Frequently Asked Questions

  ADA/508 friendly site


Will CMS pay contractors for the costs to implement Multi-Factor Authentication (e.g., the cost of getting RSA Tokens for employees)?

These costs will be minimal, and CMS considers them to be general costs for doing business with the government. Multi-Factor Authentication is also part of what every entity should be doing to maintain high levels of security within their own business practices. Therefore, CMS expects these costs to be indirect rather than direct costs to the contract. If a contractor determines that this direction has a direct cost impact on its contract, they should explore alternatives and contact their Contracting Officer.


Was this answer helpful?