CMS MARS-E Compliance

Contact Us for More Information

Minimum Acceptable Risk Standards for Exchanges

If your organization operates a State Health Insurance Exchange under the Patient Protection and Affordable Care Act, your IT systems may be at risk. In implementing federally sanctioned ACA programs, your staff collects and manages information for which US Center for Medicare and Medicaid Services (CMS) has oversight responsibility. As with many stores of Personally Identifiable Information, Protected Health Information, and Federal Tax Information, your data is always a target for unauthorized access. To minimize the potential for a data breach, the US Department of Health and Human Services requires you to protect the private CMS information under your control.

At Ward IT Security Consulting, we understand your duties to promote information security and privacy under CMS MARS E guidelines. Our professionals can assist you by identifying any IT system vulnerabilities and establishing a plan to help you comply with regulatory standards.

Helping You Comply With CMS MARS E Standards

When we analyze and evaluate your organization’s CMS MARS-E compliance, our team puts our cumulative experience to work for you. We understand the complex technical and operational details outlined by the Catalog of Minimum Acceptable Risk Controls for Exchanges. We carefully review and evaluate the Security Control Families covered by the guidelines.

As we work to complete your CMS MARS E system evaluation, we establish a working relationship with your staff. When we complete our assessment, we present a Report of Findings referencing detailed, evidence-based knowledge and relevant standards. If we find instances of noncompliance, we rate them according to threat levels to help you decide how best to implement solutions.

Why We’re Best In Class

At Ward Consulting, we understand that your ACA Exchange presents unique security and privacy challenges. That’s why we believe it’s important to approach your analysis collaboratively. As we evaluate your IT system strengths and weaknesses, we keep your staff in the loop. We seek valuable input from the beginning of the process to end. With your input, we go deep into your system. Our team uncovers vulnerabilities and weakness that can’t be detected during a canned review process or a cursory examination.

Our Collaborative Approach

Collaboration is foundational to achieving the very best results in securing your organization. Our approach with IT staff, management and business process owners is inclusive and key to cooperation, consensus and collaboration. 

Effectively securing your organization is our mission!