Before the Cyber Operations Center (CyOC) was created, reporting was done via manual and labor-intensive processes requiring hundreds of man-hours, impacting the Agency’s ability for timely reporting leaving the agency with the inability to identify a single point of contact to view agency compliance as a whole.
Defense Health Agency (DHA) is currently migrating Military Treatment Facilities (MTF) into a DoD JIE CSRA compliant Medical Community of Interest (Med-COI) architecture. As a precursor to accessing the new Electronic Health Record (EHR), each MTF requires an evaluation of Information Technology assets and services. MTFs must undergo an in-depth Risk Management Framework (RMF) evaluation to receive an Authorization to Operate (ATO) on the Med-COI.
The Defense Health Agency’s (DHA) Enterprise Intelligence Data Solutions (EIDS) Program Management Office (PMO) MHS Information Platform’s (MIP) enclave mission objective is to seamlessly deliver the right information to the right person at the right time to Military Health System (MHS) stakeholders and partners in a safe, effective, efficient, timely, and cost-effective manner using Amazon Web Services (AWS).
The Health IT community has embraced an accelerated progression to cloud-based services and capabilities. With this progression comes a necessary question: ”What do we do next” when addressing critical cyber activities like Continuous Monitoring (CM) and persistent Risk Management (RM) “as a Service”?