Tuesday, February 4, 2014

PwC Evaluates CMS Contractors Security Compliance

Dianne De La Mare

The US Department of Health and Human Services, Office of Inspector General (OIG), recently released a report, Review of Medicare Contractor Information Security Program Evaluations for FY 2011, which discusses the Medicare Administrative Contractors (MACs), Fiscal Intermediaries and carriers compliance with the security requirements under the Medicare Prescription Drug, Improvement and Modernization Act of 2003 (MMA). To better understand compliance with the security requirements, the Centers for Medicare & Medicaid Services (CMS) contracted with PricewaterhouseCoopers (PwC) to evaluate information security programs for its contractors. PwC reported a total of 127 gaps (e.g., differences between the Federal Information Security Management Act of 2002 and CMS’ core security requirements) at 11 Medicare contractors for FY 2011, which was a decrease of 23 percent from FY 2010. OIG determined that PwC’s evaluations of the contractor information security programs were adequate in scope and were sufficient. To obtain a copy of the complete report go to https://oig.hhs.gov/oas/reports/region1/181330100.pdf.

No comments:

Post a Comment