GAO: HHS Has Not Implemented Critical Cyber Recommendations

April 10, 2019 Mayuri Kumar

Over the last four years, the Government Accountability Office has made hundreds of recommendations to the Department of Health and Human Services for improving its operations that have not been implemented.

In a March 28 letter and report sent to HHS, GAO notes that among dozens of unimplemented "high priority" recommendations are four on health information technology and cybersecurity.

"The nation's critical infrastructure provides the essential services - including healthcare - that underpin American society. The infrastructure relies extensively on computerized systems and electronic data to support its missions," GAO writes. "However, serious cybersecurity threats to the infrastructure continue to grow and represent a significant national security challenge. Additionally, recent data breaches have highlighted the importance of ensuring the security of health information, including Medicare beneficiary data."

Mac McMillan's comments were featured in this article.

Previous Article
MD Anderson Cancer Center Appeals $4.3 Million HIPAA Fine
MD Anderson Cancer Center Appeals $4.3 Million HIPAA Fine

Next Article
Cyberattack Exposes PHI in Email Accounts
Cyberattack Exposes PHI in Email Accounts