RegScale Announces Support for CMS ARS 5 Catalog

April 4, 2022 | By J. Travis Howerton

The Center for Medicare and Medicaid Services (CMS) Acceptable Risk Safeguards (ARS) Version 5.0 provides the standard to CMS and its contractors as to the minimum acceptable level of required security and privacy controls. The ARS also provides supplemental controls and control enhancements for Business Owners to consider. Many of the mandatory and supplemental controls are customizable (i.e., tailorable) by the Business Owner when necessary to meet missions or business functions, threats, security and privacy risks (including supply chain risks), type of system, or risk tolerance. Business Owners must review all controls since all are relevant and should be considered, even if they are not required to implement, because these controls may help to reduce overall risk.

At RegScale, we give healthcare providers easy and free tools to get started with building a fully compliant CMS ARS program with support for tracking policies, related assessments, evidence collection, issues management/performance improvement, and other related workflows. As of April 4, 2022, RegScale has announced that we officially support the CMS ARS Version 5.0 as a catalog within our platform with automated tools/wizards for building compliant inspection programs. In addition, we have published multiple machine readable formats of CMS ARS 5 including an Excel spreadsheet, raw JSON, and NIST OSCAL that are available upon request. These artifacts are freely available for others to reuse in their compliance automation programs using machine readable formats.

Schedule a free demo today to learn how RegScale can help you continuously meet your CMS ARS requirements. If you are ready to start automating your compliance processes for creating and managing CMS ARS requirements, this demo will also show how you can leverage RegScale to deliver continuous compliance. In addition to offering free tools, we have experienced compliance professionals who can assist you in creating robust CMS ARS compliance artifacts that will help you pass audits and reduce your risk with ease. With RegScale, our customers get software with a service to provide a concierge like experience for reducing risk related to their healthcare systems.

Ready to get started?

Choose the path that is right for you! 

Skip the line

My organization doesn’t have GRC tools yet and I am ready to start automating my compliance with continuous monitoring pipelines now. 


My organization already has legacy compliance software, but I want to automate many of the manual processes that feed it.