Becker's Healthcare May 5, 2022
HHS’ information security program was deemed “not effective” for fiscal year 2021 in an audit conducted by the department’s Office of Inspector General, consistent with the determinations for fiscal years 2018, 2019 and 2020.
The audit report, released April 25, said HHS failed to meet the “managed and measurable” maturity level for four function areas: identify, protect, detect and recover. The report noted particular weaknesses surrounding risk management and contingency planning.
Here are four recommendations the OIG provided in its report:
- HHS should continue implementing automated copy...