pageId=97714432


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleQualityNet Mailer

System Status -

Excerpt Include
HS:QualityNet Mailer (Listserv Replacement)
HS:QualityNet Mailer (Listserv Replacement)
nopaneltrue

QualityNet Mailer: A mailing list management system to communicate with end-users via email. The system offers notification lists (allows dissemination of information via email to list subscribers) and discussion lists (allows list members to participate in email conversations).





Section


Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/QualityNet+Portal


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleQualityNet Portal

System Status -

Excerpt Include
HS:QualityNet Portal
HS:QualityNet Portal
nopaneltrue

QualityNet Portal: Provides healthcare quality improvement news, resources and data reporting tools and applications used by healthcare providers and others (https://www.qualitynet.org).




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/HCQIS+ServiceNow


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleHCQIS ServiceNow

System Status -

Excerpt Include
HS:HCQIS CCSQ ServiceNow
HS:HCQIS CCSQ ServiceNow
nopaneltrue

HCQIS CCSQ ServiceNow: The software platform which supports IT Service Management (ITSM). It helps you to automate IT Business Management (ITBM). This cloud-based platform is designed based on ITIL guidelines. ServiceNow focuses on service-orientation toward the tasks, activities, and processes.




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/QualityNet+Slack


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleQualityNet Slack

System Status -

Excerpt Include
HS:QualityNet Slack
HS:QualityNet Slack
nopaneltrue

QualityNet Slack: A digital-based collaboration tool enabling real-time communication between individuals and groups within the HCQIS community.







Section
bordertrue

System Status Legend

For additional information on Service Interruptions, please visit the associated Service Page.

Column
width25%

Status
colourGreen
titleOperational
 All services are working. No issues reported.



Column
width25%

Status
colourYellow
titleIssues Reported
 Issues have been reported. There may be some service interruptions or general access issues.



Column
width25%

Status
colourBlue
titlePlanned Outage
 Current or scheduled outage is underway.



Column
width25%

Status
colourRed
titleSystem Outage
 System is currently down.  Some or all services are interrupted.





*Based on your scope of work, you may request access to one or more of these QualityNet IT Services by reaching out to your COR with the following information:

  1. The services being requested
  2. A business need for each service
  3. # of users of the service
  4. Security Official (SO) HARP ID


Horizontal Navigation Bar Page
idADOServices
titleADO Services

**The below services and processes are for Application Development Organizations (ADOs) only**

As CMS looks to the future of supporting our Nation’s healthcare, we have taken an aggressive approach to modernize and enhance many common technologies within QualityNet. This effort has resulted in the following QualityNet IT Services. *Note, access to these services is pre-approved for ADO contracts only.



Section



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/Ansible+Tower


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleAnsible Tower

System Status -

Excerpt Include
HS:Ansible Tower
HS:Ansible Tower
nopaneltrue

Ansible Tower is agentless Open Source automation engine that can be used to automate software provisioning, configuration management, application deployment, and a host of other IT activities. Ansible Tower is a web-based solution that makes Ansible even easier to use for IT teams of all kinds. It is designed to be the hub for all your automation tasks and to make Ansible more useable in an Enterprise setting.




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/pages/viewpage.action?pageId=146770216


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleJenkins (CJE)

System Status -

Excerpt Include
HS:Jenkins (CJE)
HS:Jenkins (CJE)
nopaneltrue

Jenkins is an Open Source automation and orchestration engine. Jenkins offers a simple way to help automate the non-human parts of the software development process. Jenkins implements a continuous integration and continuous delivery environment for almost any combination of languages and source code repositories using pipelines, as well as automating other routine development tasks. Cloudbees Jenkins Enterprise (CJE) is a centrally managed Enterprise class version of Jenkins.




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/New+Relic


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleNew Relic

System Status -

Excerpt Include
HS:New Relic
HS:New Relic
nopaneltrue

New Relic Application Performance Monitoring (APM) is a Software as a Service (SaaS) offering to monitor resources such as infrastructure, applications, and Amazon Web Service (AWS) endpoints for applications in the HCQIS cloud. New Relic is fully integrated with the HCQIS single sign on solution and is replacing SteelCentral APM for applications in the HCQIS Cloud. 






