Modern Healthcare December 19, 2017
Rachel Z. Arndt

Some divisions of HHS lack sufficient cybersecurity controls, according to a new report from the Office of Inspector General.

In fiscal 2016, the OIG tested four HHS operating divisions for their cybersecurity resilience, looking at how well the agency could prevent, respond to and detect attacks. The OIG found problems with both the management of the systems and access control.

“It’s hard not to think that HHS’ internal security is a mess,” said Chris Hart, an attorney with Foley Hoag. “It’s disconcerting given the fact that HHS has a cyberunit that is intended to help hospitals and healthcare companies with their own cybersecurity systems.”

HHS agreed with the OIG’s findings—details of which are confidential—and said it had already corrected some...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, HHS, OIG
Related Articles:
HHS releases national suicide prevention strategy, plan
HHS finalizes reproductive health data protections
Hospitals could be asked to report emissions in 2026
HIPAA update protects privacy of reproductive health information
More FTC Privacy Action

Share This Article