OPM’s IT security protocols are still underperforming, even in the healthcare data category, an OIG audit report shows.
Following the massive data breach at the Office of Personnel Management (OPM) earlier this year, the Office of the Inspector General (OIG) has released an audit report detailing several IT security issues at the agency.
Although the data breach prompted OPM to perform an overhaul of its IT security protocols, OIG still found considerable gaps in security, including in healthcare data security.
Although the OPM data breach included more than just health information, the OIG audit report shows a need to increase security for health information. For example, OIG found that healthcare and insurance information was one of seven categories that failed a security control testing metric.
Furthermore, healthcare and insurance is one of several categories that have overdue Plans of Action and Milestones (POA&Ms). OIG emphasized the urgency of OPM’s need to renew the systems’ POA&Ms.
Healthcare and insurance systems also failed to update their contingency plans, which are required plans according to the OPM handbook.
“Contingency Plans shall be reviewed, updated, and tested at least annually to ensure its effectiveness,” the handbook says.
from cyber security caucus http://ift.tt/1NR0Tkm
via IFTTT
Security testing is must. Everybody wants security at every level of his working. as explained above failures are happened but if we test time to time then it will improve. So it depend on us how much we are serious about this.
ReplyDeleteMUSTI Dynamic Prevention of Invalid Object Initialization Attacks Project For CSE
Shape of the Cloak Formal Analysis of Clock Skew Based Intrusion Detection System in Controller Area Networks Project For CSE
Statistics Enhanced Direct Batch Growth Self Organizing Mapping for Efficient Dos Attack Detection Project For CSE
A Hand based Multi bio metrics via Deep Hashing Network and Bio metric Graph Matching. Project For CSE
A New Reversible Data Hiding in Encrypted Image Based on Multi Secret Sharing and Light weight Cryptographic Algorithms. Project For CSE
Achieving Maximum Distance Separable Private Information Retrieval Capacity With Linear Codes Project For CSE