Section


Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/HCQIS+AWS+Cloud


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleHCQIS AWS Cloud

System Status -

Excerpt Include
HS:HCQIS AWS Cloud
HS:HCQIS AWS Cloud
nopaneltrue

The HCQIS Cloud is an AWS-based public cloud solution that enables the HCQIS program to utilize AWS cloud services in a manner that meets CMS security, architecture, and governance requirements.




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/GitHub+Enterprise


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleGITHUB

System Status -

Excerpt Include
HS:GitHub Enterprise
HS:GitHub Enterprise
nopaneltrue

GitHub Enterprise (GHE) is the Open Source solution used by HCQIS to implement Software Configuration Management (SCM).




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/Nexus+IQ+Server


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleNexus IQ Server

System Status -

Excerpt Include
HS:Nexus IQ Server
HS:Nexus IQ Server
nopaneltrue

Nexus IQ Server (NXIQ) is the policy engine that powers Nexus Firewall, Nexus Lifecycle, and Nexus Auditor.





Section




Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/pages/viewpage.action?pageId=146770248


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleNexus Repository Manager (NXRM)

System Status -

Excerpt Include
HS:Nexus Repository Manager (NXRM)
HS:Nexus Repository Manager (NXRM)
nopaneltrue

Nexus Repository Manager (NXRM) is the repository management solution that is used by HCQIS to store and manage whatever libraries and other binary artifacts that the users require.




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/Zscaler


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleZscaler

System Status -

Excerpt Include
HS:Zscaler
HS:Zscaler
nopaneltrue

Zscaler: An alternative to a virtual private network (VPN) that uses a unique method of allowing users to access HCQIS resources, while remaining connected to contractor network resources.




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/Splunk


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleSplunk

System Status -

Excerpt Include
HS:Splunk
HS:Splunk
nopaneltrue

Splunk is a powerful tool for searching and exploring data. It can help predict, identify, and solve problems related to business, information technology (IT), DevOps, and security in real time.





Section


Column
width25




Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/QualityNet+Survey+Monkey


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleSurveyMonkey

System Status - 

Excerpt Include
HS:QualityNet Survey Monkey
HS:QualityNet Survey Monkey
nopaneltrue

SurveyMonkey is  an online survey software tool that helps you to create and run professional online surveys.  With SurveyMonkey you can gather opinions and transform them into actionable Data.  




Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/TestRail


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleTestRail


System Status -

Excerpt Include
HS:TestRail
HS:TestRail
nopaneltrue

TestRail is a modern web-based Test Case Management system developed by Gurock that provides a complete test case management solution to efficiently mange, track and organize software testing efforts. 






Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/HCQIS+Network


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleHCQIS Network DevOps

System Status - 

Excerpt Include
HS:HCQIS Network
HS:HCQIS Network
nopaneltrue

HCQIS Network DevOps provide and supports secure network infrastructure and data transfer services into, out of, and within HCQIS processing environments. Network Services (Internet, CMSNet WAN, HCQIS WAN, VPN, Network Security, Presentation Zone. Data Services (Data Transfer, Data Manipulation, Data Retrieval, Syslog Servier Cluster.)







Section



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/Change+Management


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleChange Management

Change Management is the guiding process for how we prepare, equip and support our customers and employees throughout the phases of an implemented change. It provides an organized method for people to successfully move from their current ideology or methodology to their future ones as you have defined them.





Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/display/HS/Incident+Management


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleIncident Management

Incident Management is the process used by DevOps and IT Operations teams to respond to an unplanned event or service interruption and restore the service to its operational state.





Column
width5



Column
width25


Clickable
linkhttps://qnetconfluence.cms.gov/pages/viewpage.action?pageId=11728908849387882


Panel
borderColor#254b78
titleColor#ffffff
borderWidth1
titleBGColor#254b78
borderStylesolid
titleRelease and Environment Coordination 

Release and Environment Coordination 

Release and Environment Coordination provides for advanced Enterprise Services (ES) / Line of Business (LOB) planning for required infrastructure and other updates. 

Authentication required to access this information 










Section
bordertrue

System Status Legend

For additional information on Service Interruptions, please visit the associated Service Page.

