“The Centers for Medicare and Medicaid Services (CMS) needs to improve its risk management oversight and security controls to ensure the availability of the Medicare enrollment database (EDB), concluded an HHS Office of Inspector General (OIG) audit released Sept. 18.”
“EDB is the primary source of Medicare enrollment information for the entire population of beneficiaries. It estimated that it would cost CMS $47 million per day if a cyberattack shut down the EDB.”
“For the report, the OIG reviewed CMS’s policies and procedures, interviewed staff, reviewed system security documentation, and conducted visits to contingency planning sites to determine whether EDB security controls were adequate…”
“CMS has not established a program to oversee the security of data handled by researchers and qualified entities accessing the data center, GAO found…”
“In addition…” Read the full article here.
Source: CMS Needs To Beef Up Risk Management for Medicare Database – By Fred Donovan, September 19, 2018. HealthIT Security.
