Auditors, who began examining Tuscaloosa VA Medical Center in May, say they didn’t find any evidence to suggest that there was a plan in place to fix the issue after it was first identified by the department’s IT workers in 2015.
The medical center’s management told auditors they would put together a plan and target date to fix the vulnerability.
The report did not detail what the “high-risk vulnerability” was but named eight recommendations for the center to fix the security deficiencies, some of which include implementing a more effective vulnerability management program to address security deficiencies and ensuring vulnerabilities are remediated within established time frames.
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