Column
width25%

Status
colourGreen
titleOperational
 All services are working. No issues reported.



Column
width25%

Status
colourYellow
titleIssues Reported
 Issues have been reported. There may be some service interruptions or general access issues.



Column
width25%

Status
colourBlue
titlePlanned Outage
 Current or scheduled outage is underway.



Column
width25%

Status
colourRed
titleSystem Outage
 System is currently down.  Some or all services are interrupted.





*Based on your scope of work, you may request access to one or more of these QualityNet IT Services by reaching out to your COR with the following information:

  1. The services being requested
  2. A business need for each service
  3. # of users of the service
  4. Security Official (SO) HARP ID


Horizontal Navigation Bar Page
titleContract Engagement

The Information Systems Group (ISG) Contract Engagement team is responsible for onboarding new contractors and offboarding outgoing contractors to the CMS HCQIS infrastructure, also know as QualityNet, and its information resources. This page briefly describes the contract engagement process and provides links to resources that are available to CMS Contracting Officer's Representatives (CORs) and contractors related to training requirements, data use agreements, and other CMS services.

Refer to the ISG Contract Engagement Lifecycle Standard Operating Procedure for complete information regarding the roles of each Contract Engagement team member and the steps involved in onboarding and offboarding contractors from the QualityNet services. 

Button Hyperlink
titleContract Engagement Lifecycle
typeprimary
urlhttps://qnetconfluence.cms.gov/display/ISGCO


Panel
borderWidth0


HTML
<style>
.aui-tabs.horizontal-tabs>.tabs-menu>.menu-item.active-tab a {font-family: Arial; font-weight: bold; background-color:#E8EFF8; Color:black; font-size: 15px;}
.aui-tabs.horizontal-tabs>.tabs-menu>.menu-item a {font-family: Arial; font-weight: bold; background-color:#ffffff; color:black; font-size: 15px;}
</style>


HTML
<style>
.aui-tabs.vertical-tabs>.tabs-menu>.menu-item.active-tab a {font-family: Arial; font-weight: bold; background-color:#254b78; Color:white; font-size: 12px;}
.aui-tabs.vertical-tabs>.tabs-menu>.menu-item a {font-family: Arial; font-weight: bold; background-color:#ffffff; color:black; font-size: 12px;}
</style>




Tabs Container
idContract Engagement
directionhorizontal


Tabs Page
titleCORs

CMS CORs

The CMS COR  is an integral part of the ISG contract engagement process, representing CMS and supporting the new contracting organization to ensure all CMS contract requirements are met and all new contractor questions and needs are addressed for a successful onboarding experience. In addition, the CMS COR assists in closing out contracts, which can include extending or transitioning efforts to a new contractor. 


Tabs Container
directionvertical


Tabs Page
titleOnboarding

QualityNet IT Services Contract Onboarding Process

The onboarding process, which follows a timeline that begins 60 days prior to contract award, consists of the following activities:

  • Notification of Contract Solicitation
  • Identification of Contract Requirements
  • Notification of Contract Award
  • Completion of Contract Engagement Intake Form
  • Participation in Contract Engagement Meeting

COR Actions

To ensure a smooth and quick onboarding experience for all involved, the following actions should be completed according to the stated timeline.


Expand
titleACTION 1: Notification of Contract Solicitation

Notify the Contract Engagement team of a new contract that is being solicited and provide an estimated award date at the following email address: ISGContractEngagement@hcqis.org

Note: Only a high-level notice is needed; only provide contract specifics that are publicly available as contractors have access to the email address and only non-sensitive information should be included.

Timeline: Notice 60 days in advance of the anticipated award is preferred so that the team can begin preparing materials in support of the onboarding process.



Expand
titleACTION 2: Identification of Contract Requirements

Work with the Contract Engagement team to identify high-level service requirements for the new contract to gain a better understanding of what QualityNet IT Services will be applicable. Some contract types, such as ADOs, already have a package of services pre-approved for use.

If this is not an ISG contract, please fill out the ISG Questionnaire and provide the approved ISG Questionnaire to the Contract Engagement team to assist with requirements gathering.

Timeline: After issuance of the Solicitation, which includes Statements of Work (SOW) and Objectives (SOO) and before contract award.



