HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases

More»

E-learning

  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation

More»

Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos


More»

May
14

OIG identifies security vulnerabilities at HRSA

Email This Post Print This Post

securityA recent audit revealed six security vulnerabilities within HHS’ Health Resources and Services Administration (HRSA), according to a report from the Office of the Inspector General (OIG).

The OIG conducted a review of HRSA security controls in effect in December 2013, and release the corresponding report in April 2015. In addition to reviewing and testing controls, the OIG interviewed HRSA’s security and IT professionals and reviewed policies and procedures, according to the report.

The OIG noted in its report that HRSA failed to:

  • Effectively track and manage IT inventory
  • Effectively implement and monitor patch management controls
  • Effectively monitor the antivirus status of its assets
  • Consistently review active directory user accounts as outlined in its policies
  • Consistently apply encryption policies
  • Develop policies and procedures to secure USB port control access
Categories : HHS, OIG

Leave a Reply