HHS OIG: Virginia failed to secure Medicaid data

Virginia has not adequately secured its Medicaid data and information systems, according to an HHS Office of Inspector General report.

The Virginia Department of Medical Assistance Services, which manages the state's Medicaid program, uses an outside contractor to operate its claims processing system. OIG assessed the policies and procedures Virginia had in place for its Medicaid Management Information System — which administers the claims process for Medicaid and other federal benefits — as of September 2015.

During its audit, OIG found Virginia's Medicaid data and systems did not meet federal standards. MMIS had "numerous significant system vulnerabilities," despite having a security program in place, according to OIG. These vulnerabilities related to Virginia's control over the data and its oversight of the outside contractor.

"Although we did not identify evidence that anyone had exploited these vulnerabilities, exploitation could have resulted in unauthorized access to and disclosure of Medicaid beneficiary data, as well as the disruption of critical Medicaid operations," the report states.

Click here to view the full report.

More articles on health IT:
Mount Sinai St. Luke's agrees to $387k HIPAA settlement after 'careless' disclosure of HIV status
Optum, Cerner boast top revenue among health IT vendors, IDC finds
Trump 2018 budget proposal would cut ONC funding by 37%: 5 things to know

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Whitepapers

Featured Webinars