Open source software is code that is available for anyone to inspect, modify, enhance and share, and its accessibility and flexibility offers a wide array of options for users looking to meet specific needs.
For the Centers for Medicare and Medicaid Services, open source has inspired a mindset of “building once and reusing many,” opening new pathways for the agency to improve its services, according to Andrea Fletcher, chief digital strategy officer and executive director of the digital service at CMS.
“In my time at CMS, I have seen the same contractor build the same tool twice with the exact same thing in different centers watching it happen. And you’re like, how are we doing that? Why aren’t we building it once?” she said during her keynote address at the Potomac Officers Club’s 2023 Healthcare Summit on Wednesday.
Now, with the ability to adjust prewritten code, the agency is able to reduce costs and timelines associated with traditional methods of software development and deployment, leaving more resources for other important activities, Fletcher said. She cited a CMS effort to add a new dental claims form as an example of these benefits in practice.
“That was a project that originally was slated to take almost three years. We’ve done it in less than six months by building modern cloud-based infrastructure,” Fletcher said.
“We’ve been putting things in GitHub and we’re pushing in a different direction of how we actually build and deliver code, because we can’t wait that long to provide dental services to Medicare beneficiaries,” she elaborated.
Open source also increases transparency, allowing CMS to see where code is and what its vulnerabilities are.
“If we’re using open source software, putting our code in GitHub, we can actually run code on our code and see where those vulnerabilities are and fix them immediately, rather than waiting weeks or months to get attestations back to determine if we actually have those vulnerabilities,” Fletcher explained.
Though the security of open source has been put under scrutiny, Fletcher emphasized that the idea of it being less secure than code built in-house is a myth. She noted that the adoption of open source within CMS is a collaborative effort with the Cybersecurity and Infrastructure Security Agency, which helps the former test the security of a code before it is deployed.
The wide variety of options offered by open source also helps promote vendor engagement, providing new pathways for CMS to engage with nontraditional contractors, said Fletcher, who noted that the agency has “been spending a lot of time understanding the open source community at large” to drive collaboration with outside parties and recruit new talent as it further embraces open source.
“Somebody said to me the other day that the U.S. federal government is like a super tanker. And it takes a while for it to turn, but when it turns, it really moves, it really motors,” she said. “So we’re in the process of turning that ship right now. We’re turning ourselves towards open source and hoping that we can bring our significant resources to the table in this.”
Healthcare is one of many topics explored at Potomac Officers Club events. At the 10th Annual Defense R&D Summit on Jan. 31, 2024, top defense leaders from both the public and private sectors will come together to discuss current defense R&D challenges and priorities. Heidi Shyu, under secretary of defense for research and engineering, will deliver the opening keynote address. To learn more and register to attend, click here.