Security, Innovation, and IT Operations (SIO) - Request For Information

Background
The Centers for Medicare & Medicaid Services (CMS) is a federal agency within the Department of Health and Human Services (HHS) responsible for administering key healthcare programs, including Medicare, Medicaid, CHIP, and the Health Insurance Marketplace.

The Center for Clinical Standards and Quality (CCSQ) plays a critical role in ensuring the quality and safety of care delivered to millions of beneficiaries. As the healthcare ecosystem shifts toward greater interoperability and real-time data exchange, CCSQ’s mission increasingly depends on modern, efficient, secure, and standards-based technical infrastructure.

CMS/CCSQ is proactively reviewing all contracts for embedded IT components to optimize and reduce the cost of IT services. This initiative includes a comprehensive scan of current contracts, identification and management of corrective actions, targeted communications, process refinement, and an educational campaign to prevent future occurrences. CMS anticipates needing architectural, security, and project management support as part of this effort.

Work Details
The contractor will provide support to address challenges in maintaining architectural coherence, security, and system-wide alignment. Specific tasks include:
1. Provide architectural leadership to support federal decision-making informed by existing services and tools related to FHIR and healthcare data interoperability;
2. Facilitate governance review boards and prepare for governance-related activities;
3. Offer Release Train Engineering (RTE) support to coordinate delivery planning across programs;
4. Deliver security operations and risk management services for system hardening and incident response;
5. Conduct independent architecture analysis with recommendations on standards adoption, AI integration, data exchange, and platform scalability;
6. Perform technology scanning and applied research to keep CMS updated on innovations in healthcare IT;
7. Coordinate communication with stakeholders including targeted outreach regarding system updates;
8. Develop Robotic Process Automation (RPA) solutions for recurring workflows;
9. Ensure compliance with PRA requirements for data collection changes;
10. Implement strategic intake processes and budget visibility tools for better prioritization and cost tracking across CCSQ's IT landscape.

Place of Performance
The contract work will primarily take place within CMS facilities or remotely as required by project needs.