October 4th, 2006

GAO IDs 47 weaknesses in how Medicare/Medicaid transmit data

Posted by Richard Koman @ October 4, 2006 @ 1:01 PM

Categories: Government technology, Healthcare

Tags: Medicaid, Medicare, General Accounting Office, ZDNet Government

Medicare and Medicaid systems are so weak that millions of Americans are vulnerable to disclosure of their medical records, the Government Accounting Office warned recently, The Washington Post reports.

GAO found 47 weaknesses in the computer systems used by the Centers for Medicare and Medicaid Services to send and receive bills and to communicate with health-care providers.

The CMS did not always ensure that its contractor followed the agency's security policies and standards, according to the GAO.

"As a result, sensitive, personally identifiable medical data traversing this network are vulnerable to unauthorized disclosure," the federal investigators said.

The Medicare network transmits information such as a patient's diagnosis, drugs and treatment facility, as well as Social Security numbers, addresses and dates of birth, the investigators said. The report was focused on transmission of data; it didn't address security controls for servers that store the data.

CMS officials said they have corrected 22 of the 47 weaknesses and 19 more should be resolved soon.