[Federal Register Volume 73, Number 102 (Tuesday, May 27, 2008)]
[Notices]
[Pages 30406-30408]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-11800]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Health Resources and Services Administration


Statement of Organization, Functions and Delegations of Authority

    This notice amends Part R of the Statement of Organization, 
Functions and Delegations of Authority of the Department of Health and 
Human Services (HHS), Health Resources and Services Administration 
(HRSA) (60 FR 56605, as amended November 6, 1995; as last amended at 73 
FR 22961-22964 dated April 28, 2008).
    This notice reflects organizational changes in the Health Resources 
and Services Administration. Specifically, this notice updates the 
functional statement for the Office of Information Technology (RAG).

Chapter RA--Office of the Administrator

Section RA-10, Organization

    The Office of the Administrator (RA) is headed by the 
Administrator, Health Resources and Services Administration, who 
reports directly to the Secretary. The OA includes the following 
components:
    (1) Immediate Office of the Administrator (RA);
    (2) Office of Equal Opportunity and Civil Rights (RA2);
    (3) Office of Planning and Evaluation (RA5);
    (4) Office of Communications (RA6);
    (5) Office of Minority Health and Health Disparities (RA9);
    (6) Office of Legislation (RAE);
    (7) Office of Information Technology (RAG);
    (8) Office of International Health Affairs (RAH); and
    (9) Office of Management (RAM).

Section RAG-20, Functions

    Delete the current functional statement for the Office of 
Information

[[Page 30407]]

Technology (RAG) in its entirety and replace with the following:

Office of Information Technology (RAG)

    The Chief Information Officer (CIO) is responsible for the 
organization, management, and administrative functions necessary to 
carry out the responsibilities of the CIO including: organizational 
development, investment control, budget formulation and execution, 
policy development, strategic and tactical planning, and performance 
monitoring. The CIO provides leadership in the development, review and 
implementation of policies and procedures to promote improved 
information technology management capabilities and best practices 
throughout HRSA. The OCIO coordinates IT workforce issues and works 
closely with the departmental Office of Human Resources Management on 
IT recruitment and training issues.
    The Chief Technology Officer (CTO), reporting to the CIO, is 
responsible for the HRSA emerging and advanced technology integration 
program consistent with HRSA missions and program objectives. The CTO 
manages technology planning and is responsible for coordinating the 
Agency's Enterprise Architecture (EA) efforts with the capital planning 
process, ensuring the suitability and consistency of technology 
investments with HRSA's EA and strategic objectives, and incorporating 
security standards as a component of the EA process. The CTO provides 
leadership for strategic planning that leverages information systems 
security, program strategies, and advanced technology integration to 
achieve program objectives through innovative technology use. The CTO 
also provides leadership and establishes policy to address legislative 
or regulatory requirements, such as Section 508 of the Rehabilitation 
Act, and provides oversight for Agency IT configuration management and 
control.
    The Chief Information Security Officer (CISO), reporting to the 
CIO, provides leadership for, and collaborates with, Agency staff to 
oversee the implementation of security and privacy policy in the 
management of their IT systems, and plans all activities associated 
with the Federal Information Security Management Act (FISMA) or other 
agency security and privacy initiatives.
    The CISO implements, coordinates, and administers security and 
privacy programs to protect the information resources of HRSA in 
compliance with legislation, Executive Orders, directives of the Office 
of Management and Budget (OMB), or other mandated requirements e.g., 
Presidential Decision Directive 63, OMB Circular A-130, the National 
Security Agency, the Privacy Act, and other Federal agencies. Further, 
the CISO is responsible for the execution of the Agency's Risk 
Management Program, and evaluates and assists with the implementation 
of safeguards to protect major information systems, and IT 
infrastructure. In close coordination with the Division of IT 
Operations and Customer Service, develops and implements HRSA level 
policies, procedures, guidelines, and standards for the incorporation 
of intrusion detection systems, vulnerability scanning, forensic and 
other security tools used to monitor automated systems and subsystems 
to safeguard HRSA's electronic information and data assets. The CISO 
manages the development, implementation, and evaluation of the HRSA 
information technology security and privacy training program to meet 
the requirements as mandated by OMB Circular A-130, the Computer 
Security Act, and Privacy Act.

