OIG Announces Cybersecurity Initiative
The U.S. Department of Health and Human Services' Office of the Inspector General (HHS OIG) announced a new cybersecurity website on Oct. 9, 2018.
The OIG stated that it has formed a Cybersecurity Team made up of "auditors, evaluators, investigators and attorneys focused on combatting cybersecurity threats within HHS and the healthcare industry." The Office of Audit Services, Cybersecurity and Information Technology Audit Division audits HHS programs, grantees and contractors with respect to cybersecurity. The Office of Evaluation and Inspection reviews programs related to cybersecurity. There is an Office of Investigations, Computer Crimes unit that investigates violations of the Computer Fraud & Abuse Act and other criminal allegations and incidents. The Office of Counsel provides legal advice to the OIG with respect to its data security work.
In a video on the site, Jarvis Rodgers, an IT Audit Director for HHS, stated that their systems hold a massive amount of personal data. HHS is focused on enhancing IT controls, as well as risk management and resiliency.