Privacy Office
The CMS Privacy Office is responsible for the management and oversight of the Privacy Act of 1974 as it pertains to the Centers for Medicare & Medicaid Services (CMS).
The CMS Privacy Officer is the principal authority for the management and oversight of the Privacy Act as it pertains to CMS. Contact the Privacy Officer via e-mail Privacy@cms.hhs.gov or by telephone at 410-786-5357. The Privacy Officer responsibilities include:
- Developing and promulgating this policy;
- Interpreting Privacy Act requirements and rules;
- Implementing the CMS Privacy Act Program;
- Serving as the Agency's adviser for all aspects of the Privacy Act of 1974;
- Serving as the single point of contact for all Privacy Act regulatory and compliance initiatives;
- Developing policy, providing program oversight, and serving as the focal point for CMS Privacy Act matters;
- Reviewing new and existing CMS policies, procedures, program memoranda, interagency agreements and other written arrangements (both inter and intra) which may impact on the personal privacy of an individual;
- Advising and assisting with the development and coordination of Privacy Act computer matching agreements between CMS components and other Federal or State agencies;
- Finalizing, reviewing, coordinating, clearing and submitting for publication in the Federal Register, Privacy Act System of Record (SOR) notices and Computer Matching Agreements (CMA) for CMS components;
- Preparing and coordinating applicable CMS submissions for the biennial Department of Health and Human Services (DHHS) Reports to Congress as required by Office of Management and Budget (OMB) Circular A-130;
- Serving on the CMS Data Review Board, the Beneficiary Confidentiality Board, and other Privacy Act forums, as applicable;
- Managing the Agency Privacy Act training and/or awareness programs;
- Coordinating with all system owner/managers to ensure that they understand the Privacy Act requirements and their related responsibilities;
- Reviewing requests and concurs with the need to establish a new Privacy Act SOR or to modify an existing Privacy Act SOR;
- Assisting system owners/managers in preparing Privacy Act SORs and Computer Matching Agreements in accordance with established procedures;
- Ensuring that SORs and CMAs comply with the Privacy Act; and
- Providing day-to-day policy guidance and assistance to the CMS components in their implementation and execution of their programs.
Related Links
- Page last Modified: 06/14/2012 8:24 PM
- Help with File Formats and Plug-Ins