STRATEGIC PLAN - ASPE - U.S. Department of Health and Human ...

Appendix d: information technologyThe transformation of how technologicaland data access work is performed inthe Department is due in part to rapidchanges in computer technology. Thetechnology industry has evolved fromword processors to microprocessors,from collecting data to warehousingdata, and from information managementto knowledge management. In orderto leverage these advances, HHS’sbusiness model must be supported byits technical model. Both must becomefully synchronized to realize the strategicgoals and objectives of HHS.Over the past several years, each HHS division hasdeveloped its own means and methods of dealingwith computer technology, resulting in a network ofseparate systems that have limited capacity to interactwith each other in a seamless fashion. HHS has nowimplemented an Enterprise Architecture program thataddresses planning from an enterprise perspectiveto ensure that the allocation of resources is alignedwith the effort to realize the HHS strategic goals andobjectives. Within this enterprise planning activity,information resources and technology are not onlyaligned in support of the HHS strategies, but also focuson the facilitation of interoperability, data sharing,and overall efficiency and effectiveness across theDepartment and with HHS’s external partners.This appendix offers a broad overview of the initiativesthat the Department is currently undertaking, andsome of the innovations and trends that are planned.InitiativesTwo basic pieces of legislation have framed how theFederal Government operates and provides servicesto the public. The first is the E-Government Act of2002 (Public Law 107-347), which seeks to enhancemanagement and promotion of business throughthe Internet, reduce a paper-based environment, andincrease citizen services and access to Governmentinformation. The second piece of legislation is theFederal Information Security Management Act of2002 (Public Law 107-347), which provides for acomprehensive framework to ensure that access toinformation is kept safe and secure.This legislation creates a trend in the Governmentthat requires a higher level of attention to securitythan ever before. The drive for greater efficiency ininformation technology spending, combined with anever-increasing need to share networks, services andsupport, and information, has resulted in both placingmore business transactions online and creating a needfor increased attention on the Department’s security.Secure One HHSOn the basis of the best practices of the GovernmentAccountability Office and the standards and guidanceprovided by the National Institute of Standards andTechnology, HHS has set up an overarching informationtechnology security program called Secure One HHS. Theemphasis of Secure One is to create strong governancewith clearly defined roles, responsibilities, and securityexpertise. Established at the headquarters level, SecureOne seeks to achieve a consistent security baselineacross operating divisions by supporting universalinformation technology security requirements. TheSecure One program is driven by close coordination andcollaboration with each operating division to ensure thatany needs and expectations are identified and addressed.InfrastructureCost-effectiveness in technology representsresponsible stewardship over taxpayer dollars as wellas responsible and effective management of humanresources. Over the years, as divisions developed theirHHS Strategic Plan FY 2007-2012169