1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

HHS Audit Reports Signal Increasing Cybersecurity Audits for Contractors

The Office of the Inspector General (“OIG”) for the U.S. Department of Health and Human Services (“HHS”) recently released two audit reports assessing weaknesses in the information security systems of a contractor-operated Medicaid Management Information System (MMIS) and contractors administering federal Medicare programs.  The reports reflect a growing trend toward proactive audits of such cybersecurity controls by state and federal agencies.

The reports highlight the assessed vulnerabilities in each audit and signal a need for increased vigilance on the part of companies operating healthcare information technology (“IT”) systems.  Importantly, both reports signal a growing trend away from a presumption of security for contractor IT system and toward an increased number of cybersecurity audits to verify security in advance of a cyber incident.

HHS Audit Reports Signal Increasing Cybersecurity Audits for Contractors