signing up for qims security official...
Post on 22-May-2018
214 Views
Preview:
TRANSCRIPT
12/29/2011
CMS’ CROWNWeb Application
Signing Up for QIMS
Security Official Training
FeaturingCROWNWeb Outreach,
Communication, and Training (OCT)
September 23, 2011
Revised on 12/29/11
Your Trainer Today
12/29/2011
2
Michelle BarryTechnical Writer
CROWNWeb Outreach, Communication, and Training (OCT) Contract
FMQAI – ESRD Network 7
12/29/2011
What is QIMS?
QIMS: QualityNet Identity Management System
Supports multiple CMS applications (not just CROWNWeb)
Streamlines the account application and approval process
12/29/2011
4
How is QIMS Structured
QIMS is based on a hierarchy of roles:
Security Official (SO) – Top level of authority for QIMS – Confirms and manages user identification and activation.
End User Manager (EUM) – First level of authority for QIMS – Confirms and manages what users can do.
End Users – General system users
12/29/2011
5
Role Details
Security Officials (SO) will:o Performs in-person identity proofing for applicants.
o Verify users’ Security Awareness Training completion.
o Activate users’ accounts.
o Submit Part A of QIMS Forms to QualityNet Help Desk.
o Maintain End User accounts (locked accounts, forgotten passwords, etc.).
End User Managers can:o Conduct first-level approval of account requests.
o Approves or rejects End Users’ QIMS account requests.12/29/2011
6
12/29/2011
Key Account Rules
The QIMS system contains certain rules and policies that users must adhere to:
Security Officials will automatically receive two QIMS user IDs (one to manage users’ requests; one for their own QIMS and CROWNWeb system access)
End User Managers will receive one QIMS user ID to approve QIMS applications and access CROWNWeb.
The SO and EUM cannot be the same person for a user.
12/29/2011
9
12/29/2011
Printing the QIMS Form
When you click the SUBMIT button, the QIMS Account Form displays.
Click the PRINT button in your browser to print a copy of this form. You mustclick PRINT here, as the form cannot be retrieved if you exit without printing.
12/29/2011
52
QIMS Account Form - Part B
SOs must go to www.QualityNet.org, and print a copy of the CROWNWeb Part B form to indicate their CROWNWeb roles and scope.
M
12/29/2011
53
Completing the Form
Complete the QIMS Part A and CROWNWeb Part B forms that you printed.
NOTE: If you are applying for the role of Security Official (SO), you must have Part A of the QIMS Account Form notarized before mailing it to the QualityNet Help Desk.
12/29/2011
54
Security Training
All users must have completed CMS Security Training in the past year. Users who have not completed the training must take the course located here:
http://iase.disa.mil/eta/iss_icv5/launchpage.htm
Once the training is complete, print the certificate of completion retain a copy for your records.
12/29/2011
55
Mail Paperwork
Once Part A of the form is complete, the initial Security Official must mail that form along with the CROWNWeb Part B form and a copy of the SAT certificate of completion to the QualityNet Help Desk.
Mail the ORIGINAL forms to the QualityNet Help Desk at the following address:
QualityNet Help Desk 1401 50th Street, Suite 200 West Des Moines, IA 50266
12/29/2011
56
Activation and E-Mail
Once an account is activated, End User Managers and regular End Users will receive two e-mails as follows:
One email containing their QIMS User ID.
One email containing a temporary QIMS Password.
Users must remember to change their QIMS passwords every 60 days to avoid locked QIMS accounts.
12/29/2011
57
First Log In
Upon first login, users must:
Change the temporary password issued to them.
When prompted, answer at least SIX of the TEN security questions.
Once users have completed these tasks, they will have access to the applications requested.
12/29/2011
58
12/29/2011
Account Sign-Up FAQs
When signing up for accounts in QIMS:
Users must print their QIMS form from the browser immediately when it displays. There is no retrieval after a user exits the screen.
Users will receive their Account ID and Password e-mails only after the SO approves their account in QIMS.
All users must take annual CMS Security Training - The SO verifies training completion for all supervised Users.
Users must print the Training Completion certificate and provide a copy to their SO.
12/29/2011
60
Account Sign-Up FAQs - 2
When signing up for accounts in QIMS:
EUMs and SOs do not need to be local to a user’s facility –Forms that are not validated in person must be notarized and sent to the EUM.
Home Phone and Cell Phone can be the same number during QIMS TFA registration.
Part A of the QIMS Form must be received by the Help Desk within 30 days of SO Activation in QIMS or the account will be deactivated.
12/29/2011
61
Account Sign-Up FAQs - 3
When signing up for accounts in QIMS:
Security Officials can use USPS, FedEx, UPS, or any other postal provider.
Users who do not have a middle name should enter NMN in the Middle Name field (a required field).
SOs will automatically be given a second QIMS user ID to manage their own QIMS account and to perform work in CROWNWeb if a CROWNWeb role is indicated on the CROWNWeb Part B form.
12/29/2011
62
Account Management FAQs
When managing accounts in QIMS:
Disabled accounts must be re-enabled via a support ticket logged with the QualityNet Help Desk.
Locked accounts occur when a user enters a password incorrectly too many times, or when security questions are not correctly answered.
Disabled accounts are accounts with revoked access.
SOs and EUMs can disable users under their supervision. The QualityNet Help Desk can also disable users for “Paperwork Not Received” or other security reasons.
12/29/2011
63
QIMS Role FAQs
When working with Roles in QIMS:
SOs and EUMs cannot be the same individual for a user.
When facilities are not large enough to support one SO and one EUM, an ESRD Network or CMS-level SO/EUM can serve in that role for that facility.
Individual SOs and EUMs can cover multiple facilities across multiple ESRD Networks.
12/29/2011
64
QIMS Facilities FAQs
When working with Facilities in QIMS:
Businesses that change their names or that close must follow the CMS notification process to have their record altered in QIMS.
SOs can change the information for their business in QIMS directly.
12/29/2011
65
QIMS Login FAQs
When Logging In to QIMS:
The SO role is considered to be an “elevated” role in QIMS – SOs will be required to complete the Two-Factor Authentication (TFA) screen when logging in.
Click the “Trust this Computer” check box to bypass QIMS TFA authentication for one user on one computerfor 12 hours.
TFA PIN codes are good for 10 minutes. After 10 minutes, the code expires and another code must be requested.
12/29/2011
66
Questions
12/29/2011
67
Thanks!
For Further Information…
Email: CRAFT@projectcrownweb.orgQualityNet Help Desk: 1-866-288-8912Website: http://www.projectcrownweb.org
This material was prepared by FMQAI, the CROWNWeb Outreach, Communication, and Training contractor, under contract with the Centers for Medicare & Medicaid Services (CMS), an agency of the U.S. Department of Health and Human Services. The contents presented do not necessarily reflect CMS policy. OCT contract # HHSM-500-2010-00261G. Publication Number: FL-ESRD-2011OTCT3-9-12450
12/29/2011
68
top related