OIG audit finds 7-year-old IT vulnerability at Alabama VA hospital

Auditors found a "high-risk vulnerability" at Tuscaloosa (Ala.) VA Medical Center that hasn't been remediated since 2015, according to a Jan. 18 report from the VA Office of Inspector General. 

Auditors, who began examining Tuscaloosa VA Medical Center in May, say they didn't find any evidence to suggest that there was a plan in place to fix the issue after it was first identified by the department's IT workers in 2015.

The medical center's management told auditors they would put together a plan and target date to fix the vulnerability.

The report did not detail what the "high-risk vulnerability" was but named eight recommendations for the center to fix the security deficiencies, some of which include implementing a more effective vulnerability management program to address security deficiencies and ensuring vulnerabilities are remediated within established time frames.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars