Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Washington Health Benefit Exchange
Exchange Board Meeting September 13, 2018
Vincent Barrailler, Chief Information OfficerBen LaBelle, Associate Director of Infrastructure Services
WA Healthplanfinder Platform Update
HBE IT Roadmap
2
Our 2020 Priorities:• Modernize HPF and supporting infrastructure• Improve customer digital experience• Continue to stabilize to prepare for growth
Quality Assurance
2020
2020
Q3 2018 Q4 2018 Q1 2019 Q2 2019 Q3 2019 Q4 2019 Q1 2020 Q2 2020 Q3 2020 Q4 2020
2018
Q2 2018Q1 2018
Q3 2018 Q4 2018 Q1 2019 Q2 2019 Q3 2019 Q4 2019 Q1 2020 Q2 2020 Q3 2020 Q4 2020
2018Q2 2018Q1 2018
2019
2019
Internal Milestone
External Milestone
Activities
Planned Projects and Milestones
HPF
External Partner Systems (ES, P-One)
Annual Open enrollment and 1095
Activities
Operational Efficiencies
Internal Systems
Supporting Ecosystem (CSA,
WMT, Edifecs, Auto Recon, eHealth,
Content Mgt, Federal Reporting)
HPF R4.1 Go Live
Go-LiveGo-Live Including Increased Carrier Integration*
V2 Automated Federal and 1095 Reports
Edifecs with Enhanced Reporting
CSA 3.0 Go Live, including WMT consolidation and P_ID Clean up ToolCSA 5.0 Go Live*
CSA 4.0 Go Live WMT 2.0 Go Live
Go Live
Go Live Go Live
Go Live
Go Live
Go Live
Mar 2016 Apr 2016 May 2016 Jun 2016 Jul 2016 Aug 2016 Sep 2016 Oct 2016 Nov 2016 Dec 2016
2016
Mar 2016 Apr 2016 May 2016 Jun 2016 Jul 2016 Aug 2016 Sep 2016 Oct 2016 Nov 2016 Dec 2016
2016
Mar 2017 Apr 2017 May 2017 Jun 2017 Jul 2017 Aug 2017 Sep 2017 Oct 2017 Nov 2017 Dec 2017
2017
Feb 2017Jan 2017
ES CD Release
Financial Management System
P-One Release
ES Release
P-One Release P-One Release
ES Release
Manual P_ID Clean up
Data Warehouse Pilot Implementation
P_ID Clean up Through Utility
Trial Eligibility / Optimization
Carrier Readiness Support
WAH Renewal Improved Process
Data Fix Reduction Initiative
P_ID Clean up Through CSA
Trial Eligibility / Optimization
1095 Readiness
P-One Release
HPF Release 3.2HPF Release 4.0
Edifecs Stabilization Edifecs Release Edifecs Release
CSA 3.0
Improve 1095 / Federal Automated Reporting
Content Management System
eHealth Release
CSA and WMT 4.0
Data Quality
Mar 2017 Apr 2017 May 2017 Jun 2017 Jul 2017 Aug 2017 Sep 2017 Oct 2017 Nov 2017 Dec 2017
2017Feb 2017Jan 2017
Budgeting, Resources and
Strategic Initiatives
Launch IT Innovations Team*
PMG Launch and Zendesk Clean up Expand CCB Responsibilities to all Systems in IT Ecosystem*
Expand Production Control to Edifecs Launch New Change Management Process
Expand Production Control to HBE Infrastructure
Standardizing SDLC Practices and Artefacts Across all Systems*
Infrastructure
Security, Privacy, Audits
Db Server Rationalization and Streamline
Network Plan
PIA Resubmission
ATC Review and Renewal IRS Internal Inspections Report
MARS-E 2.0 Compliance
App Viewer Sun Setting
CEV Backlog and Clean up
Updated Team Structure
Adobe Live Cycle UpgradeAdobe Live Cycle Version Upgrade
Draft IT Budget Including:• Deloitte contract• eHealth contract• DSHS agreement
Draft Five Year Roadmap View
OE Readiness: Benchmarks and SLAs OE Readiness: Benchmarks and SLAs
HBE – Deloitte Process ImprovementsDSHS SLA
Web CMS 2.0
IRS SSR and CAP
Security Policy ReviewSSP 1/3rd Control AssessmentIRS CAP
PIA Resubmission IRS Audit
Correspondence Release
Deloitte Contract Negotiations
HPF R4.0.1 Go LiveHPF R4.0.2 Go Live
CSA and WMT Go Live
Correspondence Release
HPF Mobile Go Live
Reporting Automation and Streamlining Initiative
Go LiveP-One Release P-One Release P-One Release P-One Release P-One Release
Go LiveES Release Go LiveES Release
Microsoft EA Agreement Active Directory Clean Up
CSA Go Live
COR Go Live
Edifecs ReleaseEdifecs Defects and 4.1 Alignment Release
