what is required by the va in order to ensure you are covered under the federal tort claims act?

Attention A T users. To access the menus on this page please perform the post-obit steps. one. Please switch machine forms style to off. ii. Hit enter to expand a main bill of fare option (Wellness, Benefits, etc). 3. To enter and actuate the submenu links, hit the down pointer. You will now exist able to tab or arrow up or down through the submenu options to admission/activate the submenu links.

VA Technical Reference Model v 22.three

Claims Administration and Management System (eCAMS) HealthBeat

1. General
2. Decision
3. Reference
4. Component
5. Category
6. Assay

Technologies must exist operated and maintained in accordance with Federal and Section security and privacy policies and guidelines. More information on the proper employ of the TRM can be institute on the TRM Proper Use Tab/Section.

Website:	Go to site
Clarification:	The eCAMS HealthBeat is a business activity monitoring framework which uses automation to excerpt, analyze, and study data from multiple business systems. Through routine monitoring of business processes this applied science has the capability to access nearly current workload and organisation performance information. Additionally, this technology has the ability to piece of work with other Claims Assistants and Management Organization products, such as the eCAMS Health Intendance Engine (HCE) and eCAMS RuleIT. Information collected by this software is stored in an Oracle database.
Engineering/Standard Usage Requirements:	Users must ensure their use of this technology/standard is consequent with VA policies and standards, including, but non limited to, VA Handbooks 6102 and 6500; VA Directives 6004, 6513, and 6517; and National Institute of Standards and Technology (NIST) standards, including Federal Information Processing Standards (FIPS). Users must ensure sensitive data is properly protected in compliance with all VA regulations. Prior to employ of this technology, users should bank check with their supervisor, Information Security Officer (ISO), Facility Master Information Officer (CIO), or local Office of Information and Engineering (OI&T) representative to ensure that all deportment are consistent with current VA policies and procedures prior to implementation.
Department 508 Information:	This engineering has non been assessed past the Section 508 Office. The Implementer of this engineering has the responsibility to ensure the version deployed is 508-compliant. Department 508 compliance may exist reviewed past the Department 508 Office and appropriate remedial action required if necessary. For boosted information or assistance regarding Section 508, please contact the Department 508 Part at Section508@va.gov.
Decision:	View Decisions
Determination Source:	TRM Mgmt Grouping
Decision Procedure:	One-VA TRM v20.4
Decision Engagement:	04/23/2020
Introduced By:	TRM Request
Vendor Name:	CNSI

The Vendor Release table provides the known releases for the TRM Technology, obtained from the vendor (or from the release source).

Version	Release Date	Vendor End of Life Date	Vendor Desupport Appointment
4.x	06/thirty/2017

Users must ensure their use of this engineering/standard is consistent with VA policies and standards, including, just non limited to, VA Handbooks 6102 and 6500; VA Directives 6004, 6513, and 6517; and National Establish of Standards and Technology (NIST) standards, including Federal Information Processing Standards (FIPS). Users must ensure sensitive information is properly protected in compliance with all VA regulations. Prior to employ of this applied science, users should check with their supervisor, Information Security Officer (ISO), Facility Chief Data Officer (CIO), or local Office of Information and Engineering science (OI&T) representative to ensure that all deportment are consistent with current VA policies and procedures prior to implementation.

The VA Conclusion Matrix displays the current and hereafter VA Information technology position regarding unlike releases of a TRM entry. These decisions are based upon the all-time data available every bit of the most current date. The consumer of this data has the responsibility to consult the organizations responsible for the desktop, testing, and/or product environments to ensure that the target version of the technology volition be supported. Any major.modest version that is non listed in the VA Conclusion Matrix is considered unapproved for apply.

Legend:

White Approved: The engineering science/standard has been approved for use. Yellow Approved westward/Constraints: The technology/standard can be used inside the specified constraints located below the decision matrix in the footnote[1] and on the General tab. Gray Unapproved: This technology or standard tin be used only if a POA&M review is conducted and signed by the Authorizing Official Designated Representative (AODR) every bit designated past the Authorizing Official (AO) or designee and based upon a recommendation from the POA&M Compliance Enforcement, has been granted to the project squad or system that wishes to use the technology. Orangish Divest: VA has decided to divest itself on the use of the technology/standard. As a result, all projects currently utilizing the applied science/standard must plan to eliminate their use of the engineering science/standard. Additional information on when the entry is projected to become unapproved may exist found on the Determination tab for the specific entry. Blackness Prohibited: The engineering/standard is not (currently) permitted to exist used under any circumstances. Blue Planning/Evaluation Constraint:The period of fourth dimension this engineering is currently being evaluated, reviewed, and tested in controlled environments. Use of this applied science is strictly controlled and not bachelor for use within the general population. If a customer would like to utilize this technology, please piece of work with your local or Regional OI&T office and contact the appropriate evaluation office displayed in the notes beneath the conclusion matrix. The Local or Regional OI&T office should submit an inquiry to the TRM if they require further assistance or if the evaluating role is not listed in the notes below.

Release/Version Information:

VA decisions for specific versions may include a '.x' wildcard, which denotes a decision that pertains to a range of multiple versions.

For case, a technology approved with a decision for 7.x would cover whatsoever version of vii.(Annihilation) - seven.(Annihilation). However, a 7.iv.10 decision would cover any version of vii.iv.(Anything), but would not encompass any version of seven.5.x or 7.6.x on the TRM.

VA decisions for specific versions may include '+' symbols; which denotes that the decision for the version specified as well includes versions greater than what is specified only is non to exceed or affect previous decimal places.

