New is now Kion! New name. Expanded capabilities. Same outstanding customer service. Learn More

Case Study Cloud Enablement

Helping the Centers for Medicare and Medicaid Services (CMS) Leverage the Modern Cloud

4 min read

Last updated on November 2nd, 2021 at 11:37pm

The mission is clear for the Centers for Medicare & Medicaid Services (CMS): put patients first across all their programs, including Medicare, Medicaid, and the Health Insurance Exchanges. Increasingly, CMS is turning to the cloud to help achieve this mission and fulfill their goal of becoming the premier government agency supporting citizens by leveraging modern cloud technology.


CMS builds and operates applications in the Amazon Web Services (AWS) cloud. One of the responsibilities of the Infrastructure and User Services Group (IUSG) at CMS is to onboard and support application development organizations (ADOs) who are building these applications. CMS applications operate portals for services, provide data processing for claim submissions, manage Medicare and Medicaid processes, and support open enrollment.

However, providing access to build and operate is not as simple as giving a developer access to AWS. Without a solid governance program in place, organizations face risk around budget control and compliance assurance. CMS realized they needed a cloud governance solution to help:

  • Increase AWS account provisioning agility to accelerate cloud adoption
  • Ensure leadership visibility and control of cloud presence and budget
  • Guarantee projects implemented security controls to comply with regulations like FedRAMP and HIPAA as well as internal policies

Reimagining user onboarding and governance in the cloud

CMS chose Kion (at the time branded as to fulfill their cloud governance and management needs across automation and orchestration, financial management, and continuous compliance. Kion enables CMS to easily view all their cloud accounts organization-wide, quickly provision new accounts, get a real-time view into budget and centralize cost management, and automate staff adherence to defined compliance standards.

Kion delivered key capabilities to the CMS team:

  • Automated account creation to increase the speed and consistency of account provisioning. Kion helped automate multiple previously manual steps including IAM roles and permissions setup and VPC creation.
  • Support for different levels of visibility across AWS accounts. Kion gave the CMS IT Services Groups technical and financial visibility of all assets they manage, while providing application owners with technical and financial visibility of only their own assets.
  • Near-real time cloud spending, budgeting and forecasting tracking for all CMS accounts in the AWS environment. Previously, Microsoft Excel-based reports were provided once per week. Now with Kion, each business owner can see a current near-real time view of their cloud spending anytime. These spending views are also enriched with other organizational costs, such as security services, to give a more complete picture into the actual cost of operating applications within the AWS cloud environment.
  • Flexibility and scale to support organizational structure changes in the AWS account hierarchy and manage the expected growth of CMS AWS applications without limitations.
  • Consistent enforcement of security policies to govern the use of the AWS cloud. With Kion, CMS was able to take “paper policies” shared to users via an internal website (including the AWS services that were approved by the organization) and automatically apply and enforce those policies within the AWS accounts used across the agency. Kion made it easier to update those policies when technical review boards and federal guidance changed or new AWS services were approved.

The impact of Kion at CMS

Kion is currently being rolled out in two phases throughout CMS, with the first phase targeting existing users of the AWS cloud environment and the second phase targeting new users of cloud. This second phase aims to provide a greenfield approach to AWS to improve the user experience in the cloud while also accelerating the process to obtain an authority to operate (ATO) for FISMA-High workloads in the AWS GovCloud region. Kion is the central hub of the orchestration and governance required in these engagements and the key tool used to give end users and new service teams access to AWS commercial and GovCloud resources.

With Kion as an integral part of their cloud operations, CMS has achieved the following results:

  • Reduced time to provision a user account for a user from several weeks to a couple days
  • Greater transparency into costs and enhanced cost reporting (both incurred and projections of future spend)
  • Ability to reduce current cloud operations team size as a result of automating many cloud governance tasks
  • Decrease in cost overruns and compliance issues

Kion, coupled with the AWS Governance at Scale framework, delivers a controlled, but flexible, cloud environment to CMS staff to help make it even easier to migrate applications and ultimately fulfill the patient-first CMS mission in a more cost-effective manner.

Download PDF

Start your cloud enablement journey.

Request a demo today,