Go Live
eHealth Transition
Internal Vulnerability and Risk Assessment
Go LiveES Release Go Live
WAH Renewal Fast Path Improvements
Call Center Infrastructure and Network Improvements
PMG 2.0 Implementation
Change Management 2.0 Implementation
Onboarding Improvement Project
Customer Shopping Tool ProcurementProvider Directory Procurement
CSA Go Live CSA Go Live
COR Release
CDST Implementation
Provider Directory Implementation
CDST ReleaseEdifecs Release
Edifecs R8.6
HPF Release 5.1
CSA Multiple User View Implementation
SEP Operationalization Readiness
Mobile 2.0 Launch and Responsive Web
Implement Secured Dev Life Cycle
Provider Directory Data Improvements with Carriers
OLA and SLA Documenting and Communicating
Samanage Portal Launch and Training
IT Portfolio Portal, System Services and System Ownership
Printer Contract Review
O365 Optimization
Intune MDM
HPF HW Options Assessment: Cloud vs. S-24
SCCM Client / Desktop ReportingFirewall Lifecycle Voice / Telecom Implementation
SIEM Implementation
Risk Mitigation PlanWork Station Baseline Server Baseline
Cybersecurity Plan IRS Audit Mitigation
Software Licensing AssessmentBi-Annum Budget Planning Process
Berry Dunn HPF Procurement Planning
Quality Board Re-Launch and Improved SDLC Quality Gates
New UI/UX Milestones
Centralized Patching / Config Management Plan
Internal HBE Infrastructure Hosting Plan
Risk Mitigation Plan Implementation
FY19 Contracts Review
Managed Services Implementation
HPF Release 6.0
Go Live Go LiveES Release
CSR: CSA vs. HPF Use Guidance
2020 VisionFunctionality• Nimble, able to support ever changing health care regulations and reforms• Providing recognized value add services to individuals, carrier, brokers and navigators• Continuous delivery of improved customer features and toolsTechnology• State’s most modern applications and infrastructure• Constant identification and evaluation of new technologies to incorporate into our ecosystem• Digital leader, including mobility and accessAvailability• Available to external customers 24/7 through multiple channels• HPF partial availability or queuing when partners are downFlexibility and Innovation• Helping resolve complex challenges in health care and/or State government beyond current customers and services• Reduced share of budget dedicated to maintenance and operations, increased share dedicated to innovation and
enhancements• Flexible and responsive infrastructureSecured and Trusted• Guided by comprehensive cyber security plan with supporting resources and processes• Cutting edge incident monitoring and response capabilities
Budget and Resources• Clear growth path for IT staff• Cross trained and nimble staffProcesses• Clear set of services with associated SLAs• Standardized systems and processes• Increasingly agile delivery• Robust IT and data governance• Continuous improvement as part of the organization’s DNA
Architecture and Stack• Best in class architecture supported by best in class technology stack• Consolidated IT assets and increased HPF / HBE synergies
• Increased access and ownership by HBE IT staff• Transition away from non value add, high price vendors and products
Internal Customer Support• Transparent customer channels• Automation and workflowsSecurity• Security as part of the organization’s DNA• Recognized leader in cyber security
HPF Release 4.2
P-One Release P-One Release
ES Release ES Release
FY18-19 Budget Planning Activities
BITT Project Support
Oracle Negotiations
Laptop and Desktop Modernization, Desktop Automation, Single Sign OnImproving Network Security, Including Network Enhancements and Re-Architecture, External NATS Repointing, IDS Implementation and Web Filtering
Windows 10 DeploymentSamanage Clean Up and Process Implementation