Expand
titleACTION 3: Notification of Contract Award

Notify the Contract Engagement team of the new contract award at the following email address: ISGContractEngagement@hcqis.org.

Timeline: At the time of contract award.



Expand
titleACTION 4: Completion of Contract Engagement Intake Form

Identify the QualityNet IT Services required by assisting the New Contractor in completing the Contract Engagement Intake Form. Refer to the CMS Services tab for guidance on the Data Use Agreement (DUA) process.

  • Designate initial contractor Security Official (SO) to review contractor access to approved QualityNet IT Services.
  • Designate initial contractor Security Point of Contact (SPOC) who will ensure security compliance.

Timeline:  Within 5 business days from the start of contract Period of Performance (POP).



Expand
titleACTION 5: Participation in Contract Engagement Meeting

Participate in a meeting with the Contract Engagement team and the New Contractor regarding onboarding into QualityNet IT Services required to perform the work.

Timeline: Within 5 business days of the POP beginning. Note that the Contract Engagement Intake Form must be completed before the meeting is held.



Resources

Need Help?

Contact the Contract Engagement team at ISGContractEngagement@hcqis.org.


Tabs Page
titleCloseout

Contract Closeout Process

The Contract Engagement team tracks contracts that use QualityNet IT Services from contract start to end. To ensure a smooth and secure process is followed for closing out an existing contract's access to these services, the team contacts the CMS COR 60 days before the contract POP end date to initiate closeout activities.

These activities start by communicating which scenario will occur once it is known to the Contract Engagement team. Based on the scenario, the Contract Engagement team will request a few pieces of information that are needed to coordinate user access.

The CMS COR is asked to select one of the following closeout scenarios:


Expand
titleSCENARIO 1: Contract ends, and a new contract is re-awarded to the incumbent.

Under this scenario, the team attempts to allow the contractors to retain their current access to QualityNet IT Services.

The following information is requested to accomplish this goal:

  • New Contract Name (if applicable)
  • New period of performance (POP)
  • New Contract and Task Order Numbers (if applicable)
  • For contracts that utilize SAS VIYA or a service that requires a Data Use Agreement (DUA), validate the DUA is still active.
    • If not, a new DUA is required and access will be paused until the PDF copy of the updated/new DUA is provided.
  • Confirm that the Security Official (SO) and Security Point of Contact (SPOC) remain the same.
    • If not, provide new SO and SPOC names and HARP IDs.
  • Determine if any data the contractor worked on for CMS needs to be archived and if contractor will need the same data for a new contract.



Expand
titleSCENARIO 2: Contract ends, and a new contract is awarded to another contractor.

Under this scenario, the team will coordinate the timely removal of the contractor's access to the QualityNet IT Services and coordinate the onboarding process with the new contractor.

The following information is requested to accomplish this goal:

  • Confirm the POP end date for the current contractor so the team can coordinate the timely removal of the contractor’s access to QualityNet IT Services.
  • Determine if any data the contractor worked on for CMS needs to be archived and if the new contractor may need the data.

Note: The new contract will follow the New Contract Onboarding Process. A separate communication will be sent to the CMS COR on this process when the contract is awarded.



Expand
titleSCENARIO 3: Contract ends without a new version of the contract being awarded.

Under this scenario, the team will coordinate the timely removal of the contractor's access to the QualityNet IT Services and ensure that all CMS data is archived.

The following information is requested to accomplish this goal:

  • Confirm the POP end date for the current contractor so the team can coordinate the timely removal of the contractor’s access to QualityNet IT Services.
  • Determine if any data the contractor worked on for CMS needs to be archived.



Expand
titleSCENARIO 4: Contract POP is extended.

Under this scenario, the team will update existing records with the new contract information.

The following information is requested to accomplish this goal:

  • Confirm the new POP end date for the team's tracking purposes.
  • If using SAS Viya or another service requiring a Data Use Agreement (DUA), confirm the contractor’s DUA is valid through the new POP end date. If any updates to the DUA, a PDF copy of the updated DUA will be required.


The Contract Engagement team's role is to ensure that user access to QualityNet IT Services occurs seamlessly, whether onboarding a new contractor, transitioning an existing contractor, or closing out a contract with no award, by working with the CMS COR.


