While some agencies scrambled to scale up their IT infrastructure as mandatory telework became the new normal — at least for a few months — the Centers for Medicare and Medicaid Services haven’t let the coronavirus pandemic slow down momentum on IT modernization.
As part of that modernization agenda, the agency’s Office of Information Technology will hold an “upskilling summit” Wednesday to encourage employees to take courses in human-centered design, product management, cloud technology and cybersecurity.
CMS Chief Information Officer Rajiv Uppal, a former digital services expert at the U.S. Digital Service, said the upskilling summit aims to build a workforce of “continuous learners.”
“We want to make sure that we are providing all of our staff with not just the training, but a support system where people are encouraged to actually go and seek these new skills. Because in the end, if we as an organization are going to be successful, we need to have a culture where people feel that they can go and try things,” Uppal said Tuesday in a virtual ACT-IAC meeting.
Insight by LookingGlass: Federal technology experts provide insight into how agencies are approaching cybersecurity in the new virtual climate in this exclusive executive briefing.
That culture of letting employees try new things has also played a significant role for the agency during the pandemic. With the workforce out on mandatory telework, Uppal said employees felt encouraged to test out the right videoconferencing platforms that worked best for them, and not just the one they had used before the pandemic.
While human-centered design remains a key tenet for USDS, Uppal said that perspective has gained “significant critical mass” within CMS. That approach, he added, has helped overhaul the way CMS OIT handles its internal and external customers.
Uppal said building a culture of good customer experience begins with internal CMS customers and then spreads to how OIT carries out its mission to the public.
“It’s a learned behavior, and I’m trying to encourage that no matter who your customer is, you need to take care of your customer,” Uppal said.
As part of that approach, OIT has looked at ways to improve some of the pain points in employees’ workday. Uppal said his office, for example, has stood up tool within the CMS ecosystem that monitors the health of CMS laptops, and can track how long it takes for the computer to boot up.
If an agency laptop takes several minutes to boot up, or an employee notices latency issues when checking their email, Uppal said OIT should take “proactive action” to address the problem.
“Instead of us expecting our folks to come and say, ‘Hey, I’m having this issue with my laptop,’ we are trying to turn it around, where we are monitoring how people’s laptops are doing, and when we notice something, we actively go out and tell our users or our customers, ‘I think your laptop is having some issues,’” he said.
As another internal improvement, OIT has overhauled the way its Technology Review Board operates. Rather than have officials seek approval for major IT system changes, Uppal said the board now offers “one-on-one consultations.”
“We’ll set up a time with all the folks who are building systems and go and listen to what they’re doing and offer ways in which you know, we as a [Technology Review Board] can help — the concept being, how do we enable people, as opposed to just using the compliance stick? That’s sort of been our mantra, we do more enabling than anything else,” he said.
That same mentality carries over to external customers as well. Uppal said OIT has developed a “minimum viable product” for a governance orchestration system that would allow vendors working with CMS to build systems to interact with the system to determine what the needs are.
Those steps would make it easier for vendors to understand what’s needed for an authority to operate (ATO) and ensure 508 compliance for employees with disabilities.
“Our goal is, as a system developer, you should know upfront what are the things that I need to do across the lifecycle? How many times do I need to meet with the TRB [and] what exactly do I need to submit to the TRB? What do I need to get 508 [compliance]? Does it take a couple of days to get 508 compliance, or does it take two or three weeks? I need to have some idea so I can plan,” Uppal said.
CMS has a backlog of about 60 systems in the pipeline of moving to the cloud, but Uppal said OIT has spent time working with the teams behind each system to build a baseline understanding of cloud computing.
“When there’s a team that says I’d like to move my system to the cloud, we need to figure out where is the knowledge level of the team. Do they understand what the cloud is? What kind of migration are they talking about? Is it just a lift-and-shift? Or is there some re-architecture also?” Uppal said. “We have been working for quite a while to build that team, so as people come to us with the ask of, ‘We’d like to move our system to the cloud,’ that we don’t just say ‘Well, here’s a [virtual private cloud], just go do it,’ but actually surround them with the help that they need so they are successful.”