Medicare lacks consistent oversight of cybersecurity for networked medical devices in hospitals
- Collection:
- Health Policy and Services Research
- Series Title(s):
- Issue brief (United States. Department of Health and Human Services. Office of Inspector General)
- Contributor(s):
- United States. Department of Health and Human Services. Office of Inspector General. Office of Evaluation and Inspections, issuing body.
- Publication:
- Washington, D.C. : U.S. Department of Health and Human Services, Office of Inspector General, June 2021
- Language(s):
- English
- Format:
- Text
- Subject(s):
- Computer Security -- legislation & jurisprudence Government Regulation Hospitals -- statistics & numerical data Medicare United States United States. Department of Health and Human Services
- Genre(s):
- Technical Report
- Abstract:
- Why OIG Did This Review. Without proper cybersecurity controls, hospitals’ networked medical devices (i.e., devices designed to connect to the internet, hospital networks, and other medical devices) can be compromised, which can lead to patient harm. The Centers for Medicare & Medicaid’s (CMS’s) survey protocol for overseeing hospitals is silent with respect to the cybersecurity of these devices. This evaluation sheds new light on the extent to which Medicare AOs use their discretion to address cybersecurity of networked devices during hospital surveys. As hospitals continue to face cyberattacks that risk patient harm, it is important to know whether and how AOs hold hospitals accountable for cybersecurity of their devices. How OIG Did This Review. We conducted structured telephone interviews with leadership at the four AOs and sent written questions to CMS. We asked the AOs about the extent to which their survey standards required hospitals to have a cybersecurity plan for networked devices, as well as other ways in which their surveys might cover cybersecurity for networked devices. We also reviewed AO documentation of relevant survey standards and procedures.
- Copyright:
- The National Library of Medicine believes this item to be in the public domain. (More information)
- Extent:
- 1 online resource (1 PDF file (22 pages))
- Illustrations:
- Illustrations
- NLM Unique ID:
- 9918383969506676 (See catalog record)
- Permanent Link:
- http://resource.nlm.nih.gov/9918383969506676