State Health Insurance Exchange Security Incident Report

ICR 201308-0938-026

OMB: 0938-1216

Federal Form Document

Forms and Documents
Document
Name
Status
Form and Instruction
 New
Supplementary Document
2013-08-27
Supporting Statement A
2013-08-27
IC Document Collections
IC ID
Document
Title
Status
208397 New
ICR Details
0938-1216 201308-0938-026
Historical Active
HHS/CMS 20421
State Health Insurance Exchange Security Incident Report
New collection (Request for a new OMB Control Number)   No
Emergency 09/15/2013
Approved without change 09/30/2013
Retrieve Notice of Action (NOA) 08/27/2013
  Inventory as of this Action Requested Previously Approved
03/31/2014 6 Months From Approved
936 0 0
234 0 0
0 0 0
As part of the privacy and security oversight of State Health Insurance Exchanges the States will be required to report security incidents include breaches of personally identifiable information (PII). This reporting will be made by completing and electronically submitting the State Health Insurance Exchange Security Incident Report (Incident Report), or providing identical information telephonically.
The Centers for Medicare & Medicaid Services (CMS) is requesting that an information collection request for State Health Insurance Exchange Security Incident Reporting to be processed under the emergency clearance process associated with Paperwork Reduction Act of 1995 (PRA), specifically 5 CFR 1320.13(a)(2)(i). Public harm is reasonably likely to occur ifthe normal, non-emergency -clearance procedures are fo llowed. The approval of this data collection process is essential to ensuring that Information Security (IS) incidents, which also include Personally Identifiable Information (PII) and Protected Health Information (PHI), are captured within the specified timeframe. In absence of this change, a significant number of incidents will not be detected; therefore causing harm and potential risk to the public's identity with identity fraud . Additionally, in accordance with 5 CFR 1320 13 (a)(2)(iii), a statutory implementation date of the Affordable Care Act, which is October 1, 2013 , will be missed, ifthe normal clearance procedures are followed. Incidents could potentially occur on this statutory date; therefore, the reporting capability must be in place for States to inform CMS should an incident occur during this time.
PL: Pub.L. 111 - 148 Title1 Name of Law: Affordable Care Act
  
PL: Pub.L. 111 - 148 Title 1 Name of Law: Affordable Care Act
Not associated with rulemaking
  78 FR 51729 08/21/2013
78 FR 51729 08/21/2013
No
1
IC Title Form No. Form Name
Incident Reporting CMS-10496 STATE HEALTH INSURANCE EXCHANGE SECURITY INCIDENT REPORT
  Total Approved Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 936 0 936 0 0 0
Annual Time Burden (Hours) 234 0 234 0 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
No
No
This is a new information collection request.
$502
No
No
Yes
No
No
Uncollected
William Parham 4107864669
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
08/27/2013
© 2024 OMB.report | Privacy Policy