"The fact that some of the vulnerabilities were [the same at] the 10 state agencies suggests that other state Medicaid information systems may be similarly vulnerable," according to the OIG.
The report "may increase public awareness of these pervasive vulnerabilities across state agencies and lead the Centers for Medicare and Medicaid Services and all states to strengthen system security."Vulnerabilities included lack of risk assessments and user log monitoring, and poor access controls, which increase opportunities for identity theft and fraud. Such problems can be addressed with low-cost on-demand SaaS analytics services which proactively detect identity theft, as well as report on access control risks and compliance.
- Department of Health and Human Services' Office of the Inspector General
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Report on State Medicaid Information Security - www.OIG.HHS.GOV, 03/05/2014