Tabs Page
titleMaintenance

Contract Maintenance

During the contract Period of Performance (POP) there are three actions for QualityNet IT Services that may require CMS COR involvement:



Expand
titleACTION 1: Assignment of New COR

Advise the Contract Engagement team if a new COR is assigned to the contract so that the HARP and ServiceNow records can be updated accordingly. Email should be sent to ISGContractEngagement@hcqis.org.

Timeline: Immediately upon reassignment.



Expand
titleACTION 2: Approval of Additional SPOCs

Approve additional Security Points of Contact (SPOC) in QualityNet | HARP. The CMS COR needs a HARP ID to approve/reject additional SPOC requests. Refer to the QualityNet | HARP for instructions on getting started with a HARP ID.

Note: The first SPOC will be set up by the Contract Engagement team during the onboarding process.

Timeline: As needed.



Expand
titleACTION 3: Approval of Additional QualityNet IT Services

Approve QualityNet IT Services if a contract requires additional services after initial onboarding is completed. The Contract Engagement team will request approval via email.

Timeline: As needed.





Tabs Page
titleContractors

Contractors

As part of the contract engagement process, contractors are required to designate at least one Security Official (SO) and Security Point of Contact (SPOC). 


Tabs Container
directionvertical


Tabs Page
titleSecurity Official

Security Official

The SO is responsible for the following:

  • Communicate to users in your organization how to request access to the QualityNet IT Services approved for your contract/organization.
  • Review and approve all new user requests for these services.
    NOTE: Only approve user requests that come directly from your contract/organization.
  • Remove users that no longer require access to these services.
  • Approve other SOs within your organization, as needed, to assist with the above tasks.

Refer to the Security Official Role on the QualityNet | HARP page for instructions on requesting the SO role in HARP and a short video of the role. Once your request is approved, you will review and approve requests from members of your organization for access to the desired services. You will also remove users’ access to services no longer needed.


To ensure a smooth and quick start to utilizing the approved service(s), the Contract Engagement team recommends the following actions be taken:


Expand
titleACTION 1:

Ensure all users have HARP IDs. 

For instructions on the process, refer to the QualityNet | HARP page.


Expand
titleACTION 2:

Notify members that they may now request above services.

Refer to the QualityNet IT Services page for instructions on the user request process for each service.


Expand
titleACTION 3:

Approve user access to the services.

As an approved SO for your organization, you can now approve or reject user role requests.  For instructions on this process, refer to the Security Official Role tab on the QualityNet | HARP page.


Resources

QualityNet | HARP

QualityNet IT Services


Tabs Page
titleSPOC

Security Point of Contact

Each organization is required to designate at least one (1) Security Point of Contact (SPOC) who is responsible for ensuring the organization is compliant with CMS security requirements and policies. You may access the Policies/Procedures and Security Awareness Training by going to https://qnetconfluence.cms.gov/ and selecting Security. The SPOC is responsible for reporting and handling security incidents that occur within the organization. 

When a contract is awarded, the CMS COR will designate the first SPOC who will be established in ServiceNow. When an organization needs to add, update, replace or make any changes to the  SPOC it can be done via the HARP application following the instructions below. Once approved, the SPOC is stored and tracked through ServiceNow for general tracking and maintenance. 

HCQIS ServiceNow - Refer to Security POC tab on this page for requesting assignment as your organization's SPOC for a program. Note that your CMS COR must have a HARP account for your request to be approved.

Security Requirements and Policies

QualityNet Security - Central source of security-related information and reference material.

Resources

HCQIS ServiceNow

QualityNet Security




Tabs Page
titleAccess to Services

Access to Services

Refer to the Access to Services page on the ISG Contract Engagement Lifecycle site for the following information:

  • QualityNet IT Services - Identifies QualityNet IT Services available to the HCQIS community and managed by the Information Services Group (ISG).
    • Contractor Onboarding - Outlines the process for new or existing contractors to gain access to QualityNet IT Services.
  • CMS Services - Provides information and resources regarding Data User Agreements (DUAs), Enterprise User Administration (EUA) accounts, and Medicare Provider Enrollment, Chain, and Ownership System (PECOS) to help with setting up and managing contractor access to all of the accounts and tools needed to function and complete work within the HCQIS or ISG environment.
  • QPP Onboarding Process - Provides information regarding the Quality Payment Program (QPP) onboarding process.