Hardware Consolidation and Reduction Re-Architect Server Environment, Cluster ImplementationPassword Tool Implementation
HCA SLA Agreement
1095 Readiness
SharePoint Improvement Project
Reporting Automation and Streamlining Initiative
1095 Processing and Handling
Post OE Lessons Learned Implementation
HPF Performance Testing Improvements
HPF ADA Compliance Improvements
Relaunching BI Committee and Governance
CSA and WMT 5.0
HPF Release 5.0
Edifecs Release
HPF Release 4.1
HPF S-24 Contract Transition
OIM Ps3 Upgrade / Release 5.2
Azure Transition
Mobile 2.1 Launch and Responsive Web
SBMI Reporting
HPF Cloud Architecting and POC
Internal Network Improvements
Close Out Surface Roll Out
BI Website
Call Center Procurement Project
Server 2016 Transition
BI Dashboards Launch
PMG 3.0
Onboarding Process Improvements
OE5 Lessons Learned and OE6 Planning
WAH Renewal Improvements
VMWare Cutover
Mobile 3.0 Launch
Go LiveES Release Go LiveES Release
P-One ReleaseP-One Release
Analytics System project
APCD Collaboration and Poster
Automation of X% of Reports
TE Automation improvements
Navigator Lead Orgs New Tools
Password Rule Simplification
Account Data Clean up
Security and IT Policy Drafting
PEBB/SEBB Assessment
Medicare Assessment
HPF Archival Strategy and Implementation
HPF Release 6.1
HPF 2025 Digital Strategy
HPF Release 5.2
HPF Agile Pilot
CSA Agile Pilot
CSA Go Live
Granicus Implementation
Call Center Improvements: CSA Integration, Security, etc.
IT and Security Five Year Plan Development
Managed Services Assessment
P-One Release P-One Release P-One Release P-One Release
Go LiveES Release Go LiveES Release
P-One Card Go Live
Mobile P One Card Go Live
R5.2.1 Go Live
Oracle Other Product Upgrades and Transition
Azure ATC and POAM Submission
HPF M&O Reprocurement
CSA Agile Releases
Assess Edifecs L-T Plan
Assess AEM L-T Plan
S-24 Prod Stabilization
WiFi and Room Upgrades
Centralized Certificate Authority
Key Initiatives
3
• HPF security suite upgrade
• Cloud transition and HPF Oracle software upgrades• Transition from waterfall system development methodology
to agile
• HPF Customer centric enhancements
• SI contract reprocurement readiness
HPF security suite upgrade
4
• HPF is integrated with Oracle security software to manage all user access, authorization and authentication
• Project Background• HPF was using an older version of the Oracle security software
which was under “extended support” and encountered a few outages in production in 2017
• This software was our biggest risk entering last year’s open enrollment period
• A DP was approved to upgrade the security software to a more recent version
• Project Scope• Upgrade Oracle security software to a newer version which will
mitigate known issues, reduce the number of different software products and modernize our capabilities
• Implement new product suite and features including password simplification
HPF security suite upgrade - Outcomes
5
▪ 75% decrease in “Password” FAQ searches
▪ Average time spent changing a password is 25 seconds (previously up to 1 minute)
▪ Average time spent creating an account decreased by 16 seconds
▪ Average time spent unlocking an account decreased by an average of 20 seconds
▪ 23% decrease in customers who forgot password
Cloud Transition
6
On and Off
Unpredictable Bursting
Growing Fast
Predictable Bursting
HPF after Migration to Azure-G
Current vs Cloud
Physical Servers Infrastructure(as a Service) (IaaS)
Current HPF
HPF Cloud migration key driving factors
Projected Cost Avoidance
• Annual cost avoidance of $950,000 - $1,200,000
• Five year cost avoidance of $4,800,00 - $6,000,000
Simplified M&O• Forces constant
modernization
• No life cycling of equipment
• Access to more computing power with out capital outlays.
