Privacy

Introduction

This handbook defines actions that must be taken in response to a suspected breach of Personally Identifiable Information (PII) / Protected Health Information (PHI) / Federal Tax Information (FTI) at the CMS to meet federal requirements for breach response. The handbook includes roles and responsibilities, breach response deliverables and lines of communication, triggers for federal reporting requirements, and resources from HHS and other authorities.

Privacy Impact Assessment (PIA)

Read more about Privacy Impact Assessment (PIA)

CMS Privacy Impact Assessment (PIA) Handbook

Read more about CMS Privacy Impact Assessment (PIA) Handbook

What is the purpose of a Privacy Impact Assessment (PIA)?

A Privacy Impact Assessment (PIA) is an analysis of how personally identifiable information (PII) is collected, used, shared, and maintained. The purpose of a PIA is to demonstrate that system owners have consciously incorporated privacy protections within their systems for information supplied for by the public.

CMS Data Use Agreement (DUA)

CMS Computer Matching Agreement (CMA)

CMS Breach Response Handbook

Introduction

Privacy Impact Assessment (PIA)

CMS Privacy Impact Assessment (PIA) Handbook

What is the purpose of a Privacy Impact Assessment (PIA)?

Privacy

CMS Information Exchange Agreement (IEA)