Tabs Page
titleFAQs

FAQs


Expand
titleQ: Need Help?

A: For questions, please contact ISGContractEngagement@hcqis.org.


Expand
titleQ: Who do I contact if I require additional QualityNet IT Services?

A: Refer to Contractor Onboarding under the QualityNet IT Services tab for information on how to request additional QualityNet IT Services.


Expand
titleQ: Where can I find information regarding Data Use Agreements?

A: Refer to the CMS Services tab for general information regarding Data User Agreements and links to CMS and CCSQ Data & Analytics resources.


Expand
titleQ: How do I map my DUA to the CCSQ Data & Analytics Centralized Data Repository (CDR) data catalog?

A: Refer to the CCSQ Data & Analytics > Data Resources > Mapping DUAs to the CDR page for information on how to correctly map your DUA to the Centralized Data Repository (CDR).





Horizontal Navigation Bar Page
titleSecurity


Section


Column

QualityNet Security


Column
width65




The QualityNet Security Hub is a central repository that houses HCQIS policies, guidelines, and templates intended for existing or potential CCSQ contractors utilizing QualityNet IT Services and/or HCQIS network resources. These documents are intended to guide Contractors or potential bidders in meeting general CMS security requirements as well as providing associated processes to ensure compliance within the contract and while utilizing the CCSQ systems.

For more general information regarding CMS Information Security and Privacy, please visit: CMS Information Security and Privacy Overview


Section


Column
width45


Clickable
linkhttps://qnetconfluence.cms.gov/display/QNS/QualityNet+Security#QualityNetSecurity-Security_Policy


Panel
borderColor#b8babc
borderWidth1
borderStylesolid


Column
width12



Column
width65






Column
width12









Column
width5



Column
width45


Clickable
linkhttps://qnetconfluence.cms.gov/display/QNS/Security+Awareness+Training


Panel
borderColor#b8babc
borderWidth1
borderStylesolid


Column
width12



Column
width65






Column
width12









Section




Section


Column
width45


Clickable
linkhttps://qnetconfluence.cms.gov/display/QNS/QualityNet+Security#QualityNetSecurity-SPOC


Panel
borderColor#b8babc
borderWidth1
borderStylesolid


Column
width12



Column
width65






Column
width12








Column
width5



Column
width45


Clickable
linkhttps://qnetconfluence.cms.gov/display/QNS/QualityNet+Security#QualityNetSecurity-Incident_Response


Panel
borderColor#b8babc
borderWidth1
borderStylesolid



Column
width12



Column
width65






Column
width12










Horizontal Navigation Bar Page
titleMemos

The QualityNet Confluence Memo space is the replacement location for memos previously posted to QIONet and the ESRD National Coordinating Center (NCC) website. This space serves as a repository for all Quality Improvement Organization (QIO) memos, End Stage Renal Disease (ESRD) (previously referred to as CROWN) memos, and Healthcare Quality Information Systems (HCQIS) memos.

Note: Atlassian credentials are required to access this content. To request access, please contact your organization's Security Official (SO).


Button Hyperlink
titleMemo Home
typeprimary
urlhttps://qnetconfluence.cms.gov/display/memos/MEMO+Home


Frequently Asked Questions

Memo Creation Process

Expand
titleWhen should I use a memo to communicate information?
  • QIO Memos communicate technical direction information to the QIO community. They are restricted to BFCC and NQIIC contractors and CMS staff.
  • TOPS Memos communicate a change in a CMS regulation. They are restricted to BFCC and NQIIC contractors and CMS staff.
  • ESRD Memos communicate technical direction information to the NCC/ESRD community. They are restricted to the ESRD Networks contractors and CMS staff.
  • HCQIS memos are no longer being published. CMS previously issued these memos to the HCQIS community to provide information on network status, training, release notes, and upgrades. However, this information is now being communicated on the Public QualityNet Communications Hub.


Expand
titleHow do I develop a memo and request it be posted to Confluence?

