Revisions to Form CMS-10267 QualityNet Identity Management System (QIMS) Account Form
Submission Date: May 12, 2010
Issue Number |
Page Number |
Section |
Action to be performed |
Changes to the Application |
Reason for Change |
1 |
1 |
Type of Request |
Checkbox identifying type of request identifies the type of account being created – general user or security official. |
QIMS – Originally the form request type also included Change, Disable, and Enable. These types were removed because they will no longer require paperwork to be submitted. The changes will still be entered and saved in the QIMS system. Also, annual recertification is being added. |
ISSO change - No paper work is required for enabling, disabling or recertifying QIMS accounts. This will cut down on the original public burden associated with approval signatures, notarization and mailing. |
2 |
1 |
Type of Request |
Checkbox identifying type of general user. |
New data field added to QIMS and to the form. |
ISSO change – Requested additional information |
3 |
1 |
Type of Request |
Checkbox identifying level of Security Official |
New data field added to QIMS and to the form. |
ISSO change – Requested additional information |
4 |
|
Annual Recertification |
Each year Security Awareness Training is required in order for an existing user account to be recertified. |
QIMS – While it is not part of the form, the application will be updated to include an Annual Training Checkbox. The system will calculate the 365 day requirement based on internal dates stored. |
ISSO change – Required to meet ARS guidelines. (Mike Blake provided link – www.cms.gov/information security/downloads/ARS_App_B_CMSR_Moderate.pdf) |
5 |
1 |
Personal Information |
Remove home phone |
QIMS - Remove the collection of home telephone number from the form and application. |
ISSO change – Not needed. |
6 |
1 |
Personal Information |
The CMS CIO, Julie Boughn, has mandated that CROWNWeb be required to use 2 Factor Authentication due to the PII and PHI data contained within the system. QIMS is being enhanced to include 2 Factor Authentication. |
QIMS - Moved business phone number and extension from Business Information section to Personal Information section.
|
ISSO change – Business phone number and extension were always required; however, it must be a number that they can contact the QIMS account owner for the 2 Factor credential; therefore, the ISSO wanted it moved from the business information section to the personal information section. |
7 |
1 |
Personal Information |
The CMS CIO, Julie Boughn, has mandated that CROWNWeb be required to use 2 Factor Authentication due to the PII and PHI data contained within the system. QIMS is being enhanced to include 2 Factor Authentication. |
Moved business E-mail address from Business Information section to Personal Information section. |
ISSO change – E-mail address was always required; however, now it can be the personal e-mail address if the person does not have an individual business e-mail address; therefore, the ISSO wanted it moved from the business information section to the personal information section. |
8 |
2 |
Authorization |
Manager’s signature and date |
No change in application; however, this information was moved on the form from page 1 to page 2. |
ISSO change – ISSO wanted the authorization, validation and notarization moved to the same page. |
9 |
2 |
Validation |
Vetting Official’s signature and date |
New to QIMS application and form. |
ISSO change – Since the ISSO is only requiring SO accounts to be notarized, all accounts will have to be vetted. This process was currently being peformed through the mandated notarization of all forms.
Note: This change reduces the notarization burden. |
10 |
2 |
Notarization of Applicant’s Identity |
Notarization of account forms will only be required for Security Official Accounts (SO). |
No change in application; however, this information was moved on the form from page 1 to page 2. |
ISSO change – Since notarization is no longer required for all accounts, the information collected was placed on a single page (page 2) separate from the collection of all other information.
Note: This change reduces the notarization burden. |
11 |
2 |
Application Approval |
Added a check box asking what applications need to accessed. |
QIMS is being enhanced to be used for all OCSQ applications, not just CROWNWeb. |
ISSO change – Same user ID can be used to access multiple OCSQ applications.
Note: Future expansion of QIMS to provide user accounts for other OCSQ applications. |
12 |
2 |
Request for 2 Factor Authentication |
QIMS - The CMS CIO, Julie Boughn, has mandated the CROWNWeb be required to use 2 Factor Authentication due to the PII and PHI data contained within the system. QIMS is being enhanced to include 2 Factor Authentication. |
Added a check box asking if 2nd factor credential is required to be filled out by the Security Official.
|
ISSO change – Required to meet CMS CIO mandate. |
13 |
2 |
Preferred 2nd Factor Contact |
QIMS - The CMS CIO, Julie Boughn, has mandated the CROWNWeb be required to use 2 Factor Authentication due to the PII and PHI data contained within the system. QIMS is being enhanced to include 2 Factor Authentication. |
Added a check box asking how the QIMS user will receive their 2nd factor credential. |
ISSO change – Required to meet CMS CIO mandate. |
14 |
3 |
Part B – CROWNWeb Roles and Scope |
While the same information is being collected, the form has been separated into a part A – QIMS Account Registration and Part B – CROWNWeb Roles and Scope Assignment. |
Part A information is entered into QIMS and Part B information is entered into CROWNWeb. |
QIMS will eventually become the QualityNet Identity Management System for all OCSQ applications; therefore, additional parts will be added to the form to address specific application needs if the new application uses roles and scope. |
15 |
3 |
CROWNWeb Roles and Scope |
Removed the capability of listing 8 facilities. Only one facility can be used per page |
Manual process - No change to CROWNWeb application |
ISSO change – ISSO wants one separate page per facility; therefore, each request will have its own manger’s authorization signature and date.
|
16 |
4 |
Instructions and Form Routing |
Data Entry |
Applicants will enter their data into the QIMS application. |
ISSO change – Data entry burden has been taken off of the SO. |
17 |
4 |
Instructions and Form Routing |
Faxing Requirement |
Manual Process – No change to the system |
ISSO change – Data entry burden has been taken off of the SO. The general user will not only enter their own data but be required to print and fax their form to the help desk. |
18 |
4 |
Instructions and Form Routing |
Mailing Requirement |
Manual Process – No change to the system. |
ISSO change – Individual forms may be mailed out regular first class ($0.44 stamp); however, when 2 or more forms are mailed out, the forms will still have to be mailed USPS certified with return receipt.
|
File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
Author | CMS |
File Modified | 0000-00-00 |
File Created | 2021-02-01 |