HHS’ Health Resources and Services Administration (HRSA) published a Federal Register notice amending Part R of their Statement of Organization, Functions and Delegations of Authority. Specifically, the notice updated the “Office of Information Technology (RB5) functional statement to better align functional responsibility, improve the management and delivery of information technology services, improve management and administrative efficiencies, and optimize use of available staff resources.
The new function statement states, in part, that,
The Chief Information Security Officer (CISO), reporting to the CIO, provides leadership for, and collaborates with, Agency staff to oversee the implementation of security and privacy policy in the management of their IT systems, and plans all activities associated with Federal Information Security Management Act (FISMA) or other agency security and privacy initiatives, and also carries out the responsibilities including: (1) Implements, coordinates, and administers security and privacy programs to protect the information resources of HRSA in compliance with legislation, Executive Orders, directives of the Office of Management and Budget (OMB), or other
mandated requirements e.g., Presidential Decision Directive 63, OMB Circular A-130, the National Security Agency, the Privacy Act, and other Federal agencies; (2) executes the Agency’s Risk Management Program, evaluates and assists with the implementation of safeguards to protect major information systems, and IT infrastructure; and (3)
manages the development, implementation, and evaluation of the HRSA information technology security and privacy training program to meet the requirements as mandated by OMB Circular A-130, the Computer Security Act, and Privacy Act.
The complete Federal Register notice is attached below.
HHS/HRSA-OIT Functional Statement-11.09.10
Leave a Reply