For instance, a technology approved with a decision for 12.six.4+ would comprehend any version that is greater than 12.6.4, but would non exceed the .vi decimal ie: 12.half dozen.401 is ok, 12.half dozen.five is ok, 12.six.nine is ok, however 12.7.0 or xiii.0 is non.

<By	CY2021				CY2022				CY2023				Future>
Release	Q1	Q2	Q3	Q4	Q1	Q2	Q3	Q4	Q1	Q2	Q3	Q4
4.10	Approved due west/Constraints [2, iv, 5, 6]	Canonical w/Constraints [2, four, five, six]	Approved w/Constraints [2, iv, 5, 6]	Approved w/Constraints [two, 4, 5, 6]	Approved w/Constraints [two, 4, 5, 6]	Approved w/Constraints [two, 4, v, six]	Canonical w/Constraints [ii, 4, five, 6]	Approved due west/Constraints [2, 4, v, 6]	Approved w/Constraints [two, 4, 5, 6]	Approved westward/Constraints [ii, iv, 5, 6]	Approved w/Constraints [2, iv, v, half dozen]	Approved w/Constraints [2, 4, 5, vi]
	Decision Constraints [1] Veterans Affairs (VA) users must ensure VA sensitive information is properly protected in compliance with all VA regulations. All instances of deployment using this technology should exist reviewed by the local ISO (Information Security Officer) to ensure compliance with VA Handbook 6500. [2] Technology must remain patched and operated in accordance with Federal and Department security policies and guidelines in order to mitigate known and future security vulnerabilities. [3] Per the May fifth, 2015 memorandum from the VA Primary Information Security Officer (CISO) FIPS 140-2 Validate Full Disk Encryption (FOE) for Information at Remainder in Database Management Systems (DBMS) and in accord with Federal requirements and VA policy, database management must employ Federal Information Processing Standards (FIPS) 140-ii compliant encryption to protect the confidentiality and integrity of VA data at rest at the application level. If FIPS 140-2 encryption at the application level is not technically possible, FIPS 140-2 compliant full disk encryption (FOE) must be implemented on the hard drive where the DBMS resides. Appropriate admission enforcement and physical security control must besides exist implemented. All instances of deployment using this engineering science should be reviewed to ensure compliance with VA Handbook 6500 and National Institute of Standards and Engineering (NIST) standards. It is the responsibility of the system owner to work with the local CIO (or designee) and Information Security Officer (ISO) to ensure that a compliant DBMS engineering science is selected and that if needed, mitigating controls are in place and documented in a System Security Plan (SSP). [4] Users must ensure that Oracle Database is implemented with VA-approved baselines. (refer to the 'Category' tab nether 'Runtime Dependencies') [five] Per the May 5th, 2015 memorandum from the VA Chief Information Security Officer (CISO) FIPS 140-two Validate Full Deejay Encryption (FOE) for Data at Remainder in Database Management Systems (DBMS) and in accordance with Federal requirements and VA policy, database management must use Federal Information Processing Standards (FIPS) 140-two compliant encryption to protect the confidentiality and integrity of VA information at rest at the application level. If FIPS 140-ii encryption at the application level is not technically possible, FIPS 140-2 compliant full disk encryption (FOE) must be implemented on the hard bulldoze where the DBMS resides. Advisable access enforcement and concrete security command must also be implemented. All instances of deployment using this technology should be reviewed to ensure compliance with VA Handbook 6500 and National Plant of Standards and Technology (NIST) standards. It is the responsibleness of the system owner to piece of work with the local CIO (or designee) and Data Security Officeholder (ISO) to ensure that a compliant DBMS technology is selected and that if needed, mitigating controls are in place and documented in a System Security Plan (SSP). [6] Veterans Affairs (VA) users must ensure VA sensitive information is properly protected in compliance with all VA regulations. All instances of deployment using this technology should be reviewed by the local ISO (Information Security Officer) to ensure compliance with VA Handbook 6500.
Annotation:	At the time of writing, the most current version is 4.0 released in June 2017.

The following reference(s) are associated with this entry:

Type	Name	Source	Clarification
There are no references identified for this entry.

Note: This list may non be consummate. No component, listed or unlisted, may be used outside of the technology in which information technology is released. The usage determination for a component is found in the Decision and Decision Constraints.

Name	Description
No components have been identified for this entry.

• Red Hat Enterprise Linux (RHEL) - Approved west/Constraints
• Windows Server - Approved w/Constraints

Adoption Benefits

• This is a mature technology.

• This applied science provides an enterprise view based on federal standards, such as the Eye for Medicare and Medicaid Services Medicaid Information technology Architecture (CMS MITA) initiative.

• This technology uses workflow-based analytics to provide feedback on potential bottlenecks and business functioning issues.

• This technology provides an interface to Maintenance Management Data System (MMIS) and other systems for gathering and compiling data, which may allow for real-time access to workload and system performance data.

• At the time of writing, no National Found of Standards and Technology (NIST) vulnerabilities had been reported and no VA Network Security Operations Center (NSOC) bulletins had been issued for the latest versions of this engineering.

Adoption Risks

• System scans signal that this applied science is no longer in use within the VA network.

• This technology can integrate with and change database technologies.

• This technology has the potential to collect, store, or transmit Personally Identifiable Information (PII), Protected Health Data (PHI), or other sensitive VA data.

• Due to the rapid release schedule of this engineering, the VA may be unable to update to the most recent patch and may require a deployment model requiring the employ of specific versions.

Architectural Benefits

• This engineering is portable to multiple operating systems.

• This technology can use a VA-preferred database.

- The information contained on this page is authentic as of the Determination Date (04/23/2020).

kivireaterem2002.blogspot.com

Source: https://www.oit.va.gov/Services/TRM/ToolPage.aspx?tid=11708

Bagikan Artikel ini