Case study

DevSecOps success story

Quality Payment Program

Centers for Medicare and Medicaid Services

The challenge

The Centers for Medicare and Medicaid Services (CMS) created the Quality Payment Program (QPP) as a response to legislation that was passed to give clinicians incentives for providing quality patient care while reducing their reporting burden. QPP replaces many legacy programs and systems used to calculate payments for Medicare clinicians, which each have their own technical architecture, business drivers, and teams. The goal is to build a single platform that seamlessly integrates with existing CMS infrastructure and processes.

The solution

Flexion was awarded a competitive task order to provide a Foundational Components team that would be responsible for the overall quality, security, reliability, delivery, and efficiency of the QPP platform. This team of DevSecOps and site reliability engineers currently provides technical decision-making recommendations, develops common components, advocates for cross-product technical continuity, and serves as embedded liaisons (ELs) for several different QPP application development teams. This approach allows us to quickly establish trust within the development teams, while also providing hands-on expertise to help them quickly solve complex problems.

We’ve created mechanisms for this 200-person, multi-vendor program to enable emergent design and decision-making for each product team, while meeting CMS architectural and security requirements and maintaining CMS oversight of the overall platform.

As part of CMS’s scaled-agile framework (SAFe) methodology, we’ve led a feature architecture process to help better define the technical architecture required for creating new features. We’ve also implemented a technical decision log process to help individual teams escalate cross-team or critical technical decisions to the technical leaders across the program.

The results

Product teams can now more confidently plan and implement new features, instead of struggling with technical debt or slowing down progress to address new infrastructure needs. With our help, teams can now identify, develop, and deploy common solutions where possible. We’ve also helped improve cross-vendor collaboration and trust, and the trajectory for the overall program quality, security, reliability, delivery, and efficiency continues to improve.