Division of Business Information Management (RAG1)

    The Division of Business Information Management (DBIM), provides 
consultation, assistance, and services to HRSA to promote and manage 
information dissemination and collaboration practices using appropriate 
electronic media. DBIM evaluates and integrates emerging technology to 
facilitate the translation of data and information from data 
repositories into electronic formats for internal and external 
dissemination. In collaboration with the Office of Communications, DBIM 
is responsible for the design, deployment, and maintenance of HRSA's 
Internet and Intranet Web sites including development and 
implementation of related policies and procedures. DBIM develops and 
maintains an overall data and information management strategy for HRSA 
that is integrated with HHS and Government-wide strategies. DBIM 
identifies information needs across HRSA and develops approaches for 
meeting those needs using appropriate technologies including 
development and maintenance of an enterprise reporting platform. DBIM 
provides for data quality and ensures that data required for enterprise 
information requirements are captured in appropriate enterprise 
applications and that necessary data repositories are built and 
maintained. DBIM enhances and expands use and utility of HRSA's data by 
providing basic analytic and user support; develops and maintains a 
range of information products for internal and external users; and 
demonstrates potential uses of information in supporting management 
decisions. DBIM provides leadership and establishes policy to address 
legislative or regulatory requirements in its areas of responsibility.

Division of Capital Planning and Project Management (RAG2)

    The Division of Capital Planning and Project Management (DCPPM) 
coordinates the development and review of policies and procedures for 
IT Capital Planning and Investment Control, Earned Value Management, IT 
portfolio management, IT project management, and the enterprise 
performance lifecycle methodology. DCPPM administers the Department's 
multi-year strategic information resources planning process, including 
developing and administering the Department's Strategic IT Plan; 
supports the Budget Office in its evaluation of IT initiatives, and 
preparation of Agency, departmental and OMB Budget Exhibits and 
documents. DCPPM works to obtain required information and analyzes it 
as appropriate; coordinates control and evaluation review of ongoing IT 
projects, including support to the HRSA ITIRB in conducting such 
review; promotes and follows a consistent methodology for project 
management and improves agency-wide project management. DCPPM operates 
a Project Management Office to improve management, communications and 
functional user involvement, assists with project prioritization, and 
monitors progress and budget.

Division of Enterprise Solutions Development and Management (RAG3)

    The Division of Enterprise Solutions Development and Management 
(DESDM) provides leadership, consultation, and IT project management 
services in the definition of Agency business applications 
architectures, the engineering of business processes, the building and 
deployment of applications, and the development, maintenance and 
management of enterprise systems and data collections efforts. DESDM is 
responsible for technology evaluation, application and data 
architecture definition, controlling software configuration management, 
data modeling, database design, development and management and 
stewardship services for business process owners. DESDM manages the 
systems development lifecycle by facilitating business process 
engineering efforts, systems requirements definition, and

[[Page 30408]]

provides oversight for application change management control. DESDM 
provides enterprise application user training, Tier-3 assistance, and 
is responsible for end-to-end application building, deployment, 
maintenance and data security assurance.

Division of IT Operations and Customer Services (RAG4)

    The Division of IT Operations and Customer Services (ITOCS) 
provides leadership, consultation, training, and management services 
for HRSA's enterprise computing environment. ITOCS directs and manages 
the support and acquisition of HRSA network and desktop hardware, 
servers, wireless communication devices, and software licenses. ITOCS 
is responsible for the HRSA Data Center and the operation and 
maintenance of a complex, high-availability network infrastructure on 
which mission-critical applications are made available 24 hours per 
day, 7 days per week. ITOCS provides oversight for outsourced 
electronic mail, Internet and connectivity, web and video conferencing, 
and co-managed firewall and security monitoring services. ITOCS 
controls infrastructure configuration management, installations and 
upgrades, security perimeter protection, and system resource access. 
ITOCS coordinates IT activities for Continuity of Operations Planning 
(COOP) Agency-wide including provisioning and maintaining IT 
infrastructure and hardware at designated COOP locations to support 
emergency and COOP requirements. ITOCS is accountable for property life 
cycle management and tracking of Agency-wide IT capital equipment. 
ITOCS provides oversight for outsourced Tier-1 and Tier-2 Help Desk 
Call Center technical assistance; maintains workstation hardware and 
software configuration management controls; and provides oversight of 
outsourced network and desktop services to staff in HRSA Regional 
Offices (ROs).

Section RA-30, Delegations of Authority

    All delegations and re-delegations of authority made to HRSA 
officials and employees of affected organizational components will 
continue in them or their successors pending further re-delegations, 
provided they are consistent with this reorganization.
    This reorganization is effective upon the date of signature.

    Dated: May 15, 2008.
Elizabeth M. Duke,
Administrator.
[FR Doc. E8-11800 Filed 5-23-08; 8:45 am]
BILLING CODE 4165-15-P