Exemptions

Sign off on risk acceptance of open-sourcing the software product

Before outbounding repositories, it’s important that the appropriate stakeholders review and acknowledge the risks and responsibilities associated with releasing the code to the public. This step ensures transparency and accountability while enabling informed decision making.

Security and Privacy Verification

[ ] I acknowledge that this project does NOT:
- [ ] contain any PII/PHI, or create an identifiable risk to the privacy of an individual.
- [ ] interface with any CMS Internal Systems.
- [ ] contain any keys or credentials to authenticate with CMS systems.

National Security and Intelligence Verification

[ ] I acknowledge that this project is NOT:
- [ ] primarily for use in national security systems, as defined in Section 11103 of title 40, USC.
- [ ] created by an agency or part of an agency that is an element of the intelligence community, as defined in section 3(4) of the National Security Act of 1947.
- [ ] exempt under section 552(b) of title 5, USC (commonly known as the "Freedom of Information Act").

Export and Regulatory Compliance

[ ] I acknowledge that this project is NOT prohibited under:
- [ ] Export Administration Regulations.
- [ ] International Traffic in Arms Regulations (ITAR).
- [ ] Regulations of the Transportation Security Administration related to the protection of sensitive information.
- [ ] Federal laws and regulations governing the sharing of classified information.

M-16-21 Exemptions

Legal Restrictions

[ ] I acknowledge that the sharing of the source code of this project is NOT limited by patent or intellectual property restrictions.

Agency Verification

[ ] I acknowledge that the sharing of the source code of this project would NOT:
- [ ] create an identifiable risk to the stability, security, or integrity of the agency’s systems or personnel.
- [ ] create an identifiable risk to agency mission, programs, or operations.
- [ ] be considered by the CIO as requiring exemption in the national interest.