Firmware and Supply Chain Requirements in the Latest CMS Acceptable Risk Safeguards (ARS)

The Centers for Medicare & Medicaid Services (CMS) is a critical part of the U.S. Department of Health and Human Services (HHS) and is responsible for the personally identifiable information (PII) of more than 140 million Americans.  Naturally, the CMS needs to ensure that sensitive data stays protected even as it is shared across countless CMS contractors and subcontractors. To this end, the agency has established the Acceptable Risk Safeguards (ARS), which explicitly defines the minimum security controls required for …

amp centers cms critical data department department of health and human services firmware health hhs human information latest medicaid medicare personally identifiable information pii requirements responsible risk safeguards sensitive sensitive data services supply supply chain