Improved Security
and Compliance
No more wasting
Equipment No more HPF Equipment
Decision Packages
High level of Scalability
and Flexibility
Access to hundreds of services & solutions
Self healing
Detailed cost and spending
Improved Security and Compliance
Improved System
Visibility
Better use of Decision Packages
Disaster Recovery
IntegratedAccess to new technologies
Better tools for system stability and
monitoring
What are the other benefits of Cloud for HPF?
No growth limitations
Improved loss
prevention
Supports microservices, Simple APIs,
and automation
Constantly updated
• Cutover to Azure-G for HPF• Turn off old environment• Decommission old environment
before June 2019
HPF Live in Azure-G
Build out Servers• Setup developer tools• Setup developer access• Run validation and scans• Start the development of 6.1
Development(Phase Three)
• Build out Servers• Install and configure applications• Import production data• Run validation and scans• Deploy HPF code• Test DR cutover
Production / DR(Phase Three)
Aug-Oct 2018In Progress
Nov-Dec 2018Not Started
Jan-Mar 2019Not Started
April 2019
HPF move to Azure-G Timeline
Jan-Aug 2018Completed
Design and plan Azure HPF system. Outline migration plan for all components. Setup base Azure platform systems. Deploy updated HPF system. Test and fix security and functionality.
Architecture & POC-Proof of Concept(Phase One & Two)
• Build out Servers• Install and configure applications• Deploy test Data• Run validation and scans• Deploy HPF code
UAT / Stress / TRN(Phase Three)
Transition from waterfall system development methodology to agile
13
What is Agile?
Transition from waterfall system development methodology to agile
14
Why Agile at HBE?• Puts customer at the center of system enhancements
through iterative sprints• Increases frequency of system changes• Introduces efficiencies while streamlining workload
How?• Completed two proofs of concepts for our systems• Launching four agile scrum teams this fall• Planning to use agile for all system changes starting in April
2019
HPF Customer centric enhancements
15
• Revamped call center IVR
• Improving renewal process for WAH and QHP• Giving HPF a single look and feel, regardless of where
customer is accessing HPF from
• Mobile Application WAH enrollment card access
• Chat implementation
SI contract reprocurement readiness (1)
16
• Procurement Background• CMS requires HBE to reprocure its SI contract on a
periodic basis• HBE hired Berry Dunn to draft an RFP with us
• Procurement Goals• Right size the suite of services performed by our SI
while focusing on value• Align services to HBE process changes and to more
relevant SLAs and metrics• Identify an SI who will be focused on HPF
modernization, customer centric design and growth
SI contract reprocurement readiness (2)
17
• Procurement Timeline:• April 2019: RFP drafted• Fall 2019: RFP released• March 2020: New SI contract signed
Appendix
18
HPF Azure Migration Approach
Phase One
Planning & ArchitectCompleted
1. Fully understood and documented solution.
2. Detailed documentation for all components in HPF.
Phase Two
Proof of ConceptCompleted
1. Faster than current system.2. More secure.3. Systems are updated to
newest possible software.4. No identified show
stoppers for production.
Phase Three
HPF Full MigrationIn-Progress
1. Modular and flexible Infrastructure.
2. Performance with reduced cost.
3. Agile environment.4. Most secure in class system.5. Scalable to meet HPF user and
organizational need
HPF after Migration to Azure-G
Current vs Cloud
Physical Servers Infrastructure(as a Service) (IaaS)
Platform(as a Service) (PaaS)
Software(as a Service) (SaaS)
Current HPF
Argentina PDPA
Canadian Privacy Laws
CDSA China GB 18030
China MLPS China TRUCS CRS CSA CCM CS Mark (Gold)
DIACAP DISA
ENISA IAF EU Model Clauses
EU-U.S. Privacy Shield
FACT FDA CFR Title 21 Part
11
FedRAMP FERPA FIPS 140-2 FISC FISMA GxP
HIPAA/HITECH
IRAP (CCSL) IRS 1075 ISO/IEC 27001 ISO/IEC 27017 ISO/IEC 27018 ITAR Japan My Number Act
MARS-E MPAA MTCS
NIST 800-171 NZCC Framework
Section 508 VPATs
SOC 1 SOC 2 SOC 3 Spain ENSPCI-DSS UK G-CloudSHARED ASSESSMENTS
Industry’s Largest Compliance Portfolio