Designing a Source of Truth for Privacy and Security at CMS

At CivicActions, I dedicated over a year to designing a comprehensive library serving as the single source of truth for all aspects of Privacy and Security at the Center for Medicare and Medicaid (CMS). Working alongside a small yet dynamic team, we meticulously researched the pain points within the existing system, delved into understanding the nuanced needs and preferences of our users, and ultimately crafted and rigorously tested a solution. Our product aimed to empower both seasoned veterans and newcomers in the fields of privacy and security, facilitating streamlined training, communication, and workflow enhancements.

Approach

  • Collaborated closely with the Privacy and Security team at CMS to investigate the landscape, problem space, and necessary requirements for the ISPG "source of truth" library.

  • Worked within a small, collaborative, and agile team to develop user flows, page templates, and an initial design system for the privacy and security team.

  • Conducted user interviews and research consistently throughout the design process.

  • Led efforts in implementing accessibility best practices for "shifting left," documenting, and continuously refining designs based on testing and feedback.