Note: ESRD Memos (formerly CROWN Memos) and QIO Memos (formerly HCQIS Memos) are to be used to communicate technical direction information to the ESRD and QIO communities. CMS is transitioning away from using memos to communicate information such as planned outages, release notes, or status upgrades. TOPS Memos communicate a change in a CMS regulation. Based on this guidance, if a memo is needed, please follow the steps below:

  1. The author develops the memo using the 508 compliant QIO MemoESRD Memo, or TOPS Memo template.
    1. Memo Number: This number will be issued by the HCQIS Memos Team; however, the author needs to determine which category best fits the memo based on the subject. 
    2. Date: Enter month and year. The day will be added by the HCQIS Memos Team on the date the memo is published.
    3. Subject: The title of the memo.
    4. From: Provide the name of the Division Director who has approved the memo. If this individual is different than the author of the memo, include his/her name, as well.
    5. Content: The following are standards to adhere to:
      1. The memo must use the CMS approved 508 compliant templates, which uses Times New Roman 12 font.
      2. Abbreviations should only be used if they follow the term they abbreviate.
      3. Memos with attachments require the attachment to be named at the end of the memo after the closing paragraph.

        Example for single attachment
        Attachment (1):
        1. Attachment name should be the same as attachment title.

        Example with multiple attachments:
        Attachments (2):
        1. Attachment name should be the same as attachment title
        2. Attachment name should be the same as attachment title

  2. Obtain CMS approval at the Division Director level following your internal approval process before submitting to the HCQIS Memo Team for publication.

  3. Submit the completed and approved memo along with any applicable attachments and the memo category to the HCQIS Memo Team’s shared mailbox at hcqis_memo@hcqis.org.

Accessing Memos

Expand
titleCan an individual with an active Atlassian license who is approved to view QIO and/or ESRD memos share memos with others within his/her organization?

Yes. Authorized users from each organization can disseminate memos to others within their organizations, as appropriate. 


Expand
titleCan I still subscribe to a listserv to receive notification when a new memo has been published?

No. Memo notifications are no longer being communicated via listservs. Now Atlassian users who are approved to view memos can “Watch” the memos space to receive email notifications when a new memo is published.

You can choose to watch the entire memo space by clicking Watch at the top of the Memo home page. Alternately, you can watch one particular type of memo (QIO or ESRD), by selecting the related memo page and selecting Watch at the top of the page. If you watch the space or page, you will receive an email with a link to any newly posted emails.


Expand
titleHow do I request a historical memo, i.e. a memo published prior to 2019?

To request historical memos, please email the QualityNet Help Desk at qnetsupport@hcqis.org and include the following information in the request:  Memo Number, Date, Memo Description, Program Type or Memo Type, if applicable, CMS COR, Any other pertinent information.

Other

Expand
titleWhy are there no more HCQIS Memos?

CMS previously issued memos to the HCQIS community to provide information on network status, HCQIS systems status, training announcements, release notes, and database upgrades. However, CMS now communicates this information on the public QualityNet Communications Hub. Historical HCQIS memos from 2019 and 2020 are available on Confluence temporarily.


Expand
titleWhere can I access CROWN memos?

As CMS integrates CROWNWeb and REMIS into EQRS, the term “CROWN Memo” will become outdated. A such, memos directed toward the ESRD network have been rebranded to “ESRD Memos” effective immediately. Also, QualityNet Confluence will be the only place to access ESRD memos moving forward. They will no longer be published to the NCC website.


Expand
titleWhere can I access TOPS memos?

Transmission of Policy System (TOPS) Memos communicate a change in a CMS regulation. TOPS Memos are available on the QIO Memos page.



Horizontal Navigation Bar Page
titleQualityNet Forum

The QualityNet Forum is a dynamic and interactive forum where the community can share successes and difficulties and collaborate effectively. These topic-based conversations produce searchable threads where anyone can ask questions, comment, and troubleshoot as things arise allowing the community to learn and share collectively.

Note: Atlassian credentials are required to access this content. To request access, please contact your organization's Security Official (SO).


Button Hyperlink
titleQualityNet Forum
typeprimary
urlhttps://qnetconfluence.cms.gov/display/QCF/QualityNet+Forum







...