The OIG conducted the investigation after identifying high-risk security vulnerabilities in previous reviews of information system controls related to Medicaid Management Information Systems at 10 unnamed state agencies between 2010 and 2012, according to the OIG report.
The report divided its findings into the areas of entitywide control, access controls and network operations security controls. The report found vulnerabilities and need for development in each of the three areas.
With the data protection weaknesses noted, the “OIG has identified the security and health information systems as a top challenge facing the department and state agencies,” the report said.
More Articles on Data Protection:
Hospitals Must Ensure Security at the Door, for Patient Data, and in the Cloud
Survey: Hospitals Rely on Obsolete Practices to Protect Patient Data
Ruling: HIPAA-Covered Entities Subject to FTC Data Security Enforcement Action
