Health Information Management

OIG identifies security vulnerabilities at HRSA

HIM-HIPAA Insider, May 18, 2015

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

A recent audit revealed six security vulnerabilities within HHS’ Health Resources and Services Administration (HRSA), according to a report from the Office of the Inspector General (OIG).

The OIG conducted a review of HRSA security controls in effect in December 2013, and released the corresponding report in April 2015. In addition to reviewing and testing controls, the OIG interviewed HRSA’s security and IT professionals and reviewed policies and procedures, according to the report.
 
The OIG noted in its report that HRSA failed to:
  • Effectively track and manage IT inventory
  • Effectively implement and monitor patch management controls
  • Effectively monitor the antivirus status of its assets
  • Consistently review active directory user accounts as outlined in its policies
  • Consistently apply encryption policies
  • Develop policies and procedures to secure USB port control access
This article originally appeared on HCPro’s HIPAA Update blog. Stay up to date on all things HIPAA by signing up for e-mail updates from this blog.



Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

    Briefings on APCs
  • Briefings on APCs

    Worried about the complexities of the new rules under OPPS and APCs? Briefings on APCs helps you understand the new rules...

  • HIM Briefings

    Guiding Health Information Management professionals through the continuously changing field of medical records and toward a...

  • Briefings on Coding Compliance Strategies

    Submitting improper Medicare documentation can lead to denial of fees, payback, fines, and increased diligence from payers...

  • Briefings on HIPAA

    How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for...

  • APCs Insider

    This HTML-based e-mail newsletter provides weekly tips and advice on the new ambulatory payment classifications regulations...

Most Popular