HHS report responds to MassHealth failure in securing data

HHS has released a summary report on the failure of the Massachusetts Medicaid program (MassHealth) to secure Medicaid Management Information System (MMIS) data and supporting systems within federal requirements.

The Public Summary Report overviews the vulnerabilities MassHealth in security management, configuration management, system software controls and website and database vulnerability scans. A data breach was not detected, but one could have led to unauthorized access to the critical operations of MassHealth.

"The vulnerabilities were collectively and, in some cases, individually significant and could have potentially compromised the confidentiality, integrity and availabilityof MassHealth’s MMIS," the report read. "These vulnerabilities existed because MassHealth did not implement sufficient controls over its Medicaid data and information systems."

The report recommends MassHealth follow HHS recommendations to restore security. 

""
Cara Livernois, News Writer

Cara joined TriMed Media in 2016 and is currently a Senior Writer for Clinical Innovation & Technology. Originating from Detroit, Michigan, she holds a Bachelors in Health Communications from Grand Valley State University.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.