HHS hones in on IT priorities

Workforce, cybersecurity, shared services, interoperability and cost efficiencies are the top strategic areas for the Department of Health and Human Services' CIO.

Beth Killoran, who also holds the HHS title of deputy assistant secretary for information technology, said the agency and its operating divisions are continuing to execute on the agencywide IT plan, even in the waning days of the Obama administration.

Killoran has been the top IT manager at HHS since July. Before that, the agency had been without a permanent CIO since Frank Baitman stepped down in November 2015.

Those five strategic areas, she said in remarks at an Oct. 6 industry day hosted by FCW's sister publication Washington Technology, are at the core of how her agency should use IT across diverse operations from disease research and food inspection to health insurance systems.

"Workforce is a challenge," Killoran told an audience dominated by federal contractors. "We need skillful people, just like everyone, from cyber security, to program management, and architectural engineers." She noted the chronic shortage of such employees, saying, "If we can't find them, we'll look to contracts for support."

Killoran also stressed that cybersecurity and privacy protection were a crucial part of HHS' job.

"We have far more data about individuals, which makes us a number one target for bad actors," she said. "We have an obligation to protect data." HHS spent $20 million on new contracts to support cybersecurity in fiscal 2016, as well continuing programs like DHS' Einstein protections.

The agency is also moving on other cybersecurity fronts. On Oct. 4, it awarded $350,000 to strengthen health care and public health sector cybersecurity response through the National Health Information Sharing and Analysis Center, in Ormond Beach, Fla. The NH-ISAC, said the agency in an Oct. 4 statement, will provide cybersecurity information and education on cyber threats to healthcare sector stakeholders.

Although Killoran said HHS has a relatively large $12 billion IT budget, CMS accounts for fully $7 billion, leaving $5 billion for the agency's other myriad internal IT operations.

Shared services are critical for HHS, Killoran said.  Usage  is driven not only by the need to get the most out of the IT budget, but they can also help fulfill spending and efficiency mandates under the Federal IT Acquisition Reform Act.

Systems interoperability is also a critical factor for HHS, which has a growing mobile interface with the public for its services, she said. If a legacy system is too archaic to adapt, she suggested, it is probably time to rethink it.

However, "legacy" status doesn't necessarily mean a system is automatically suspect, she said. While her agency is winnowing down aging systems that take up too many resources or are ineffective, "legacy can be fine," she said, but 'It has to be secure and supported" adequately without being a burden.