Enterprise Privacy Policy Engine

The Enterprise Privacy Policy Engine (EPPE) is used by the Centers for Medicare and Medicaid Services (CMS) to track disclosures of protected health information (PHI) through Data Use Agreements (DUAs) with data requestors.

NewWave ensures the data requests adhere to CMS privacy, security, and data release policies through EPPE by working directly with the CMS Contracting Officer Representatives (CORs), CMS contractors, and researchers requesting Limited Data Sets (LDSs).


NewWave directed the transformation for CMS’ Data Use Agreement process to increase overall performance, drive automation, and provide secure, exceptionally hands-on, application management through the EPPE Help Desk.

NewWave’s customer engagement practice reflects our core value of being People-First. We make it a priority to listen to the problems our customer is experiencing and provide hands-on subject matter experts to resolve our customers’ concerns and challenges.

NewWave’s EPPE team works directly with the Data and Information Dissemination Group under the Office of Enterprise Data and Analytics group at CMS to resolve problems reported through the EPPE Help Desk.

NewWave is not only an expert at cloud migration, our team of expert engineers are pioneering new innovations to redesign and re-platform applications as cloud-native.  At NewWave, our EPPE team is performing workflow design enhancements, developing cloud modernization to deliver resilient, secure solutions.

NewWave’s work on EPPE characterizes our one-of-a-kind solutioning. We work hand-in-hand with CMS’ Data and Information Dissemination Group to solve problems together. Our application design enhancements, APIs, and reporting strategies are developed alongside our customers to provide the most secure, efficient resolution for better care.

Managing the CMS Enterprise Privacy Policy Engine (EPPE) to Secure Sensitive Data

Managing the CMS Enterprise Privacy Policy Engine (EPPE) to Secure Sensitive Data

NewWave Spares Nothing to Secure Sensitive Data: On the black market, a stolen social security number might be worth around 10 cents, while a credit card number goes for around 25 cents. An electronic health record, on the other hand, can sell for hundreds or even thousands of dollars, making it among the most valuable information targeted by criminal hackers.

read more